Bonjour,
j'ai deja posté précédemment mais pas avec le rapport complet.. voici !!! je ne suis pas sure de réussir à redémarrer, si qqun pouvait m'aider tant que mon PC marche ce serait super gentil!!!!!
merci!
Logfile of random's system information tool 1.06 (written by random/random)
Run by Anne-Laure at 2009-12-11 22:33:36
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 145 MB (0%) free of 56 GB
Total RAM: 1023 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:38, on 11/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\Anne-Laure\Local Settings\Temporary Internet Files\Content.IE5\HVT4EYTA\HiJackThis[1].exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Anne-Laure\Local Settings\Temporary Internet Files\Content.IE5\J9GO2WKG\RSIT[1].exe
C:\Program Files\trend micro\Anne-Laure.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EPSON Stylus D78 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\WINDOWS\TEMP\E_S4.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=
https://www.asus.com/fr/
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Environnement d'exécution Java 1.4.0_04) - http://javadl-esd.sun.com/update/1.4.0/jinstall-1_4_0_04-win.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
Afficher la suite
11 déc. 2009 à 22:49
############################## | UsbFix V6.061 |
User : Anne-Laure (Administrateurs) # NOM-F5359AD6EF2
Update on 10/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 22:44:41 | 11/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Turion(tm) 64 X2 Mobile Technology TL-50
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 091211-0] 4.8.1356 [ (!) Disabled | Updated ]
C:\ -> Disque fixe local # 54,84 Go (132,66 Mo free) # NTFS
D:\ -> Disque fixe local # 36,46 Go (2,31 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
J:\ -> Disque fixe local # 149,01 Go (10,52 Go free) [CACTUS BLEU] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 984
C:\WINDOWS\system32\csrss.exe 1036
C:\WINDOWS\system32\winlogon.exe 1068
C:\WINDOWS\system32\services.exe 1112
C:\WINDOWS\system32\lsass.exe 1124
C:\WINDOWS\system32\svchost.exe 1280
C:\WINDOWS\system32\svchost.exe 1348
C:\WINDOWS\System32\svchost.exe 1388
C:\WINDOWS\system32\svchost.exe 1428
C:\WINDOWS\system32\svchost.exe 1492
C:\WINDOWS\system32\svchost.exe 1576
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 2008
C:\Program Files\Alwil Software\Avast4\ashServ.exe 172
C:\WINDOWS\Explorer.EXE 324
C:\WINDOWS\ATK0100\HControl.exe 644
C:\WINDOWS\sm56hlpr.exe 716
C:\WINDOWS\RTHDCPL.EXE 728
C:\Program Files\Wireless Console 2\wcourier.exe 752
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 760
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe 788
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 808
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe 916
C:\Program Files\D-Tools\daemon.exe 924
C:\Program Files\iTunes\iTunesHelper.exe 940
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 952
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe 960
C:\WINDOWS\system32\ctfmon.exe 968
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 976
C:\Program Files\Network Associates\Common Framework\McTray.exe 1028
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe 288
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe 568
C:\WINDOWS\system32\spoolsv.exe 608
C:\WINDOWS\system32\svchost.exe 2088
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2124
C:\Program Files\Bonjour\mDNSResponder.exe 2148
C:\Program Files\ICQ6Toolbar\ICQ Service.exe 2664
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe 2936
C:\WINDOWS\system32\nvsvc32.exe 2988
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe 3256
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3396
C:\WINDOWS\system32\svchost.exe 3524
C:\Program Files\iPod\bin\iPodService.exe 2752
C:\WINDOWS\System32\alg.exe 3472
C:\WINDOWS\ATK0100\ATKOSD.exe 3544
C:\WINDOWS\system32\wuauclt.exe 2816
C:\Program Files\Windows Live\Toolbar\wltuser.exe 3964
C:\Documents and Settings\Anne-Laure\Local Settings\Temporary Internet Files\Content.IE5\HVT4EYTA\HiJackThis[1].exe 1940
C:\WINDOWS\system32\taskmgr.exe 1900
C:\Program Files\Internet Explorer\iexplore.exe 2120
C:\WINDOWS\system32\NOTEPAD.EXE 1728
C:\WINDOWS\system32\NOTEPAD.EXE 2060
C:\WINDOWS\system32\NOTEPAD.EXE 2504
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\7zS26.tmp\SymNRT.exe 1540
C:\WINDOWS\system32\wscntfy.exe 3876
C:\WINDOWS\system32\wbem\wmiprvse.exe 1624
################## | Fichiers # Dossiers infectieux |
C:\WINDOWS\AhnRpta.exe
C:\WINDOWS\Temp\sig3.tmp
C:\WINDOWS\Temp\sigC.tmp
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\Photos_Martinique.rar
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\azemp-win32_1.9.11.zip
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\718631~1.exe
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\a.dat
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\cvasds1.dll
C:\DOCUME~1\ANNE-L~1\LOCALS~1\Temp\herss.exe
C:\autorun.inf
C:\autorun.inf -> fichier appelé : "C:\xmor.exe" ( Présent ! )
C:\g12g.exe
C:\i9bwjpqc.exe
C:\mbvd.exe
C:\opdux.exe
C:\pbudsara.exe
C:\vk0w.exe
C:\wglb9q.exe
C:\xmor.exe
D:\autorun.inf
D:\autorun.inf -> fichier appelé : "D:\xmor.exe" ( Présent ! )
D:\0qw6vege.exe
D:\6ruaqx.exe
D:\9g86.exe
D:\g12g.exe
D:\mbvd.exe
D:\opdux.exe
D:\pbudsara.exe
D:\vk0w.exe
D:\wglb9q.exe
D:\xmor.exe
J:\autorun.inf
J:\autorun.inf -> fichier appelé : "J:\xmor.exe" ( Présent ! )
J:\gbm6n.exe
J:\MS32DLL.dll.vbs
J:\xmor.exe
################## | Registre # Clés infectieuses |
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cdoosoft"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}"
[HKLM\SOFTWARE\Classes\CLSID\MADOWN]
[HKCR\CLSID\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}]
[HKCR\CLSID\MADOWN]
[HKLM\SYSTEM\CurrentControlSet\Services\AVPsys]
[HKLM\SYSTEM\ControlSet001\Services\AVPsys]
[HKLM\SYSTEM\ControlSet002\Services\AVPsys]
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\J
Shell\AutoRun\command =J:\gbm6n.exe
Shell\open\Command =J:\gbm6n.exe
HKCU\..\..\Explorer\MountPoints2\{0cef7581-cb99-11dd-83ce-001bfca1b04e}
Shell\AutoRun\command =G:\RECYCLER\S-1-6-22-2134031345-1609158761-021649731-3160\shellrun.exe
Shell\open\command =G:\RECYCLER\S-1-6-22-2134031345-1609158761-021649731-3160\shellrun.exe
HKCU\..\..\Explorer\MountPoints2\{43fe383c-e56c-11de-85a9-001bfca1b04e}
Shell\AutoRun\command =G:\xmor.exe
Shell\open\Command =G:\xmor.exe
HKCU\..\..\Explorer\MountPoints2\{8510dc85-af6a-11de-852f-001bfca1b04e}
Shell\AutoRun\command =G:\xmor.exe
Shell\open\Command =G:\xmor.exe
HKCU\..\..\Explorer\MountPoints2\{99640e94-d8fc-11dd-83fe-001bfca1b04e}
Shell\AutoRun\command =fn20.exe
Shell\explore\Command =fn20.exe
Shell\open\Command =fn20.exe
HKCU\..\..\Explorer\MountPoints2\{a5905a61-baac-11dc-8034-001bfca1b04e}
Shell\AutoRun\command =J:\gbm6n.exe
Shell\open\Command =J:\gbm6n.exe
HKCU\..\..\Explorer\MountPoints2\{f26c773f-7a0b-11dd-8385-001bfca1b04e}
Shell\AutoRun\command =H:\LaunchU3.exe -a
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.061 ! |