Virus sur mon ordi???
Résolu/Fermé
Utilisateur anonyme
-
19 juil. 2008 à 11:30
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 21 juil. 2008 à 18:10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 21 juil. 2008 à 18:10
A voir également:
- Virus sur mon ordi???
- Mon ordi rame que faire - Guide
- Comment reinitialiser un ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Youtu.be virus - Accueil - Guide virus
- Ordi ecran noir - Guide
9 réponses
Utilisateur anonyme
19 juil. 2008 à 11:43
19 juil. 2008 à 11:43
Salut,
Tout d'abord n'accepte pas ce que les fenetres te proposent. C'est un piège.
Il faut que tu télécharge un anti spyware, je te conseil celui là http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Ensuite comme anti virus j'te propose celui là https://www.avira.com/
Aprés tu les installes et tu fait une mise à jours et enfin tu scan ton pc.
J'attend de tes nouvels.
Tout d'abord n'accepte pas ce que les fenetres te proposent. C'est un piège.
Il faut que tu télécharge un anti spyware, je te conseil celui là http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Ensuite comme anti virus j'te propose celui là https://www.avira.com/
Aprés tu les installes et tu fait une mise à jours et enfin tu scan ton pc.
J'attend de tes nouvels.
bonjour
je me permet de repondre ici car j ai le meme virus detecté ce matin par avast. j ai passé un coup de spyboth mais rien n y fait. j ai lancé avast au demarage pareil. je suis en train de passer malwarebytes la on verra bien...
je vous tiens au courant
je me permet de repondre ici car j ai le meme virus detecté ce matin par avast. j ai passé un coup de spyboth mais rien n y fait. j ai lancé avast au demarage pareil. je suis en train de passer malwarebytes la on verra bien...
je vous tiens au courant
avast n est pas un bon antivirus pour toi? pourtant je n ai jamais eu de virus avant celui la depuis 2 ans
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 juil. 2008 à 14:03
21 juil. 2008 à 14:03
slt,
c'est effectivement une infection cette alerte! ne telecharge rien puis
scan ton ordi avec malwarebyte's , vire ce qui est trouvé et colle le rapport:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________
colle un rapport hijackthis et dis tes soucis actuels
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/downl(...)
manuel :
http://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.ht(...)
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
c'est effectivement une infection cette alerte! ne telecharge rien puis
scan ton ordi avec malwarebyte's , vire ce qui est trouvé et colle le rapport:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________
colle un rapport hijackthis et dis tes soucis actuels
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/downl(...)
manuel :
http://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.ht(...)
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici le rapport malwarebytes apres avoir supprimé ce qu ils me demandaient de supprimer
Malwarebytes' Anti-Malware 1.22
Version de la base de données: 972
Windows 5.1.2600 Service Pack 2
14:11:04 21/07/2008
mbam-log-7-21-2008 (14-11-04).txt
Type de recherche: Examen complet (C:\|D:\|H:\|I:\|)
Eléments examinés: 106316
Temps écoulé: 25 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
H:\WINDOWS\system32\iefilter.dll (Trojan.FakeAlert) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f65e955e-26c0-42ff-8ee2-443a05ea286a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f65e955e-26c0-42ff-8ee2-443a05ea286a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rotator.gizmo3 (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rotator.gizmo3.1 (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e015787-b1e3-404a-95de-3e71e1fa0305} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AdvRemoteDbg (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
H:\WINDOWS\system32\iefilter.dll (Trojan.BHO) -> Delete on reboot.
H:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
H:\WINDOWS\BM6f2a96c1.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
H:\WINDOWS\BM6f2a96c1.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
H:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
ensuite voici le rappoort hijackthis (renommé eden.exe)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13:18, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
H:\WINDOWS\SoftwareProtection\systemvital.exe
H:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
H:\WINDOWS\system32\devldr32.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\oodag.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Riberi Vincent\Bureau\eden.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - H:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0DECEBEE-4E1D-4225-B8A4-A0D9FB53A249} - H:\WINDOWS\system32\tuvSlmKC.dll (file missing)
O2 - BHO: (no name) - {26A67C8D-080B-48DC-B03D-F9BCE74CF165} - H:\WINDOWS\system32\qoMdDvWM.dll (file missing)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {78721777-CC6D-447E-82DA-69D51D4695A4} - H:\WINDOWS\system32\qoMFvstt.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - H:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {9E5415CD-3CD8-4BCB-B565-927D06152BD3} - H:\WINDOWS\system32\awtqqpOI.dll (file missing)
O2 - BHO: (no name) - {ACDD29BA-295A-4F17-98A2-E02059C2B008} - (no file)
O2 - BHO: (no name) - {B23D797F-9412-492E-BEB1-E412AEFDA0A0} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {c94acd62-8aac-47fd-9e86-e91ec876c01f} - (no file)
O2 - BHO: (no name) - {E1C43B20-6F79-4A68-9B82-412ECC8FB2D1} - (no file)
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - H:\Program Files\free-downloads.net\tbfre1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - H:\Program Files\free-downloads.net\tbfre1.dll
O4 - HKLM\..\Run: [Ashampoo FireWall] "I:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Jigsaw] H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\3913574.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "H:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [system34] H:\WINDOWS\SoftwareProtection\systemvital.exe
O4 - HKCU\..\Run: [AGEIA PhysX SysTray] H:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = H:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: RocketDock.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: nnnmjkLb - nnnmjkLb.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - H:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
Malwarebytes' Anti-Malware 1.22
Version de la base de données: 972
Windows 5.1.2600 Service Pack 2
14:11:04 21/07/2008
mbam-log-7-21-2008 (14-11-04).txt
Type de recherche: Examen complet (C:\|D:\|H:\|I:\|)
Eléments examinés: 106316
Temps écoulé: 25 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
H:\WINDOWS\system32\iefilter.dll (Trojan.FakeAlert) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f65e955e-26c0-42ff-8ee2-443a05ea286a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f65e955e-26c0-42ff-8ee2-443a05ea286a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rotator.gizmo3 (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rotator.gizmo3.1 (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e015787-b1e3-404a-95de-3e71e1fa0305} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AdvRemoteDbg (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
H:\WINDOWS\system32\iefilter.dll (Trojan.BHO) -> Delete on reboot.
H:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
H:\WINDOWS\BM6f2a96c1.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
H:\WINDOWS\BM6f2a96c1.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
H:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
ensuite voici le rappoort hijackthis (renommé eden.exe)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13:18, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
H:\WINDOWS\SoftwareProtection\systemvital.exe
H:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
H:\WINDOWS\system32\devldr32.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\oodag.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Riberi Vincent\Bureau\eden.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - H:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0DECEBEE-4E1D-4225-B8A4-A0D9FB53A249} - H:\WINDOWS\system32\tuvSlmKC.dll (file missing)
O2 - BHO: (no name) - {26A67C8D-080B-48DC-B03D-F9BCE74CF165} - H:\WINDOWS\system32\qoMdDvWM.dll (file missing)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {78721777-CC6D-447E-82DA-69D51D4695A4} - H:\WINDOWS\system32\qoMFvstt.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - H:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {9E5415CD-3CD8-4BCB-B565-927D06152BD3} - H:\WINDOWS\system32\awtqqpOI.dll (file missing)
O2 - BHO: (no name) - {ACDD29BA-295A-4F17-98A2-E02059C2B008} - (no file)
O2 - BHO: (no name) - {B23D797F-9412-492E-BEB1-E412AEFDA0A0} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {c94acd62-8aac-47fd-9e86-e91ec876c01f} - (no file)
O2 - BHO: (no name) - {E1C43B20-6F79-4A68-9B82-412ECC8FB2D1} - (no file)
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - H:\Program Files\free-downloads.net\tbfre1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - H:\Program Files\free-downloads.net\tbfre1.dll
O4 - HKLM\..\Run: [Ashampoo FireWall] "I:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Jigsaw] H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\3913574.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "H:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [system34] H:\WINDOWS\SoftwareProtection\systemvital.exe
O4 - HKCU\..\Run: [AGEIA PhysX SysTray] H:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = H:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: RocketDock.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: nnnmjkLb - nnnmjkLb.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - H:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
apparemment le skan avec malwarebytes a ete efficace il m a demandé de redemarrer pour finir la suppression de certains fichiers infectés et pour le moment ca a l air de marcher je n ai plus de probleme mais si vous voyez des choses qui cloches dans le rapport hijackthis dites le moi s il faut que je les supprime.
