Bonsoir, Malwarebytes' vient de finir une analyse. Le programme me rapporte 3 infections. Voici le résultat : Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2623 Windows 5.1.2600 Service Pack 3 14/08/2009 21:15:44 Malwarebytes infections Type de recherche: Examen complet (C:\|D:\|E:\|F:\|) Eléments examinés: 174893 Temps écoulé: 2 hour(s), 9 minute(s), 6 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\ISP\AOL9\comps\fw\nisale.exe (Adware.BHO) -> No action taken. C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> No action taken. C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> No action taken. Je me demande ce que je dois faire à cette étape ? Dois je ignorer ces éléments ou m'en inquiéter et dans les deux cas, comment dois je procéder ? Configuration: Windows XP Internet Explorer 8.0 Lire la suite

bonsoir pour avancer : Télécharge OTL de OLDTimer &#9654 enregistre le sur ton Bureau. &#9654 Double clic sur OTL.exe pour le lancer. &#9654 Coche les 2 cases Lop et Purity &#9654 Coche la case devant scan all users &#9654 règle-le sur "60 Days" &#9654Clic sur Run Scan. A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt). Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt) &#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/ &#9654 Clique sur Parcourir et cherche le fichier ci-dessus. &#9654 Clique sur Ouvrir. &#9654 Clique sur "Cliquez ici pour déposer le fichier". Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt est ajouté dans la page. &#9654 Copie ce lien dans ta réponse. Tu feras la meme chose avec le "Extra.txt".

Infections Malwarebyte [Résolu]

Réponse 1 / 102

nihat42 Messages postés 307 Date d'inscription vendredi 20 février 2009 Statut Membre Dernière intervention 28 décembre 2009 42
14 août 2009 à 21:51

Bonjour,

C:\Program Files\ISP\AOL9\comps\fw\nisale.exe (Adware.BHO) -> No action taken.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> No action taken.

Il faut appuyer sur "Supprimer la sélection"

_____________________________________________________________________________________

●Télécharge GenProc (de Jean-Chretien1 et Narco4) sur ton bureau

●Déconnecte toi et ferme tes applications en cours

● double-clique sur GenProc.exe.

●Réponds par oui a la question qui sera posée.

●Laisse le scanner ton PC ...

●Poste le rapport

►Aide en images

Réponse 2 / 102

Thomas
14 août 2009 à 22:28

Rapport GenProc 2.615 [1] - ven. 14/08/2009 à 22:26:15
@ Windows XP Service Pack 3 - Mode normal
@ Internet Explorer (8.0.6001.18702) [Navigateur par défaut]

# Etape 1/ Télécharge :

- CCleaner https://www.ccleaner.com/ccleaner/download (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. Ferme le programme.

- Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.

Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** Thomas *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[1]" sur ton bureau).

# Etape 2/

Double-clique sur Lop S&D pour lancer l'installation, séléctionne la langue souhaitée, puis choisis l'Option 2 - Suppression - et patiente jusqu'à ce qu'il ait terminé.

# Etape 3/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 4/

Redémarre normalement et poste, dans la même réponse :

- Le contenu du rapport lopR.txt situé dans C:\ ;
- Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;
- Un nouveau rapport GenProc ;

Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

~~ Arguments de la procédure ~~

# Détections [1] GenProc 2.615 ven. 14/08/2009 à 22:26:30
Lop:le ven. 14/08/2009 à 22:27:11 "C:\Program Files\Adverts"

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 22:27:36 ~~

Réponse 3 / 102

Thomas
14 août 2009 à 22:29

Je suis donc cette procédure ?

