Personal Security

Luxia29 Messages postés 14 Statut Membre -  
flo-91 Messages postés 5973 Statut Contributeur sécurité -
Bonjour,

J'ai un gros pb avec le faux Personal Security, je ne sais pas comment j'ai choppé ça mais ça me bloque mes fenêtres internet...
Quelqu'un peut-il m'aider s'il vous plait ?
Merci d'avance
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
Bonjour,


1-> Télécharge Rkill ( de Grinler ) sur ton bureau :

https://download.bleepingcomputer.com/grinler/rkill.exe

/!\ Désactive toutes tes protections résidentes ( Antivirus, Antispyware, Pare-Feu ) /!\

> Double clique sur rkill ( présent sur ton bureau ) ou clique droit -> Executer en tant qu'administrateur ( utilisateurs de vista/7 )

> Une fenêtre sur fond noir s'ouvrira rapidement puis disparaîtra, c'est normal.


2-> SuperAntiSpyware <


> Télécharge SuperAntiSpyware ici :

http://cdn.superantispyware.com/SUPERAntiSpyware.exe

> Installe le avec les paramètres par défaut.

> A la fin de l'installation, il se lancera et te demandera de choisir la langue du programme, choisis français.

> Le programme te proposera ensuite de le mettre à jour, fait le.

> Un assistant de configuration s'ouvrira, fais suivant en laissant les paramètres par défaut

> SuperAntiSpyware s'ouvrira. Clique sur " Scanner votre ordinateur ".

> Coche " Executer scan complet " et clique sur " Suivant ".

> Laisse le scan s'opérer.

> A la fin du scan, vérifie que tout est coché puis clique sur " Suivant "

> Clique ensuite sur terminer, puis clique sur " Préférences ".

> Va à l'onglet " Statistiques/Journaux de bord " , séléctionne celui en date d'aujourd'hui puis clique sur " Voir le journal de bord "

> Copie/Colle son contenu dans ton prochain message.

> Note : tu peux vider la quarantaine ( " La gestion de la quarantaine " au menu principal )
1
Réponse 2 / 22
FoxRivers
 
tu n'arrive pas à le désinstaller ?!
0
Réponse 3 / 22
Luxia29 Messages postés 14 Statut Membre
 
Non impossible... J'ai essayé mais quand je veux le désinstaller, on me demande de payer l'anti-virus (qui n'en est pas un...)
0
Réponse 4 / 22
Luxia29 Messages postés 14 Statut Membre
 
Merci beaucoup !
Voilà le contenu...


SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 12/16/2009 at 02:40 PM

Application Version : 4.31.1000

Core Rules Database Version : 4378
Trace Rules Database Version: 2217

Scan type : Complete Scan
Total Scan Time : 00:28:17

Memory items scanned : 457
Memory threats detected : 2
Registry items scanned : 4480
Registry threats detected : 27
File items scanned : 28376
File threats detected : 309

Trojan.Dropper/Win-NV
C:\WINDOWS\SYSTEM32\XXOP81.DLL
C:\WINDOWS\SYSTEM32\XXOP81.DLL
C:\WINDOWS\SYSTEM32\SSHNAS.DLL
C:\WINDOWS\SYSTEM32\SSHNAS.DLL
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\xxop81
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS#Type
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS#Start
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS#ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Parameters
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Parameters#ServiceDll
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Security
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Enum
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS\Enum#NextInstance
C:\WINDOWS\MSA.EXE
C:\WINDOWS\TEMP\A.EXE

Trojan.Dropper/Gen-C
[ZagrebLand] C:\WINDOWS\TEMP\C.EXE
C:\WINDOWS\TEMP\C.EXE
[ZagrebLand] C:\DOCUME~1\CRAULT~1.ALV\LOCALS~1\TEMP\C.EXE
C:\DOCUME~1\CRAULT~1.ALV\LOCALS~1\TEMP\C.EXE
[ZagrebLand] C:\WINDOWS\TEMP\C.EXE
C:\DOCUMENTS AND SETTINGS\C.RAULT.ALVAC\LOCAL SETTINGS\TEMP\A.EXE
C:\DOCUMENTS AND SETTINGS\C.RAULT.ALVAC\LOCAL SETTINGS\TEMP\B.EXE
C:\DOCUMENTS AND SETTINGS\C.RAULT.ALVAC\LOCAL SETTINGS\TEMP\C.EXE
C:\WINDOWS\TEMP\B.EXE
C:\WINDOWS\Prefetch\C.EXE-0AC304BC.pf
C:\WINDOWS\Prefetch\C.EXE-1B8D5E2D.pf

Trojan.Agent/Gen-FakeAlert[TS]
HKLM\Software\Classes\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKCR\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKCR\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKCR\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}\InprocServer32
HKCR\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\WIN32EXTENSION.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}
HKU\S-1-5-21-1757981266-854245398-682003330-1118\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

Adware.Tracking Cookie
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[35].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@cdiscount[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@mediaplex[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@m1.webstats.motigo[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@doubleclick[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[22].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@interflora2.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@content.yieldmanager[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.zanox[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@weborama[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@2o7[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adviva[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@microsoftinternetexplorer.112.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@microsoftsto.112.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adfarm1.adition[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@cetelem.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@chitika[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@track.effiliation[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@serving-sys[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@euroclick[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ie8audience.solution.weborama[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.yieldmanager[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adserver.aol[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@richmedia.yahoo[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@cdn5.specificclick[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@revenue[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@eas.apm.emediate[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@yourmedia[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adrevolver[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ads.clickadserver[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adbrite[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.ieurop[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[28].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tradedoubler[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@clickintext[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bluestreak[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adserver.cherchons[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@premiere.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@advertising[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tacoda[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@smartadserver[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@partypoker[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@lagarderefrance.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bouyguestelecom.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fnacmagasin.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.proxad[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@beacons.hottraffic[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bizrate[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@statcounter[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@clicks.pangora[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@overture[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@netgear.122.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@elle.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fr.at.atwola[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@247realmedia[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@estat[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@opodo.122.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@daimlerag.122.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tracking.lsfinteractive[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@specificclick[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fastclick[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@casalemedia[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@t.bbtrack[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@media.adrevolver[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@postclicktracking[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@www.smartadserver[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@xiti[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[5].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adv.surinter[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@interhome.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@weba.cdiscount[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bubblestat[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@msnportal.112.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adopt.euroclick[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bs.serving-sys[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@cnam.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@advertstream[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@consolidationwindowsfrie8.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@intermarche2009.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@atdmt[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fl01.ct2.comclick[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adtech[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@at.atwola[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@partyaccount[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@zedo[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@statse.webtrendslive[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@content.yieldmanager[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@wysistat[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@mediateurdelenergie.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@questionmarket[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@revsci[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@himedia.individuad[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@track.webgains[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@virginmobile.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@footeogroupe.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@stats.vinc[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@afidol.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@banquepopulaire.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@zanox[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@femina.solution.weborama[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[38].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ads.118000[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@garnier2009.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@admarketplace[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@spacefoot.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ads.shopreflex[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@lorealpariselseve.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@mmedia.t134[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@nestlecereals.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@apmebf[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@clubatcost.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c[31].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@samsung.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@wysistat[4].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@wsclick.infospace[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@exoclick[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@media6degrees[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@sfr.122.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ads.illicotravel[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tracking.publicidees[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fr.partypoker[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ttbeuropcar.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@aimfar.solution.weborama[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tracking.veille-referencement[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@argusauto2.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@wysistat[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bridge1.admarketplace[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@cosmetiqueactive2009.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ads.audxch[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@secure.partyaccount[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@kelpromo.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adserver.aol[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.yieldmanager[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.zanox[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ads.audxch[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@aimfar.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@apmebf[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@clickintext[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@content.yieldmanager[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fastclick[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@fr.classic.clickintext[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tribalfusion[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@nestlemaggi.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@serving-sys[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@server.cpmstar[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@serving-sys[3].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@stats.servicepubliclocal[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@track.effiliation[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tradedoubler[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adrevolver[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@247realmedia[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@2o7[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@4.adbrite[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ad.yieldmanager[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ad.zanox[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adbrite[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adopt.euroclick[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@aimfar.solution.weborama[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.addclic[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.afrik[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.canalblog[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.multimania.lycos[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.pointroll[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.umahe[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ads.widgetbucks[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adserver.aol[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adtech[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adv.surinter[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@advertising[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@advertstream[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@adviva[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@aolfr.122.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@apmebf[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@atdmt[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@audi.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@bluestreak[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@bnpparibasnet.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@boursoramabanque.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@bs.serving-sys[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@conforamalancementsite.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@casalemedia[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@cetelem.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@commission-junction[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@creditcooperatif.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@date.ventivmedia[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@dolcegusto16avril11juin.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@doubleclick[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@ehg-telecomitalia.hitbox[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@fastclick[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@fl01.ct2.comclick[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@fnac.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@himedia.individuad[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@hitbox[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@karavel.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@hotlog[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@laredoute.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@media.adrevolver[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@media.livefun[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@mediaplex[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@msnaccountservices.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@msnportal.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@overture[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@questionmarket[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@richmedia.yahoo[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@smartadserver[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@samsung.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@servedby.onlinemediadiva[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@serving-sys[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@specificclick[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@stat.one-clic[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@stats.canalblog[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@statse.webtrendslive[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@statsweb.bnpparibas[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@track.effiliation[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@tracker.affistats[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@tradedoubler[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@tribalfusion[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@videoegg.adbureau[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@vitteladidasavril08.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@www.cibleclick[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@www.smartadserver[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@xiti[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@yoplait.solution.weborama[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@yourmedia[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@zbox.zanox[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\Documents and Settings\c.rault\Cookies\c.rault@zedo[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ads.tetesacl.streamtheworld[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@247realmedia[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@2o7[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ad.cibleclick[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ad.ifrance[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@adopt.hbmediapro[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ads.multimania.lycos[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ads.pointroll[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ads.wanadooregie[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@adserver.aol[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@adtech[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@adv.surinter[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@advertising[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@advertstream[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@apmebf[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@as1.falkag[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@atdmt[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@dealtime.co[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@audit.median[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@bluestreak[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@bs.serving-sys[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@casalemedia[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@cdiscount[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@data.coremetrics[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@dictionnaire.mediadico[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@directtrack[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@doubleclick[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ehg-kodak.hitbox[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@ehg-neuftelecom.hitbox[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@fastclick[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@fl01.ct2.comclick[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@hitbox[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@media-zvip.carpediem[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@macromedia.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@mediadico[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@mediaplex[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@mediastay.directtrack[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@mediastay[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@msnportal.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@overture[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@paypal.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@sfr.122.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@serving-sys[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@serving-sys[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@test.coremetrics[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@tracker.roitesting[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@tracking.publicidees[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@tradedoubler[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@weborama[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@www.cdiscount[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@www.cibleclick[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@www.smartadserver[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@xiti[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@yourmedia[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault\Cookies\c.rault@zedo[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault.PC16419\Cookies\c.rault@2o7[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault.PC16419\Cookies\c.rault@atdmt[2].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault.PC16419\Cookies\c.rault@bluestreak[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault.PC16419\Cookies\c.rault@msnportal.112.2o7[1].txt
C:\RECUP DONNEES\16419_ALVAC\C\My old Disk Structure -- 22-05-07 1720\Documents and Settings\c.rault.PC16419\Cookies\c.rault@weborama[2].txt