merci pour tout
merci pour tout
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 juil. 2008 à 14:42
21 juil. 2008 à 14:42
ok
relance hijackhtis fais do a system scan only et selectionne ces lignes et fais FIX CHEKED:
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {0DECEBEE-4E1D-4225-B8A4-A0D9FB53A249} - H:\WINDOWS\system32\tuvSlmKC.dll (file missing)
O2 - BHO: (no name) - {26A67C8D-080B-48DC-B03D-F9BCE74CF165} - H:\WINDOWS\system32\qoMdDvWM.dll (file missing)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - (no file)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {78721777-CC6D-447E-82DA-69D51D4695A4} - H:\WINDOWS\system32\qoMFvstt.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9E5415CD-3CD8-4BCB-B565-927D06152BD3} - H:\WINDOWS\system32\awtqqpOI.dll (file missing)
O2 - BHO: (no name) - {ACDD29BA-295A-4F17-98A2-E02059C2B008} - (no file)
O2 - BHO: (no name) - {B23D797F-9412-492E-BEB1-E412AEFDA0A0} - (no file)
O2 - BHO: (no name) - {c94acd62-8aac-47fd-9e86-e91ec876c01f} - (no file)
O2 - BHO: (no name) - {E1C43B20-6F79-4A68-9B82-412ECC8FB2D1} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Jigsaw] H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\3913574.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: nnnmjkLb - nnnmjkLb.dll (file missing)
____________
Télécharge Combofix de sUBs : . aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: http://bibou0007.forumpro.fr/tutos-f45/tutorial-combofix-t121.htm
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_______________
mets a jour java
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et installe internet explorer 7
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
relance hijackhtis fais do a system scan only et selectionne ces lignes et fais FIX CHEKED:
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {0DECEBEE-4E1D-4225-B8A4-A0D9FB53A249} - H:\WINDOWS\system32\tuvSlmKC.dll (file missing)
O2 - BHO: (no name) - {26A67C8D-080B-48DC-B03D-F9BCE74CF165} - H:\WINDOWS\system32\qoMdDvWM.dll (file missing)
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - (no file)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {78721777-CC6D-447E-82DA-69D51D4695A4} - H:\WINDOWS\system32\qoMFvstt.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9E5415CD-3CD8-4BCB-B565-927D06152BD3} - H:\WINDOWS\system32\awtqqpOI.dll (file missing)
O2 - BHO: (no name) - {ACDD29BA-295A-4F17-98A2-E02059C2B008} - (no file)
O2 - BHO: (no name) - {B23D797F-9412-492E-BEB1-E412AEFDA0A0} - (no file)
O2 - BHO: (no name) - {c94acd62-8aac-47fd-9e86-e91ec876c01f} - (no file)
O2 - BHO: (no name) - {E1C43B20-6F79-4A68-9B82-412ECC8FB2D1} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Jigsaw] H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\3913574.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\RarSFX0\ida.exe (file missing)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: nnnmjkLb - nnnmjkLb.dll (file missing)
____________
Télécharge Combofix de sUBs : . aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: http://bibou0007.forumpro.fr/tutos-f45/tutorial-combofix-t121.htm
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_______________
mets a jour java
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et installe internet explorer 7
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
voici donc le rapport un peut long.....
ComboFix 08-07-20.A0 - Riberi Vincent 2008-07-21 17:59:51.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2926 [GMT 2:00]
Endroit: H:\Documents and Settings\Riberi Vincent\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
H:\WINDOWS\system32\CKmlSvut.ini
H:\WINDOWS\system32\CKmlSvut.ini2
H:\WINDOWS\system32\IOpqqtwa.ini
H:\WINDOWS\system32\IOpqqtwa.ini2
H:\WINDOWS\system32\mcrh.tmp
H:\WINDOWS\system32\MSINET.oca
H:\WINDOWS\system32\MWvDdMoq.ini
H:\WINDOWS\system32\MWvDdMoq.ini2
H:\WINDOWS\system32\ttsvFMoq.ini
H:\WINDOWS\system32\ttsvFMoq.ini2
H:\WINDOWS\system32\uubakwuo.ini
H:\WINDOWS\system32\wkdecqur.ini
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-21 to 2008-07-21 ))))))))))))))))))))))))))))))))))))
.