Réponse 4 / 102

Thomas
14 août 2009 à 23:55

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.0
USER : Thomas ( Administrator )
BOOT : Fail-safe boot
Antivirus : AVG Anti-Virus 8.5 (Activated)
C:\ (Local Disk) - NTFS - Total:32 Go (Free:5 Go)
D:\ (Local Disk) - NTFS - Total:34 Go (Free:25 Go)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( ven. 14/08/2009|23:33 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Thomas\LOCALS~1\Temp\msgpl_2214.tmp
Supprime! - C:\DOCUME~1\Thomas\LOCALS~1\Temp\msgpl_b245.tmp
Supprime! - C:\Program Files\Adverts

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[27/11/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[11/02/2009|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/07/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[25/12/2006|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/02/2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[29/12/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[20/12/2008|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\E31C
[29/01/2009|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[13/07/2005|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[30/11/2005|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
[26/05/2009|03:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[02/04/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Maxtor
[28/12/2005|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2009|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/03/2009|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[02/03/2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[13/07/2005|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[25/11/2005|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[26/05/2009|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[21/03/2008|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[30/11/2005|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/08/2009|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[11/01/2009|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
[25/11/2005|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
[19/08/2006|09:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/02/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/07/2005|15:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/07/2005|12:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[13/07/2005|15:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/07/2005|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation
[13/07/2005|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[08/02/2006|17:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[03/02/2009|21:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/02/2006|17:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\sony
[17/04/2006|19:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

[03/02/2009|21:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/02/2007|16:11] C:\DOCUME~1\Thomas\APPLIC~1\ACT
[21/03/2009|22:14] C:\DOCUME~1\Thomas\APPLIC~1\Adobe
[17/06/2007|08:16] C:\DOCUME~1\Thomas\APPLIC~1\AdobeUM
[05/01/2007|14:51] C:\DOCUME~1\Thomas\APPLIC~1\Apple Computer
[17/04/2006|11:38] C:\DOCUME~1\Thomas\APPLIC~1\Block Checker
[03/04/2007|11:15] C:\DOCUME~1\Thomas\APPLIC~1\DivX
[27/03/2006|14:18] C:\DOCUME~1\Thomas\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[28/05/2006|17:11] C:\DOCUME~1\Thomas\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[26/12/2005|19:39] C:\DOCUME~1\Thomas\APPLIC~1\FotoWire
[20/01/2008|23:41] C:\DOCUME~1\Thomas\APPLIC~1\Google
[14/12/2005|21:03] C:\DOCUME~1\Thomas\APPLIC~1\Help
[13/07/2005|12:04] C:\DOCUME~1\Thomas\APPLIC~1\Identities
[30/03/2006|11:02] C:\DOCUME~1\Thomas\APPLIC~1\iMesh
[28/11/2005|15:45] C:\DOCUME~1\Thomas\APPLIC~1\InterVideo
[28/11/2005|17:09] C:\DOCUME~1\Thomas\APPLIC~1\Leadertech
[09/07/2009|22:11] C:\DOCUME~1\Thomas\APPLIC~1\LKSoft
[21/03/2009|22:14] C:\DOCUME~1\Thomas\APPLIC~1\Macromedia
[26/05/2009|03:24] C:\DOCUME~1\Thomas\APPLIC~1\Malwarebytes
[05/03/2009|22:01] C:\DOCUME~1\Thomas\APPLIC~1\Microsoft
[28/06/2009|22:05] C:\DOCUME~1\Thomas\APPLIC~1\Mozilla
[30/10/2007|15:51] C:\DOCUME~1\Thomas\APPLIC~1\Screenshot Sender
[07/07/2009|12:22] C:\DOCUME~1\Thomas\APPLIC~1\Shareaza
[15/01/2009|15:34] C:\DOCUME~1\Thomas\APPLIC~1\Sibelius Software
[28/11/2005|17:10] C:\DOCUME~1\Thomas\APPLIC~1\Sonic
[26/11/2005|15:10] C:\DOCUME~1\Thomas\APPLIC~1\sony
[30/03/2007|10:33] C:\DOCUME~1\Thomas\APPLIC~1\Sony Corporation
[10/12/2005|11:40] C:\DOCUME~1\Thomas\APPLIC~1\Sun
[27/05/2009|12:08] C:\DOCUME~1\Thomas\APPLIC~1\SUPERAntiSpyware.com
[25/11/2005|22:45] C:\DOCUME~1\Thomas\APPLIC~1\Symantec
[28/11/2005|16:52] C:\DOCUME~1\Thomas\APPLIC~1\Talkback
[02/02/2009|21:25] C:\DOCUME~1\Thomas\APPLIC~1\TeamViewer
[25/12/2007|19:20] C:\DOCUME~1\Thomas\APPLIC~1\U3