Trojan.Agent/Gen
HKU\S-1-5-21-1757981266-854245398-682003330-1118\Software\Videohost

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{73B805CC-2830-47BE-AA94-B6532C5C9198}\RP227\A0031325.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{73B805CC-2830-47BE-AA94-B6532C5C9198}\RP227\A0031327.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{73B805CC-2830-47BE-AA94-B6532C5C9198}\RP227\A0031329.DLL

Trojan.Dropper/SVCHost-Fake
C:\WINDOWS\TEMP\OFVN.TMP\SVCHOST.EXE

Trojan.Downloader-Gen/SVCHost-Fake
C:\WINDOWS\TEMP\VPOI.TMP\SVCHOST.EXE
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
>Telecharge malwarebytes ici :


https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
/!\Utilisateur de Vista : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu’Administrateur »

. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
Réponse 6 / 22
Luxia29 Messages postés 14 Statut Membre
 
Je l'ai téléchargé, mais il ne s'ouvre pas..
Enfin il s'ouvre puis la fenetre disparait sans que j'ai le temps de faire quoi que se soit ! :/
0
Réponse 7 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
>Telecharge RSIT ici et enregistre-le sur ton bureau :

http://images.malwareremoval.com/random/RSIT.exe

>Double-clique sur RSIT.exe qui se trouve sur le bureau

>Le programme se lance, choisi "1month" et clique sur "continue"

>Laisse faire l'outil et poste le rapport qui s'affiche.
0
Réponse 8 / 22
Luxia29 Messages postés 14 Statut Membre
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by c.rault at 2009-12-16 15:04:20
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 58 GB (80%) free of 72 GB
Total RAM: 1023 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:19:04, on 16/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PersonalSec\psecurity.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\C.RAULT.ALVAC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\TEMP\b.exe
C:\Documents and Settings\C.RAULT.ALVAC\Bureau\RSIT.exe
C:\Program Files\trend micro\c.rault.exe
C:\WINDOWS\TEMP\c.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-ME5MT.exe" /REG
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [c.rault] C:\Documents and Settings\C.RAULT.ALVAC\c.rault.exe
O4 - HKCU\..\Run: [PersonalSec] C:\Program Files\PersonalSec\psecurity.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\C.RAULT.ALVAC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = alvac.local
O17 - HKLM\Software\..\Telephony: DomainName = alvac.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = alvac.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = alvac.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = alvac.local
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/CRAULT~1.ALV/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
0
Réponse 9 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

>Usbfix<

>Télécharge USBFIX de Chiquitine29, C_xx ici :

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe

>/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

> Double clic sur le raccourci UsbFix présent sur le bureau .

>Choisir l'option 1 (Recherche) et laisser travailler l'outil

Ensuite poste le rapport UsbFix.txt qui apparaîtra.


• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
0
Réponse 10 / 22
Luxia29 Messages postés 14 Statut Membre
 
############################## | UsbFix V6.064 |

User : c.rault (Administrateurs) # CIG16419
Update on 16/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:50:16 | 16/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 70,61 Go (56,32 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible # 7,45 Go (7,38 Go free) [HP v125w] # FAT32
G:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
H:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
I:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
J:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
P:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 444
C:\WINDOWS\system32\csrss.exe 500
C:\WINDOWS\system32\winlogon.exe 528
C:\WINDOWS\system32\services.exe 576
C:\WINDOWS\system32\lsass.exe 588
C:\WINDOWS\system32\svchost.exe 772
C:\WINDOWS\system32\svchost.exe 852
C:\WINDOWS\System32\svchost.exe 924
C:\WINDOWS\System32\svchost.exe 1012
C:\WINDOWS\System32\svchost.exe 1076
C:\WINDOWS\system32\spoolsv.exe 1236
C:\WINDOWS\system32\brss01a.exe 1244
C:\WINDOWS\System32\svchost.exe 1584
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe 1656
C:\Program Files\CA\eTrust Antivirus\InoRT.exe 1724
C:\Program Files\CA\eTrust Antivirus\InoTask.exe 1888
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe 176
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe 740
C:\WINDOWS\System32\svchost.exe 1036
C:\Program Files\UltraVNC\WinVNC.exe 1088
C:\WINDOWS\SOUNDMAN.EXE 1636
C:\PROGRA~1\CA\ETRUST~1\realmon.exe 1708
C:\WINDOWS\system32\ctfmon.exe 1836
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 1940
C:\WINDOWS\system32\sistray.exe 2160
C:\Documents and Settings\C.RAULT.ALVAC\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe 2200
C:\Program Files\UltraVNC\WinVNC.exe 2624
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 2656
C:\WINDOWS\System32\alg.exe 2756
C:\Program Files\Internet Explorer\iexplore.exe 3384
C:\Program Files\Internet Explorer\iexplore.exe 3476
C:\Program Files\Internet Explorer\iexplore.exe 2324
C:\WINDOWS\explorer.exe 252
C:\WINDOWS\system32\wbem\wmiprvse.exe 124

################## | Fichiers # Dossiers infectieux |

C:\WINDOWS\Temp\a.dat
C:\WINDOWS\Temp\a.exe
C:\WINDOWS\Temp\b.exe
C:\WINDOWS\Temp\c.exe
C:\WINDOWS\System32\sshnas.dll
C:\DOCUME~1\CRAULT~1.ALV\LOCALS~1\Temp\a.dat
I:\Install\install.exe
I:\server.exe

################## | Registre # Clés infectieuses |

[HKCU\SOFTWARE\XML]
[HKCU\SOFTWARE\ZagrebLand]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "c.rault"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{28b68cfa-df1a-11de-8f31-0015f25b9260}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL mLecorRe.exE

HKCU\..\..\Explorer\MountPoints2\{58773645-b300-11dd-80c8-806d6172696f}
Shell\AutoRun\command =D:\Launch.exe

HKCU\..\..\Explorer\MountPoints2\{58773646-b300-11dd-80c8-806d6172696f}
Shell\AutoRun\command =E:\install.EXE /AUTORUN
Shell\configure\command =E:\install.EXE
Shell\install\command =E:\install.EXE

HKCU\..\..\Explorer\MountPoints2\{8f5cbeb8-3aee-11de-8ea2-0015f25b9260}
Shell\AutoRun\command =E:\LaunchU3.exe -a

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.064 ! |
0
Réponse 11 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
Ok, :

>Relance Usbfix :


/!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

>Usbfix<

>Télécharge USBFIX de Chiquitine29, C_xx ici :

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe


>/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

> Double clic sur le raccourci UsbFix présent sur le bureau .

