*.exe n'est pas une application valideFermé

Question

Bonjour,

Quand je lance une appication dont la fonction est de sécuriser mon ordi, j'ai un message d'erreur du genre "Nom de l'application.exe" n'est pas une application Win32 valide. J'ai lancé Hijackthis, ça été la meme chose. Le virus a meme désactivé mon antivirus kaspersky 2009 à jour au point que quand je le lance, j'ai le message C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe n'est pas une application Win32 valide.

Je pense avoir le meme prb que ce dernier 
http://www.commentcamarche.net/forum/affich 5064033 exe n est pas une application win32 valide

J'ai déjà vérifer la restauration du systeme, chose etrange il n'y aucun plus de restauration automatique. Tout à disparu.  Meme windows defender ne peut pas etre activé. Il ne me reste plus que le firewall de l'OS windows vista.

J'ai exécuté deux utilitaires qui m'ont donné deux rapports mais je pense que descargar Elibagla est le plus proche de la réalité car je pense que mon bourreau doit avoir une extension qui se termine  HLDRRR.EXE . A vous de voir c'est pourquoi je poste ce rapport.

J'ai egalement envoyé le rapport de descargar Elibagla à l'adresse suivante virus@satinfo.es

J'ai exécuté descargar Elibagla qui m'a donné ce rapport:

	
EliBagle v11.80  (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.80
 a "virus@satinfo.es".  Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\LIST.OCT --> Eliminado Bagle
Reinicie para Completar la Limpieza.

	  Fri Oct 03 12:56:49 2008
EliBagle v11.80  (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.80
 a "virus@satinfo.es".  Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.

	  Fri Oct 03 12:56:59 2008
EliBagle v11.80  (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\


---------------------------------------------------------------------------------------------------------------------------------------------------------

A défaut de Hi jackthis qui ne s'execute pas, j'ai pu executer  Smiltfraudfix qui m'a donné ce rapport

SmitFraudFix v2.335

Scan done at 12:44:32,95, 03/10/2008
Run from C:\Users\Aristide\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
D:\Winamp 5 53\Winamp\winampa.exe
D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\PowerISO\PWRISOVM.EXE
D:\UTorrent 1 8\uTorrent.exe
D:\Ares Destiny\Ares.exe
D:\Bitcomet\BitComet.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
D:\Emule\emule.exe
C:\Users\Aristide\AppData\Roaming\m\flec006.exe
D:\Logitech 4 60\SetPoint\SetPoint.exe
D:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Winamp Remote\bin\Orb.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32	askeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\drivers\downld\249234.exe
C:\Windows\system32\drivers\downld\407718.exe
C:\Windows\system32\drivers\downld\465062.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
 
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\Windows\system32\userinit.exe,"


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{E6E82015-7091-451B-8709-53256B0A02F4}: NameServer=213.136.96.2 213.136.96.37
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E6E82015-7091-451B-8709-53256B0A02F4}: NameServer=213.136.96.2 213.136.96.37


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


Merci pour votre aide

jorginho67 · Accepted Answer

Salut vous deux ;-)

Bagle s'installe en téléchargeant des CRACKS...

Tant qu'ils ne seront pas supprimés, l'infection se lancera a chaque utilisation de ceux ci

»»»» Recherche Cracks Keygen... :

C:\Users\Aristide\AppData\Roaming\uTorrent\Crack for VisualStudio2008.7z.torrent
C:\Users\Aristide\AppData\Roaming\uTorrent\Internet Download Manager 5.12 + crack + spolszczenie + toolbar.rar.torrent
C:\Users\Aristide\AppData\Roaming\uTorrent\RapidShare_Download_Direct pro + crack.rar.torrent
C:\Users\Aristide\Desktop\Nouveau dossier\dr.carbon_Keygen.exe 

A virer avant toute manip'...

@+

Destrio5 · Answer

Salut,

---> Désactive l'UAC le temps de la désinfection :
http://www.commentcamarche.net/faq/sujet 8343 vista desactiver l uac

--> Télécharge FindyKill (par Chiquitine29) sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l'installation avec les paramètres par defaut

--> Double-clique sur le raccourci FindyKill sur ton bureau (Clique droit sur le raccourci puis Exécuter en tant qu'administrateur pour Vista)

--> Au menu principal, choisis l'option 1 (Recherche)

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

tertilus · Answer

Voici le rapport de findykill

----------------- FindyKill V3.095 ------------------

* User : Aristide - PC-DE-ARISTIDE
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 02/10/08 par Chiquitine29
* Recherche effectuée à 13:50:20 le 03/10/2008
* Windows Vista - Internet Explorer 7.0.6000.16711
 
((((((((((((((((( *** Recherche *** ))))))))))))))))))  
 
 
»»»» Presence des fichiers dans C: 
 
Présent ! - "C:\Muestras" 
Présent ! - C:\InfoSat.txt 
 
»»»» Presence des fichiers dans C:\Windows 
 
 
»»»» Presence des fichiers dans C:\Windows\Prefetch 
 
Present ! - C:\Windows\Prefetch\DR.CARBON_KEYGEN.EXE-B80DAE8A.pf 
 
»»»» Presence des fichiers dans C:\Windows\system32 
 
Présent ! - C:\Windows\system32\mdelk.exe 
Présent ! - C:\Windows\system32\wintems.exe 
Présent ! - C:\Windows\system32\ban_list.txt 
 
»»»» Presence des fichiers dans C:\Windows\system32\drivers 
 
Présent ! - C:\Windows\system32\drivers\srosa.sys 
Présent ! - C:\Windows\system32\drivers\hldrrr.exe 
Présent ! - "C:\Windows\system32\drivers\downld" 
Present ! - C:\Windows\system32\drivers\downld\1605890.exe 
Present ! - C:\Windows\system32\drivers\downld\1649890.exe 
Present ! - C:\Windows\system32\drivers\downld\1614031.exe 
Present ! - C:\Windows\system32\drivers\downld\1633781.exe 
Present ! - C:\Windows\system32\drivers\downld\173781.exe 
Present ! - C:\Windows\system32\drivers\downld\508531.exe 
Present ! - C:\Windows\system32\drivers\downld\1630453.exe 
Present ! - C:\Windows\system32\drivers\downld\260703.exe 
Present ! - C:\Windows\system32\drivers\downld\801593.exe 
Present ! - C:\Windows\system32\drivers\downld\851843.exe 
Present ! - C:\Windows\system32\drivers\downld\2023984.exe 
Present ! - C:\Windows\system32\drivers\downld\313484.exe 
Present ! - C:\Windows\system32\drivers\downld\2070515.exe 
Present ! - C:\Windows\system32\drivers\downld\672546.exe 
Present ! - C:\Windows\system32\drivers\downld\1684328.exe 
Present ! - C:\Windows\system32\drivers\downld\1697968.exe 
Present ! - C:\Windows\system32\drivers\downld\305218.exe 
Present ! - C:\Windows\system32\drivers\downld\407718.exe 
Present ! - C:\Windows\system32\drivers\downld\536359.exe 
 
»»»» Presence des fichiers dans C:\Users\Aristide\AppData\Roaming 
 
Présent ! - "C:\Users\Aristide\AppData\Roaming\m\flec006.exe" 
Présent ! - "C:\Users\Aristide\AppData\Roaming\m\shared" 
Présent ! - "C:\Users\Aristide\AppData\Roaming\m" 
 
»»»» Presence des fichiers dans C:\Users\Aristide\AppData\Local\Temp 
 
 
»»»» Registre :  
 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    (par d‚faut)    REG_SZ    
    Windows Defender    REG_SZ    %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    WinampAgent    REG_SZ    "D:\Winamp 5 53\Winamp\winampa.exe"
    UnlockerAssistant    REG_SZ    "D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe"
    TkBellExe    REG_SZ    "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
    StartCCC    REG_SZ    "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    SearchSettings    REG_SZ    C:\Program Files\Search Settings\SearchSettings.exe
    QuickTime Task    REG_SZ    "D:\QuickTime\QTTask.exe" -atboottime
    PWRISOVM.EXE    REG_SZ    D:\PowerISO\PWRISOVM.EXE
    NeroFilterCheck    REG_SZ    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    Kernel and Hardware Abstraction Layer    REG_SZ    KHALMNPR.EXE
    Adobe_ID0EYTHM    REG_SZ    C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    uTorrent    REG_SZ    "D:\UTorrent 1 8\uTorrent.exe"
    swg    REG_SZ    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}    REG_SZ    "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    Yahoo! Pager    REG_SZ    "D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    ares destiny    REG_SZ    "D:\Ares Destiny\Ares.exe" -h
    BitComet    REG_SZ    "D:\Bitcomet\BitComet.exe" /tray
    ehTray.exe    REG_SZ    C:\Windows\ehome\ehTray.exe
    msnmsgr    REG_SZ    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    WMPNSCFG    REG_SZ    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    eMuleAutoStart    REG_SZ    D:\Emule\emule.exe -AutoStart

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater
 
Présent ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\Local AppWizard-Generated Applications\As Simple As Photoshop 6.1 [Patch] 
Présent ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\Local AppWizard-Generated Applications\hldrrr 
Présent ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\bisoft 
Présent ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\FirtR 
Présent ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\MuleAppData 
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\As Simple As Photoshop 6.1 [Patch] 
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\hldrrr 
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa 
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa 
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA 
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA 
Présent ! - HKEY_CURRENT_USER\Software\bisoft 
Présent ! - HKEY_CURRENT_USER\Software\FirtR 
Présent ! - HKEY_CURRENT_USER\Software\MuleAppData    
 
 
»»»» Presence d infections dans Support amovible : 
 
 
Présent ! - O:\autorun.inf 
Présent ! - U:\autorun.inf 
Présent ! - U:
ideiect.com 
Présent ! - U:
tde1ect.com 
 
 
----------------- ! Fin du rapport ! ------------------

Destrio5 · Answer

--> Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir

--> Double-clique sur le raccourci FindyKill sur ton bureau (Clique droit sur le raccourci puis Exécuter en tant qu'administrateur pour Vista) 

--> Au menu principal, choisis l'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

--> Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

tertilus · Answer

Voici le rapport après suppression



----------------- FindyKill V3.O85 ------------------

* User : Aristide - PC-DE-ARISTIDE
* Emplacement : C:\Program Files\FindyKill\FindyKill.cmd
* Outils Mis a jours le 02/10/08 par Chiquitine29
* Suppression effectuée à 14:08:39 le 03/10/2008
* Windows Vista - Internet Explorer 7.0.6000.16711
 
 
((((((((((((((( *** Suppression *** ))))))))))))))))))  
 
 
 
»»»» Suppression des fichiers dans C: 
 
Supprimé ! - "C:\Muestras"  
Supprimé ! - C:\InfoSat.txt  
 
»»»» Suppression des fichiers dans C:\Windows 
 
 
»»»» Suppression des fichiers dans C:\Windows\Prefetch 
 
Supprimé ! - C:\Windows\Prefetch\EMULE0.49B-INSTALLER1.EXE-9C000016.pf 
Supprimé ! - C:\Windows\Prefetch\REGSVR32.EXE-55A4EE79.pf 
Supprimé ! - C:\Windows\Prefetch\RUNDLL32.EXE-1758FC22.pf 
Supprimé ! - C:\Windows\Prefetch\RUNDLL32.EXE-34B17D2A.pf 
Supprimé ! - C:\Windows\Prefetch\RUNDLL32.EXE-41E85287.pf 
Supprimé ! - C:\Windows\Prefetch\RUNDLL32.EXE-7768279B.pf 
Supprimé ! - C:\Windows\Prefetch\RUNDLL32.EXE-8E7EF094.pf 
Supprimé ! - C:\Windows\Prefetch\TVS05.EXE-8D12A0A4.pf 
Supprimé ! - C:\Windows\Prefetch\TMMDW8.EXE-AFDBAB87.pf 
Supprimé ! - C:\Windows\Prefetch\DR.CARBON_KEYGEN.EXE-B80DAE8A.pf 
 
»»»» Suppression des fichiers dans C:\Windows\system32 
 
Supprimé ! - C:\Windows\system32\mdelk.exe  
 
»»»» Suppression des fichiers dans C:\Windows\system32\drivers 
 
Supprimé ! - C:\Windows\system32\drivers\downld\1605890.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\1614031.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\1630453.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\1633781.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\1649890.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\1684328.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\1697968.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\173781.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\2023984.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\2070515.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\260703.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\305218.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\313484.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\407718.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\508531.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\536359.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\672546.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\801593.exe 
Supprimé ! - C:\Windows\system32\drivers\downld\851843.exe 
Supprimé ! - "C:\Windows\system32\drivers\downld"  
 
»»»» Suppression des fichiers dans C:\Users\Aristide\AppData\Roaming 
 
 
»»»» Suppression des fichiers dans C:\Users\Aristide\AppData\Local\Temp 
 
 
»»»» Suppression des clefs du registre.. 
 
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA   
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA   
Supprimé ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA   
Supprimé ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\Local AppWizard-Generated Applications\As Simple As Photoshop 6.1 [Patch]   
Supprimé ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\Local AppWizard-Generated Applications\hldrrr   
Supprimé ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\As Simple As Photoshop 6.1 [Patch]   
Supprimé ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\hldrrr   
 
»»»» Suppression des clefs du registre effectuée ! 
 
 
»»»» Mode sans echec restauré ! 
  
»»»» Affichage des fichiers cachés réparé !

 
»»»» Services de securité Windows redemarré ! 
 
 
»»»» Suppression des fichiers dans Support amovible : 
 
Echec de la supression !! - O:\autorun.inf  
Supprimé ! - U:\autorun.inf  
Supprimé ! - U:
ideiect.com  
Supprimé ! - U:
tde1ect.com  

»»»» Necessite une interpretation : 

Suspect ! - C:\Windows\System32\mrt.exe  
 
»»»» Recherche Cracks Keygen... : 
 
C:\Users\Aristide\AppData\Roaming\uTorrent\Crack for VisualStudio2008.7z.torrent
C:\Users\Aristide\AppData\Roaming\uTorrent\Internet Download Manager 5.12 + crack + spolszczenie + toolbar.rar.torrent
C:\Users\Aristide\AppData\Roaming\uTorrent\RapidShare_Download_Direct pro + crack.rar.torrent
C:\Users\Aristide\Desktop\Nouveau dossier\dr.carbon_Keygen.exe
 
 
---------------- ! Fin du rapport ! ------------------

Destrio5 · Answer

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt

tertilus · Answer

Voici le rapport combofix mais je precise que le probleme persiste C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe ComboFix 08-10-02.04 - Aristide 2008-10-03 15:07:07.1 - NTFSx86 Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.1978 [GMT 0:00] Lancé depuis: C:\Users\Aristide\Desktop\ComboFix.exe * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\internet explorer\msimg32.dll C:\Windows\system32\f3PSSavr.scr C:\Windows\system32\Memman.vxd C:\Windows\system32\skinboxer43.dll C:\Windows\system32\vcmgcd32.dl_ C:\Windows\system32\vcmgcd32.dll E:\InfoSat.txt U:\RECYCLER\RECYCLER.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SROSA -------\Service_MyWebSearchService ((((((((((((((((((((((((( Files Created from 2008-09-03 to 2008-10-03 ))))))))))))))))))))))))))))))) . 2008-10-03 14:40 . 2008-06-01 14:36 397,824 --a------ C:\Windows\System32\Sexy Girls.scr 2008-10-03 14:40 . 2008-06-01 14:36 397,824 --a------ C:\Users\Aristide\AppData\Roaming\svchost.exe 2008-10-03 13:50 . 2008-10-03 14:10 d-------- C:\Program Files\FindyKill 2008-10-03 13:49 . 2008-10-03 13:50 d-------- C:\Program Files\Java 2008-10-02 22:32 . 2008-10-03 01:23 237,259,896 --a------ C:\Windows\MEMORY.DMP 2008-10-02 22:25 . 2008-10-02 22:25 d--hs---- C:\Windows\ftpcache 2008-10-01 10:16 . 2008-10-01 10:20 d-------- C:\Users\Aristide\AppData\Roaming\IDM 2008-09-25 17:00 . 2008-09-25 17:50 96,976 --a------ C:\Windows\System32\drivers\klin.dat 2008-09-25 17:00 . 2008-09-25 17:00 87,855 --a------ C:\Windows\System32\drivers\klick.dat 2008-09-25 16:59 . 2008-09-25 16:59 d-------- C:\Program Files\Kaspersky Lab 2008-09-25 16:59 . 2008-10-03 01:14 7,852,576 --ahs---- C:\Windows\System32\drivers\fidbox.dat 2008-09-25 16:59 . 2008-10-03 01:14 729,120 --ahs---- C:\Windows\System32\drivers\fidbox2.dat 2008-09-25 16:59 . 2008-10-03 01:14 75,004 --ahs---- C:\Windows\System32\drivers\fidbox.idx 2008-09-25 16:59 . 2008-10-03 01:14 10,908 --ahs---- C:\Windows\System32\drivers\fidbox2.idx 2008-09-25 16:46 . 2008-09-25 16:46 d-------- C:\Users\All Users\NortonInstaller 2008-09-25 16:46 . 2008-09-25 16:46 d-------- C:\PROGRA~2\NortonInstaller 2008-09-25 12:19 . 2008-09-25 12:20 169 --a------ C:\Windows\adidsl.ini 2008-09-25 12:19 . 2008-09-25 12:19 21 --a------ C:\Windows\Fast800.ini 2008-09-25 12:18 . 2008-09-25 12:18 d-------- C:\Program Files\SAGEM 2008-09-25 11:39 . 2007-03-21 20:39 1,060,864 --a------ C:\Windows\System32\MFC71.DLL 2008-09-25 11:39 . 2007-03-21 20:33 503,808 --a------ C:\Windows\System32\MSVCP71.DLL 2008-09-25 11:39 . 2007-03-21 20:33 348,160 --a------ C:\Windows\System32\MSVCR71.DLL 2008-09-23 18:43 . 2008-09-23 18:43 dr-h----- C:\Users\Aristide\AppData\Roaming\SecuROM 2008-09-20 22:50 . 2008-09-27 00:43 488 --a------ C:\Windows\System32\%LocalXml% 2008-09-17 10:06 . 2008-10-03 12:44 2,748 --a------ C:\Windows\System32 mp.reg 2008-09-15 19:38 . 2008-09-26 14:19 d-------- C:\Users\Aristide\AppData\Roaming\dvdcss 2008-09-14 21:33 . 2008-09-14 21:33 d-------- C:\Users\Aristide\AppData\Roaming\oovooToolbar 2008-09-14 21:33 . 2008-09-14 21:37 d-------- C:\Users\Aristide\AppData\Roaming\ooVoo Details 2008-09-14 21:33 . 2008-09-14 21:33 d-------- C:\Program Files\oovooToolbar 2008-09-13 18:24 . 2008-09-13 18:24 d-------- C:\Users\All Users\Winamp Toolbar 2008-09-13 18:24 . 2008-09-14 20:58 d-------- C:\Users\All Users\OrbNetworks 2008-09-13 18:24 . 2008-09-13 18:24 d-------- C:\Program Files\Winamp Toolbar 2008-09-13 18:24 . 2008-09-13 18:24 d-------- C:\PROGRA~2\Winamp Toolbar 2008-09-13 18:24 . 2008-09-14 20:58 d-------- C:\PROGRA~2\OrbNetworks 2008-09-13 18:23 . 2008-09-29 14:40 d-------- C:\Program Files\Winamp Remote 2008-09-13 09:46 . 2008-09-13 09:46 d-------- C:\Users\All Users\TuneUp Software 2008-09-13 09:46 . 2008-09-13 09:46 d-------- C:\PROGRA~2\TuneUp Software 2008-09-13 09:46 . 2008-09-13 09:46 307,968 --a------ C:\Windows\System32\TuneUpDefragService.exe 2008-09-13 09:46 . 2008-02-27 13:15 28,416 --a------ C:\Windows\System32\uxtuneup.dll 2008-09-13 09:46 . 2008-02-27 13:15 16,640 --a------ C:\Windows\System32\authuitu.dll 2008-09-12 22:23 . 2008-07-28 17:19 116,736 --a------ C:\Windows\System32\drivers\mcdbus.sys 2008-09-11 18:46 . 2008-09-11 18:46 d-------- C:\Users\All Users\McAfee 2008-09-11 18:46 . 2008-09-11 18:46 d-------- C:\PROGRA~2\McAfee 2008-09-09 18:08 . 2008-09-09 18:09 d-a------ C:\Users\All Users\TEMP 2008-09-09 18:08 . 2008-09-09 18:09 d-a------ C:\PROGRA~2\TEMP 2008-09-09 18:04 . 2008-09-09 18:05 d--h----- C:\Users\All Users\{56759C22-EA1E-4BE5-A903-72F67D450F43} 2008-09-09 18:04 . 2008-09-09 18:05 d--h----- C:\PROGRA~2\{56759C22-EA1E-4BE5-A903-72F67D450F43} 2008-09-09 09:07 . 2008-09-09 09:07 d-------- C:\Users\Aristide\AppData\Roaming\TotalTrain 2008-09-06 14:44 . 2008-10-02 23:13 69 --a------ C:\Windows\NeroDigital.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-03 15:15 --------- d-----w C:\Users\Aristide\AppData\Roaming\uTorrent 2008-10-03 15:04 --------- d-----w C:\Users\Aristide\AppData\Roaming\TeraCopy 2008-10-02 22:48 --------- d-----w C:\PROGRA~2\Kaspersky Lab 2008-10-02 20:28 --------- d-----w C:\PROGRA~2\eMule 2008-10-02 15:30 --------- d-----w C:\Users\Aristide\AppData\Roaming\DMCache 2008-10-01 10:32 --------- d-----w C:\Users\Aristide\AppData\Roaming\Winamp 2008-10-01 10:32 --------- d-----w C:\PROGRA~2\FLEXnet 2008-09-25 16:53 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy 2008-09-25 12:19 32 ----a-w C:\Windows\system32\drivers\adidsl.cfg 2008-09-25 12:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-23 00:36 --------- d-----w C:\Program Files\Common Files\Adobe 2008-09-19 23:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-09-19 23:51 --------- d-----w C:\PROGRA~2\Microsoft Help 2008-09-19 14:46 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ahead 2008-09-19 00:54 803,328 ----a-w C:\Windows\system32\drivers cpip.sys 2008-09-03 01:53 258,048 ----a-w C:\Windows\System32\TubeFinder.exe 2008-09-01 23:27 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-09-01 23:27 --------- d-----w C:\Program Files\Realtek 2008-09-01 22:45 319,488 ----a-w C:\Windows\HideWin.exe 2008-09-01 16:19 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ubisoft 2008-08-31 20:57 --------- d-----w C:\Program Files\Search Settings 2008-08-30 05:23 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-08-29 23:43 --------- d-----w C:\Program Files\Business Objects 2008-08-29 23:42 --------- d-----w C:\Program Files\Microsoft Device Emulator 2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft Synchronization Services 2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition 2008-08-29 23:39 --------- d-----w C:\Program Files\Microsoft.NET 2008-08-29 23:31 --------- d-----w C:\Program Files\Common Files\Merge Modules 2008-08-29 23:31 --------- d-----w C:\PROGRA~2\PreEmptive Solutions 2008-08-29 23:29 --------- d-----w C:\Program Files\HTML Help Workshop 2008-08-29 23:28 --------- d-----w C:\Program Files\MSBuild 2008-08-29 23:26 --------- d-----w C:\Program Files\Microsoft SDKs 2008-08-29 23:26 --------- d-----w C:\Program Files\CE Remote Tools 2008-08-29 23:25 --------- d-----w C:\Program Files\Microsoft Web Designer Tools 2008-08-27 17:09 --------- d-----w C:\Users\Aristide\AppData\Roaming\Orbit 2008-08-27 16:53 --------- d-----w C:\Users\Aristide\AppData\Roaming\GrabPro 2008-08-27 01:25 --------- d-----w C:\PROGRA~2\ConeXware 2008-08-25 16:09 --------- d-----w C:\Program Files\Common Files\Control Panels 2008-08-25 16:07 --------- d-----w C:\PROGRA~2\ALM 2008-08-25 16:01 --------- d-----w C:\Program Files\QuickTime 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Sidebar 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Mail 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Journal 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Defender 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Collaboration 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Calendar 2008-08-17 19:51 --------- d-----w C:\Program Files\uTorrent 2008-08-17 16:06 --------- d-----w C:\PROGRA~2\Lavasoft 2008-08-09 23:23 --------- d-----w C:\Program Files\Bonjour 2008-08-09 12:48 --------- d-----w C:\Program Files\Windows Installer Clean Up 2008-08-09 12:48 --------- d-----w C:\Program Files\MSECACHE 2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\xing shared 2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\Real 2008-08-07 22:03 --------- d-----w C:\Program Files\Real 2008-08-05 23:52 --------- d-----w C:\PROGRA~2\Adobe Systems 2008-08-05 23:51 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared 2008-08-04 00:20 --------- d-----w C:\Users\Aristide\AppData\Roaming\MozillaControl 2008-07-31 10:41 68,616 ----a-w C:\Windows\System32\XAPOFX1_1.dll 2008-07-31 10:41 238,088 ----a-w C:\Windows\System32\xactengine3_2.dll 2008-07-31 10:40 509,448 ----a-w C:\Windows\System32\XAudio2_2.dll 2008-07-29 20:21 218,376 ----a-w C:\Windows\System32\klogon.dll 2008-07-16 09:30 8,704 ----a-w C:\Windows\System32\hcrstco.dll 2008-07-15 09:11 174 --sha-w C:\Program Files\desktop.ini 2008-07-15 09:07 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2008-07-15 09:07 67,584 ----a-w C:\Windows\System32\wlanhlp.dll 2008-07-15 09:07 542,720 ----a-w C:\Windows\System32\sysmain.dll 2008-07-15 09:07 502,784 ----a-w C:\Windows\System32\wlansvc.dll 2008-07-15 09:07 47,104 ----a-w C:\Windows\System32\wlanapi.dll 2008-07-15 09:07 297,984 ----a-w C:\Windows\System32\wlansec.dll 2008-07-15 09:07 290,816 ----a-w C:\Windows\System32\wlanmsm.dll 2008-07-15 09:07 24,064 ----a-w C:\Windows\System32\wtsapi32.dll 2008-07-15 09:07 2,923,520 ----a-w C:\Windows\explorer.exe 2008-07-15 09:05 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL 2008-07-15 09:05 7,680 ----a-w C:\Windows\System32\spwmp.dll 2008-07-15 09:05 4,096 ----a-w C:\Windows\System32\dxmasf.dll 2008-07-15 09:05 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll 2008-07-14 06:47 49,664 ----a-w C:\Windows\System32\csrsrv.dll 2008-07-14 06:47 376,320 ----a-w C:\Windows\System32\winsrv.dll 2008-07-14 06:47 3,504,696 ----a-w C:\Windows\System32 tkrnlpa.exe 2008-07-14 06:47 3,470,392 ----a-w C:\Windows\System32 toskrnl.exe 2008-07-14 06:47 25,600 ----a-w C:\Windows\System32\LangCleanupSysprepAction.dll 2008-07-14 06:47 166,912 ----a-w C:\Windows\System32\lpksetup.exe 2008-07-14 06:47 10,240 ----a-w C:\Windows\System32\MUILanguageCleanup.dll 2008-07-14 06:46 23,552 ----a-w C:\Windows\System32\lpremove.exe 2008-07-14 06:46 14,848 ----a-w C:\Windows\System32\wshrm.dll 2008-07-14 06:46 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2008-07-14 06:45 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2008-07-14 06:43 2,048 ----a-w C:\Windows\System32 zres.dll 2008-07-13 09:22 87,040 ----a-w C:\Windows\System32\msoert2.dll 2008-07-13 09:22 39,424 ----a-w C:\Windows\System32\ACCTRES.dll 2008-07-13 09:22 205,824 ----a-w C:\Windows\System32\msoeacct.dll 2008-07-13 09:22 194,560 ----a-w C:\Windows\System32\WebClnt.dll 2008-07-13 09:20 86,016 ----a-w C:\Windows\System32\icfupgd.dll 2008-07-13 09:20 61,952 ----a-w C:\Windows\System32\cmifw.dll 2008-07-13 09:20 414,208 ----a-w C:\Windows\System32\msscp.dll 2008-07-13 09:20 396,800 ----a-w C:\Windows\System32\MPSSVC.dll 2008-07-13 09:20 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll 2008-07-13 09:20 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll 2008-07-13 09:20 16,896 ----a-w C:\Windows\System32\wfapigp.dll . ------- Sigcheck ------- 2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\System32\drivers cpip.sys 2006-11-02 08:58 802816 d944522b048a5feb7700b5170d3d9423 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4 cpip.sys 2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a cpip.sys 2008-07-13 08:18 806400 52a8bd6294f7d1443c6184c67ae13af4 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4 cpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt bisoH.dll" [2008-07-10 1600024] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8087-36EE87E26986}] 2008-07-29 19:56 1987544 --a------ C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] 2008-07-10 14:04 1600024 --a------ C:\Program Files\isoHunt bisoH.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt bisoH.dll" [2008-07-10 1600024] "{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{A6E4A4EB-D169-4E99-8988-250FCBAFE767}"= "C:\Program Files\isoHunt bisoH.dll" [2008-07-10 1600024] "{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-8087-36ee87e26986}] [HKEY_CLASSES_ROOT\oovooToolbar.OOVOOTOOLBAR] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="D:\UTorrent 1 8\uTorrent.exe" [2008-08-16 267056] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2006-06-08 872448] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136] "Yahoo! Pager"="D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 3810544] "ares destiny"="D:\Ares Destiny\Ares.exe" [2007-08-27 2993664] "BitComet"="D:\Bitcomet\BitComet.exe" [2008-08-22 2567992] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] "eMuleAutoStart"="D:\Emule\emule.exe" [2008-08-01 5500928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"="D:\Winamp 5 53\Winamp\winampa.exe" [2008-08-03 56832] "UnlockerAssistant"="D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe" [2008-05-02 36352] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB ealsched.exe" [2008-08-07 185896] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 110592] "SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-06-12 991584] "QuickTime Task"="D:\QuickTime\QTTask.exe" [2007-12-11 307200] "PWRISOVM.EXE"="D:\PowerISO\PWRISOVM.EXE" [2008-07-07 188416] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1904640] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\Windows\KHALMNPR.Exe] C:\Users\Aristide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - D:\Program Files\MagicDisc\MagicDisc.exe [2008-09-12 575488] C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ Adobe Reader Synchronizer.lnk - D:\Adobe Creative Suite 3\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-08-11 295606] Logitech SetPoint.lnk - D:\Logitech 4 60\SetPoint\SetPoint.exe [2008-07-09 805392] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun] "1"= cmd.exe "2"= mmc.exe "3"= rstrui.exe "4"= regedit.exe "5"= regedt32.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= divxa32.acm [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1130438823-3524183207-3403761355-1000] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{33A14AF4-8DE1-4DC3-AA8E-73F39A116B22}"= TCP:6004|D:\MS Office 2007\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{8B2DF36A-4600-4610-9801-6B27EEE466B2}C:\program files\utorrent\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{8F6C3A10-4A70-401E-AF77-A40D08046C7B}C:\program files\utorrent\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent "{C7F2893F-D769-45A3-8E85-9CC81D34B101}"= UDP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{1BAE97F6-6AA6-46DA-A209-91CCC4D89AB9}"= TCP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{EFB77742-E44F-4E00-BB9E-63693E353F05}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone) "{DE9938C4-CE1C-4A5B-B4C9-AAB504BC1AFD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{05E8C7CF-519A-4645-BA3B-FC00B679E1FA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9 "{2D5186E1-05DB-4934-AEF1-627340BFABB6}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9 "{D84A2C5F-96C8-4F7F-9880-DE0A4156004A}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10 "{AC003FBE-8AEB-40F8-8DBE-48A9B23822F0}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10 "{435A5D7A-C127-4606-BDD6-AADF91DD49EA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update "{90103605-6895-4148-9240-52CA89DCA768}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update "{D502EFDC-20C2-4A33-9BB4-C3F02A4EBA08}"= UDP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (TCP-In) "{B46B00F3-C0E3-4F5F-AF84-FDF2DA69970F}"= TCP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (UDP-In) "{FAC18785-F011-4E20-8C11-7BDD6812CA01}"= UDP:3703:Adobe Version Cue CS3 Server "{C50ADF18-E003-4713-BA80-51AE87B4F1CD}"= UDP:3704:Adobe Version Cue CS3 Server "{58CF08FE-3D8C-4BAE-97FF-D09C0703F971}"= UDP:50900:Adobe Version Cue CS3 Server "{D9734941-6BEB-4CB5-B30E-751565BD2B6F}"= UDP:50901:Adobe Version Cue CS3 Server "{82AD7696-741F-425D-93BF-F44CA0C7C267}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{5004BE53-B8E6-40EA-9085-E576273E4B0D}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{5148B32A-3C4C-4A09-B0D1-2C05515C1428}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{C20299BD-6A8E-477D-8D3A-573E6FBE5850}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{F0ECBF53-89DE-4AA3-96A4-49DC28A0864E}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{D6E597D7-10BF-4590-9718-6DC1B43EBD73}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{3247F591-15AF-475D-8136-32324675758C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{6EB47315-56CA-4871-818A-D92353F87117}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{8CF68E0E-6F84-4D84-8094-8E7DE7E1584C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR "{429892F2-6818-4457-A7C8-3E8A5F8323BE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR "{804ADD5D-D460-4513-BF6E-8F31F84177B2}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{5F87594A-6FF6-4CE0-84CD-D91448D3E221}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{5B23FF40-88B2-48DE-8398-E6E1A303E6B7}"= UDP:443:TCP port 443 ooVoo "{71A36C96-EEA9-4594-81D4-8197D9D90A8E}"= TCP:443:UDP port 443 ooVoo "{3024E162-5300-423E-BBC2-66A2B364E530}"= UDP:37674:TCP port 37674 ooVoo "{13A729A8-F2B7-40FC-9326-5EB1B03F59E3}"= TCP:37674:UDP port 37674 ooVoo "{069FC467-1805-49FA-ABC8-389261600682}"= TCP:37675:UDP port 37675 ooVoo "TCP Query User{8E5DE5F7-E84C-4C36-9025-B45BA65F7F50}D:\bitcomet\bitcomet.exe"= UDP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "UDP Query User{2EC208F2-B6CC-4C8E-A923-B8CED862F08D}D:\bitcomet\bitcomet.exe"= TCP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "TCP Query User{DF96001B-E0AF-4224-9906-ACBF202753CA}D:\ares destiny\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows "UDP Query User{FDDFFB36-0084-4541-BBE9-25EB826A371A}D:\ares destiny\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows "TCP Query User{7A129059-210F-4617-B03E-D91DE2EC0D34}C:\program files\winamp remote\bin\orbtray.exe"= UDP:C:\program files\winamp remote\bin\orbtray.exe:Orb "UDP Query User{C6A0EC0D-FB01-40D8-B616-2F5F06AF8388}C:\program files\winamp remote\bin\orbtray.exe"= TCP:C:\program files\winamp remote\bin\orbtray.exe:Orb "{74BC0BC5-DA62-4319-BEB1-FC3B5A63562F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service "{93CE87FB-C928-4A7D-9A82-BF1B0EEEED8F}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service "{9001DF20-B39A-4274-A99B-38FA1051B75F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service "{86B1F8A7-9D31-41AC-8EA4-661D8ADD46A1}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service "{66F8449D-BD0B-4500-8699-22065B359785}"= UDP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email "{9E04FDDB-0D48-49E7-AB2F-D0D6CF4CD403}"= TCP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email "TCP Query User{CE7030E7-8F4A-41E4-B210-E0FD27029B47}C:\program files\winamp remote\bin\orbir.exe"= UDP:C:\program files\winamp remote\bin\orbir.exe:OrbIR "UDP Query User{658D05C2-CF3B-4152-8B1A-7965A6BC763C}C:\program files\winamp remote\bin\orbir.exe"= TCP:C:\program files\winamp remote\bin\orbir.exe:OrbIR "TCP Query User{10128BE4-2B8A-48AB-A414-F1BAA8C0D91E}C:\program files\winamp remote\bin\orb.exe"= UDP:C:\program files\winamp remote\bin\orb.exe:Orb Application "UDP Query User{2FA471A1-285E-4DA2-A96D-72D4B000611E}C:\program files\winamp remote\bin\orb.exe"= TCP:C:\program files\winamp remote\bin\orb.exe:Orb Application "TCP Query User{07CE3D9D-DEE7-4332-996C-0381C082C848}D:\ares destiny\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows "UDP Query User{5E904CE6-E2C3-4292-99DC-E6396514E46A}D:\ares destiny\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows "TCP Query User{85E0D794-5C9C-4E61-B8B1-48D20480F1CB}D:\utorrent 1 8\utorrent.exe"= UDP:D:\utorrent 1 8\utorrent.exe:µTorrent "UDP Query User{825C07D1-3B94-4E00-8578-FB9840608AD5}D:\utorrent 1 8\utorrent.exe"= TCP:D:\utorrent 1 8\utorrent.exe:µTorrent "{608035D9-DD1D-45EB-BB24-1F1DD22F1F55}"= UDP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool "{309F3D08-4895-41C5-8522-047099195F24}"= TCP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool "TCP Query User{B9F11B52-69A6-4F03-B4C3-96D9EA1634B8}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup "UDP Query User{F5263E24-6FC4-429E-B40D-7B27C2D6379C}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup "{7778CC22-D429-41BC-A46D-7127FCEB3551}"= UDP:26579:BitComet 26579 TCP "{A6017C98-2F10-4F77-9677-734D3EA2AADE}"= TCP:26579:BitComet 26579 UDP "{A44123C7-21DB-4F64-9CF6-9946A8E45CED}"= UDP:26579:BitComet 26579 TCP "{3801B058-1E8C-4323-A859-DB49931583D1}"= TCP:26579:BitComet 26579 UDP [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "DoNotAllowExceptions"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 32784] R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 22016] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 3478528] R3 e4usbaw;USB ADSL2 WAN Adapter;C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] S0 OemBiosDevice;Royalty OEM BIOS Extension;C:\Windows\system32\DRIVERS oyal.sys [2007-03-02 240128] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\Windows\system32\Drivers\e4ldr.sys [2007-01-04 69656] S3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\EVEREST Ultimate Edition\kerneld.wnt [2008-03-17 23152] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-09-13 307968] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] rsmsvcs REG_MULTI_SZ ntmssvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P] \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\TAE7ESLP.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1199acd7-4ddf-11dd-af06-000000000000}] \shell\AutoRun\command - U:\mgjpcfdg.cmd \shell\explore\Command - U:\mgjpcfdg.cmd \shell\open\Command - U:\mgjpcfdg.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1f68a77-524d-11dd-94af-000000000000}] \shell\Auto\command - O:\boot.exe \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL O:\boot.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb543b7c-848e-11dd-91a8-fa83ac27cce4}] \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL O:\TMMDW8LP.exe . - - - - ORPHANS REMOVED - - - - HKCU-Run-FrameWorkService - (no file) HKLM-Run-FrameWorkService - (no file) . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Aristide\AppData\Roaming\Mozilla\Firefox\Profiles\iwne5oog.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF -: plugin - C:\Program Files\Yahoo!\Shared pYState.dll FF -: plugin - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll FF -: plugin - D:\Adobe\Reader 8.0\Reader\browser ppdf32.dll FF -: plugin - D:\Firefox 3\plugins p32dsw.dll FF -: plugin - D:\Firefox 3\plugins pBitCometAgent.dll FF -: plugin - D:\Firefox 3\plugins\NPMyWebS.dll FF -: plugin - D:\Firefox 3\plugins pnul32.dll FF -: plugin - D:\Firefox 3\plugins ppdf32.dll FF -: plugin - D:\Firefox 3\plugins ppl3260.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin2.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin3.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin4.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin5.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin6.dll FF -: plugin - D:\Firefox 3\plugins pqtplugin7.dll FF -: plugin - D:\Firefox 3\plugins prjplug.dll FF -: plugin - D:\Firefox 3\plugins prpjplug.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin2.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin3.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin4.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin5.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin6.dll FF -: plugin - D:\QuickTime\Plugins pqtplugin7.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-03 15:13:58 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\Ati2evxx.exe C:\Windows\System32\audiodg.exe C:\Windows\System32\Ati2evxx.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Winamp Remote\bin\Orb.exe C:\Windows\System32\conime.exe C:\Windows\System32\WerFault.exe D:\Adobe Creative Suite 3\Acrobat 8.0\Acrobat\acrobat_sl.exe C:\Windows\System32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe D:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe . ************************************************************************** . Completion time: 2008-10-03 15:17:02 - machine was rebooted [Aristide] ComboFix-quarantined-files.txt 2008-10-03 15:16:50 Avant-CF: 10ÿ799ÿ124ÿ480 octets libres Post-Run: 10,264,662,016 octets libres 430 --- E O F --- 2008-08-30 05:25:49

Destrio5 · Answer

Je vais te faire un script mais tu peux déjà réinstaller les applications infectées comme Kaspersky.

Destrio5 · Answer

/!\ Seul tertilus peut suivre cette procédure /!\


1/

---> Clique sur Démarrer, Exécuter, tape notepad clique sur OK.

---> Copie le texte ci-dessous par sélection puis Ctrl+C :






KillAll::

File::
C:\Windows\System32\Sexy Girls.scr 
C:\Users\Aristide\AppData\Roaming\svchost.exe 
C:\Windows\System32	mp.reg 
O:\TMMDW8LP.exe 
P:\TAE7ESLP.exe 
U:\mgjpcfdg.cmd 
O:\boot.exe 

Folder::
C:\Program Files\FindyKill 
C:\Program Files\Search Settings 

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
"SearchSettings"=-
"TkBellExe"=-
"QuickTime Task"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P] 
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1199acd7-4ddf-11dd-af06-000000000000}] 
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1f68a77-524d-11dd-94af-000000000000}] 
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb543b7c-848e-11dd-91a8-fa83ac27cce4}] 






---> Colle la sélection dans le bloc-notes

---> Enregistre ce fichier sur le bureau (Impératif)

---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes


2/

---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://www.searchengines.pl/phpbb203/pliki/picasso/virus/programs/combofix/combofix_cfscript.gif

[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.

[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.

[*] Une fois le scan achevé, un rapport va s'afficher : poste-le

[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt

Utilisateur anonyme · Answer

Salut JO

je plusoie et rajoute:

Supprimé ! - HKEY_USERS\S-1-5-21-1130438823-3524183207-3403761355-1000\Software\Local AppWizard-Generated Applications\As Simple As Photoshop 6.1 [Patch]


dans la plupart des cas le cracks,keygen, serial present sur cette clé est le responsable de l infection

@+

jorginho67 · Answer

;-))

Merci Chiquitine.

Destrio5 · Answer

Je suis entièrement d'accord avec mes deux collègues.

Utilisateur anonyme · Answer

-;)

On te vois plus, que pasa ?

@+

jorginho67 · Answer

mp

Utilisateur anonyme · Answer

lu

tertilus · Answer

Avant meme d'executer le script j'avais pu initialiser kaspersky. J'arrive à executer les prg et meme que j'arrive à effectuer un scan à partir du bareau avec hijackthis. Voilà le rapport après l'execution du script ComboFix 08-10-02.04 - Aristide 2008-10-03 19:43:34.1 - NTFSx86 Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.2167 [GMT 0:00] Lancé depuis: C:\Users\Aristide\Desktop\ComboFix.exe Commutateurs utilisés :: C:\Users\Aristide\Desktop\CFScript.txt * Un nouveau point de restauration a été créé FILE :: C:\Users\Aristide\AppData\Roaming\svchost.exe C:\Windows\System32\Sexy Girls.scr C:\Windows\System32 mp.reg O:\boot.exe O:\TMMDW8LP.exe P:\TAE7ESLP.exe U:\mgjpcfdg.cmd . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\FindyKill C:\Program Files\FindyKill\FindyKill.cmd C:\Program Files\FindyKill\FixReg\FixSrosa.reg C:\Program Files\FindyKill\FixReg\Limpia C:\Program Files\FindyKill\FixReg\Limpia.reg C:\Program Files\FindyKill\FixReg\Mse.reg C:\Program Files\FindyKill\FixReg\Repair.reg C:\Program Files\FindyKill\FixReg\Wvista.reg C:\Program Files\FindyKill\FixReg\Wxp.reg C:\Program Files\FindyKill\Tools\Icone.ico C:\Program Files\FindyKill\Tools\Kill.exe C:\Program Files\FindyKill\Tools\Process.exe C:\Program Files\FindyKill\Tools\swreg.exe C:\Program Files\FindyKill\Uninstal.exe C:\Program Files\Search Settings C:\Program Files\Search Settings\kb127\SearchSettings.dll C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll C:\Program Files\Search Settings\SearchSettings.exe C:\Users\Aristide\AppData\Roaming\svchost.exe C:\Windows\System32\Sexy Girls.scr C:\Windows\System32 mp.reg O:\TMMDW8LP.exe . . . . failed to delete . ((((((((((((((((((((((((( Files Created from 2008-09-03 to 2008-10-03 ))))))))))))))))))))))))))))))) . 2008-10-03 19:48 . 2008-10-03 19:48 304 --ahs---- C:\Windows\klif.spi 2008-10-03 19:41 . 2008-10-03 19:42 d-------- C:\32788R22FWJFW 2008-10-03 13:49 . 2008-10-03 13:50 d-------- C:\Program Files\Java 2008-10-02 22:32 . 2008-10-03 01:23 237,259,896 --a------ C:\Windows\MEMORY.DMP 2008-10-02 22:25 . 2008-10-02 22:25 d--hs---- C:\Windows\ftpcache 2008-10-01 10:16 . 2008-10-01 10:20 d-------- C:\Users\Aristide\AppData\Roaming\IDM 2008-09-25 17:00 . 2008-09-25 17:50 96,976 --a------ C:\Windows\System32\drivers\klin.dat 2008-09-25 17:00 . 2008-09-25 17:00 87,855 --a------ C:\Windows\System32\drivers\klick.dat 2008-09-25 16:59 . 2008-09-25 16:59 d-------- C:\Program Files\Kaspersky Lab 2008-09-25 16:59 . 2008-10-03 19:46 7,863,328 --ahs---- C:\Windows\System32\drivers\fidbox.dat 2008-09-25 16:59 . 2008-10-03 19:46 753,696 --ahs---- C:\Windows\System32\drivers\fidbox2.dat 2008-09-25 16:59 . 2008-10-03 19:46 75,088 --ahs---- C:\Windows\System32\drivers\fidbox.idx 2008-09-25 16:59 . 2008-10-03 19:46 10,992 --ahs---- C:\Windows\System32\drivers\fidbox2.idx 2008-09-25 16:46 . 2008-09-25 16:46 d-------- C:\Users\All Users\NortonInstaller 2008-09-25 16:46 . 2008-09-25 16:46 d-------- C:\PROGRA~2\NortonInstaller 2008-09-25 12:19 . 2008-09-25 12:20 169 --a------ C:\Windows\adidsl.ini 2008-09-25 12:19 . 2008-09-25 12:19 21 --a------ C:\Windows\Fast800.ini 2008-09-25 12:18 . 2008-09-25 12:18 d-------- C:\Program Files\SAGEM 2008-09-25 11:39 . 2007-03-21 20:39 1,060,864 --a------ C:\Windows\System32\MFC71.DLL 2008-09-25 11:39 . 2007-03-21 20:33 503,808 --a------ C:\Windows\System32\MSVCP71.DLL 2008-09-25 11:39 . 2007-03-21 20:33 348,160 --a------ C:\Windows\System32\MSVCR71.DLL 2008-09-23 18:43 . 2008-09-23 18:43 dr-h----- C:\Users\Aristide\AppData\Roaming\SecuROM 2008-09-20 22:50 . 2008-10-03 19:31 13,848 --a------ C:\Windows\System32\%LocalXml% 2008-09-15 19:38 . 2008-09-26 14:19 d-------- C:\Users\Aristide\AppData\Roaming\dvdcss 2008-09-14 21:33 . 2008-09-14 21:33 d-------- C:\Users\Aristide\AppData\Roaming\oovooToolbar 2008-09-14 21:33 . 2008-09-14 21:37 d-------- C:\Users\Aristide\AppData\Roaming\ooVoo Details 2008-09-14 21:33 . 2008-09-14 21:33 d-------- C:\Program Files\oovooToolbar 2008-09-13 18:24 . 2008-09-13 18:24 d-------- C:\Users\All Users\Winamp Toolbar 2008-09-13 18:24 . 2008-09-14 20:58 d-------- C:\Users\All Users\OrbNetworks 2008-09-13 18:24 . 2008-09-13 18:24 d-------- C:\Program Files\Winamp Toolbar 2008-09-13 18:24 . 2008-09-13 18:24 d-------- C:\PROGRA~2\Winamp Toolbar 2008-09-13 18:24 . 2008-09-14 20:58 d-------- C:\PROGRA~2\OrbNetworks 2008-09-13 18:23 . 2008-09-29 14:40 d-------- C:\Program Files\Winamp Remote 2008-09-13 09:46 . 2008-09-13 09:46 d-------- C:\Users\All Users\TuneUp Software 2008-09-13 09:46 . 2008-09-13 09:46 d-------- C:\PROGRA~2\TuneUp Software 2008-09-13 09:46 . 2008-09-13 09:46 307,968 --a------ C:\Windows\System32\TuneUpDefragService.exe 2008-09-13 09:46 . 2008-02-27 13:15 28,416 --a------ C:\Windows\System32\uxtuneup.dll 2008-09-13 09:46 . 2008-02-27 13:15 16,640 --a------ C:\Windows\System32\authuitu.dll 2008-09-12 22:23 . 2008-07-28 17:19 116,736 --a------ C:\Windows\System32\drivers\mcdbus.sys 2008-09-11 18:46 . 2008-09-11 18:46 d-------- C:\Users\All Users\McAfee 2008-09-11 18:46 . 2008-09-11 18:46 d-------- C:\PROGRA~2\McAfee 2008-09-09 18:08 . 2008-09-09 18:09 d-a------ C:\Users\All Users\TEMP 2008-09-09 18:08 . 2008-09-09 18:09 d-a------ C:\PROGRA~2\TEMP 2008-09-09 18:04 . 2008-09-09 18:05 d--h----- C:\Users\All Users\{56759C22-EA1E-4BE5-A903-72F67D450F43} 2008-09-09 18:04 . 2008-09-09 18:05 d--h----- C:\PROGRA~2\{56759C22-EA1E-4BE5-A903-72F67D450F43} 2008-09-09 09:07 . 2008-09-09 09:07 d-------- C:\Users\Aristide\AppData\Roaming\TotalTrain 2008-09-06 14:44 . 2008-10-02 23:13 69 --a------ C:\Windows\NeroDigital.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-03 19:48 --------- d-----w C:\PROGRA~2\Kaspersky Lab 2008-10-03 19:43 --------- d-----w C:\Users\Aristide\AppData\Roaming\uTorrent 2008-10-03 19:31 --------- d-----w C:\PROGRA~2\eMule 2008-10-03 15:04 --------- d-----w C:\Users\Aristide\AppData\Roaming\TeraCopy 2008-10-02 15:30 --------- d-----w C:\Users\Aristide\AppData\Roaming\DMCache 2008-10-01 10:32 --------- d-----w C:\Users\Aristide\AppData\Roaming\Winamp 2008-10-01 10:32 --------- d-----w C:\PROGRA~2\FLEXnet 2008-09-25 16:53 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy 2008-09-25 12:19 32 ----a-w C:\Windows\system32\drivers\adidsl.cfg 2008-09-25 12:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-23 00:36 --------- d-----w C:\Program Files\Common Files\Adobe 2008-09-19 23:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-09-19 23:51 --------- d-----w C:\PROGRA~2\Microsoft Help 2008-09-19 14:46 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ahead 2008-09-19 00:54 803,328 ----a-w C:\Windows\system32\drivers cpip.sys 2008-09-03 01:53 258,048 ----a-w C:\Windows\System32\TubeFinder.exe 2008-09-01 23:27 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-09-01 23:27 --------- d-----w C:\Program Files\Realtek 2008-09-01 22:45 319,488 ----a-w C:\Windows\HideWin.exe 2008-09-01 16:19 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ubisoft 2008-08-30 05:23 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-08-29 23:43 --------- d-----w C:\Program Files\Business Objects 2008-08-29 23:42 --------- d-----w C:\Program Files\Microsoft Device Emulator 2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft Synchronization Services 2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition 2008-08-29 23:39 --------- d-----w C:\Program Files\Microsoft.NET 2008-08-29 23:31 --------- d-----w C:\Program Files\Common Files\Merge Modules 2008-08-29 23:31 --------- d-----w C:\PROGRA~2\PreEmptive Solutions 2008-08-29 23:29 --------- d-----w C:\Program Files\HTML Help Workshop 2008-08-29 23:28 --------- d-----w C:\Program Files\MSBuild 2008-08-29 23:26 --------- d-----w C:\Program Files\Microsoft SDKs 2008-08-29 23:26 --------- d-----w C:\Program Files\CE Remote Tools 2008-08-29 23:25 --------- d-----w C:\Program Files\Microsoft Web Designer Tools 2008-08-27 17:09 --------- d-----w C:\Users\Aristide\AppData\Roaming\Orbit 2008-08-27 16:53 --------- d-----w C:\Users\Aristide\AppData\Roaming\GrabPro 2008-08-27 01:25 --------- d-----w C:\PROGRA~2\ConeXware 2008-08-25 16:09 --------- d-----w C:\Program Files\Common Files\Control Panels 2008-08-25 16:07 --------- d-----w C:\PROGRA~2\ALM 2008-08-25 16:01 --------- d-----w C:\Program Files\QuickTime 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Sidebar 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Mail 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Journal 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Defender 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Collaboration 2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Calendar 2008-08-17 19:51 --------- d-----w C:\Program Files\uTorrent 2008-08-17 16:06 --------- d-----w C:\PROGRA~2\Lavasoft 2008-08-09 23:23 --------- d-----w C:\Program Files\Bonjour 2008-08-09 12:48 --------- d-----w C:\Program Files\Windows Installer Clean Up 2008-08-09 12:48 --------- d-----w C:\Program Files\MSECACHE 2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\xing shared 2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\Real 2008-08-07 22:03 --------- d-----w C:\Program Files\Real 2008-08-05 23:52 --------- d-----w C:\PROGRA~2\Adobe Systems 2008-08-05 23:51 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared 2008-08-04 00:20 --------- d-----w C:\Users\Aristide\AppData\Roaming\MozillaControl 2008-07-31 10:41 68,616 ----a-w C:\Windows\System32\XAPOFX1_1.dll 2008-07-31 10:41 238,088 ----a-w C:\Windows\System32\xactengine3_2.dll 2008-07-31 10:40 509,448 ----a-w C:\Windows\System32\XAudio2_2.dll 2008-07-29 20:21 218,376 ----a-w C:\Windows\System32\klogon.dll 2008-07-16 09:30 8,704 ----a-w C:\Windows\System32\hcrstco.dll 2008-07-15 09:11 174 --sha-w C:\Program Files\desktop.ini 2008-07-15 09:07 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2008-07-15 09:07 67,584 ----a-w C:\Windows\System32\wlanhlp.dll 2008-07-15 09:07 542,720 ----a-w C:\Windows\System32\sysmain.dll 2008-07-15 09:07 502,784 ----a-w C:\Windows\System32\wlansvc.dll 2008-07-15 09:07 47,104 ----a-w C:\Windows\System32\wlanapi.dll 2008-07-15 09:07 297,984 ----a-w C:\Windows\System32\wlansec.dll 2008-07-15 09:07 290,816 ----a-w C:\Windows\System32\wlanmsm.dll 2008-07-15 09:07 24,064 ----a-w C:\Windows\System32\wtsapi32.dll 2008-07-15 09:07 2,923,520 ----a-w C:\Windows\explorer.exe 2008-07-15 09:05 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL 2008-07-15 09:05 7,680 ----a-w C:\Windows\System32\spwmp.dll 2008-07-15 09:05 4,096 ----a-w C:\Windows\System32\dxmasf.dll 2008-07-15 09:05 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll 2008-07-14 06:47 49,664 ----a-w C:\Windows\System32\csrsrv.dll 2008-07-14 06:47 376,320 ----a-w C:\Windows\System32\winsrv.dll 2008-07-14 06:47 3,504,696 ----a-w C:\Windows\System32 tkrnlpa.exe 2008-07-14 06:47 3,470,392 ----a-w C:\Windows\System32 toskrnl.exe 2008-07-14 06:47 25,600 ----a-w C:\Windows\System32\LangCleanupSysprepAction.dll 2008-07-14 06:47 166,912 ----a-w C:\Windows\System32\lpksetup.exe 2008-07-14 06:47 10,240 ----a-w C:\Windows\System32\MUILanguageCleanup.dll 2008-07-14 06:46 23,552 ----a-w C:\Windows\System32\lpremove.exe 2008-07-14 06:46 14,848 ----a-w C:\Windows\System32\wshrm.dll 2008-07-14 06:46 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2008-07-14 06:45 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2008-07-14 06:43 2,048 ----a-w C:\Windows\System32 zres.dll 2008-07-13 09:22 87,040 ----a-w C:\Windows\System32\msoert2.dll 2008-07-13 09:22 39,424 ----a-w C:\Windows\System32\ACCTRES.dll 2008-07-13 09:22 205,824 ----a-w C:\Windows\System32\msoeacct.dll 2008-07-13 09:22 194,560 ----a-w C:\Windows\System32\WebClnt.dll 2008-07-13 09:20 86,016 ----a-w C:\Windows\System32\icfupgd.dll 2008-07-13 09:20 61,952 ----a-w C:\Windows\System32\cmifw.dll 2008-07-13 09:20 414,208 ----a-w C:\Windows\System32\msscp.dll 2008-07-13 09:20 396,800 ----a-w C:\Windows\System32\MPSSVC.dll 2008-07-13 09:20 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll 2008-07-13 09:20 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll 2008-07-13 09:20 16,896 ----a-w C:\Windows\System32\wfapigp.dll 2008-07-13 09:20 104,448 ----a-w C:\Windows\System32\DWWIN.EXE . ------- Sigcheck ------- 2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\System32\drivers cpip.sys 2006-11-02 08:58 802816 d944522b048a5feb7700b5170d3d9423 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4 cpip.sys 2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a cpip.sys 2008-07-13 08:18 806400 52a8bd6294f7d1443c6184c67ae13af4 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4 cpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt bisoH.dll" [2008-07-10 1600024] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8087-36EE87E26986}] 2008-07-29 19:56 1987544 --a------ C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] 2008-07-10 14:04 1600024 --a------ C:\Program Files\isoHunt bisoH.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt bisoH.dll" [2008-07-10 1600024] "{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{A6E4A4EB-D169-4E99-8988-250FCBAFE767}"= "C:\Program Files\isoHunt bisoH.dll" [2008-07-10 1600024] "{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-8087-36ee87e26986}] [HKEY_CLASSES_ROOT\oovooToolbar.OOVOOTOOLBAR] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="D:\UTorrent 1 8\uTorrent.exe" [2008-08-16 267056] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-10-03 851968] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136] "Yahoo! Pager"="D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 3810544] "ares destiny"="D:\Ares Destiny\Ares.exe" [2008-10-03 2973184] "BitComet"="D:\Bitcomet\BitComet.exe" [2008-08-22 2567992] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"="D:\Winamp 5 53\Winamp\winampa.exe" [2008-10-03 36352] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-10-03 90112] "PWRISOVM.EXE"="D:\PowerISO\PWRISOVM.EXE" [2008-10-03 167936] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2008-10-03 1884160] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\Windows\KHALMNPR.Exe] C:\Users\Aristide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - D:\Program Files\MagicDisc\MagicDisc.exe [2008-09-12 575488] C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ Adobe Reader Synchronizer.lnk - D:\Adobe Creative Suite 3\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872] Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-08-11 295606] Logitech SetPoint.lnk - D:\Logitech 4 60\SetPoint\SetPoint.exe [2008-07-09 805392] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun] "1"= cmd.exe "2"= mmc.exe "3"= rstrui.exe "4"= regedit.exe "5"= regedt32.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= divxa32.acm [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1130438823-3524183207-3403761355-1000] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{33A14AF4-8DE1-4DC3-AA8E-73F39A116B22}"= TCP:6004|D:\MS Office 2007\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{8B2DF36A-4600-4610-9801-6B27EEE466B2}C:\program files\utorrent\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{8F6C3A10-4A70-401E-AF77-A40D08046C7B}C:\program files\utorrent\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent "{C7F2893F-D769-45A3-8E85-9CC81D34B101}"= UDP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{1BAE97F6-6AA6-46DA-A209-91CCC4D89AB9}"= TCP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{EFB77742-E44F-4E00-BB9E-63693E353F05}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone) "{DE9938C4-CE1C-4A5B-B4C9-AAB504BC1AFD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{05E8C7CF-519A-4645-BA3B-FC00B679E1FA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9 "{2D5186E1-05DB-4934-AEF1-627340BFABB6}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9 "{D84A2C5F-96C8-4F7F-9880-DE0A4156004A}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10 "{AC003FBE-8AEB-40F8-8DBE-48A9B23822F0}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10 "{435A5D7A-C127-4606-BDD6-AADF91DD49EA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update "{90103605-6895-4148-9240-52CA89DCA768}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update "{D502EFDC-20C2-4A33-9BB4-C3F02A4EBA08}"= UDP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (TCP-In) "{B46B00F3-C0E3-4F5F-AF84-FDF2DA69970F}"= TCP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (UDP-In) "{FAC18785-F011-4E20-8C11-7BDD6812CA01}"= UDP:3703:Adobe Version Cue CS3 Server "{C50ADF18-E003-4713-BA80-51AE87B4F1CD}"= UDP:3704:Adobe Version Cue CS3 Server "{58CF08FE-3D8C-4BAE-97FF-D09C0703F971}"= UDP:50900:Adobe Version Cue CS3 Server "{D9734941-6BEB-4CB5-B30E-751565BD2B6F}"= UDP:50901:Adobe Version Cue CS3 Server "{82AD7696-741F-425D-93BF-F44CA0C7C267}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{5004BE53-B8E6-40EA-9085-E576273E4B0D}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{5148B32A-3C4C-4A09-B0D1-2C05515C1428}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{C20299BD-6A8E-477D-8D3A-573E6FBE5850}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{F0ECBF53-89DE-4AA3-96A4-49DC28A0864E}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{D6E597D7-10BF-4590-9718-6DC1B43EBD73}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb "{3247F591-15AF-475D-8136-32324675758C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{6EB47315-56CA-4871-818A-D92353F87117}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray "{8CF68E0E-6F84-4D84-8094-8E7DE7E1584C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR "{429892F2-6818-4457-A7C8-3E8A5F8323BE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR "{804ADD5D-D460-4513-BF6E-8F31F84177B2}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{5F87594A-6FF6-4CE0-84CD-D91448D3E221}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client "{5B23FF40-88B2-48DE-8398-E6E1A303E6B7}"= UDP:443:TCP port 443 ooVoo "{71A36C96-EEA9-4594-81D4-8197D9D90A8E}"= TCP:443:UDP port 443 ooVoo "{3024E162-5300-423E-BBC2-66A2B364E530}"= UDP:37674:TCP port 37674 ooVoo "{13A729A8-F2B7-40FC-9326-5EB1B03F59E3}"= TCP:37674:UDP port 37674 ooVoo "{069FC467-1805-49FA-ABC8-389261600682}"= TCP:37675:UDP port 37675 ooVoo "TCP Query User{8E5DE5F7-E84C-4C36-9025-B45BA65F7F50}D:\bitcomet\bitcomet.exe"= UDP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "UDP Query User{2EC208F2-B6CC-4C8E-A923-B8CED862F08D}D:\bitcomet\bitcomet.exe"= TCP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "TCP Query User{DF96001B-E0AF-4224-9906-ACBF202753CA}D:\ares destiny\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows "UDP Query User{FDDFFB36-0084-4541-BBE9-25EB826A371A}D:\ares destiny\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows "TCP Query User{7A129059-210F-4617-B03E-D91DE2EC0D34}C:\program files\winamp remote\bin\orbtray.exe"= UDP:C:\program files\winamp remote\bin\orbtray.exe:Orb "UDP Query User{C6A0EC0D-FB01-40D8-B616-2F5F06AF8388}C:\program files\winamp remote\bin\orbtray.exe"= TCP:C:\program files\winamp remote\bin\orbtray.exe:Orb "{74BC0BC5-DA62-4319-BEB1-FC3B5A63562F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service "{93CE87FB-C928-4A7D-9A82-BF1B0EEEED8F}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service "{9001DF20-B39A-4274-A99B-38FA1051B75F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service "{86B1F8A7-9D31-41AC-8EA4-661D8ADD46A1}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service "{66F8449D-BD0B-4500-8699-22065B359785}"= UDP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email "{9E04FDDB-0D48-49E7-AB2F-D0D6CF4CD403}"= TCP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email "TCP Query User{CE7030E7-8F4A-41E4-B210-E0FD27029B47}C:\program files\winamp remote\bin\orbir.exe"= UDP:C:\program files\winamp remote\bin\orbir.exe:OrbIR "UDP Query User{658D05C2-CF3B-4152-8B1A-7965A6BC763C}C:\program files\winamp remote\bin\orbir.exe"= TCP:C:\program files\winamp remote\bin\orbir.exe:OrbIR "TCP Query User{10128BE4-2B8A-48AB-A414-F1BAA8C0D91E}C:\program files\winamp remote\bin\orb.exe"= UDP:C:\program files\winamp remote\bin\orb.exe:Orb Application "UDP Query User{2FA471A1-285E-4DA2-A96D-72D4B000611E}C:\program files\winamp remote\bin\orb.exe"= TCP:C:\program files\winamp remote\bin\orb.exe:Orb Application "TCP Query User{07CE3D9D-DEE7-4332-996C-0381C082C848}D:\ares destiny\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows "UDP Query User{5E904CE6-E2C3-4292-99DC-E6396514E46A}D:\ares destiny\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows "TCP Query User{85E0D794-5C9C-4E61-B8B1-48D20480F1CB}D:\utorrent 1 8\utorrent.exe"= UDP:D:\utorrent 1 8\utorrent.exe:µTorrent "UDP Query User{825C07D1-3B94-4E00-8578-FB9840608AD5}D:\utorrent 1 8\utorrent.exe"= TCP:D:\utorrent 1 8\utorrent.exe:µTorrent "{608035D9-DD1D-45EB-BB24-1F1DD22F1F55}"= UDP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool "{309F3D08-4895-41C5-8522-047099195F24}"= TCP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool "TCP Query User{B9F11B52-69A6-4F03-B4C3-96D9EA1634B8}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup "UDP Query User{F5263E24-6FC4-429E-B40D-7B27C2D6379C}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup "{7778CC22-D429-41BC-A46D-7127FCEB3551}"= UDP:26579:BitComet 26579 TCP "{A6017C98-2F10-4F77-9677-734D3EA2AADE}"= TCP:26579:BitComet 26579 UDP "{A44123C7-21DB-4F64-9CF6-9946A8E45CED}"= UDP:26579:BitComet 26579 TCP "{3801B058-1E8C-4323-A859-DB49931583D1}"= TCP:26579:BitComet 26579 UDP [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "DoNotAllowExceptions"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 32784] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496] R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 22016] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 3478528] R3 e4usbaw;USB ADSL2 WAN Adapter;C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] S0 OemBiosDevice;Royalty OEM BIOS Extension;C:\Windows\system32\DRIVERS oyal.sys [2007-03-02 240128] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\Windows\system32\Drivers\e4ldr.sys [2007-01-04 69656] S3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\EVEREST Ultimate Edition\kerneld.wnt [2008-03-17 23152] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-09-13 307968] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] rsmsvcs REG_MULTI_SZ ntmssvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . - - - - ORPHANS REMOVED - - - - HKCU-Run-eMuleAutoStart - D:\Emule\emule.exe HKLM-Run-UnlockerAssistant - D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-03 19:48:30 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\Ati2evxx.exe C:\Windows\System32\audiodg.exe C:\Windows\System32\Ati2evxx.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\System32\conime.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Windows\System32\wbem\unsecapp.exe C:\Program Files\Winamp Remote\bin\Orb.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe D:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Completion time: 2008-10-03 19:55:43 - machine was rebooted ComboFix-quarantined-files.txt 2008-10-03 19:55:36 ComboFix2.txt 2008-10-03 15:17:03 Avant-CF: 9ÿ560ÿ309ÿ760 octets libres Post-Run: 8,996,155,392 octets libres 400 --- E O F --- 2008-08-30 05:25:49

Destrio5 · Answer

- Télécharge RavAntivirus d'Evosla sur ton bureau : 
http://ww25.evosla.com/compteur.php?soft=rav_antivirus

- Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir avant de lancer le fix

- Clique droit sur le fichier rav.zip, puis "Extraire Ici".

- Doucle-clique sur "rav.exe" pour lancer le fix. (Pour Vista, clique droit sur rav et choisis Exécuter en tant qu'administrateur)

- Laisse le programme agir : il scanne automatiquement tous les lecteurs (disques fixes et amovibles)

- Quitte le programme quand le message suivant apparaît : Votre ordinateur est sain

- Ensuite : retire tes disques amovibles et redémarre le PC.

tertilus · Answer

Bonjour,

Vlà.  je viens de scanner mon poste avec RavAntivirus d'Evosla, je ne sais pas s'il y a encore une autre étape mais je voulais déjà te dire un grand merci, car ça m'a evité un formatage de la partition où est situé mon OS.

Destrio5 · Answer

Il a trouvé quelque chose ?

tertilus · Answer

Salut,
Non il n'a rien détecté. 
Mais j'ai lancé après un scan complet de kaspersky. Il m'a déniché certains virus. J'ai pu désinfecté les fichiers infectés. Présentement le scan est en cours. Après le scan je pense que je serai beaucoup plus rassuré.

Destrio5 · Answer

Tu as bien fait. Poste le rapport de Kaspersky une fois terminé.

tertilus · Answer

voici le rapport de kaspersky etant entendu que les prg malveillants ont ete supprimes.


Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
25/09/2008 17:17:35	Task completed			
25/09/2008 17:14:29	Task started			
Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
26/09/2008 14:12:57	Task completed			
26/09/2008 14:12:52	Task started			
Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
29/09/2008 14:42:29	Task completed			
29/09/2008 14:42:28	Task started			
Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
30/09/2008 06:29:16	Password protected	J:\Web\Saved_Games.rar		
30/09/2008 06:29:16	Password protected	J:\Web\Saved_Games.rar		
30/09/2008 06:29:00	Untreated: Trojan-Spy.Win32.BZub.ffd	J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe	Postponed	
30/09/2008 06:28:59	Detected: Trojan-Spy.Win32.BZub.ffd	J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe		
30/09/2008 02:58:29	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resourcesu.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:29	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\zh_CN.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:29	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\zh_TW.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\sv.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources
b.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources
l.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\ko.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\ja.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\it.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\fr.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\fi.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\es.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\en.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\QuickTimePlayer.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\de.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\da.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resourcesu.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources
b.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources
l.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resourcesu.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources
l.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:26	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources
b.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:26	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:26	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resourcesu.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources
l.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources
b.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resourcesu.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources
l.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources
b.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resourcesu.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources
l.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources
b.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources
l.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resourcesu.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources
b.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resourcesu.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources
l.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources
b.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources
b.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resourcesu.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources
l.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resourcesu.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources
l.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources
b.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resourcesu.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources
l.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources
b.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources
l.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resourcesu.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources
b.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resourcesu.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources
b.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources
l.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resourcesu.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources
l.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources
b.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources
b.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resourcesu.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources
l.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resourcesu.lproj\

Destrio5 · Answer

Le rapport est incomplet. 

Tu peux me l'envoyer sur (adresse mail supprimée)

tertilus · Answer

rapport kaspersky


Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
25/09/2008 17:17:35	Task completed			
25/09/2008 17:14:29	Task started			
Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
26/09/2008 14:12:57	Task completed			
26/09/2008 14:12:52	Task started			
Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
29/09/2008 14:42:29	Task completed			
29/09/2008 14:42:28	Task started			
Full Scan: completed 03/10/2008 23:11:19   (events: 1476, objects: 753063, time: 01:36:18)	
30/09/2008 06:29:16	Password protected	J:\Web\Saved_Games.rar		
30/09/2008 06:29:16	Password protected	J:\Web\Saved_Games.rar		
30/09/2008 06:29:00	Untreated: Trojan-Spy.Win32.BZub.ffd	J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe	Postponed	
30/09/2008 06:28:59	Detected: Trojan-Spy.Win32.BZub.ffd	J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe		
30/09/2008 02:58:29	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resourcesu.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:29	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\zh_CN.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:29	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\zh_TW.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\sv.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources
b.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources
l.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\ko.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\ja.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\it.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\fr.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\fi.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\es.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\en.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\QuickTimePlayer.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\de.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QuickTimePlayer.Resources\da.lproj\QuickTimePlayerLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:28	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resourcesu.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources
b.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources
l.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resourcesu.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:27	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources
l.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:26	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources
b.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:26	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:26	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resourcesu.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources
l.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources
b.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:25	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:24	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resourcesu.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources
l.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources
b.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr		
30/09/2008 02:58:23	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resourcesu.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources
l.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources
b.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:22	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources
l.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resourcesu.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources
b.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:21	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:20	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resourcesu.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources
l.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources
b.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources
b.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resourcesu.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:19	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources
l.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resourcesu.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:18	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources
l.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources
b.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resourcesu.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:17	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources
l.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources
b.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:16	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources
l.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resourcesu.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources
b.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:15	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resourcesu.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources
b.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources
l.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:14	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resourcesu.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources
l.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources
b.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr		
30/09/2008 02:58:13	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources
b.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resourcesu.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources
l.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected: https://securelist.com/	d:\quicktime\QTSystem\QuickTimeEssentials.Resourcesu.lproj\QuickTimeEssentialsLocalized.qtr		
30/09/2008 02:58:12	Detected

Destrio5 · Answer

Je le trouve bizarre ce rapport.

Il te sert à quoi ce dossier Quicktime situé dans D:\ ?

tertilus · Answer

J'installe mes applications sur le D:\ . Et quicktime est aussi intallé là-dessus . Mais à regarder de près, il est vraiment bizarre.
Dans le temps j'avais meme voulu le desinstaller car, kaspersky avait détecté une grande vulnérabilité et aussi quand je desire ouvrir une un format avec lui il ne s'execute pas. Je suis a chaque fois obigé de faire un clic droit puis ouvrir avec quicktime.

Destrio5 · Answer

Et bien, désinstalle-le et vire le dossier.

Tu le réinstalles après ;)

tertilus · Answer

Ok reçu. Je désistalle supprime les clés avec tuneUp et reprend le scan avec kaspersky. A la fin je posterai le rapport.

tertilus · Answer

Salut, 
je n'arrive pas à editer mon rapport depuis 2 jours. Kaspersky tourne , je crois normalement, il effectue ts les scans normalement; mais lorsqu'il s'agit d'éditer le rapport, il plante. 
En fait j'avais choper un virus qui le faisait planter. En utilisant Findykill et combofix j'ai pu le remettre en etat de fonctionement mais pour le rapport afin de vérifier si ts les virus sont oter il plante. 
Un idée?  ;-)

Destrio5 · Answer

Ça ne me dit rien.

tertilus · Answer

ok, sinon dans l'ensemble ça va . Encore un grand merci à toi.

Destrio5 · Answer

---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

tertilus · Answer

Ok reçu&#9830;

Destrio5 · Answer

Salut

Tu ne m'as pas donné de nouvelle et tu as refait un nouveau sujet pour une infection Bagle.

Le rapport de FindyKill montre que tu as des cracks et keygens alors que tu devais les effacer.

Je ne vais pas perdre mon temps avec toi si tu n'en fais qu'à ta tête.

Pour ces raisons, je ferme ce sujet.

Bonne journée.

*.exe n'est pas une application valide

34 réponses

Discussions similaires

Newsletters