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[14/08/2009 21:04][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{A2F56C06-8E86-4012-96DF-0F74E45F7FA0}.job
[30/07/2009 19:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/08/2009 23:27][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[31/01/2009|23:45] C:\Program Files\AC3Filter
[15/02/2007|16:10] C:\Program Files\ACT
[30/11/2005|17:44] C:\Program Files\Activision
[27/05/2009|12:00] C:\Program Files\Adobe
[30/11/2005|18:03] C:\Program Files\Ahead
[13/07/2005|13:58] C:\Program Files\Apoint
[06/08/2008|20:50] C:\Program Files\Apple Software Update
[17/04/2006|22:16] C:\Program Files\Audacity
[08/05/2008|14:44] C:\Program Files\AVG
[14/08/2009|22:39] C:\Program Files\CCleaner
[13/07/2005|12:02] C:\Program Files\ComPlus Applications
[13/07/2005|12:12] C:\Program Files\CONEXANT
[27/05/2009|01:02] C:\Program Files\Defraggler
[04/02/2009|15:33] C:\Program Files\DivX
[30/11/2005|17:33] C:\Program Files\EPSON
[29/01/2009|00:43] C:\Program Files\ESET
[30/11/2005|18:49] C:\Program Files\ffdshow
[09/07/2009|22:11] C:\Program Files\Fichiers communs
[13/07/2005|15:35] C:\Program Files\FlashPlayer
[31/05/2009|16:11] C:\Program Files\GenoPro
[12/10/2008|18:37] C:\Program Files\GiveMeTac 1.1
[03/07/2008|20:32] C:\Program Files\Google
[08/05/2008|14:47] C:\Program Files\Grisoft
[28/05/2006|17:19] C:\Program Files\Hewlett-Packard
[28/05/2006|17:24] C:\Program Files\hp deskjet 990c series
[30/11/2005|18:18] C:\Program Files\iMeshBar
[30/10/2007|22:22] C:\Program Files\ING
[20/04/2009|20:33] C:\Program Files\InstallShield Installation Information
[13/07/2005|13:41] C:\Program Files\Intel
[31/07/2009|11:25] C:\Program Files\Internet Explorer
[13/07/2005|15:34] C:\Program Files\InterVideo
[27/11/2008|20:46] C:\Program Files\iPod
[13/07/2005|15:33] C:\Program Files\ISP
[27/11/2008|20:46] C:\Program Files\iTunes
[05/08/2009|10:30] C:\Program Files\Java
[13/07/2005|14:08] C:\Program Files\LanExpress
[26/12/2005|19:39] C:\Program Files\Logitech
[14/08/2009|15:50] C:\Program Files\Malwarebytes' Anti-Malware
[10/10/2008|14:12] C:\Program Files\Maxtor
[16/02/2009|00:59] C:\Program Files\Messenger
[15/07/2009|15:28] C:\Program Files\Messenger Plus! Live
[19/04/2006|14:53] C:\Program Files\MessengerPlus! 3
[05/03/2009|21:56] C:\Program Files\Microsoft
[23/02/2008|21:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/07/2005|12:04] C:\Program Files\microsoft frontpage
[10/09/2008|19:29] C:\Program Files\Microsoft LifeChat
[28/04/2009|11:06] C:\Program Files\Microsoft Office
[01/08/2009|18:12] C:\Program Files\Microsoft Silverlight
[12/02/2009|00:49] C:\Program Files\Microsoft SQL Server
[05/03/2009|21:52] C:\Program Files\Microsoft SQL Server Compact Edition
[05/03/2009|21:54] C:\Program Files\Microsoft Sync Framework
[15/02/2009|21:24] C:\Program Files\Microsoft Works
[15/02/2007|16:13] C:\Program Files\Microsoft.NET
[28/11/2005|17:08] C:\Program Files\MoodLogic
[25/11/2005|18:32] C:\Program Files\Moodlogic HTML
[15/02/2009|23:11] C:\Program Files\Movie Maker
[28/11/2005|17:06] C:\Program Files\Mozilla Firefox
[20/04/2009|21:17] C:\Program Files\MSBuild
[07/06/2008|15:44] C:\Program Files\MSECache