>Choisir l'option 2 (Suppression) et laisser travailler l'outil

Ensuite poste le rapport UsbFix.txt qui apparaîtra.


• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
0
Réponse 12 / 22
Luxia29 Messages postés 14 Statut Membre
 
############################## | UsbFix V6.064 |

User : c.rault (Administrateurs) # CIG16419
Update on 16/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:18:43 | 16/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 70,61 Go (56,3 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible # 7,45 Go (7,38 Go free) [HP v125w] # FAT32
G:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
H:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
I:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
J:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
P:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 452
C:\WINDOWS\system32\csrss.exe 500
C:\WINDOWS\system32\winlogon.exe 528
C:\WINDOWS\system32\services.exe 576
C:\WINDOWS\system32\lsass.exe 588
C:\WINDOWS\system32\svchost.exe 780
C:\WINDOWS\system32\svchost.exe 856
C:\WINDOWS\System32\svchost.exe 928
C:\WINDOWS\System32\svchost.exe 1024
C:\WINDOWS\System32\svchost.exe 1080
C:\WINDOWS\system32\brsvc01a.exe 1176
C:\WINDOWS\system32\spoolsv.exe 1204
C:\WINDOWS\system32\brss01a.exe 1248
C:\WINDOWS\System32\svchost.exe 1504
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe 1588
C:\Program Files\CA\eTrust Antivirus\InoRT.exe 1616
C:\Program Files\CA\eTrust Antivirus\InoTask.exe 1684
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe 1744
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe 1980
C:\WINDOWS\system32\nvsvc32.exe 2024
C:\WINDOWS\System32\svchost.exe 168
C:\Program Files\UltraVNC\WinVNC.exe 264
C:\WINDOWS\system32\wuauclt.exe 416
C:\WINDOWS\system32\userinit.exe 484
C:\WINDOWS\Explorer.EXE 812
C:\WINDOWS\system32\wbem\wmiprvse.exe 1320
C:\WINDOWS\System32\alg.exe 1552
C:\Program Files\UltraVNC\WinVNC.exe 2352
C:\WINDOWS\system32\userinit.exe 2392

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\WINDOWS\Temp\a.dat
Supprimé ! C:\DOCUME~1\CRAULT~1.ALV\LOCALS~1\Temp\a.dat
Supprimé ! C:\Recycler\S-1-5-21-1715567821-2077806209-725345543-1003
Supprimé ! C:\Recycler\S-1-5-21-1757981266-854245398-682003330-1118
Supprimé ! I:\Install\install.exe
Non supprimé ! I:\server.exe

