Sujet Précédent Sujet Suivant

The setup files are corrupted ...

Fermé
menzo - 4 janv. 2013 à 22:36
 Utilisateur anonyme - 5 janv. 2013 à 14:50
Bonjour,



Le pc m'affiche ce message à chaque démarrage, que faire ???

Merci de votre aide.
A voir également:

3 réponses

Réponse 1 / 3
Utilisateur anonyme
4 janv. 2013 à 22:40
Bonsoir

Ton PC démarre t'il malgré cet avertissement?

@+
0
Réponse 2 / 3
menzo76 Messages postés 2 Date d'inscription vendredi 4 janvier 2013 Statut Membre Dernière intervention 12 janvier 2013
4 janv. 2013 à 23:41
ui il démarre malgré tout, mais que veut dire ce message ? J'ai lu que ça pouvait être un virus.

J'ai installé combofix, et fait analyser le PC.

Voici le rapport:

ComboFix 13-01-04.03 - marie 04/01/2013 22:57:16.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.958.317 [GMT 1:00]
Lancé depuis: c:\documents and settings\marie\Mes documents\TÚlÚchargements\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\marie\Application Data\OfferBox
c:\documents and settings\marie\Application Data\OfferBox\config.dat
c:\documents and settings\marie\Application Data\OfferBox\config.xml
c:\documents and settings\marie\Application Data\OfferBox\update.exe
c:\documents and settings\marie\Application Data\PriceGong
c:\documents and settings\marie\Application Data\PriceGong\Data\1.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\a.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\b.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\c.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\d.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\e.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\f.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\g.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\h.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\i.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\J.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\k.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\l.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\m.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\n.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\o.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\p.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\q.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\r.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\s.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\t.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\u.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\v.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\w.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\x.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\y.xml
c:\documents and settings\marie\Application Data\PriceGong\Data\z.xml
c:\documents and settings\marie\errorlog.tmp
c:\program files\Giant Savings Extension\GiANt savings extension.dll
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files\OfferBox
c:\program files\OfferBox\OfferBoxBHO.dll
c:\program files\OfferBox\OfferBoxChromeExtension.crx
c:\program files\OfferBox\OfferBoxEngine.dll
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome.manifest
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\program files\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\program files\OfferBox\OfferBoxLauncher.exe
c:\program files\OfferBox\res\language.xml
c:\program files\OfferBox\res\loader.gif
c:\program files\OfferBox\uninst.exe
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-12-04 au 2013-01-04 ))))))))))))))))))))))))))))))))))))
.
.
2013-01-04 21:33 . 2013-01-04 21:33 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2013-01-04 21:09 . 2013-01-04 21:09 -------- d-----w- c:\documents and settings\marie\Application Data\QuickScan
2013-01-04 21:03 . 2013-01-04 21:03 -------- d-----w- c:\documents and settings\marie\Local Settings\Application Data\Giant Savings Extension
2013-01-04 21:03 . 2013-01-04 22:17 -------- d-----w- c:\program files\Giant Savings Extension
2013-01-04 21:03 . 2013-01-04 21:03 -------- d-----w- c:\program files\SweetIM
2013-01-04 21:03 . 2013-01-04 21:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM
2013-01-04 20:46 . 2013-01-04 20:55 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-01-04 18:31 . 2013-01-04 18:31 -------- d-----w- c:\documents and settings\marie\Application Data\Incredibar.com
2013-01-04 18:02 . 2013-01-04 18:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Software
2013-01-04 17:06 . 2013-01-04 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\CheckPoint
2013-01-04 16:55 . 2013-01-04 16:55 -------- d-----w- c:\documents and settings\marie\Local Settings\Application Data\Sun
2013-01-04 16:50 . 2013-01-04 16:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Software
2013-01-04 16:41 . 2013-01-04 20:17 -------- d-----w- c:\program files\Boxore
2013-01-04 16:40 . 2013-01-04 16:40 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Software
2013-01-04 16:38 . 2013-01-04 18:02 -------- d-----w- c:\program files\Software
2013-01-04 16:38 . 2013-01-04 16:38 -------- d-----w- c:\documents and settings\marie\Local Settings\Application Data\Software
2013-01-04 16:37 . 2013-01-04 16:37 -------- d-----w- c:\program files\Web Media Player
2013-01-04 16:28 . 2013-01-04 16:27 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-10 22:14 . 2012-12-10 22:14 -------- d-----w- c:\documents and settings\marie\Local Settings\Application Data\FreeOCR
2012-12-10 20:14 . 2007-03-10 09:11 2680320 ----a-w- c:\windows\system32\ImageEnXLibrary.ocx
2012-12-10 20:14 . 2012-12-10 20:20 -------- d-----w- C:\FreeOCR
2012-12-10 20:14 . 2012-12-10 20:14 -------- d-----w- c:\program files\Temp
2012-12-10 20:13 . 2012-12-10 20:13 448 ----a-w- C:\user.js
2012-12-10 20:13 . 2012-12-10 20:13 -------- d-----w- c:\windows\system32\ARFC
2012-12-10 20:13 . 2012-10-02 15:18 28160 ----a-w- c:\windows\system32\ImHttpComm.dll
2012-12-10 20:13 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
2012-12-10 20:13 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll
2012-12-10 20:13 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
2012-12-10 20:13 . 2012-12-11 13:04 -------- d-----w- c:\windows\system32\WNLT
2012-12-10 20:13 . 2012-12-10 20:13 -------- d-----w- c:\program files\IB Updater
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-04 16:27 . 2012-08-12 14:48 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-04 16:27 . 2012-08-12 14:48 859072 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-04 16:27 . 2011-10-25 07:47 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-31 12:24 . 2012-09-08 11:35 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-31 12:24 . 2012-09-08 11:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 12:23 . 2004-08-05 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 15:49 . 2008-08-26 16:41 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2012-11-13 11:55 . 2005-10-06 03:08 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-11-02 02:02 . 2004-08-05 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17 . 2004-08-05 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17 . 2004-08-05 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17 . 2004-08-05 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2004-08-05 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-06 16:34 . 2012-12-06 16:33 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]
2010-08-19 12:27 135840 ----a-w- c:\program files\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-20 11:18 1519824 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 14:03 1310040 ----a-r- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-09-10 348664]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2012-07-03 252848]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KeyScrambler"="c:\program files\KeyScrambler\getting_started.html" [X]
.
c:\documents and settings\marie\Menu Démarrer\Programmes\Démarrage\
appinfo.lnk - c:\documents and settings\marie\appinfo.exe [N/A]
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\AutorunsDisabled
le compagnon club.lnk.disabled [2008-8-24 1889]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:French /KBD:2\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Privoxy.lnk
backup=c:\windows\pss\Privoxy.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 02:33 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2003-04-14 18:05 1498032 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-27 08:50 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spamihilator]
2008-08-28 10:29 1223680 ----a-w- c:\program files\Spamihilator\spamihilator.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-09-16 11:16 1833296 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010 Demo\\fm.exe"=
"c:\\Program Files\\CrazyLoader\\crazyloader.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [11/09/2012 11:29 36000]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [01/12/2010 12:33 3045688]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/09/2012 11:29 86224]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [11/09/2012 11:29 465360]
R2 IB Updater;IB Updater;c:\program files\IB Updater\ExtensionUpdaterService.exe [10/12/2012 21:13 188760]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [31/08/2008 13:16 113896]
R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [24/08/2008 10:43 215040]
S3 a2acc;a2acc;c:\program files\Emsisoft Anti-Malware\a2accx86.sys [01/12/2010 12:33 51632]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1C.tmp --> c:\windows\system32\1C.tmp [?]
.
Contenu du dossier 'Tâches planifiées'
.
2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-08 12:24]
.
2008-08-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd92169d828588.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 15:15]
.
2012-09-11 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2012-06-20 11:18]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.jerecherche.org
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: chat-land.org
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
FF - ProfilePath - c:\documents and settings\marie\Application Data\Mozilla\Firefox\Profiles\kbdhnaya.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-10 21:13; {336D0C35-8A85-403a-B9D2-65C292C39087}; c:\program files\IB Updater\Firefox
FF - ExtSQL: 2012-12-10 21:13; ffxtlbr@incredibar.com; c:\documents and settings\marie\Application Data\Mozilla\Firefox\Profiles\kbdhnaya.default\extensions\ffxtlbr@incredibar.com
FF - ExtSQL: 2012-12-30 01:47; translator@zoli.bod; c:\documents and settings\marie\Application Data\Mozilla\Firefox\Profiles\kbdhnaya.default\extensions\translator@zoli.bod.xpi
FF - ExtSQL: 2013-01-04 22:04; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\documents and settings\marie\Application Data\Mozilla\Firefox\Profiles\kbdhnaya.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF - ExtSQL: 2013-01-04 22:09; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\documents and settings\marie\Application Data\Mozilla\Firefox\Profiles\kbdhnaya.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - ExtSQL: !HIDDEN! 2009-09-02 04:23; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQSjTXsui&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 9cbf4ba5000000000000003005a467a9
FF - user.js: extensions.incredibar_i.instlDay - 15684
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:13
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQSjTXsui
FF - user.js: extensions.incredibar_i.upn2n - 92544074068048510
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10643
FF - user.js: extensions.incredibar_i.ppd - 1
.
.
------- Associations de fichier -------
.
.txt=Word Reader-TXT
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - c:\program files\OfferBox\OfferBoxBHO.dll
HKCU-Run-appinfo - c:\documents and settings\marieappinfo.exe\appinfo.exe
AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-OfferBox - c:\program files\OfferBox\uninst.exe
AddRemove-OfferBox Browser - c:\program files\OfferBox\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-04 23:19
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\1C.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2013-01-04 23:25:48
ComboFix-quarantined-files.txt 2013-01-04 22:25
.
Avant-CF: 243 280 093 184 octets libres
Après-CF: 244 126 568 448 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 7474C253494F6DED1FC28152C0C8F269
0
Réponse 3 / 3
Utilisateur anonyme
5 janv. 2013 à 14:50
Bonjour

1) Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=


2)Télécharge Malwaresbytes anti malware ici
https://fr.malwarebytes.com/mwb-download/


* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

* Potasse le tuto pour te familiariser avec le prg :

https://forum.pcastuces.com/sujet.asp?f=31&s=3

(cela dis, il est très simple d'utilisation).

relance Malwaresbytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)

*Procèdes à une mise à jour

*Fais un examen dit "Complet"

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

@+

0

Discussions similaires

The setup files are corrupted. Please obtain a new copy...
.NeOx. -
Alex37 -

37 réponses
192.168.49.1
4Pedro -
hopelan -

1 réponse
Press DEL to enter SETUP
ldjaps -
Marwan -

36 réponses
New CPU installed, FTPM/PSP NV corrupted
Tanguy -
jeannets -

12 réponses
Common files ?
Capucine -
Alex -

9 réponses