[13/07/2005|12:01] C:\Program Files\MSN
[13/07/2005|12:01] C:\Program Files\MSN Gaming Zone
[18/11/2006|14:12] C:\Program Files\MSXML 4.0
[16/08/2007|11:37] C:\Program Files\MSXML 6.0
[29/11/2005|19:59] C:\Program Files\MUSICMATCH
[31/01/2009|23:59] C:\Program Files\Native Instruments
[15/02/2009|23:01] C:\Program Files\NetMeeting
[26/03/2009|21:09] C:\Program Files\NOS
[13/07/2005|12:01] C:\Program Files\Online Services
[26/04/2008|23:38] C:\Program Files\OOBOX
[28/05/2006|16:45] C:\Program Files\Outils de Guitare-Online
[13/08/2009|00:43] C:\Program Files\Outlook Express
[27/11/2008|20:44] C:\Program Files\QuickTime
[25/11/2005|18:23] C:\Program Files\Raccourcis de programmes
[13/07/2005|13:14] C:\Program Files\Realtek
[20/04/2009|21:16] C:\Program Files\Reference Assemblies
[13/07/2005|12:02] C:\Program Files\Services en ligne
[07/07/2009|12:22] C:\Program Files\Shareaza
[20/12/2008|19:59] C:\Program Files\Sony
[12/08/2009|13:08] C:\Program Files\SpywareBlaster
[27/05/2009|12:32] C:\Program Files\Sunbelt Software
[27/05/2009|12:08] C:\Program Files\SUPERAntiSpyware
[21/03/2008|17:49] C:\Program Files\support.com
[30/11/2005|16:58] C:\Program Files\Symantec
[26/11/2005|00:47] C:\Program Files\SymNetDrv
[26/05/2009|01:04] C:\Program Files\Trend Micro
[25/11/2005|18:34] C:\Program Files\Uninstall Information
[08/04/2009|14:55] C:\Program Files\Windows Live
[05/03/2009|21:49] C:\Program Files\Windows Live SkyDrive
[09/12/2006|14:42] C:\Program Files\Windows Media Connect 2
[15/02/2009|23:01] C:\Program Files\Windows Media Player
[15/02/2009|23:01] C:\Program Files\Windows NT
[13/07/2005|12:02] C:\Program Files\WindowsUpdate
[30/11/2005|18:29] C:\Program Files\WinRAR
[13/07/2005|12:04] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[14/08/2009|18:57] C:\Program Files\Fichiers communs\Adobe
[30/11/2005|18:03] C:\Program Files\Fichiers communs\Ahead
[31/01/2009|23:54] C:\Program Files\Fichiers communs\Apple
[25/11/2005|18:44] C:\Program Files\Fichiers communs\DESIGNER
[26/12/2005|19:39] C:\Program Files\Fichiers communs\FotoWire
[13/07/2005|15:34] C:\Program Files\Fichiers communs\InstallShield
[13/07/2005|15:31] C:\Program Files\Fichiers communs\Java
[09/07/2009|22:11] C:\Program Files\Fichiers communs\LKSoft
[26/12/2005|19:38] C:\Program Files\Fichiers communs\Logitech
[28/04/2009|11:06] C:\Program Files\Fichiers communs\Microsoft Shared
[13/07/2005|12:02] C:\Program Files\Fichiers communs\MSSoap
[31/01/2009|23:59] C:\Program Files\Fichiers communs\Native Instruments
[13/07/2005|13:57] C:\Program Files\Fichiers communs\ODBC
[13/07/2005|12:02] C:\Program Files\Fichiers communs\Services
[25/11/2005|18:35] C:\Program Files\Fichiers communs\Sony Shared
[13/07/2005|13:57] C:\Program Files\Fichiers communs\SpeechEngines
[26/11/2005|15:10] C:\Program Files\Fichiers communs\SWF Studio
[30/11/2005|16:57] C:\Program Files\Fichiers communs\Symantec Shared
[15/02/2009|23:00] C:\Program Files\Fichiers communs\System
[05/03/2009|21:40] C:\Program Files\Fichiers communs\Windows Live
[23/02/2008|16:38] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 14 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-14 23:35:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 917