################## | Registre # Clés infectieuses |

Supprimé ! [HKCU\SOFTWARE\XML]
Supprimé ! [HKCU\SOFTWARE\ZagrebLand]
Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "c.rault"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{28b68cfa-df1a-11de-8f31-0015f25b9260}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{58773645-b300-11dd-80c8-806d6172696f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{58773646-b300-11dd-80c8-806d6172696f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8f5cbeb8-3aee-11de-8ea2-0015f25b9260}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[13/11/2008 13:59|--a------|0] C:\AUTOEXEC.BAT
[14/11/2008 09:11|-rahs----|212] C:\boot.ini
[28/09/2001 13:00|-rahs----|4952] C:\Bootfont.bin
[13/11/2008 13:59|--a------|0] C:\CONFIG.SYS
[13/11/2008 13:59|-rahs----|0] C:\IO.SYS
[13/11/2008 13:59|-rahs----|0] C:\MSDOS.SYS
[14/11/2008 09:08|-rahs----|47564] C:\NTDETECT.COM
[14/11/2008 09:25|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[16/12/2009 16:26|--a------|3753] C:\UsbFix.txt
[08/12/2009 15:05|--a------|398848] E:\partenairefinistre09.xls
[15/12/2009 10:36|--a------|20992] E:\ACTION PROFESSIONNELLE.doc
[16/12/2009 12:43|--a------|23552] E:\Document 2.doc
[16/12/2009 15:47|--a------|49664] E:\Rapport de stage.doc
[15/12/2009 11:55|--a------|26112] E:\FICHE DESCRIPTIVE.doc
[15/12/2009 12:48|--a------|26112] E:\REUNION SUR LE CESU.doc
[15/12/2009 13:54|--a------|4499] E:\attestation_de_stage[1].pdf
[04/03/2008 14:23|--a------|17625600] E:\DIAPORAMA ALVAC.ppt
[23/05/2007 12:14|--a------|262656] G:\afficherencontre.doc
[22/06/2006 17:29|--a------|27648] G:\Bilan des Rencontres des ‚lus de CE.doc
[13/02/2009 15:29|--a------|588288] G:\cin‚ma08.xls
[12/06/2009 09:00|--a------|200704] G:\cin‚ma09.xls
[27/07/2007 17:49|--a------|480] G:\ISO2.nri
[21/08/2006 15:10|--a------|77824] G:\Reinitialisation_Vues_C_Huit.Fep
[17/07/2009 18:04|--a------|6424] G:\Sauvegarde 17juillet09.nri
[10/07/1995 16:25|--a------|4363] G:\SeqTexte.ini
[18/01/2007 17:20|--a------|4687] G:\SeqTexte.ini.TXT
[24/01/2008 18:19|--a------|177707] G:\visuel08.pdf
[25/11/2008 16:33|--a------|2419511] G:\visuel09.pdf
[21/07/2000 10:06|--a------|36864] I:\Aboutn.dll
[09/04/2003 11:22|---------|354] I:\Aboutn.ini
[18/10/2000 13:47|--a------|32768] I:\AcmConv.dll
[11/04/2003 15:14|---------|270776] I:\Admin.bmp
[21/08/2000 13:34|--a------|1856] I:\ADMIN.CNV
[29/04/2003 15:25|--a------|978944] I:\admin.exe
[10/02/2000 15:40|--a------|305] I:\Admin.reg
[05/05/1998 01:10|--a------|470] I:\alphapg1.wph
[05/05/1998 01:10|--a------|470] I:\alphapg4.wph
[04/05/1998 01:10|--a------|470] I:\Alphapg8.wph
[27/06/2006 11:33|--a------|462605] I:\ANNUAIREWS.dbf
[03/04/2006 13:46|--a------|480] I:\ANNUAIREWS.pkg
[25/07/2006 08:30|--a------|122848] I:\ANNUAIREWS.pkx
[14/12/2000 15:17|--a------|73728] I:\Answer.dll
[28/02/2002 15:14|--a------|221184] I:\AppLic.dll
[14/12/2001 10:51|--a------|188416] I:\AppLic2.dll
[20/04/2005 13:42|--a------|0] I:\AUTORUN.728
[10/11/1999 02:11|--a------|539] I:\BouygMin.wph
[15/02/2000 10:51|--a------|325070] I:\BROOK.PAC
[16/06/1999 16:52|--a------|227840] I:\BTDLLD.DLL
[10/02/2000 12:12|--a------|20480] I:\BVRP98.dll
[18/03/2002 15:02|--a------|262144] I:\BVRPArc.dll
[06/02/2002 17:49|--a------|196608] I:\BVRPCTLn.dll
[06/07/1999 17:07|--a------|167936] I:\BVRPfc.dll
[19/10/2001 08:58|--a------|57405] I:\BVRPNac.dll
[24/01/2001 16:35|--a------|36864] I:\BVRPNet.dll
[02/01/2002 13:48|--a------|81920] I:\BvrpWd.wll
[04/07/2000 12:19|--a------|71936] I:\BVRPWF.DRV
[25/09/2002 10:16|---------|36864] I:\CaptureAuto.exe
[16/10/2002 09:57|---------|2274581] I:\CaptureFax.exe
[30/01/2006 17:15|--a------|1091] I:\CE 2006.dbf
[01/02/2006 15:48|--a------|288] I:\CE 2006.pkg
[27/03/2006 16:05|--a------|288] I:\CE 2006.pkx
[24/12/1998 10:34|--a------|256] I:\ChaERMES.inf
[05/06/1998 15:58|--a------|256] I:\CharSMF3.inf
[17/03/1998 01:10|--a------|256] I:\CHARTAP0.INF
[12/01/2000 19:23|--a------|40960] I:\CnfRep.dll
[02/01/2002 14:55|--a------|77824] I:\CoBvrpWd.dll
[17/01/1997 04:00|--a------|76288] I:\COLOR32.DLL
[15/09/2005 14:11|--a------|896] I:\COMLINES.DAT
[18/10/2000 13:49|--a------|28672] I:\ComLines.dll
[16/11/2009 09:46|--a------|640] I:\ConfIP.bin
[01/02/2000 12:11|--a------|3476] I:\country.ini
[20/07/2000 18:52|--a------|45056] I:\Cvs2pgfn.dll
[30/05/2000 10:16|--a------|40960] I:\Cvsedit.dll
[10/12/2001 17:47|--a------|225539] I:\Cvsedit.exe
[20/04/2005 13:42|--a------|22755] I:\DeIsL1.isu
[02/03/1998 04:00|--a------|31232] I:\Dfansin.dll
[20/06/1996 04:00|--a------|31232] I:\Dfasciin.dll
[20/06/1996 04:00|--a------|31232] I:\Dfasctyn.dll
[03/03/1998 04:00|--a------|48640] I:\dfpgf2n.dll
[20/10/1999 15:36|--a------|24576] I:\Dgcatn.dll
[04/04/2000 10:27|--a------|49152] I:\Dgccittn.dll
[18/06/1996 04:00|--a------|20480] I:\Dgmrgn.dll
[18/06/1996 04:00|--a------|18944] I:\Dgred8.dll
[07/03/2000 15:43|--a------|36864] I:\Dgubmpn.dll
[07/03/2000 15:43|--a------|40960] I:\Dguconvn.dll
[07/03/2000 15:43|--a------|36864] I:\Dgugifn.dll
[07/03/2000 15:43|--a------|65536] I:\Dgujpegn.dll
[07/03/2000 15:43|--a------|36864] I:\Dgupcxn.dll
[29/04/2003 16:47|--a------|65536] I:\dgutiffn.dll
[09/11/2000 19:06|--a------|45056] I:\DocBase.dll
[18/10/2000 13:50|--a------|32768] I:\DocLib.dll
[13/12/2000 15:21|--a------|53248] I:\DrawBt.dll
[04/02/1999 17:29|--a------|295] I:\EasyScAl.wph
[04/02/1999 17:29|--a------|295] I:\EasyScNu.wph
[12/03/2002 14:58|--a------|196608] I:\editscn.exe
[14/04/1998 04:00|--a------|51712] I:\erareg.dll
[13/07/1995 04:00|--a------|26112] I:\Erbfaxbv.dll
[13/07/1995 04:00|--a------|25600] I:\Erifile.dll
[14/11/1997 04:00|--a------|64512] I:\Erlexic.dll
[14/11/1997 04:00|--a------|57344] I:\Erneye.dll
[04/07/1995 04:00|--a------|861246] I:\ERNPCR.EZN
[14/11/1997 04:00|--a------|294400] I:\Erpcr.dll
[21/12/1998 18:16|--a------|379] I:\EsAERMES.wph
[09/10/2000 17:56|--a------|32768] I:\exchange.dll
[14/10/1998 01:10|--a------|489] I:\Expresso.wph
[14/05/1996 04:00|--a------|512] I:\ezrcls.rco
[20/03/2002 17:48|--a------|4878] I:\FAX0010.CMD
[15/09/2005 14:11|--a------|512] I:\FAX0010.CNF
[16/11/2009 09:46|--a------|640] I:\fax0mid.mid
[27/03/2006 14:54|--a------|1091] I:\FICHIER 2006.dbf
[27/03/2006 14:54|--a------|288] I:\FICHIER 2006.pkg
[27/03/2006 14:57|--a------|288] I:\FICHIER 2006.pkx
[13/01/2000 16:51|--a------|73677] I:\Garantie.cvs
[14/06/1997 04:00|--a------|67072] I:\graphcnv.dll
[04/02/2002 13:32|--a------|120] I:\ifax.inf
[19/02/2007 15:44|--a------|143360] I:\INFOFAX 07.doc
[08/03/2007 18:32|--a------|115712] I:\infofax10.doc
[10/12/2001 17:47|--a------|41219] I:\inssuitecmd.exe
[11/10/2002 14:39|---------|53248] I:\InstalForm.exe
[13/06/2006 09:19|---------|9336520] I:\Install_MSN_Messenger.EXE
[11/02/2002 11:13|--a------|204800] I:\internet.dll
[20/02/1997 04:00|--a------|128000] I:\Jpeg32.dll
[03/12/1998 01:10|--a------|392] I:\kobbyt.wph
[29/10/1996 00:21|--a------|10752] I:\libd42mt.dll
[27/03/1997 00:21|--a------|147456] I:\libdtimt.dll
[28/05/1997 00:21|--a------|135680] I:\libdxxmt.dll
[28/05/1997 00:21|--a------|62976] I:\libfaxmt.dll
[14/04/1997 00:21|--a------|43520] I:\libsrlmt.dll
[15/04/2003 08:57|---------|3921431] I:\Lisezmoi.rtf
[15/04/2003 09:22|---------|18855] I:\Lisezmoi702.rtf
[31/01/2002 14:11|--a------|69632] I:\mailcomm.dll
[19/03/2002 13:33|--a------|266240] I:\MailKrnl.dll
[27/10/2000 16:37|--a------|118784] I:\Messages.dll
[03/11/1999 16:51|--a------|2477] I:\Messages.inf
[01/12/1999 11:53|--a------|53248] I:\Mincomm1.dll
[01/12/1999 11:54|--a------|73728] I:\mincomm2.dll
[05/05/1998 01:10|--a------|422] I:\MinitFT1.wph
[30/04/1998 01:10|--a------|589] I:\minitFT2.wph
[05/07/1999 01:10|--a------|590] I:\MinitFT3.wph
[10/06/1998 01:10|--a------|581] I:\minitSFR.wph
[21/03/2002 10:52|--a------|944709] I:\Modems.pac
[18/10/2000 13:52|--a------|32768] I:\MsgVocal.dll
[15/05/1998 04:00|--a------|119384] I:\NOTIFY.WAV
[13/11/1996 04:00|--a------|2795] I:\NTPRINT.INF
[04/06/1998 16:21|--a------|257] I:\NumSMF3.inf
[14/02/2002 18:19|--a------|36923] I:\OLRegist.dll
[30/01/2002 09:55|--a------|15207] I:\olregist.mht
[27/02/2006 09:49|--a------|536] I:\onreg.ini
[07/06/2000 09:44|--a------|31153] I:\ope.inf
[14/04/2000 15:45|--a------|362] I:\Orange.wph
[07/04/2000 22:31|--a------|32768] I:\Pager.dll
[16/11/2009 09:45|--a------|482] I:\PARAMS.INI
[01/02/2000 16:52|--a------|98304] I:\PbkFile.dll
[13/12/2001 23:19|--a------|61699] I:\PbkUtil.exe
[18/10/2000 13:53|--a------|45056] I:\Pcmes.dll
[02/03/2000 10:38|--a------|28672] I:\PcmFmt.dll
[08/09/1999 13:48|--a------|3595] I:\PcmFmt.inf
[18/10/2000 14:00|--a------|86016] I:\PcmWav.dll
[01/02/2006 15:53|--a------|2548] I:\PHONEBK.ECH
[13/12/2001 23:19|--a------|618755] I:\Phonebk.exe
[09/12/1999 14:25|--a------|3840] I:\PrivScvEmVoc.scv
[08/09/1999 10:58|--a------|49152] I:\Prpgf2n.dll
[18/06/1996 04:00|--a------|23552] I:\Redfaxn.dll
[04/06/1996 04:00|--a------|18944] I:\REGISTER.DLL
[07/02/1997 04:00|--a------|121344] I:\ROUTDLL.DLL
[25/07/2006 08:33|--a------|8] I:\RTNUMEMI.DAT
[25/07/2006 08:33|--a------|5] I:\RTREFREQ.DAT
[17/11/1994 04:00|--a------|2084] I:\SCANSET.INF
[09/12/1999 14:26|--a------|3840] I:\ScvEmVoc.scv
[18/10/2000 13:56|--a------|28672] I:\ScvLib.dll
[02/11/2000 11:30|--a------|167936] I:\ScvRes.dll
[16/11/2009 09:46|--a------|90] I:\SelfMode.ini
[14/02/2002 14:06|--a------|45315] I:\SendComm.exe
[09/04/2003 10:34|---------|45056] I:\SendFax.exe
[23/04/2003 16:14|---------|290816] I:\Server.exe
[16/11/2009 09:45|--a------|431] I:\server.log
[16/11/2009 09:45|--a------|0] I:\SERVER.LX
[15/05/1998 04:00|--a------|80856] I:\ServerOut.wav
[17/09/1998 04:00|--a------|40960] I:\Sff.dll
[02/12/1997 04:00|--a------|16] I:\SgWph.dat
[13/03/2002 09:37|--a------|94208] I:\SmtpPop3.exe
[11/05/2000 14:25|--a------|20480] I:\specialcom.dll
[13/12/2001 23:18|--a------|176387] I:\StatProg.exe
[07/12/1998 01:10|--a------|84] I:\tabexpresso.inf
[01/09/1998 01:10|--a------|93] I:\tabgsm.inf
[08/09/1998 01:10|--a------|89] I:\tabgsmbouyg.inf
[04/12/1998 01:10|--a------|82] I:\tabkobby.inf
[07/12/1998 01:10|--a------|87] I:\tabtatoo.inf
[13/03/1998 01:10|--a------|103] I:\Tap.wph
[07/12/1998 01:10|--a------|494] I:\tatoomin.wph
[13/11/1994 04:00|--a------|9472] I:\TGRED1_8.DLL
[16/11/2009 09:46|--a------|87] I:\ThreadId.ini
[05/11/2009 17:39|--ahs----|9216] I:\Thumbs.db
[04/08/1997 04:00|--a------|52224] I:\Tiff_t31.dll
[07/10/1999 14:53|--a------|49152] I:\Twscn.dll
[23/09/1999 11:35|--a------|81920] I:\TxtToPgf.dll
[06/10/1999 04:00|--a------|127] I:\Txttopgf.ini
[10/09/1999 01:10|--a------|399] I:\UCP.wph
[21/08/2000 13:34|--a------|1856] I:\Uniconv.cnv
[01/12/1999 15:38|--a------|126976] I:\Uniconv.dll
[18/01/2002 10:02|--a------|61440] I:\uninst2.dll
[20/04/2005 13:49|--a------|896] I:\USERS.DAT
[27/09/2001 18:57|--a------|73728] I:\UsRecall.dll
[13/12/2001 23:19|--a------|35587] I:\Visubin.exe
[10/06/1999 01:10|--a------|346] I:\VODAFONE.wph
[18/10/2000 13:57|--a------|28672] I:\VoiceCfg.dll
[11/08/1999 12:01|--a------|81] I:\VOICECFG.INI
[27/10/2000 16:40|--a------|221184] I:\VoiceRes.dll
[18/10/2000 13:58|--a------|49152] I:\VoiceUpd.dll
[29/11/2000 15:00|--a------|53248] I:\VoicPlay.dll
[11/08/1999 10:59|--a------|35] I:\VOICPLAY.INI
[18/10/2000 13:59|--a------|32768] I:\Waves.dll
[05/02/1997 04:00|--a------|79872] I:\Wdpacn.dll
[15/09/2005 14:11|--a------|132] I:\WFCOM.DAT
[11/12/2001 19:35|--a------|102659] I:\Wfcom.exe
[11/12/2009 10:16|--a------|856] I:\wfcom.ini
[15/09/2005 14:11|--a------|4] I:\WFCOM.TEL
[10/12/2001 14:54|--a------|69632] I:\wfcomrc.dll
[12/11/1998 02:11|--a------|82944] I:\wfgsm.dll
[14/12/2001 10:49|--a------|65795] I:\Wfmacro.exe
[12/10/2001 13:21|--a------|428] I:\wfmacros.ini
[11/12/2001 15:08|--a------|110592] I:\WFP1N.dll
[07/12/2001 17:08|--a------|786432] I:\wfp2n.dll
[13/12/2001 23:19|--a------|69891] I:\WFXREGISTER.exe
[11/02/2000 11:46|--a------|136] I:\wfxregister.ini
[06/12/1999 14:38|--a------|322] I:\Wfxregister.txt
[30/05/2000 09:35|--a------|40960] I:\Wgedit.dll
[10/12/2001 17:47|--a------|270595] I:\Wgedit.exe
[19/09/2000 14:18|--a------|114688] I:\WhConfig.dll
[02/03/2006 09:25|--a------|4723] I:\WHCONFIG.INI
[04/10/2001 10:08|--a------|57344] I:\Wincaps.dll
[21/03/2002 11:06|--a------|100480] I:\WMODEMS.DAT
[15/09/2005 14:11|--a------|130672] I:\WMODEMS.NEW
[01/12/1999 19:15|--a------|28672] I:\WPhServices.exe
[20/04/2005 13:41|--a------|99] I:\WPhSrv.pdf
[22/04/2003 15:39|--a------|1920] I:\WPSCMDEX.CNV
[22/04/2003 15:39|--a------|1920] I:\WSMAILER.CNV
[28/11/2000 16:41|--a------|69632] I:\WSMAILER.dll
[22/04/2003 15:39|--a------|1920] I:\WSMAILERCFG.CNV
[13/12/2001 23:19|--a------|217347] I:\WSMAILERCFG.exe
[11/04/2003 15:14|---------|270776] I:\Wstation.bmp
[22/04/2003 15:39|--a------|1920] I:\WSTATION.CNV
[29/04/2003 15:05|--a------|1155072] I:\WSTATION.exe
[05/02/1997 04:00|--a------|96768] I:\WunPacLn.dll
[09/05/1996 04:00|--a------|74752] I:\Wunpacn.dll
[13/12/2001 23:19|--a------|65795] I:\XView.exe
[16/07/2009 09:34|--ahs----|39936] J:\Thumbs.db
[16/12/2009 13:38|--a------|20992] J:\YELLOWJOURNAL.doc
[09/10/2001 14:39|--a------|4608] P:\CHRISTINE.jwl
[14/09/2004 11:12|--a------|871936] P:\CINE2002.XLS
[14/09/2004 11:12|--a------|879104] P:\CINE20021.XLS
[31/01/2002 10:05|--a------|704512] P:\Proc‚dure de copie sur CDROM.doc
[14/06/2007 10:07|--a------|297] P:\Raccourci vers wfxreseau sur 'Serveur' (I).lnk
[14/09/2004 11:03|--a------|38400] P:\SAISON CULTURELLE 2004.doc