2008-07-21 13:43 . 2008-07-21 13:43 <REP> d-------- H:\Program Files\Malwarebytes' Anti-Malware
2008-07-21 13:43 . 2008-07-21 13:43 <REP> d-------- H:\Documents and Settings\Riberi Vincent\Application Data\Malwarebytes
2008-07-21 13:43 . 2008-07-21 13:43 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-21 13:43 . 2008-07-20 20:21 38,472 --a------ H:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-21 13:43 . 2008-07-20 20:21 17,144 --a------ H:\WINDOWS\system32\drivers\mbam.sys
2008-07-21 10:55 . 2008-07-21 10:55 18,944 --a------ H:\WINDOWS\system32\IE_fil.dll
2008-07-21 10:16 . 2008-07-21 10:16 18,944 --a------ H:\WINDOWS\system32\ieflt.dll
2008-07-21 10:11 . 2008-07-21 10:11 18,944 --a------ H:\WINDOWS\system32\iexflt.dll
2008-07-21 10:11 . 2008-07-21 10:11 18,944 --a------ H:\WINDOWS\system32\iexfilter.dll
2008-07-21 10:10 . 2008-07-21 10:10 18,944 --a------ H:\WINDOWS\system32\iefil.dll
2008-07-17 16:08 . 2008-07-17 16:08 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-17 16:02 . 2008-07-17 16:02 <REP> d-------- H:\Program Files\Messenger Plus! Live
2008-07-15 17:02 . 2008-07-15 17:02 <REP> d-------- H:\Program Files\Maxis
2008-07-08 18:24 . 2008-07-08 18:24 262,144 --a------ H:\WINDOWS\system32\wrap_oal.dll
2008-07-08 18:24 . 2008-07-08 18:24 86,016 --a------ H:\WINDOWS\system32\OpenAL32.dll
2008-07-08 18:23 . 2008-07-08 18:23 <REP> d-------- H:\WINDOWS\system32\Futuremark
2008-07-08 18:23 . 2004-10-25 20:02 21,664 --a------ H:\WINDOWS\system32\drivers\Entech.sys
2008-07-08 18:23 . 1999-11-02 10:01 6,173 --a------ H:\WINDOWS\system32\drivers\Entech.vxd
2008-07-08 18:23 . 2004-06-22 15:44 5,632 --a------ H:\WINDOWS\system32\drivers\Entech64.sys
2008-07-08 18:23 . 2001-11-19 19:05 3,972 --a------ H:\WINDOWS\system32\drivers\PciBus.sys
2008-07-03 20:33 . 2001-08-23 17:04 12,288 --a------ H:\WINDOWS\system32\drivers\mouhid.sys
2008-07-03 20:33 . 2001-08-23 17:04 12,288 --a--c--- H:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-30 15:53 . 2008-06-30 15:53 <REP> d-------- H:\WINDOWS\nview
2008-06-30 15:53 . 2008-05-16 14:01 446,464 --a------ H:\WINDOWS\system32\nvudisp.exe
2008-06-30 15:53 . 2008-05-16 14:01 18,070 --a------ H:\WINDOWS\system32\nvdisp.nvu
2008-06-30 15:53 . 2008-07-21 18:02 104 --a------ H:\WINDOWS\system32\nvapps.xml
2008-06-30 15:49 . 2008-05-16 11:48 446,464 --a------ H:\WINDOWS\system32\NVUNINST.EXE
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-21 16:00 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\uTorrent
2008-07-21 13:14 --------- d-----w H:\Program Files\Java
2008-07-20 16:54 --------- d-----w H:\Program Files\SpeedFan
2008-07-19 13:17 --------- d-----w H:\Program Files\eMule
2008-07-18 17:22 --------- d-----w H:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-08 16:23 --------- d--h--w H:\Program Files\InstallShield Installation Information
2008-07-08 15:49 --------- d-----w H:\Program Files\free-downloads.net
2008-06-23 14:57 --------- d-----w H:\Program Files\Google
2008-06-23 09:58 --------- d-----w H:\Program Files\TVAnts
2008-06-20 10:45 360,320 ----a-w H:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w H:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w H:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w H:\WINDOWS\system32\drivers\bthport.sys
2008-06-03 16:48 --------- d-----w H:\Documents and Settings\All Users\Application Data\Codemasters
2008-06-02 09:41 --------- d-----w H:\Program Files\Electronic Arts
2008-06-02 06:36 --------- d-----w H:\Program Files\OpenAL
2008-06-02 06:32 --------- d-----w H:\Program Files\Codemasters
2008-06-01 19:31 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\Bioshock
2008-05-31 16:01 --------- d-----w H:\Documents and Settings\All Users\Application Data\SimCity Societies
2008-05-29 14:47 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\TaoUSign
2008-05-27 19:19 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\ppStream
2008-04-05 18:03 22,328 ----a-w H:\Documents and Settings\Riberi Vincent\Application Data\PnkBstrK.sys
.