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:293][D:22]-> C:\DOCUME~1\Thomas\LOCALS~1\Temp
[F:93][D:0]-> C:\DOCUME~1\Thomas\Cookies
[F:2456][D:16]-> C:\DOCUME~1\Thomas\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - ven. 14/08/2009|23:38 - Option : [2]

--------------------\\ Fin du rapport a 23:38:06
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:49:35, on 14/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://news.google.com/topstories?hl=fr&tab=wn&gl=BE&ceid=BE:fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.sony.jp/support/vaio/index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WindowsLivePhone] C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe /AutoRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WindowsLivePhone] "C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe" /AutoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

Réponse 5 / 102

Thomas
15 août 2009 à 00:02

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\lopR.txt: trouvé !
C:\Lop SD: trouvé !
C:\GenProc: trouvé !
C:\UsbFix: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Thomas\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Thomas\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Thomas\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Thomas\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\Thomas\Bureau\lopR.txt: trouvé !
C:\Genproc\Genproc.exe: trouvé !
C:\Genproc\outil\hijackthis.log: trouvé !
C:\Genproc\outil\mbr.exe: trouvé !
C:\Genproc\Page\GenProc[*].html: trouvé !
C:\Lop SD\catchme.exe: trouvé !
C:\Lop SD\catchme.log: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Thomas\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Thomas\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Thomas\Bureau\HJTInstall.exe: supprimé !
C:\Lop SD\catchme.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\lopR.txt: supprimé !
C:\Documents and Settings\Thomas\Bureau\hijackthis.log: supprimé !
C:\Documents and Settings\Thomas\Bureau\lopR.txt: supprimé !
C:\Genproc\Genproc.exe: supprimé !
C:\Genproc\outil\hijackthis.log: supprimé !
C:\Genproc\outil\mbr.exe: supprimé !
C:\Genproc\Page\GenProc[*].html: ERREUR DE SUPPRESSION !!
C:\Lop SD\catchme.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\GenProc: supprimé !
C:\UsbFix: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Réponse 6 / 102

Thomas
15 août 2009 à 09:35

;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-08-15 09:33:48
PROTECTIONS: 1
MALWARE: 6
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus 8.5 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Thomas\Cookies\thomas@atdmt[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Thomas\Cookies\thomas@xiti[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Thomas\Cookies\thomas@weborama[1].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Thomas\Cookies\thomas@metriweb[1].txt
00200583 adware/block-checker Adware No 1 Yes No c:\documents and settings\thomas\application data\microsoft\internet explorer\quick launch\block checker.lnk
00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{28B95B92-4ADC-47B5-B9D3-0B42A08FD847}\RP1042\A0141969.sys
;===================================================================================================================================================================================
SUSPECTS
Sent Location ^
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description ^
;===================================================================================================================================================================================
;===================================================================================================================================================================================

Réponse 7 / 102

Thomas
15 août 2009 à 13:05

Bonjour,

Voilà j'ai réalisé ce qui était dit. Je n'ai pas rencontré de problèmes. Quelle est la suite de la procédure ? Merci.

Réponse 8 / 102

Thomas
15 août 2009 à 14:45

En réalité, j'ai lancé Malwarebyte à la suite d'un souci dont je n'arrivais pas à comprendre la cause.

Avant les analyses d'hier soir, l'écran de mon pc s'éteignait par moment par va et vient, il se brouillait également et des erreurs graphiques (barres horizontales jaunes) survenaient derrière le pointeur de la souris. Je ne sais cependant pas s'il y a un lien ou non.

