Sujet Précédent Sujet Suivant

Virus msn : photo myspace

remy -  
 cmarouf -
Bonjour,
je viens de recevoir un fichier nommé img9096_11.jpg-www.myspace.com.exe sur msn que j'ai malheureusement ouvert se qui a infecté mon pc et je n'arrive pas à enlever le virus.Pouvez vous m'aider ?
A voir également:

22 réponses

Précédent
  • 1
  • 2
Réponse 21 / 22
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-+-> ComboFix <-+-+-+-

[x] Télécharge ComboFix ( de sUBs ) à cette adresse.

[x] /!\ Fermez toutes les fenêtres de programme ouvertes /!\

[x] /!\ Désactivez toutes les protections résidentes ( Antivirus, Pare-Feu, AntiSpyware ) /!\

[x] Double clique sur " Combofix.exe "

[x] Suis les indications qui sont données à l'écran, à un moment tu auras un message te demandant d'installer la console de récupération, fais le

[x] Combofix va maintenant déconnecter ton PC d'internet

[x] Pendant le scan, ne touche à rien ( souris, clavier )

[x] A la fin du scan, le rapport s'ouvrira automatiquement, copie/colle le dans ton prochain message.

[o] Nb : Si jamais il ne s'ouvrait pas, il se trouve sous C:\Combofix.txt
0
Réponse 22 / 22
remy
 
ComboFix 09-12-22.03 - Rémy 23/12/2009 11:46:04.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.424 [GMT 1:00]
Lancé depuis: c:\documents and settings\Rémy\Mes documents\ComboFix.exe
AV: AntiVirus Firewall 8.01 *On-access scanning enabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: AntiVirus Firewall 8.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Daniel\Application Data\0200000056d1f0ec502C.manifest
c:\documents and settings\Daniel\Application Data\0200000056d1f0ec502O.manifest
c:\documents and settings\Daniel\Application Data\0200000056d1f0ec502P.manifest
c:\documents and settings\Daniel\Application Data\0200000056d1f0ec502S.manifest
c:\documents and settings\Sylvie\Application Data\0200000056d1f0ec502C.manifest
c:\documents and settings\Sylvie\Application Data\0200000056d1f0ec502O.manifest
c:\documents and settings\Sylvie\Application Data\0200000056d1f0ec502P.manifest
c:\documents and settings\Sylvie\Application Data\0200000056d1f0ec502S.manifest
c:\program files\Cheat Engine\dbk32.sys
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\windows\system32\1033g.exe
c:\windows\system32\2423476243.dat
c:\windows\system32\ibazedip.ini
c:\windows\system32\ibosahom.ini
c:\windows\system32\ilejuwaf.ini
c:\windows\system32\inezejes.ini
c:\windows\system32\kovihihi.exe
c:\windows\system32\okoseful.ini
c:\windows\system32\onumuriy.ini
c:\windows\system32\ovuvugod.ini
c:\windows\system32\ubokiher.ini
c:\windows\system32\upifezin.ini
c:\windows\system32\uvakusab.ini
c:\windows\system32\uvakusab.ini2
c:\windows\system32\vDfNnUvw.ini
c:\windows\system32\vDfNnUvw.ini2

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MDMSTISVC
-------\Service_MDMstisvc

((((((((((((((((((((((((((((( Fichiers créés du 2009-11-23 au 2009-12-23 ))))))))))))))))))))))))))))))))))))
.

2009-12-22 13:19 . 2009-12-22 13:19 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-12-20 17:20 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-20 17:20 . 2009-12-20 17:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-20 17:20 . 2009-12-20 17:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-20 17:20 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-20 13:49 . 2009-12-20 13:49 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-20 13:49 . 2009-12-22 13:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-20 11:34 . 2009-12-20 12:23 -------- d-----w- c:\program files\Ad-Remover
2009-12-20 11:20 . 2009-12-20 11:32 -------- d-----w- c:\program files\Navilog1
2009-12-20 11:08 . 2009-12-20 16:54 -------- d-----w- c:\program files\ZHPDiag
2009-12-19 18:59 . 2009-12-20 12:48 -------- d-----w- C:\UsbFix
2009-12-19 17:02 . 2009-12-19 17:02 -------- d-----w- c:\program files\MSNFix
2009-11-27 18:37 . 2009-11-27 18:37 -------- d-----w- c:\program files\LizardTech