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.
# I:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
# P:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\CRAULT~1.ALV\Bureau\UsbFix_Upload_Me_ALVAC.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
0
Réponse 13 / 22
Luxia29 Messages postés 14 Statut Membre
 
############################## | UsbFix V6.064 |

User : c.rault (Administrateurs) # CIG16419
Update on 16/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:18:43 | 16/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 70,61 Go (56,3 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible # 7,45 Go (7,38 Go free) [HP v125w] # FAT32
G:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
H:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
I:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
J:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS
P:\ -> Connexion réseau # 26,1 Go (6,28 Go free) [data] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 452
C:\WINDOWS\system32\csrss.exe 500
C:\WINDOWS\system32\winlogon.exe 528
C:\WINDOWS\system32\services.exe 576
C:\WINDOWS\system32\lsass.exe 588
C:\WINDOWS\system32\svchost.exe 780
C:\WINDOWS\system32\svchost.exe 856
C:\WINDOWS\System32\svchost.exe 928
C:\WINDOWS\System32\svchost.exe 1024
C:\WINDOWS\System32\svchost.exe 1080
C:\WINDOWS\system32\brsvc01a.exe 1176
C:\WINDOWS\system32\spoolsv.exe 1204
C:\WINDOWS\system32\brss01a.exe 1248
C:\WINDOWS\System32\svchost.exe 1504
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe 1588
C:\Program Files\CA\eTrust Antivirus\InoRT.exe 1616
C:\Program Files\CA\eTrust Antivirus\InoTask.exe 1684
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe 1744
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe 1980
C:\WINDOWS\system32\nvsvc32.exe 2024
C:\WINDOWS\System32\svchost.exe 168
C:\Program Files\UltraVNC\WinVNC.exe 264
C:\WINDOWS\system32\wuauclt.exe 416
C:\WINDOWS\system32\userinit.exe 484
C:\WINDOWS\Explorer.EXE 812
C:\WINDOWS\system32\wbem\wmiprvse.exe 1320
C:\WINDOWS\System32\alg.exe 1552
C:\Program Files\UltraVNC\WinVNC.exe 2352
C:\WINDOWS\system32\userinit.exe 2392

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\WINDOWS\Temp\a.dat
Supprimé ! C:\DOCUME~1\CRAULT~1.ALV\LOCALS~1\Temp\a.dat
Supprimé ! C:\Recycler\S-1-5-21-1715567821-2077806209-725345543-1003
Supprimé ! C:\Recycler\S-1-5-21-1757981266-854245398-682003330-1118
Supprimé ! I:\Install\install.exe
Non supprimé ! I:\server.exe

################## | Registre # Clés infectieuses |

Supprimé ! [HKCU\SOFTWARE\XML]
Supprimé ! [HKCU\SOFTWARE\ZagrebLand]
Supprimé ! [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "c.rault"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{28b68cfa-df1a-11de-8f31-0015f25b9260}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{58773645-b300-11dd-80c8-806d6172696f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{58773646-b300-11dd-80c8-806d6172696f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8f5cbeb8-3aee-11de-8ea2-0015f25b9260}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[13/11/2008 13:59|--a------|0] C:\AUTOEXEC.BAT
[14/11/2008 09:11|-rahs----|212] C:\boot.ini
[28/09/2001 13:00|-rahs----|4952] C:\Bootfont.bin
[13/11/2008 13:59|--a------|0] C:\CONFIG.SYS
[13/11/2008 13:59|-rahs----|0] C:\IO.SYS
[13/11/2008 13:59|-rahs----|0] C:\MSDOS.SYS
[14/11/2008 09:08|-rahs----|47564] C:\NTDETECT.COM
[14/11/2008 09:25|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[16/12/2009 16:26|--a------|3753] C:\UsbFix.txt
[08/12/2009 15:05|--a------|398848] E:\partenairefinistre09.xls
[15/12/2009 10:36|--a------|20992] E:\ACTION PROFESSIONNELLE.doc
[16/12/2009 12:43|--a------|23552] E:\Document 2.doc
[16/12/2009 15:47|--a------|49664] E:\Rapport de stage.doc
[15/12/2009 11:55|--a------|26112] E:\FICHE DESCRIPTIVE.doc
[15/12/2009 12:48|--a------|26112] E:\REUNION SUR LE CESU.doc
[15/12/2009 13:54|--a------|4499] E:\attestation_de_stage[1].pdf
[04/03/2008 14:23|--a------|17625600] E:\DIAPORAMA ALVAC.ppt
[23/05/2007 12:14|--a------|262656] G:\afficherencontre.doc
[22/06/2006 17:29|--a------|27648] G:\Bilan des Rencontres des ‚lus de CE.doc
[13/02/2009 15:29|--a------|588288] G:\cin‚ma08.xls
[12/06/2009 09:00|--a------|200704] G:\cin‚ma09.xls
[27/07/2007 17:49|--a------|480] G:\ISO2.nri
[21/08/2006 15:10|--a------|77824] G:\Reinitialisation_Vues_C_Huit.Fep
[17/07/2009 18:04|--a------|6424] G:\Sauvegarde 17juillet09.nri
[10/07/1995 16:25|--a------|4363] G:\SeqTexte.ini
[18/01/2007 17:20|--a------|4687] G:\SeqTexte.ini.TXT
[24/01/2008 18:19|--a------|177707] G:\visuel08.pdf
[25/11/2008 16:33|--a------|2419511] G:\visuel09.pdf
[21/07/2000 10:06|--a------|36864] I:\Aboutn.dll
[09/04/2003 11:22|---------|354] I:\Aboutn.ini
[18/10/2000 13:47|--a------|32768] I:\AcmConv.dll
[11/04/2003 15:14|---------|270776] I:\Admin.bmp
[21/08/2000 13:34|--a------|1856] I:\ADMIN.CNV
[29/04/2003 15:25|--a------|978944] I:\admin.exe
[10/02/2000 15:40|--a------|305] I:\Admin.reg
[05/05/1998 01:10|--a------|470] I:\alphapg1.wph
[05/05/1998 01:10|--a------|470] I:\alphapg4.wph
[04/05/1998 01:10|--a------|470] I:\Alphapg8.wph
[27/06/2006 11:33|--a------|462605] I:\ANNUAIREWS.dbf
[03/04/2006 13:46|--a------|480] I:\ANNUAIREWS.pkg
[25/07/2006 08:30|--a------|122848] I:\ANNUAIREWS.pkx
[14/12/2000 15:17|--a------|73728] I:\Answer.dll
[28/02/2002 15:14|--a------|221184] I:\AppLic.dll
[14/12/2001 10:51|--a------|188416] I:\AppLic2.dll
[20/04/2005 13:42|--a------|0] I:\AUTORUN.728
[10/11/1999 02:11|--a------|539] I:\BouygMin.wph
[15/02/2000 10:51|--a------|325070] I:\BROOK.PAC
[16/06/1999 16:52|--a------|227840] I:\BTDLLD.DLL
[10/02/2000 12:12|--a------|20480] I:\BVRP98.dll
[18/03/2002 15:02|--a------|262144] I:\BVRPArc.dll
[06/02/2002 17:49|--a------|196608] I:\BVRPCTLn.dll
[06/07/1999 17:07|--a------|167936] I:\BVRPfc.dll
[19/10/2001 08:58|--a------|57405] I:\BVRPNac.dll
[24/01/2001 16:35|--a------|36864] I:\BVRPNet.dll
[02/01/2002 13:48|--a------|81920] I:\BvrpWd.wll
[04/07/2000 12:19|--a------|71936] I:\BVRPWF.DRV
[25/09/2002 10:16|---------|36864] I:\CaptureAuto.exe
[16/10/2002 09:57|---------|2274581] I:\CaptureFax.exe
[30/01/2006 17:15|--a------|1091] I:\CE 2006.dbf
[01/02/2006 15:48|--a------|288] I:\CE 2006.pkg
[27/03/2006 16:05|--a------|288] I:\CE 2006.pkx
[24/12/1998 10:34|--a------|256] I:\ChaERMES.inf
[05/06/1998 15:58|--a------|256] I:\CharSMF3.inf
[17/03/1998 01:10|--a------|256] I:\CHARTAP0.INF
[12/01/2000 19:23|--a------|40960] I:\CnfRep.dll
[02/01/2002 14:55|--a------|77824] I:\CoBvrpWd.dll
[17/01/1997 04:00|--a------|76288] I:\COLOR32.DLL
[15/09/2005 14:11|--a------|896] I:\COMLINES.DAT
[18/10/2000 13:49|--a------|28672] I:\ComLines.dll
[16/11/2009 09:46|--a------|640] I:\ConfIP.bin
[01/02/2000 12:11|--a------|3476] I:\country.ini
[20/07/2000 18:52|--a------|45056] I:\Cvs2pgfn.dll
[30/05/2000 10:16|--a------|40960] I:\Cvsedit.dll
[10/12/2001 17:47|--a------|225539] I:\Cvsedit.exe
[20/04/2005 13:42|--a------|22755] I:\DeIsL1.isu
[02/03/1998 04:00|--a------|31232] I:\Dfansin.dll
[20/06/1996 04:00|--a------|31232] I:\Dfasciin.dll
[20/06/1996 04:00|--a------|31232] I:\Dfasctyn.dll
[03/03/1998 04:00|--a------|48640] I:\dfpgf2n.dll
[20/10/1999 15:36|--a------|24576] I:\Dgcatn.dll
[04/04/2000 10:27|--a------|49152] I:\Dgccittn.dll
[18/06/1996 04:00|--a------|20480] I:\Dgmrgn.dll
[18/06/1996 04:00|--a------|18944] I:\Dgred8.dll
[07/03/2000 15:43|--a------|36864] I:\Dgubmpn.dll
[07/03/2000 15:43|--a------|40960] I:\Dguconvn.dll
[07/03/2000 15:43|--a------|36864] I:\Dgugifn.dll
[07/03/2000 15:43|--a------|65536] I:\Dgujpegn.dll
[07/03/2000 15:43|--a------|36864] I:\Dgupcxn.dll
[29/04/2003 16:47|--a------|65536] I:\dgutiffn.dll
[09/11/2000 19:06|--a------|45056] I:\DocBase.dll
[18/10/2000 13:50|--a------|32768] I:\DocLib.dll
[13/12/2000 15:21|--a------|53248] I:\DrawBt.dll
[04/02/1999 17:29|--a------|295] I:\EasyScAl.wph
[04/02/1999 17:29|--a------|295] I:\EasyScNu.wph
[12/03/2002 14:58|--a------|196608] I:\editscn.exe
[14/04/1998 04:00|--a------|51712] I:\erareg.dll
[13/07/1995 04:00|--a------|26112] I:\Erbfaxbv.dll
[13/07/1995 04:00|--a------|25600] I:\Erifile.dll
[14/11/1997 04:00|--a------|64512] I:\Erlexic.dll
[14/11/1997 04:00|--a------|57344] I:\Erneye.dll
[04/07/1995 04:00|--a------|861246] I:\ERNPCR.EZN
[14/11/1997 04:00|--a------|294400] I:\Erpcr.dll
[21/12/1998 18:16|--a------|379] I:\EsAERMES.wph
[09/10/2000 17:56|--a------|32768] I:\exchange.dll
[14/10/1998 01:10|--a------|489] I:\Expresso.wph
[14/05/1996 04:00|--a------|512] I:\ezrcls.rco
[20/03/2002 17:48|--a------|4878] I:\FAX0010.CMD
[15/09/2005 14:11|--a------|512] I:\FAX0010.CNF
[16/11/2009 09:46|--a------|640] I:\fax0mid.mid
[27/03/2006 14:54|--a------|1091] I:\FICHIER 2006.dbf
[27/03/2006 14:54|--a------|288] I:\FICHIER 2006.pkg
[27/03/2006 14:57|--a------|288] I:\FICHIER 2006.pkx
[13/01/2000 16:51|--a------|73677] I:\Garantie.cvs
[14/06/1997 04:00|--a------|67072] I:\graphcnv.dll
[04/02/2002 13:32|--a------|120] I:\ifax.inf
[19/02/2007 15:44|--a------|143360] I:\INFOFAX 07.doc
[08/03/2007 18:32|--a------|115712] I:\infofax10.doc
[10/12/2001 17:47|--a------|41219] I:\inssuitecmd.exe
[11/10/2002 14:39|---------|53248] I:\InstalForm.exe
[13/06/2006 09:19|---------|9336520] I:\Install_MSN_Messenger.EXE
[11/02/2002 11:13|--a------|204800] I:\internet.dll
[20/02/1997 04:00|--a------|128000] I:\Jpeg32.dll
[03/12/1998 01:10|--a------|392] I:\kobbyt.wph
[29/10/1996 00:21|--a------|10752] I:\libd42mt.dll
[27/03/1997 00:21|--a------|147456] I:\libdtimt.dll
[28/05/1997 00:21|--a------|135680] I:\libdxxmt.dll
[28/05/1997 00:21|--a------|62976] I:\libfaxmt.dll
[14/04/1997 00:21|--a------|43520] I:\libsrlmt.dll
[15/04/2003 08:57|---------|3921431] I:\Lisezmoi.rtf
[15/04/2003 09:22|---------|18855] I:\Lisezmoi702.rtf
[31/01/2002 14:11|--a------|69632] I:\mailcomm.dll
[19/03/2002 13:33|--a------|266240] I:\MailKrnl.dll
[27/10/2000 16:37|--a------|118784] I:\Messages.dll
[03/11/1999 16:51|--a------|2477] I:\Messages.inf
[01/12/1999 11:53|--a------|53248] I:\Mincomm1.dll
[01/12/1999 11:54|--a------|73728] I:\mincomm2.dll
[05/05/1998 01:10|--a------|422] I:\MinitFT1.wph
[30/04/1998 01:10|--a------|589] I:\minitFT2.wph
[05/07/1999 01:10|--a------|590] I:\MinitFT3.wph
[10/06/1998 01:10|--a------|581] I:\minitSFR.wph
[21/03/2002 10:52|--a------|944709] I:\Modems.pac
[18/10/2000 13:52|--a------|32768] I:\MsgVocal.dll
[15/05/1998 04:00|--a------|119384] I:\NOTIFY.WAV
[13/11/1996 04:00|--a------|2795] I:\NTPRINT.INF
[04/06/1998 16:21|--a------|257] I:\NumSMF3.inf
[14/02/2002 18:19|--a------|36923] I:\OLRegist.dll
[30/01/2002 09:55|--a------|15207] I:\olregist.mht
[27/02/2006 09:49|--a------|536] I:\onreg.ini
[07/06/2000 09:44|--a------|31153] I:\ope.inf
[14/04/2000 15:45|--a------|362] I:\Orange.wph
[07/04/2000 22:31|--a------|32768] I:\Pager.dll
[16/11/2009 09:45|--a------|482] I:\PARAMS.INI
[01/02/2000 16:52|--a------|98304] I:\PbkFile.dll
[13/12/2001 23:19|--a------|61699] I:\PbkUtil.exe
[18/10/2000 13:53|--a------|45056] I:\Pcmes.dll
[02/03/2000 10:38|--a------|28672] I:\PcmFmt.dll
[08/09/1999 13:48|--a------|3595] I:\PcmFmt.inf
[18/10/2000 14:00|--a------|86016] I:\PcmWav.dll
[01/02/2006 15:53|--a------|2548] I:\PHONEBK.ECH
[13/12/2001 23:19|--a------|618755] I:\Phonebk.exe
[09/12/1999 14:25|--a------|3840] I:\PrivScvEmVoc.scv
[08/09/1999 10:58|--a------|49152] I:\Prpgf2n.dll
[18/06/1996 04:00|--a------|23552] I:\Redfaxn.dll
[04/06/1996 04:00|--a------|18944] I:\REGISTER.DLL
[07/02/1997 04:00|--a------|121344] I:\ROUTDLL.DLL
[25/07/2006 08:33|--a------|8] I:\RTNUMEMI.DAT
[25/07/2006 08:33|--a------|5] I:\RTREFREQ.DAT
[17/11/1994 04:00|--a------|2084] I:\SCANSET.INF
[09/12/1999 14:26|--a------|3840] I:\ScvEmVoc.scv
[18/10/2000 13:56|--a------|28672] I:\ScvLib.dll
[02/11/2000 11:30|--a------|167936] I:\ScvRes.dll
[16/11/2009 09:46|--a------|90] I:\SelfMode.ini
[14/02/2002 14:06|--a------|45315] I:\SendComm.exe
[09/04/2003 10:34|---------|45056] I:\SendFax.exe
[23/04/2003 16:14|---------|290816] I:\Server.exe
[16/11/2009 09:45|--a------|431] I:\server.log
[16/11/2009 09:45|--a------|0] I:\SERVER.LX
[15/05/1998 04:00|--a------|80856] I:\ServerOut.wav
[17/09/1998 04:00|--a------|40960] I:\Sff.dll
[02/12/1997 04:00|--a------|16] I:\SgWph.dat
[13/03/2002 09:37|--a------|94208] I:\SmtpPop3.exe
[11/05/2000 14:25|--a------|20480] I:\specialcom.dll
[13/12/2001 23:18|--a------|176387] I:\StatProg.exe
[07/12/1998 01:10|--a------|84] I:\tabexpresso.inf
[01/09/1998 01:10|--a------|93] I:\tabgsm.inf
[08/09/1998 01:10|--a------|89] I:\tabgsmbouyg.inf
[04/12/1998 01:10|--a------|82] I:\tabkobby.inf
[07/12/1998 01:10|--a------|87] I:\tabtatoo.inf
[13/03/1998 01:10|--a------|103] I:\Tap.wph
[07/12/1998 01:10|--a------|494] I:\tatoomin.wph
[13/11/1994 04:00|--a------|9472] I:\TGRED1_8.DLL
[16/11/2009 09:46|--a------|87] I:\ThreadId.ini
[05/11/2009 17:39|--ahs----|9216] I:\Thumbs.db
[04/08/1997 04:00|--a------|52224] I:\Tiff_t31.dll
[07/10/1999 14:53|--a------|49152] I:\Twscn.dll
[23/09/1999 11:35|--a------|81920] I:\TxtToPgf.dll
[06/10/1999 04:00|--a------|127] I:\Txttopgf.ini
[10/09/1999 01:10|--a------|399] I:\UCP.wph
[21/08/2000 13:34|--a------|1856] I:\Uniconv.cnv
[01/12/1999 15:38|--a------|126976] I:\Uniconv.dll
[18/01/2002 10:02|--a------|61440] I:\uninst2.dll
[20/04/2005 13:49|--a------|896] I:\USERS.DAT
[27/09/2001 18:57|--a------|73728] I:\UsRecall.dll
[13/12/2001 23:19|--a------|35587] I:\Visubin.exe
[10/06/1999 01:10|--a------|346] I:\VODAFONE.wph
[18/10/2000 13:57|--a------|28672] I:\VoiceCfg.dll
[11/08/1999 12:01|--a------|81] I:\VOICECFG.INI
[27/10/2000 16:40|--a------|221184] I:\VoiceRes.dll
[18/10/2000 13:58|--a------|49152] I:\VoiceUpd.dll
[29/11/2000 15:00|--a------|53248] I:\VoicPlay.dll
[11/08/1999 10:59|--a------|35] I:\VOICPLAY.INI
[18/10/2000 13:59|--a------|32768] I:\Waves.dll
[05/02/1997 04:00|--a------|79872] I:\Wdpacn.dll
[15/09/2005 14:11|--a------|132] I:\WFCOM.DAT
[11/12/2001 19:35|--a------|102659] I:\Wfcom.exe
[11/12/2009 10:16|--a------|856] I:\wfcom.ini
[15/09/2005 14:11|--a------|4] I:\WFCOM.TEL
[10/12/2001 14:54|--a------|69632] I:\wfcomrc.dll
[12/11/1998 02:11|--a------|82944] I:\wfgsm.dll
[14/12/2001 10:49|--a------|65795] I:\Wfmacro.exe
[12/10/2001 13:21|--a------|428] I:\wfmacros.ini
[11/12/2001 15:08|--a------|110592] I:\WFP1N.dll
[07/12/2001 17:08|--a------|786432] I:\wfp2n.dll
[13/12/2001 23:19|--a------|69891] I:\WFXREGISTER.exe
[11/02/2000 11:46|--a------|136] I:\wfxregister.ini
[06/12/1999 14:38|--a------|322] I:\Wfxregister.txt
[30/05/2000 09:35|--a------|40960] I:\Wgedit.dll
[10/12/2001 17:47|--a------|270595] I:\Wgedit.exe
[19/09/2000 14:18|--a------|114688] I:\WhConfig.dll
[02/03/2006 09:25|--a------|4723] I:\WHCONFIG.INI
[04/10/2001 10:08|--a------|57344] I:\Wincaps.dll
[21/03/2002 11:06|--a------|100480] I:\WMODEMS.DAT
[15/09/2005 14:11|--a------|130672] I:\WMODEMS.NEW
[01/12/1999 19:15|--a------|28672] I:\WPhServices.exe
[20/04/2005 13:41|--a------|99] I:\WPhSrv.pdf
[22/04/2003 15:39|--a------|1920] I:\WPSCMDEX.CNV
[22/04/2003 15:39|--a------|1920] I:\WSMAILER.CNV
[28/11/2000 16:41|--a------|69632] I:\WSMAILER.dll
[22/04/2003 15:39|--a------|1920] I:\WSMAILERCFG.CNV
[13/12/2001 23:19|--a------|217347] I:\WSMAILERCFG.exe
[11/04/2003 15:14|---------|270776] I:\Wstation.bmp
[22/04/2003 15:39|--a------|1920] I:\WSTATION.CNV
[29/04/2003 15:05|--a------|1155072] I:\WSTATION.exe
[05/02/1997 04:00|--a------|96768] I:\WunPacLn.dll
[09/05/1996 04:00|--a------|74752] I:\Wunpacn.dll
[13/12/2001 23:19|--a------|65795] I:\XView.exe
[16/07/2009 09:34|--ahs----|39936] J:\Thumbs.db
[16/12/2009 13:38|--a------|20992] J:\YELLOWJOURNAL.doc
[09/10/2001 14:39|--a------|4608] P:\CHRISTINE.jwl
[14/09/2004 11:12|--a------|871936] P:\CINE2002.XLS
[14/09/2004 11:12|--a------|879104] P:\CINE20021.XLS
[31/01/2002 10:05|--a------|704512] P:\Proc‚dure de copie sur CDROM.doc
[14/06/2007 10:07|--a------|297] P:\Raccourci vers wfxreseau sur 'Serveur' (I).lnk
[14/09/2004 11:03|--a------|38400] P:\SAISON CULTURELLE 2004.doc