Egalement, le pc est incapable d'installer une mise à jour pour windows :

Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706)

Voilà les problèmes qui m'ont poussé à lancer des analyses en tout genre voire inutiles.

Réponse 9 / 102

Thomas
15 août 2009 à 18:25

Bonjour,

Toujours pas de trace de mon possible sauver d'hier ??

Réponse 10 / 102

Utilisateur anonyme
15 août 2009 à 23:02

bonsoir pour avancer :

Télécharge OTL de OLDTimer

▶ enregistre le sur ton Bureau.

▶ Double clic sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt".

Réponse 11 / 102

Maud
15 août 2009 à 23:30

Voici:

http://www.cijoint.fr/cjlink.php?file=cj200908/cij5ElTUvz.txt
http://www.cijoint.fr/cjlink.php?file=cj200908/cijYPUKWYB.txt

Réponse 12 / 102

Maud
15 août 2009 à 23:37

NB: Le portable vient d'avoir bcp de mal à se rallumer (démarrage en boucle), il a finalement réussi mais les graphismes sont extrêmement grands. Mais tant qu'il est allumé je ne titille pas la bête.

Réponse 13 / 102

Maud
15 août 2009 à 23:58

Ai-je envoyé les liens corrects ?

Réponse 14 / 102

Utilisateur anonyme
16 août 2009 à 05:18

ok lis ce qui est ecrit en cliquant sur le lien , ce que je dois te faire faire ne rentre pas sur le forum ^^

http://www.cijoint.fr/cjlink.php?file=cj200908/cijuCKcDOH.txt

Réponse 15 / 102

Maud
16 août 2009 à 09:36

Bonjour, merci en tout cas de me (re)venir en aide. C'est quoi cette saleté encore ? Voici le rapport:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
ADS C:\WINDOWS\wmprfFRA.prx:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wshfr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wfwnet.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\W29MLRES.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\vga.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\vga.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\user.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\unicode.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\tssoft32.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\tsbyuv.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\timer.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\system.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sound.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sortkey.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\rsvp.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\riched32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\rasmontr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\pxwma.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\olethk32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oleaccrc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\OEMLOGO.BMP:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\nvsvc32.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\nvrsfr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\nv4_disp.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\netmsg.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvidc32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvcr70.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvcp70.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msstkprp.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msgsm32.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msg723.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msg711.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msacm32.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mouse.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mmsystem.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mmdrv.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mfc42loc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\lz32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\keyboard.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kdcom.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kbdus.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kbdfr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kbdbe.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\jsfr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ir32_32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ipxpromn.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ipxmontr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\inetcplc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ImagXRA7.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ImagXR7.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ImagXpr7.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ImagX7.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\igfxtray.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\igfxsrvc.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\igfxsrvc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\igfxdev.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\HUFFYUV.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\hnetmon.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\hkcmd.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\hccutils.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\fixmapi.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drwtsn32.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\w29n51.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\tifmsony.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SYMTDI.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SYMREDRV.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SYMNDIS.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SYMIDS.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SYMFW.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SYMDNS.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\SonyNC.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\s24trans.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\RtkHDAud.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\raspti.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\rasacd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\ptilink.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\nv4_mini.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\mouhid.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\imagesrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\imagedrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\ialmnt5.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\ExpasAG.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\e100b325.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\DMICall.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\audstub.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\Apfiltr.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\DRIVERS\AegisP.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\d3dx9_25.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ctype.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\comm.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\clb.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_28591.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1253.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1251.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1250.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\SOUNDMAN.EXE:KAVICHS deleted successfully.
ADS C:\Program Files\Sony\VAIO Launcher\Launcher.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Sony\VAIO Event Service\VESMgr.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Sony\Image Converter 2\IcVzMon.exe:KAVICHS deleted successfully.
ADS C:\Program Files\mozilla firefox\searchplugins\googlefr.src:KAVICHS deleted successfully.
ADS C:\Program Files\mozilla firefox\searchplugins\google.src:KAVICHS deleted successfully.
ADS C:\Program Files\mozilla firefox\plugins\npnul32.dll:KAVICHS deleted successfully.
ADS C:\Program Files\Mozilla Firefox\firefox.exe:KAVICHS deleted successfully.
ADS C:\Program Files\mozilla firefox\components\qfaservices.dll:KAVICHS deleted successfully.
ADS C:\Program Files\mozilla firefox\components\jar50.dll:KAVICHS deleted successfully.
ADS C:\Program Files\mozilla firefox\components\fullsoft.dll:KAVICHS deleted successfully.
ADS C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Intel\Wireless\Bin\EvtEng.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe:KAVICHS deleted successfully.
ADS C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe:KAVICHS deleted successfully.
ADS C:\Documents and Settings\Thomas\Mes documents\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\Thomas\Menu Démarrer\Programmes\Démarrage\VAIO Launcher.lnk:KAVICHS deleted successfully.
ADS C:\Documents and Settings\Thomas\Menu Démarrer\Programmes\Démarrage\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\Thomas\Application Data\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\All Users\Documents\winamp5112_full.exe:KAVICHS deleted successfully.
ADS C:\Documents and Settings\All Users\Documents\Setup_Zeb-Utility.exe:KAVICHS deleted successfully.
ADS C:\Documents and Settings\All Users\Documents\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\desktop.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\Zapotec.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\winnt256.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\winnt.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\WININIT.INI:KAVICHS deleted successfully.
ADS C:\WINDOWS\winhelp.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\Winchat.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\vmmreg32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\Vent de prairie.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\vbaddin.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\vb.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Long Battery Life Wallpaper HighColor 1680x1050.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Long Battery Life Wallpaper HighColor 1280x800.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1920x1200.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1920x1080.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1776x1000.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1680x1050.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1600x1200.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1440x900.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1400x1050.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1366x768.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x768.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x720.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x1024.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1024x768.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1920x1200.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1920x1080.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1776x1000.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1680x1050.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1600x1200.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1440x900.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1400x1050.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1366x768.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1280x800.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1280x768.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1280x720.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1280x1024.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\VAIO Light Flo Wallpaper HighColor 1024x768.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\UninstallFirefox.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\twunk_32.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\twunk_16.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\twain.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\Tasse à café.bmp:KAVICHS deleted successfully.
ADS C:\WINDOWS\TASKMAN.EXE:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\xenroll.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wupdmgr.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wuaueng1.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wuauclt1.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wshnetbs.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wshisn.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wshatm.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\write.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wpdtrace.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wpa.dbl:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wowfaxui.dll:KAVICHS deleted successfully.

Réponse 16 / 102

Maud
16 août 2009 à 09:46

La totalité de l'analyse ne passe pas sur le forum. J'ai tenté de c/c la partie manquante mais il ne l'a pas postée et pourtant il m'a dit que l'opération a déjà été effectuée. Soit. Je poste sur cijoint ??

Réponse 17 / 102

Utilisateur anonyme
16 août 2009 à 11:46

oui s'il te plait

Réponse 18 / 102

Maud
16 août 2009 à 12:40

Voilà c'est fait. J'ai quelques difficultés étant donné que le pc commence à laterner écran noir - écran - écran noir (...)

http://www.cijoint.fr/cjlink.php?file=cj200908/cij42Qd1Ct.txt

Réponse 19 / 102

Utilisateur anonyme
16 août 2009 à 12:52

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List'em et enregistre le sur ton bureau

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

▶laisse travailler l'outil

le rapport va s'afficher , une fois le scan fini

▶colle le contenu dans ta prochaine réponse

Réponse 20 / 102

Maud
16 août 2009 à 13:44

List'em by g3n-h@ckm@n 1.0.2.0

dim. 16/08/2009 13:42:32,18

Microsoft Windows XP [version 5.1.2600]