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 11:01 . 2001-08-28 14:00 477838 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-23 11:01 . 2001-08-28 14:00 79808 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-23 10:50 . 2009-05-06 15:34 -------- d-----w- c:\program files\Cheat Engine
2009-12-22 18:35 . 2008-01-31 17:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-12-10 19:10 . 2008-06-05 18:38 -------- d-----w- c:\program files\Lexmark X1100 Series
2009-11-28 10:52 . 2009-01-12 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2009-11-28 10:52 . 2009-01-12 19:09 -------- d-----w- c:\program files\Fichiers communs\Autodesk Shared
2009-11-28 10:51 . 2009-03-25 20:07 -------- d-----w- c:\program files\backburner 2
2009-11-27 18:37 . 2007-07-26 08:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-25 15:52 . 2007-08-29 08:45 -------- d-----w- c:\program files\Java
2009-11-23 18:19 . 2009-08-14 08:37 -------- d-----w- c:\program files\Personal Media Manager
2009-11-23 17:21 . 2007-09-11 15:14 2608 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-23 17:21 . 2007-09-07 14:09 2496 ----a-w- c:\windows\system32\d3d8caps.dat
2009-11-22 15:05 . 2007-07-26 09:29 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-11-19 17:43 . 2009-09-16 19:47 -------- d-----w- c:\program files\Messenger Plus! Live
2009-11-11 19:13 . 2007-08-30 13:03 -------- d-----w- c:\program files\Picasa2
2009-11-10 13:40 . 2007-07-26 08:18 -------- d-----w- c:\documents and settings\Daniel\Application Data\vlc
2009-11-04 13:08 . 2009-01-09 16:38 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-03 19:00 . 2009-11-03 19:00 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-11-03 18:58 . 2008-03-06 16:59 -------- d-----w- c:\program files\Windows Live
2009-11-03 18:52 . 2009-01-09 16:27 -------- d-----w- c:\program files\Microsoft
2009-10-27 15:29 . 2009-10-06 12:16 -------- d-----w- c:\documents and settings\Daniel\Application Data\dvdcss
2009-10-11 03:17 . 2009-01-03 10:15 411368 ----a-w- c:\windows\system32\deploytk.dll
2005-10-26 10:48 . 2007-10-27 14:55 778 ----a-w- c:\program files\trial_setup52.ini
2005-10-26 10:48 . 2007-10-27 14:55 5031936 ----a-w- c:\program files\trial_setup52.msi
2005-10-26 10:48 . 2007-10-27 14:55 40448 ----a-w- c:\program files\trial_setup52.exe
2008-11-17 18:04 . 2008-11-17 18:03 0 --sha-w- c:\windows\system32\13.tmp
2008-11-14 20:45 . 2008-11-14 20:45 0 --sha-w- c:\windows\system32\3.tmp
2008-11-14 20:48 . 2008-11-14 20:45 0 --sha-w- c:\windows\system32\4.tmp
2009-05-04 13:51 . 2009-05-04 13:51 121 --sh--w- c:\windows\system32\onumuriy.tmp
1601-01-01 00:12 . 1601-01-01 00:12 1024 --sha-w- c:\windows\system32\pegoyoja.exe
.

------- Sigcheck -------

[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
[7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