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# G:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.
# I:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
# P:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |


################## | Upload |
0
Réponse 14 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
Peux-tu maintenant faire malwarebytes comme post 5 maintenant ?
0
Réponse 15 / 22
Luxia29 Messages postés 14 Statut Membre
 
Oui ! Ca marche maintenant, je le fais tout de suite ! :)
Merci
0
Réponse 16 / 22
Luxia29 Messages postés 14 Statut Membre
 
J'aurai pas le temps de finir l'analyse aujourd'hui, je dois libérer le poste informatique !
Je continuerai demain !
Encore merci beaucoup !
0
Réponse 17 / 22
Luxia29 Messages postés 14 Statut Membre
 
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3379
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17/12/2009 10:27:15
mbam-log-2009-12-17 (10-27-12).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 212018
Temps écoulé: 44 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Videocan (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\C.RAULT.ALVAC\huces.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{73B805CC-2830-47BE-AA94-B6532C5C9198}\RP236\A0032135.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\C.RAULT.ALVAC\Bureau\Personal Security.lnk (Rogue.PSecurity) -> No action taken.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\C.RAULT.ALVAC\Local Settings\Temp\sshnas.dll (Trojan.FakeAlert) -> No action taken.
0
Réponse 18 / 22
Luxia29 Messages postés 14 Statut Membre
 
Je crois qu'il a été supprimé, il ne figure plus dans les programmes !
Merci beaucoup pour ton aide !
0
Réponse 19 / 22
Luxia29 Messages postés 14 Statut Membre
 
J'ai refait un scan avec SUPERantispyware, voilà le rapport :
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 12/17/2009 at 11:00 AM

Application Version : 4.31.1000

Core Rules Database Version : 4378
Trace Rules Database Version: 2217

Scan type : Complete Scan
Total Scan Time : 00:25:36

Memory items scanned : 453
Memory threats detected : 1
Registry items scanned : 4472
Registry threats detected : 0
File items scanned : 27371
File threats detected : 20

Rogue.XP AntiVirus/Resident
C:\PROGRAM FILES\PERSONALSEC\PSECURITY.EXE
C:\PROGRAM FILES\PERSONALSEC\PSECURITY.EXE
C:\WINDOWS\Prefetch\PSECURITY.EXE-24F79E0B.pf

Adware.Tracking Cookie
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@doubleclick[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@weborama[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@serving-sys[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ad.yieldmanager[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@virginmobile.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@tradedoubler[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bluestreak[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@smartadserver[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@bouyguestelecom.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@t.bbtrack[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@xiti[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@msnportal.112.2o7[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@atdmt[1].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@adtech[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@ttbmanutan.solution.weborama[2].txt
C:\Documents and Settings\C.RAULT.ALVAC\Cookies\c.rault@aimfar.solution.weborama[1].txt

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{73B805CC-2830-47BE-AA94-B6532C5C9198}\RP236\A0034281.EXE
0
Réponse 20 / 22
flo-91 Messages postés 5973 Statut Contributeur sécurité 1 120
 
Ok, :



/!\ Desactive ton antivirus le temps de la manip ainsi que ton parefeu et antispyware si présent /!\


> Télécharge List&Kill'em et enregistre le sur ton bureau ici :

http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.zip

> dezippe-le , (clic droit/ extraire.....)

Il ne necessite pas d'installation

>double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

>laisse travailler l'outil

>Poste le contenu du rapport qui s'ouvre
0

Discussions similaires

SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses
Security boot fail lors du démarrage
Steu -
NBK -

4 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse
Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses
Security Health Service qui pompe 25% de mon CPU
mimirte -
bazfile -

6 réponses