------- Sigcheck -------
2006-03-04 06:00 667648 241dbc4c2714b2f39afded49459ed420 H:\WINDOWS\$hf_mig$\KB912812\SP2QFE\wininet.dll
2007-04-18 14:44 669696 a3bf56a786b277e881fd9137f55f0b4b H:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll
2007-06-26 16:36 669696 19058fbdc72f7bae085369c6d0a7d074 H:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll
2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea H:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll
2007-12-07 02:47 670208 c057d734b1951393fd07e2607513d4d9 H:\WINDOWS\$hf_mig$\KB944533\SP2QFE\wininet.dll
2008-02-16 11:32 670208 dcb8a9f102663d962be60cde38a6c1d7 H:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
2008-04-21 08:57 670720 f2f343d7ed0223645ba773b840eb4993 H:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
2008-04-21 08:43 670208 7af7d7d178f2863e7e7c880b55c88b76 H:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
2008-04-21 08:30 670720 82b3264706b9921c67b196319fda51de H:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
2006-03-04 05:35 662528 19e1a21f21bc938a92ee8be630994493 H:\WINDOWS\$NtUninstallKB933566$\wininet.dll
2007-04-18 14:32 697344 aeff166f0813521d4fe60b6efc6895f4 H:\WINDOWS\$NtUninstallKB937143$\wininet.dll
2007-06-26 16:12 663040 889269134af28b2142f47a337ca3a1cd H:\WINDOWS\$NtUninstallKB939653$\wininet.dll
2007-08-22 15:13 663040 18048557aa56de4b1955fdf7a21f9b24 H:\WINDOWS\$NtUninstallKB944533$\wininet.dll
2007-12-07 03:07 663552 c5a40de381481d288addee45fc67f652 H:\WINDOWS\$NtUninstallKB947864$\wininet.dll
2008-02-16 11:02 697856 36f9275de72efcab49b642e72e0f09b5 H:\WINDOWS\$NtUninstallKB950759$\wininet.dll
2007-08-22 15:13 663040 18048557aa56de4b1955fdf7a21f9b24 H:\WINDOWS\SoftwareDistribution\Download\f2a336ec22c0f337f1cd52fa57716ebb\sp2gdr\wininet.dll
2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea H:\WINDOWS\SoftwareDistribution\Download\f2a336ec22c0f337f1cd52fa57716ebb\sp2qfe\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 H:\WINDOWS\system32\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 H:\WINDOWS\system32\dllcache\wininet.dll
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 H:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 H:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 12:00 978432 9f3b76c8cf787449a47f05abab4e13e6 H:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 H:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "H:\Program Files\free-downloads.net\tbfre1.dll" [2008-07-08 17:49 1569304]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-07-08 17:49 1569304 --a------ H:\Program Files\free-downloads.net\tbfre1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "H:\Program Files\free-downloads.net\tbfre1.dll" [2008-07-08 17:49 1569304]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "H:\Program Files\free-downloads.net\tbfre1.dll" [2008-07-08 17:49 1569304]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"MsnMsgr"="H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"LogitechSoftwareUpdate"="H:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-16 09:47 94208]
"system34"="H:\WINDOWS\SoftwareProtection\systemvital.exe" [2008-03-17 16:02 624608]
"SpybotSD TeaTimer"="H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ashampoo FireWall"="I:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" [2007-04-05 14:57 3251800]
"NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088]
"NvMediaCenter"="H:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 14:01 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll
"vidc.asv2"= asusasv2.dll
"aux6"= ctwdm32.dll
[HKLM\~\startupfolder\H:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=H:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\H:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=H:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 H:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-10-19 21:16 286720 H:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"H:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"H:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"H:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"H:\\Program Files\\eMule\\emule.exe"=
"H:\\Program Files\\NetMeeting\\conf.exe"=
"H:\\Program Files\\uTorrent\\uTorrent.exe"=
"H:\\WINDOWS\\system32\\PnkBstrA.exe"=
"H:\\WINDOWS\\system32\\PnkBstrB.exe"=
"I:\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"H:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"H:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
R1 aswSP;avast! Self Protection;H:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 lnsfw1;lnsfw1;H:\WINDOWS\system32\drivers\lnsfw1.sys [2008-02-29 17:52]
R2 aswFsBlk;aswFsBlk;H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;H:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 21:10]
R3 usbstor;Pilote de stockage de masse USB;H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
S2 nvtvSND;nVidia WDM TVAudio Crossbar;H:\WINDOWS\system32\DRIVERS\nvtvsnd.sys []
S3 bDMusicb;bDMusicb;H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\bDMusicb.sys []
S3 SetupNTGLM7X;SetupNTGLM7X;G:\NTGLM7X.sys []
S3 usbscan;Pilote de scanneur USB;H:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 Video3D;ASUS Video3D Service;H:\WINDOWS\system32\Drivers\Video3D.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ceec8306-2cd2-11dd-b58b-000000000000}]
\Shell\AutoRun\command - L:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e81dca04-8603-11dc-b419-02112233a669}]
\Shell\AutoRun\command - wd_windows_tools\setup.exe
.
- - - - ORPHANS REMOVED - - - -
BHO-{F65E955E-26C0-42FF-8EE2-443A05EA286A} - (no file)
HKCU-Run-AGEIA PhysX SysTray - H:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
HKLM-Run-mirc - C:\WINDOWS\WINCRA\mirc.exe
MSConfigStartUp-CloneCDTray - H:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
MSConfigStartUp-iTunesHelper - H:\Program Files\iTunes\iTunesHelper.exe
MSConfigStartUp-OpwareSE4 - H:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
MSConfigStartUp-SSBkgdUpdate - H:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
MSConfigStartUp-Steam - I:\Jeux\Valve\Steam\Steam.exe
MSConfigStartUp-SkyTel - SkyTel.EXE
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640
O8 -: E&xporter vers Microsoft Excel - H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 -: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-21 18:02:57
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ASFWHide]
"ImagePath"="\??\H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\ASFWHide"
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: H:\WINDOWS\system32\lsass.exe
-> i:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll
.
------------------------ Other Running Processes ------------------------
.
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\oodag.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
H:\WINDOWS\system32\devldr32.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
H:\WINDOWS\system32\wscntfy.exe
H:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-21 18:04:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-21 16:04:29
Pre-Run: 6,809,067,520 octets libres
Post-Run: 8,492,298,240 octets libres
235 --- E O F --- 2008-07-18 17:22:37
ComboFix 08-07-20.A0 - Riberi Vincent 2008-07-21 17:59:51.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2926 [GMT 2:00]
Endroit: H:\Documents and Settings\Riberi Vincent\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
H:\WINDOWS\system32\CKmlSvut.ini
H:\WINDOWS\system32\CKmlSvut.ini2
H:\WINDOWS\system32\IOpqqtwa.ini
H:\WINDOWS\system32\IOpqqtwa.ini2
H:\WINDOWS\system32\mcrh.tmp
H:\WINDOWS\system32\MSINET.oca
H:\WINDOWS\system32\MWvDdMoq.ini
H:\WINDOWS\system32\MWvDdMoq.ini2
H:\WINDOWS\system32\ttsvFMoq.ini
H:\WINDOWS\system32\ttsvFMoq.ini2
H:\WINDOWS\system32\uubakwuo.ini
H:\WINDOWS\system32\wkdecqur.ini
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-21 to 2008-07-21 ))))))))))))))))))))))))))))))))))))
.
2008-07-21 13:43 . 2008-07-21 13:43 <REP> d-------- H:\Program Files\Malwarebytes' Anti-Malware
2008-07-21 13:43 . 2008-07-21 13:43 <REP> d-------- H:\Documents and Settings\Riberi Vincent\Application Data\Malwarebytes
2008-07-21 13:43 . 2008-07-21 13:43 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-21 13:43 . 2008-07-20 20:21 38,472 --a------ H:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-21 13:43 . 2008-07-20 20:21 17,144 --a------ H:\WINDOWS\system32\drivers\mbam.sys
2008-07-21 10:55 . 2008-07-21 10:55 18,944 --a------ H:\WINDOWS\system32\IE_fil.dll
2008-07-21 10:16 . 2008-07-21 10:16 18,944 --a------ H:\WINDOWS\system32\ieflt.dll
2008-07-21 10:11 . 2008-07-21 10:11 18,944 --a------ H:\WINDOWS\system32\iexflt.dll
2008-07-21 10:11 . 2008-07-21 10:11 18,944 --a------ H:\WINDOWS\system32\iexfilter.dll
2008-07-21 10:10 . 2008-07-21 10:10 18,944 --a------ H:\WINDOWS\system32\iefil.dll
2008-07-17 16:08 . 2008-07-17 16:08 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-17 16:02 . 2008-07-17 16:02 <REP> d-------- H:\Program Files\Messenger Plus! Live
2008-07-15 17:02 . 2008-07-15 17:02 <REP> d-------- H:\Program Files\Maxis
2008-07-08 18:24 . 2008-07-08 18:24 262,144 --a------ H:\WINDOWS\system32\wrap_oal.dll
2008-07-08 18:24 . 2008-07-08 18:24 86,016 --a------ H:\WINDOWS\system32\OpenAL32.dll
2008-07-08 18:23 . 2008-07-08 18:23 <REP> d-------- H:\WINDOWS\system32\Futuremark
2008-07-08 18:23 . 2004-10-25 20:02 21,664 --a------ H:\WINDOWS\system32\drivers\Entech.sys
2008-07-08 18:23 . 1999-11-02 10:01 6,173 --a------ H:\WINDOWS\system32\drivers\Entech.vxd
2008-07-08 18:23 . 2004-06-22 15:44 5,632 --a------ H:\WINDOWS\system32\drivers\Entech64.sys
2008-07-08 18:23 . 2001-11-19 19:05 3,972 --a------ H:\WINDOWS\system32\drivers\PciBus.sys
2008-07-03 20:33 . 2001-08-23 17:04 12,288 --a------ H:\WINDOWS\system32\drivers\mouhid.sys
2008-07-03 20:33 . 2001-08-23 17:04 12,288 --a--c--- H:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-30 15:53 . 2008-06-30 15:53 <REP> d-------- H:\WINDOWS\nview
2008-06-30 15:53 . 2008-05-16 14:01 446,464 --a------ H:\WINDOWS\system32\nvudisp.exe
2008-06-30 15:53 . 2008-05-16 14:01 18,070 --a------ H:\WINDOWS\system32\nvdisp.nvu
2008-06-30 15:53 . 2008-07-21 18:02 104 --a------ H:\WINDOWS\system32\nvapps.xml