c:\windows\System32\drivers\beep.sys ... manque !!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2008-03-20 216520]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-31 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Google Update"="c:\documents and settings\Rémy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-07-01 133104]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-19 247144]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-16 2002160]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeScanNT Monitor"="-HideWindow" [X]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-08-06 155648]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-12-30 20480]
"AdobeCS4ServiceManager"="c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"F-Secure Manager"="c:\program files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2008-12-04 182936]
"F-Secure TNB"="c:\program files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2008-12-04 957024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-12-30 169472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [29/04/2009 18:39 33920]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [29/04/2009 18:39 79872]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13/09/2008 10:47 716272]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Orange\AntivirusFirewall\HIPS\drivers\fshs.sys [29/04/2009 18:38 67808]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16/12/2009 16:26 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [16/12/2009 16:26 74480]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19/08/2009 16:37 92008]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [29/04/2009 18:37 107104]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe [29/04/2009 18:38 55904]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/12/2009 16:27 7408]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [29/12/2008 14:12 223232]
S3 Rcpielog;Rcpielog; [x]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Orange\AntivirusFirewall\Anti-Virus\win2k\fsfilter.sys [29/04/2009 18:37 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Orange\AntivirusFirewall\Anti-Virus\win2k\fsrec.sys [29/04/2009 18:37 25184]
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:8088
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL
TCP: {1EFA3804-14DA-4142-AA14-3A26EC670853} = 195.62.37.19,192.168.1.1
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Rémy\Application Data\Mozilla\Firefox\Profiles\31x22uts.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - c:\progra~1\MEGAUP~2\MEGAUP~1.DLL
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - c:\progra~1\MEGAUP~2\MEGAUP~1.DLL
HKCU-Run-WOOKIT - c:\program files\Wanadoo\GestMaj.exe
HKCU-Run-WINSOS VERIFY - c:\program files\Winsos\WINSOS.EXE
HKU-Default-Run-RoboForm - c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Notify-pmnllkKD - pmnllkKD.dll
AddRemove-CSO-DAX Compressor V0.37 - c:\documents and settings\Rémy\Mes documents\jeux\iso\cso-dax compressor v0.37\Uninstal.exe
AddRemove-Patch san andreas_is1 - c:\documents and settings\Rémy\Mes documents\Logiciel\gta\debug\Patch san andreas\unins000.exe
AddRemove-PSP Brew_is1 - c:\documents and settings\Rémy\Mes documents\Logiciel\PSP Brew\unins000.exe
AddRemove-PSPVideoExpress - c:\documents and settings\Rémy\Mes documents\Logiciel\psp video express\PSPVideoExpress\bt-uninst.exe
AddRemove-Tag&Rename_is1 - c:\documents and settings\Rémy\Mes documents\tag&rename\TagRename\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-23 11:59
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spcf.sys >>UNKNOWN [0x8678D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7873f28
\Driver\ACPI -> ACPI.sys @ 0xf76bfcb8
\Driver\atapi -> atapi.sys @ 0xf7665b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056c1d6
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056c1d6
NDIS: Connexion réseau Intel(R) PRO/100 -> SendCompleteHandler -> NDIS.SYS @ 0xf7543bb0
PacketIndicateHandler -> NDIS.SYS @ 0xf7550a21
SendHandler -> NDIS.SYS @ 0xf752e87b
user & kernel MBR OK

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Toolbar\QuickComplete]
@DACL=(02 0000)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\program files\Orange\AntivirusFirewall\FWES\Program\fsdc32.dll

- - - - - - - > 'lsass.exe'(768)
c:\program files\Orange\AntivirusFirewall\FSPS\program\FSLSP.DLL
c:\program files\Orange\AntivirusFirewall\FWES\Program\fsdc32.dll

- - - - - - - > 'explorer.exe'(3164)
c:\windows\system32\ieframe.dll
c:\windows\system32\eappprxy.dll

- - - - - - - > 'csrss.exe'(684)
c:\program files\Orange\AntivirusFirewall\FWES\Program\fsdc32.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
c:\program files\Orange\AntivirusFirewall\Common\FSMA32.EXE
c:\program files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Orange\AntivirusFirewall\Common\FSMB32.EXE
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Orange\AntivirusFirewall\Common\FCH32.EXE
c:\program files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
c:\program files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
c:\program files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
c:\program files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
c:\program files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
c:\program files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
c:\program files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
c:\windows\system32\wscntfy.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
.
**************************************************************************
.
Heure de fin: 2009-12-23 12:11:26 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-23 11:11

Avant-CF: 8 417 447 936 octets libres
Après-CF: 8 854 880 256 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

- - End Of File - - 737A793586CB32FBD0CC72C837CA34D2
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses