Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport HijackThis pour ralentissement majeur

TitiKiaï

Par TitiKiaï
dans Analyses et éradication malwares

 Partager

Messages recommandés

TitiKiaï Member

TitiKiaï

Posté(e)
  • Auteur
Posté(e)

Malheureusement je connais ce fichier depuis très longtemps, mais presonne n'arrive a me dire ce que c'est.

En fait, il change de nom mais garde tjs la même icône (petit chien) dans le même dossier; je ne peux le suppr qu'en mode sans échec, mais il est de retour quasiment dès le redémarrage...

Je pourrais pê t'envoyer une copie d'écran?

 

Fichier KFA24B.EXE reçu le 2008.09.11 23:35:45 (CET)Antivirus Version Dernière mise à jour Résultat

AhnLab-V3 2008.9.12.0 2008.09.11 -

AntiVir 7.8.1.28 2008.09.11 -

Authentium 5.1.0.4 2008.09.11 -

Avast 4.8.1195.0 2008.09.11 -

AVG 8.0.0.161 2008.09.11 -

BitDefender 7.2 2008.09.11 -

CAT-QuickHeal 9.50 2008.09.11 -

ClamAV 0.93.1 2008.09.11 -

DrWeb 4.44.0.09170 2008.09.11 -

eSafe 7.0.17.0 2008.09.11 -

eTrust-Vet 31.6.6084 2008.09.11 -

Ewido 4.0 2008.09.11 -

F-Prot 4.4.4.56 2008.09.11 -

F-Secure 8.0.14332.0 2008.09.11 Suspicious:W32/Dzan!Gemini

Fortinet 3.113.0.0 2008.09.11 -

GData 19 2008.09.11 -

Ikarus T3.1.1.34.0 2008.09.11 -

K7AntiVirus 7.10.452 2008.09.11 -

Kaspersky 7.0.0.125 2008.09.11 -

McAfee 5382 2008.09.11 -

Microsoft 1.3903 2008.09.11 -

NOD32v2 3435 2008.09.11 -

Norman 5.80.02 2008.09.11 -

Panda 9.0.0.4 2008.09.11 -

PCTools 4.4.2.0 2008.09.11 -

Prevx1 V2 2008.09.11 Malicious Software

Rising 20.61.32.00 2008.09.11 -

Sophos 4.33.0 2008.09.11 -

Sunbelt 3.1.1628.1 2008.09.11 -

Symantec 10 2008.09.11 -

TheHacker 6.3.0.9.077 2008.09.10 -

TrendMicro 8.700.0.1004 2008.09.11 -

VBA32 3.12.8.5 2008.09.10 -

ViRobot 2008.9.11.1373 2008.09.11 -

VirusBuster 4.5.11.0 2008.09.11 -

Webwasher-Gateway 6.6.2 2008.09.11 -

 

Information additionnelle

File size: 172099 bytes

MD5...: 90975bb3460970efbacfecfcff833917

SHA1..: 0a05f587ffff72fe43740a51371f2108a0afa80e

SHA256: fc176842278d8cc2ade12f8fb9f0bed7d575d183400b464f89382f04c450c619

SHA512: 25a52242d82aac1286c1e94b7eda9b2fe712e0b88df75d26008c3cb46d5e09e9<BR>8b40273f13a2377b78d546f866b359e7819714df833addb0eaf03266aeaaa229

PEiD..: Armadillo v1.71

TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)

PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x40dc94<BR>timedatestamp.....: 0x425702a5 (Fri Apr 08 22:16:05 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x1cd6a 0x1d000 6.61 e38d9b0f4c804bc61578fa8a6f0bb479<BR>.rdata 0x1e000 0x54d3 0x6000 4.61 3b9cb21b0835438e30c13f40582e0567<BR>.data 0x24000 0x8cbc 0x5000 2.96 1090d9f9c10b0c2ccbc05ad81f6ad5c4<BR>.rsrc 0x2d000 0x508 0x1000 0.88 4100801f13f4cf5e263fef8a7634138d<BR><BR>( 7 imports ) <BR>> WSOCK32.dll: -, -, -<BR>> KERNEL32.dll: GetOEMCP, GetCurrentProcess, WriteFile, FlushFileBuffers, SetFilePointer, GetFileAttributesA, RtlUnwind, CreateThread, ExitThread, GetTimeZoneInformation, GetSystemTime, GetLocalTime, GetStartupInfoA, GetCommandLineA, GetCPInfo, GlobalFindAtomA, HeapSize, HeapReAlloc, GetACP, UnhandledExceptionFilter, LCMapStringA, LCMapStringW, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, GetStringTypeA, GetStringTypeW, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetProcessVersion, GlobalFlags, TlsGetValue, ResumeThread, GlobalAlloc, LocalReAlloc, TlsSetValue, GlobalReAlloc, GlobalLock, GlobalFree, GlobalHandle, GlobalUnlock, SetLastError, TlsAlloc, lstrcpynA, GlobalAddAtomA, GetCurrentThreadId, GlobalGetAtomNameA, ExitProcess, HeapAlloc, GlobalDeleteAtom, InterlockedExchange, LeaveCriticalSection, lstrcmpA, MultiByteToWideChar, WideCharToMultiByte, InterlockedDecrement, InterlockedIncrement, WaitForMultipleObjects, lstrlenA, FreeLibrary, LocalAlloc, LocalFree, GetModuleFileNameA, TerminateProcess, MoveFileExA, GetVersion, VirtualAlloc, DeleteFileA, GetTickCount, GetPrivateProfileIntA, CopyFileA, CreateProcessA, Sleep, GetVersionExA, GetComputerNameA, GetTempPathA, GetTempFileNameA, DeleteCriticalSection, CreateEventA, InitializeCriticalSection, GetCurrentDirectoryA, lstrcmpiA, OpenFile, FindFirstFileA, FindNextFileA, FindClose, EnterCriticalSection, _lclose, RaiseException, HeapFree, SetEvent, GetProcAddress, LoadLibraryA, GetCurrentProcessId, lstrcatA, lstrcpyA, WriteProcessMemory, ReadProcessMemory, CloseHandle, OpenProcess, GetExitCodeThread, WaitForSingleObject, GetModuleHandleA, CreateMutexA, GetLastError, GetSystemDirectoryA, ResetEvent<BR>> USER32.dll: LoadStringA, GetNextDlgTabItem, EnableMenuItem, CheckMenuItem, SetMenuItemBitmaps, ModifyMenuA, GetMenuState, LoadBitmapA, GetMenuCheckMarkDimensions, SetWindowTextA, IsWindowEnabled, GetClassNameA, PtInRect, ClientToScreen, GetSysColorBrush, ReleaseDC, GetDC, DestroyMenu, TabbedTextOutA, DrawTextA, GrayStringA, GetTopWindow, MessageBoxA, GetSysColor, MapWindowPoints, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextA, GetDlgCtrlID, GetKeyState, SetWindowsHookExA, CallNextHookEx, GetClassLongA, SetPropA, UnhookWindowsHookEx, CallWindowProcA, RemovePropA, GetMessageTime, PeekMessageA, GetLastActivePopup, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowPos, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, SendMessageA, PostMessageA, FindWindowA, KillTimer, DestroyWindow, SetTimer, PostQuitMessage, DefWindowProcA, CreateWindowExA, ShowWindow, UpdateWindow, LoadIconA, LoadCursorA, RegisterClassExA, GetMessageA, DispatchMessageA, TranslateMessage, RegisterWindowMessageA, GetFocus, SetFocus, AdjustWindowRectEx, GetClientRect, CopyRect, EnableWindow, GetParent, GetCapture, GetPropA, SetWindowLongA, GetWindowLongA, GetMessagePos<BR>> GDI32.dll: GetClipBox, SetTextColor, SetBkColor, GetObjectA, CreateBitmap, DeleteObject, GetDeviceCaps, DeleteDC, SaveDC, RestoreDC, SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, PtVisible, RectVisible, ExtTextOutA, Escape, TextOutA<BR>> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter<BR>> ADVAPI32.dll: CreateServiceA, QueryServiceStatus, DeleteService, RegCreateKeyExA, StartServiceA, OpenSCManagerA, OpenServiceA, CloseServiceHandle, QueryServiceConfigA, RegDeleteValueA, RegSetValueExA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegNotifyChangeKeyValue<BR>> COMCTL32.dll: -<BR><BR>( 59 exports ) <BR>__0TmProcessGuard@@QAE@KHH@Z, __0TmProcessGuard@@QAE@PBD0HH@Z, __0TmProcessGuard@@QAE@XZ, __0TmServiceGuard@@QAE@PBD00HH@Z, __0TmServiceGuard@@QAE@PBDKHH@Z, __0TmServiceGuard@@QAE@XZ, __1TmProcessGuard@@UAE@XZ, __1TmServiceGuard@@UAE@XZ, __4TmProcessGuard@@QAEXAAV0@@Z, __4TmServiceGuard@@QAEXAAV0@@Z, ___7TmProcessGuard@@6B@, ___7TmServiceGuard@@6B@, _BackupService@TmServiceGuard@@IAEXXZ, _CheckProcess@TmProcessGuard@@QAE_NAAVCStringArray@@@Z, _GetGuardInfo@TmProcessGuard@@QBEXAAKAAVCString@@1AAH2@Z, _IsIPChanged@@YA_NPBDPADH@Z, _IsMonitor@TmProcessGuard@@IBE_NXZ, _IsNTPlatform@@YA_NXZ, _IsProcessAlive@TmProcessGuard@@MAE_NXZ, _IsProcessAlive@TmServiceGuard@@MAE_NXZ, _IsRetryNow@TmProcessGuard@@IBE_NXZ, _IsTheSame@TmProcessGuard@@QBE_NABVCString@@0@Z, _IsTheSame@TmProcessGuard@@QBE_NK@Z, _IsTheSame@TmProcessGuard@@QBE_NPBV1@@Z, _IsValidProcess@TmProcessGuard@@QBE_NXZ, _QueryAllLog@TmProcessGuard@@QBEXAAVCStringArray@@@Z, _RegWatchDog_Ofc@@YA_NXZ, _RegWatchDog_Ofc_95@@YA_NXZ, _RegWatchDog_Ofc_NTRT@@YA_NXZ, _RegWatchDog_Ofc_OFCPFWSVC@@YA_NXZ, _RegWatchDog_Ofc_PCCNTMON@@YA_NXZ, _RegWatchDog_Ofc_TMLISTEN@@YA_NXZ, _ResetMonitor@TmProcessGuard@@IAEXXZ, _ResetRetryCount@TmProcessGuard@@QAEXXZ, _ResetRetryTick@TmProcessGuard@@QAEXXZ, _ResetRetryVar@TmProcessGuard@@QAEXXZ, _RetryWakeupProcess@TmProcessGuard@@MAE_NXZ, _RetryWakeupProcess@TmServiceGuard@@MAE_NXZ, _SetMonitor@TmProcessGuard@@IAEXXZ, _SetProcessID@TmProcessGuard@@QAEXK@Z, _SetRetryCountLimit@TmProcessGuard@@QAEXH@Z, _SetRetryTickLimit@TmProcessGuard@@QAEXH@Z, _StepMonitor@TmProcessGuard@@IAEXXZ, _StepRetry@TmProcessGuard@@IAEXXZ, _UnRegWatchDog_Ofc@@YA_NXZ, _UnRegWatchDog_Ofc_95@@YA_NXZ, _UnRegWatchDog_Ofc_NTRT@@YA_NXZ, _UnRegWatchDog_Ofc_OFCPFWSVC@@YA_NXZ, _UnRegWatchDog_Ofc_PCCNTMON@@YA_NXZ, _UnRegWatchDog_Ofc_TMLISTEN@@YA_NXZ, C_IsIPChanged, C_RegWatchDog_Ofc, C_RegWatchDog_Ofc_OFCPFWSVC, C_RegWatchDog_Ofc_PCCNTMON, C_RegWatchDog_Ofc_TMLISTEN, C_UnRegWatchDog_Ofc, C_UnRegWatchDog_Ofc_OFCPFWSVC, C_UnRegWatchDog_Ofc_PCCNTMON, C_UnRegWatchDog_Ofc_TMLISTEN<BR>

Prevx info: http://info.prevx.com/aboutprogramtext.asp...508CF0005CE12E9

 

Antivirus Version Dernière mise à jour Résultat

AhnLab-V3 2008.9.12.0 2008.09.11 -

AntiVir 7.8.1.28 2008.09.11 -

Authentium 5.1.0.4 2008.09.11 -

Avast 4.8.1195.0 2008.09.11 -

AVG 8.0.0.161 2008.09.11 -

BitDefender 7.2 2008.09.11 -

CAT-QuickHeal 9.50 2008.09.11 -

ClamAV 0.93.1 2008.09.11 -

DrWeb 4.44.0.09170 2008.09.11 -

eSafe 7.0.17.0 2008.09.11 -

eTrust-Vet 31.6.6084 2008.09.11 -

Ewido 4.0 2008.09.11 -

F-Prot 4.4.4.56 2008.09.11 -

F-Secure 8.0.14332.0 2008.09.11 Suspicious:W32/Dzan!Gemini

Fortinet 3.113.0.0 2008.09.11 -

GData 19 2008.09.11 -

Ikarus T3.1.1.34.0 2008.09.11 -

K7AntiVirus 7.10.452 2008.09.11 -

Kaspersky 7.0.0.125 2008.09.11 -

McAfee 5382 2008.09.11 -

Microsoft 1.3903 2008.09.11 -

NOD32v2 3435 2008.09.11 -

Norman 5.80.02 2008.09.11 -

Panda 9.0.0.4 2008.09.11 -

PCTools 4.4.2.0 2008.09.11 -

Prevx1 V2 2008.09.11 Malicious Software

Rising 20.61.32.00 2008.09.11 -

Sophos 4.33.0 2008.09.11 -

Sunbelt 3.1.1628.1 2008.09.11 -

Symantec 10 2008.09.11 -

TheHacker 6.3.0.9.077 2008.09.10 -

TrendMicro 8.700.0.1004 2008.09.11 -

VBA32 3.12.8.5 2008.09.10 -

ViRobot 2008.9.11.1373 2008.09.11 -

VirusBuster 4.5.11.0 2008.09.11 -

Webwasher-Gateway 6.6.2 2008.09.11 -

 

Information additionnelle

File size: 172099 bytes

MD5...: 90975bb3460970efbacfecfcff833917

SHA1..: 0a05f587ffff72fe43740a51371f2108a0afa80e

SHA256: fc176842278d8cc2ade12f8fb9f0bed7d575d183400b464f89382f04c450c619

SHA512: 25a52242d82aac1286c1e94b7eda9b2fe712e0b88df75d26008c3cb46d5e09e9<BR>8b40273f13a2377b78d546f866b359e7819714df833addb0eaf03266aeaaa229

PEiD..: Armadillo v1.71

TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)

PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x40dc94<BR>timedatestamp.....: 0x425702a5 (Fri Apr 08 22:16:05 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x1cd6a 0x1d000 6.61 e38d9b0f4c804bc61578fa8a6f0bb479<BR>.rdata 0x1e000 0x54d3 0x6000 4.61 3b9cb21b0835438e30c13f40582e0567<BR>.data 0x24000 0x8cbc 0x5000 2.96 1090d9f9c10b0c2ccbc05ad81f6ad5c4<BR>.rsrc 0x2d000 0x508 0x1000 0.88 4100801f13f4cf5e263fef8a7634138d<BR><BR>( 7 imports ) <BR>> WSOCK32.dll: -, -, -<BR>> KERNEL32.dll: GetOEMCP, GetCurrentProcess, WriteFile, FlushFileBuffers, SetFilePointer, GetFileAttributesA, RtlUnwind, CreateThread, ExitThread, GetTimeZoneInformation, GetSystemTime, GetLocalTime, GetStartupInfoA, GetCommandLineA, GetCPInfo, GlobalFindAtomA, HeapSize, HeapReAlloc, GetACP, UnhandledExceptionFilter, LCMapStringA, LCMapStringW, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, GetStringTypeA, GetStringTypeW, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetProcessVersion, GlobalFlags, TlsGetValue, ResumeThread, GlobalAlloc, LocalReAlloc, TlsSetValue, GlobalReAlloc, GlobalLock, GlobalFree, GlobalHandle, GlobalUnlock, SetLastError, TlsAlloc, lstrcpynA, GlobalAddAtomA, GetCurrentThreadId, GlobalGetAtomNameA, ExitProcess, HeapAlloc, GlobalDeleteAtom, InterlockedExchange, LeaveCriticalSection, lstrcmpA, MultiByteToWideChar, WideCharToMultiByte, InterlockedDecrement, InterlockedIncrement, WaitForMultipleObjects, lstrlenA, FreeLibrary, LocalAlloc, LocalFree, GetModuleFileNameA, TerminateProcess, MoveFileExA, GetVersion, VirtualAlloc, DeleteFileA, GetTickCount, GetPrivateProfileIntA, CopyFileA, CreateProcessA, Sleep, GetVersionExA, GetComputerNameA, GetTempPathA, GetTempFileNameA, DeleteCriticalSection, CreateEventA, InitializeCriticalSection, GetCurrentDirectoryA, lstrcmpiA, OpenFile, FindFirstFileA, FindNextFileA, FindClose, EnterCriticalSection, _lclose, RaiseException, HeapFree, SetEvent, GetProcAddress, LoadLibraryA, GetCurrentProcessId, lstrcatA, lstrcpyA, WriteProcessMemory, ReadProcessMemory, CloseHandle, OpenProcess, GetExitCodeThread, WaitForSingleObject, GetModuleHandleA, CreateMutexA, GetLastError, GetSystemDirectoryA, ResetEvent<BR>> USER32.dll: LoadStringA, GetNextDlgTabItem, EnableMenuItem, CheckMenuItem, SetMenuItemBitmaps, ModifyMenuA, GetMenuState, LoadBitmapA, GetMenuCheckMarkDimensions, SetWindowTextA, IsWindowEnabled, GetClassNameA, PtInRect, ClientToScreen, GetSysColorBrush, ReleaseDC, GetDC, DestroyMenu, TabbedTextOutA, DrawTextA, GrayStringA, GetTopWindow, MessageBoxA, GetSysColor, MapWindowPoints, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextA, GetDlgCtrlID, GetKeyState, SetWindowsHookExA, CallNextHookEx, GetClassLongA, SetPropA, UnhookWindowsHookEx, CallWindowProcA, RemovePropA, GetMessageTime, PeekMessageA, GetLastActivePopup, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowPos, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, SendMessageA, PostMessageA, FindWindowA, KillTimer, DestroyWindow, SetTimer, PostQuitMessage, DefWindowProcA, CreateWindowExA, ShowWindow, UpdateWindow, LoadIconA, LoadCursorA, RegisterClassExA, GetMessageA, DispatchMessageA, TranslateMessage, RegisterWindowMessageA, GetFocus, SetFocus, AdjustWindowRectEx, GetClientRect, CopyRect, EnableWindow, GetParent, GetCapture, GetPropA, SetWindowLongA, GetWindowLongA, GetMessagePos<BR>> GDI32.dll: GetClipBox, SetTextColor, SetBkColor, GetObjectA, CreateBitmap, DeleteObject, GetDeviceCaps, DeleteDC, SaveDC, RestoreDC, SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, PtVisible, RectVisible, ExtTextOutA, Escape, TextOutA<BR>> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter<BR>> ADVAPI32.dll: CreateServiceA, QueryServiceStatus, DeleteService, RegCreateKeyExA, StartServiceA, OpenSCManagerA, OpenServiceA, CloseServiceHandle, QueryServiceConfigA, RegDeleteValueA, RegSetValueExA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegNotifyChangeKeyValue<BR>> COMCTL32.dll: -<BR><BR>( 59 exports ) <BR>__0TmProcessGuard@@QAE@KHH@Z, __0TmProcessGuard@@QAE@PBD0HH@Z, __0TmProcessGuard@@QAE@XZ, __0TmServiceGuard@@QAE@PBD00HH@Z, __0TmServiceGuard@@QAE@PBDKHH@Z, __0TmServiceGuard@@QAE@XZ, __1TmProcessGuard@@UAE@XZ, __1TmServiceGuard@@UAE@XZ, __4TmProcessGuard@@QAEXAAV0@@Z, __4TmServiceGuard@@QAEXAAV0@@Z, ___7TmProcessGuard@@6B@, ___7TmServiceGuard@@6B@, _BackupService@TmServiceGuard@@IAEXXZ, _CheckProcess@TmProcessGuard@@QAE_NAAVCStringArray@@@Z, _GetGuardInfo@TmProcessGuard@@QBEXAAKAAVCString@@1AAH2@Z, _IsIPChanged@@YA_NPBDPADH@Z, _IsMonitor@TmProcessGuard@@IBE_NXZ, _IsNTPlatform@@YA_NXZ, _IsProcessAlive@TmProcessGuard@@MAE_NXZ, _IsProcessAlive@TmServiceGuard@@MAE_NXZ, _IsRetryNow@TmProcessGuard@@IBE_NXZ, _IsTheSame@TmProcessGuard@@QBE_NABVCString@@0@Z, _IsTheSame@TmProcessGuard@@QBE_NK@Z, _IsTheSame@TmProcessGuard@@QBE_NPBV1@@Z, _IsValidProcess@TmProcessGuard@@QBE_NXZ, _QueryAllLog@TmProcessGuard@@QBEXAAVCStringArray@@@Z, _RegWatchDog_Ofc@@YA_NXZ, _RegWatchDog_Ofc_95@@YA_NXZ, _RegWatchDog_Ofc_NTRT@@YA_NXZ, _RegWatchDog_Ofc_OFCPFWSVC@@YA_NXZ, _RegWatchDog_Ofc_PCCNTMON@@YA_NXZ, _RegWatchDog_Ofc_TMLISTEN@@YA_NXZ, _ResetMonitor@TmProcessGuard@@IAEXXZ, _ResetRetryCount@TmProcessGuard@@QAEXXZ, _ResetRetryTick@TmProcessGuard@@QAEXXZ, _ResetRetryVar@TmProcessGuard@@QAEXXZ, _RetryWakeupProcess@TmProcessGuard@@MAE_NXZ, _RetryWakeupProcess@TmServiceGuard@@MAE_NXZ, _SetMonitor@TmProcessGuard@@IAEXXZ, _SetProcessID@TmProcessGuard@@QAEXK@Z, _SetRetryCountLimit@TmProcessGuard@@QAEXH@Z, _SetRetryTickLimit@TmProcessGuard@@QAEXH@Z, _StepMonitor@TmProcessGuard@@IAEXXZ, _StepRetry@TmProcessGuard@@IAEXXZ, _UnRegWatchDog_Ofc@@YA_NXZ, _UnRegWatchDog_Ofc_95@@YA_NXZ, _UnRegWatchDog_Ofc_NTRT@@YA_NXZ, _UnRegWatchDog_Ofc_OFCPFWSVC@@YA_NXZ, _UnRegWatchDog_Ofc_PCCNTMON@@YA_NXZ, _UnRegWatchDog_Ofc_TMLISTEN@@YA_NXZ, C_IsIPChanged, C_RegWatchDog_Ofc, C_RegWatchDog_Ofc_OFCPFWSVC, C_RegWatchDog_Ofc_PCCNTMON, C_RegWatchDog_Ofc_TMLISTEN, C_UnRegWatchDog_Ofc, C_UnRegWatchDog_Ofc_OFCPFWSVC, C_UnRegWatchDog_Ofc_PCCNTMON, C_UnRegWatchDog_Ofc_TMLISTEN<BR>

Prevx info: http://info.prevx.com/aboutprogramtext.asp...508CF0005CE12E9

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Ca n'a pas l'air infectieux, mais ce serait bien de savoir d'où il sort lui.

 

Petit test complémentaire. :P

 

Télécharge Gmer.

Dézippe le dans un dossier ou sur ton bureau.

 

Double-clique sur Gmer.exe.

 

NB : Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'exécuter.

 

Clique sur l'onglet rootkit/malware (déjà actif).

A droite, coche Files et Services uniquement.

Clique maintenant sur Scan.

 

Lorsque le scan est terminé, clique sur Copy.

 

Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.

Le rapport doit alors apparaître.

Enregistre le fichier sur ton bureau et copie/colle son contenu dans ta prochaine réponse.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...