2008-06-30 15:49 . 2008-05-16 11:48 446,464 --a------ H:\WINDOWS\system32\NVUNINST.EXE
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-21 16:00 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\uTorrent
2008-07-21 13:14 --------- d-----w H:\Program Files\Java
2008-07-20 16:54 --------- d-----w H:\Program Files\SpeedFan
2008-07-19 13:17 --------- d-----w H:\Program Files\eMule
2008-07-18 17:22 --------- d-----w H:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-08 16:23 --------- d--h--w H:\Program Files\InstallShield Installation Information
2008-07-08 15:49 --------- d-----w H:\Program Files\free-downloads.net
2008-06-23 14:57 --------- d-----w H:\Program Files\Google
2008-06-23 09:58 --------- d-----w H:\Program Files\TVAnts
2008-06-20 10:45 360,320 ----a-w H:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w H:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w H:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w H:\WINDOWS\system32\drivers\bthport.sys
2008-06-03 16:48 --------- d-----w H:\Documents and Settings\All Users\Application Data\Codemasters
2008-06-02 09:41 --------- d-----w H:\Program Files\Electronic Arts
2008-06-02 06:36 --------- d-----w H:\Program Files\OpenAL
2008-06-02 06:32 --------- d-----w H:\Program Files\Codemasters
2008-06-01 19:31 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\Bioshock
2008-05-31 16:01 --------- d-----w H:\Documents and Settings\All Users\Application Data\SimCity Societies
2008-05-29 14:47 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\TaoUSign
2008-05-27 19:19 --------- d-----w H:\Documents and Settings\Riberi Vincent\Application Data\ppStream
2008-04-05 18:03 22,328 ----a-w H:\Documents and Settings\Riberi Vincent\Application Data\PnkBstrK.sys
.
------- Sigcheck -------
2006-03-04 06:00 667648 241dbc4c2714b2f39afded49459ed420 H:\WINDOWS\$hf_mig$\KB912812\SP2QFE\wininet.dll
2007-04-18 14:44 669696 a3bf56a786b277e881fd9137f55f0b4b H:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll
2007-06-26 16:36 669696 19058fbdc72f7bae085369c6d0a7d074 H:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll
2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea H:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll
2007-12-07 02:47 670208 c057d734b1951393fd07e2607513d4d9 H:\WINDOWS\$hf_mig$\KB944533\SP2QFE\wininet.dll
2008-02-16 11:32 670208 dcb8a9f102663d962be60cde38a6c1d7 H:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
2008-04-21 08:57 670720 f2f343d7ed0223645ba773b840eb4993 H:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
2008-04-21 08:43 670208 7af7d7d178f2863e7e7c880b55c88b76 H:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
2008-04-21 08:30 670720 82b3264706b9921c67b196319fda51de H:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
2006-03-04 05:35 662528 19e1a21f21bc938a92ee8be630994493 H:\WINDOWS\$NtUninstallKB933566$\wininet.dll
2007-04-18 14:32 697344 aeff166f0813521d4fe60b6efc6895f4 H:\WINDOWS\$NtUninstallKB937143$\wininet.dll
2007-06-26 16:12 663040 889269134af28b2142f47a337ca3a1cd H:\WINDOWS\$NtUninstallKB939653$\wininet.dll
2007-08-22 15:13 663040 18048557aa56de4b1955fdf7a21f9b24 H:\WINDOWS\$NtUninstallKB944533$\wininet.dll
2007-12-07 03:07 663552 c5a40de381481d288addee45fc67f652 H:\WINDOWS\$NtUninstallKB947864$\wininet.dll
2008-02-16 11:02 697856 36f9275de72efcab49b642e72e0f09b5 H:\WINDOWS\$NtUninstallKB950759$\wininet.dll
2007-08-22 15:13 663040 18048557aa56de4b1955fdf7a21f9b24 H:\WINDOWS\SoftwareDistribution\Download\f2a336ec22c0f337f1cd52fa57716ebb\sp2gdr\wininet.dll
2007-08-22 14:57 669696 4f6a45b54d26708e2c2bf2c43d83edea H:\WINDOWS\SoftwareDistribution\Download\f2a336ec22c0f337f1cd52fa57716ebb\sp2qfe\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 H:\WINDOWS\system32\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 H:\WINDOWS\system32\dllcache\wininet.dll
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 H:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 H:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-05 12:00 978432 9f3b76c8cf787449a47f05abab4e13e6 H:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 H:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "H:\Program Files\free-downloads.net\tbfre1.dll" [2008-07-08 17:49 1569304]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-07-08 17:49 1569304 --a------ H:\Program Files\free-downloads.net\tbfre1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "H:\Program Files\free-downloads.net\tbfre1.dll" [2008-07-08 17:49 1569304]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "H:\Program Files\free-downloads.net\tbfre1.dll" [2008-07-08 17:49 1569304]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"MsnMsgr"="H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"LogitechSoftwareUpdate"="H:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-16 09:47 94208]
"system34"="H:\WINDOWS\SoftwareProtection\systemvital.exe" [2008-03-17 16:02 624608]
"SpybotSD TeaTimer"="H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ashampoo FireWall"="I:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" [2007-04-05 14:57 3251800]
"NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088]
"NvMediaCenter"="H:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 14:01 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll
"vidc.asv2"= asusasv2.dll
"aux6"= ctwdm32.dll
[HKLM\~\startupfolder\H:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=H:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\H:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=H:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 H:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-10-19 21:16 286720 H:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"H:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"H:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"H:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"H:\\Program Files\\eMule\\emule.exe"=
"H:\\Program Files\\NetMeeting\\conf.exe"=
"H:\\Program Files\\uTorrent\\uTorrent.exe"=
"H:\\WINDOWS\\system32\\PnkBstrA.exe"=
"H:\\WINDOWS\\system32\\PnkBstrB.exe"=
"I:\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"H:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"H:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
R1 aswSP;avast! Self Protection;H:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 lnsfw1;lnsfw1;H:\WINDOWS\system32\drivers\lnsfw1.sys [2008-02-29 17:52]
R2 aswFsBlk;aswFsBlk;H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;H:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 21:10]
R3 usbstor;Pilote de stockage de masse USB;H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
S2 nvtvSND;nVidia WDM TVAudio Crossbar;H:\WINDOWS\system32\DRIVERS\nvtvsnd.sys []
S3 bDMusicb;bDMusicb;H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\bDMusicb.sys []
S3 SetupNTGLM7X;SetupNTGLM7X;G:\NTGLM7X.sys []
S3 usbscan;Pilote de scanneur USB;H:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 Video3D;ASUS Video3D Service;H:\WINDOWS\system32\Drivers\Video3D.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ceec8306-2cd2-11dd-b58b-000000000000}]
\Shell\AutoRun\command - L:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e81dca04-8603-11dc-b419-02112233a669}]
\Shell\AutoRun\command - wd_windows_tools\setup.exe
.
- - - - ORPHANS REMOVED - - - -
BHO-{F65E955E-26C0-42FF-8EE2-443A05EA286A} - (no file)
HKCU-Run-AGEIA PhysX SysTray - H:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
HKLM-Run-mirc - C:\WINDOWS\WINCRA\mirc.exe
MSConfigStartUp-CloneCDTray - H:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
MSConfigStartUp-iTunesHelper - H:\Program Files\iTunes\iTunesHelper.exe
MSConfigStartUp-OpwareSE4 - H:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
MSConfigStartUp-SSBkgdUpdate - H:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
MSConfigStartUp-Steam - I:\Jeux\Valve\Steam\Steam.exe
MSConfigStartUp-SkyTel - SkyTel.EXE
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640
O8 -: E&xporter vers Microsoft Excel - H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 -: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-21 18:02:57
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ASFWHide]
"ImagePath"="\??\H:\DOCUME~1\RIBERI~1\LOCALS~1\Temp\ASFWHide"
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: H:\WINDOWS\system32\lsass.exe
-> i:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll
.
------------------------ Other Running Processes ------------------------
.
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\oodag.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
H:\WINDOWS\system32\devldr32.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
H:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
H:\WINDOWS\system32\wscntfy.exe
H:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-21 18:04:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-21 16:04:29
Pre-Run: 6,809,067,520 octets libres
Post-Run: 8,492,298,240 octets libres
235 --- E O F --- 2008-07-18 17:22:37
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 juil. 2008 à 18:10
21 juil. 2008 à 18:10
mets a jour java
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et installe internet explorer 7
https://www.01net.com/404//fiches/33081.html
--------------------
recoller un nouvel hijackhtis et dire les soucis actuels
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et installe internet explorer 7
https://www.01net.com/404//fiches/33081.html
--------------------
recoller un nouvel hijackhtis et dire les soucis actuels