Infections possibles :
====================

¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

C:\WINDOWS\system32\Drivers\ati1btxx.sys
C:\WINDOWS\system32\Drivers\ati1mdxx.sys
C:\WINDOWS\system32\Drivers\ati1pdxx.sys
C:\WINDOWS\system32\Drivers\ati1raxx.sys
C:\WINDOWS\system32\Drivers\ati1rvxx.sys
C:\WINDOWS\system32\Drivers\ati1snxx.sys
C:\WINDOWS\system32\Drivers\ati1ttxx.sys
C:\WINDOWS\system32\Drivers\ati1tuxx.sys
C:\WINDOWS\system32\Drivers\ati1xbxx.sys
C:\WINDOWS\system32\Drivers\ati1xsxx.sys
C:\WINDOWS\system32\Drivers\atinbtxx.sys
C:\WINDOWS\system32\Drivers\atinmdxx.sys
C:\WINDOWS\system32\Drivers\atinpdxx.sys
C:\WINDOWS\system32\Drivers\atinraxx.sys
C:\WINDOWS\system32\Drivers\atinrvxx.sys
C:\WINDOWS\system32\Drivers\atinsnxx.sys
C:\WINDOWS\system32\Drivers\atinttxx.sys
C:\WINDOWS\system32\Drivers\atintuxx.sys
C:\WINDOWS\system32\Drivers\atinxbxx.sys
C:\WINDOWS\system32\Drivers\atinxsxx.sys

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

¤¤¤¤¤¤¤¤¤¤ Windows\Prefetch :

C:\WINDOWS\Prefetch\ALBUMDB2.EXE-1F918EF2.pf
C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf
C:\WINDOWS\Prefetch\AVGCMGR.EXE-017B654E.pf
C:\WINDOWS\Prefetch\AVGUI.EXE-0D7989A9.pf
C:\WINDOWS\Prefetch\AVGUPD.EXE-2AED0BE6.pf
C:\WINDOWS\Prefetch\CHECKER.EXE-035DF12F.pf
C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf
C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf
C:\WINDOWS\Prefetch\DW20.EXE-0A0B1C6C.pf
C:\WINDOWS\Prefetch\DWTRIG20.EXE-05D8A0C7.pf
C:\WINDOWS\Prefetch\EXPAND.EXE-14A1B56D.pf
C:\WINDOWS\Prefetch\FIXCFG.EXE-3A39BB3F.pf
C:\WINDOWS\Prefetch\FXSVR2.EXE-34D06B28.pf
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf
C:\WINDOWS\Prefetch\IGFXSRVC.EXE-1D88F978.pf
C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf
C:\WINDOWS\Prefetch\layout.ini
C:\WINDOWS\Prefetch\LISTEM.EXE-29880F81.pf
C:\WINDOWS\Prefetch\LVCOMSX.EXE-30FB8DC0.pf
C:\WINDOWS\Prefetch\MODE.COM-318FFE37.pf
C:\WINDOWS\Prefetch\MSCORSVW.EXE-310BC412.pf
C:\WINDOWS\Prefetch\MSFEEDSSYNC.EXE-05335A39.pf
C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf
C:\WINDOWS\Prefetch\MSNMSGR.EXE-0EBDBC56.pf
C:\WINDOWS\Prefetch\NGEN.EXE-20BDC4FB.pf
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D479208.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-54023F1C.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-57C8756E.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-5F120771.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-753F1DF3.pf
C:\WINDOWS\Prefetch\SETUP.EXE-02D9625A.pf
C:\WINDOWS\Prefetch\SQLBROWSER.EXE-008F6C94.pf
C:\WINDOWS\Prefetch\SSTEXT3D.SCR-0586736D.pf
C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf
C:\WINDOWS\Prefetch\VCSW.EXE-228F95AF.pf
C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf
C:\WINDOWS\Prefetch\VZRS.EXE-22BC1C1C.pf
C:\WINDOWS\Prefetch\WLTUSER.EXE-2E4DF564.pf
C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf
C:\WINDOWS\Prefetch\WSCNTFY.EXE-0B14C27D.pf
C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf

--------EOF------------

Infections Malwarebyte

102 réponses

Discussions similaires

Newsletters