desactivation de services (securité)
Forum Sécurité - Virus : desactivation de services (securité)
bonjour
je viens de constater une petite defaillance sur mon pc pcu 2.80ghz .1 go de ram.sevc pack 3 sous XP fam.
a chaque demarrage de windows je suis ogligé de redemarrer
-le centre de securite (non pas qu'il me soit indispensable mais y'a pas de raisons !)
-les mises a jour automatiques (la je prefererais que cela soit ok)
des suggestions ?
MERCI A VOUS
Bonjour,
Les services sont activés ?
Répondre à Angeldark
oui je les active a chaque fois
d'ailleurs puique je n'ai plus d'antivirus (j'ai un message m'indiquant que avast.exe n'est pas une aplication win32 valide) l'icone d'alerte comme quoi je ne suis plus protegé est en place si je redemarre windows les services sont desactivés je pense etre infectémais je ne peux ni installer d'anti virus ni faire de scan en ligne .....
bref pour le reste ca va mais je ne suis plus protégé (la roulette russe)
cordialement
J'ai le même prob et sans vouloir te décourager, après analyse j'ai détecté un troyen "bagle.gen" qui désactive les antivirus et empêche le nettoyage .... ça fait 3 jours que je planche dessus, bon courage !
Re,
Télécharge FindyKill (Chiquitine29) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de FindyKill.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré dans ta prochaine réponse.
NB : La barre des tâches et les icônes vont disparaître pendant la recherche.
Répondre à Angeldark
merci pour la rapidité à me répondre, j'avais déjà fait voici le rapport :
Start at 14:59:53 the 16/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
c:\progra~1\speedo~1\SPO.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHReconfSvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conime.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
Deleted ! - C:\InfoSat.txt
»»»» Supression files in C:\Windows
»»»» Supression files in C:\Windows\Prefetch
Deleted ! - C:\Windows\prefetch\203768.EXE-C2A1C218.pf
Deleted ! - C:\Windows\prefetch\KEY_GEN.EXE-F03E6F5F.pf
Deleted ! - C:\Windows\prefetch\WINFILSE.EXE-48314F7F.pf
»»»» Supression files in C:\Windows\system32
Deleted ! - C:\Windows\system32\autorun.inf
Deleted ! - C:\Windows\system32\mdelk.exe
»»»» Supression files in C:\Windows\system32\drivers
Deleted ! - C:\Windows\system32\drivers\srosa2.sys
Deleted ! - C:\Windows\system32\drivers\winfilse.exe
Deleted ! - C:\Windows\system32\drivers\downld\1031494.exe
Deleted ! - C:\Windows\system32\drivers\downld\115705.exe
Deleted ! - C:\Windows\system32\drivers\downld\1173985.exe
Deleted ! - C:\Windows\system32\drivers\downld\119605.exe
Deleted ! - C:\Windows\system32\drivers\downld\1246619.exe
Deleted ! - C:\Windows\system32\drivers\downld\124816.exe
Deleted ! - C:\Windows\system32\drivers\downld\1415693.exe
Deleted ! - C:\Windows\system32\drivers\downld\1498686.exe
Deleted ! - C:\Windows\system32\drivers\downld\1566749.exe
Deleted ! - C:\Windows\system32\drivers\downld\1735776.exe
Deleted ! - C:\Windows\system32\drivers\downld\2055235.exe
Deleted ! - C:\Windows\system32\drivers\downld\255763.exe
Deleted ! - C:\Windows\system32\drivers\downld\2801185.exe
Deleted ! - C:\Windows\system32\drivers\downld\2929979.exe
Deleted ! - C:\Windows\system32\drivers\downld\3412553.exe
Deleted ! - C:\Windows\system32\drivers\downld\3556963.exe
Deleted ! - C:\Windows\system32\drivers\downld\4036229.exe
Deleted ! - C:\Windows\system32\drivers\downld\600853.exe
Deleted ! - C:\Windows\system32\drivers\downld\826898.exe
Deleted ! - "C:\Windows\system32\drivers\downld"
»»»» Supression files in C:\Users\anne\AppData\Roaming
»»»» Supression files in C:\Users\anne\AppData\Local\Temp
»»»» Supression files in C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\3Q3B9HBU\b64_2[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\3Q3B9HBU\b64_3[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\3Q3B9HBU\mxd[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\B76YA0SQ\b64[2].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\B76YA0SQ\b64_2[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\B76YA0SQ\b64_3[3].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\BLXSWH7L\b64_3[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\EME44M55\b64_1[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\EME44M55\b64_1[2].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\EME44M55\b64_1[3].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\EME44M55\b64_3[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\FJI28ZII\b64[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\TBTXUMWH\b64_1[1].jpg
Deleted ! - C:\Users\anne\Local Settings\Temporary Internet Files\Content.IE5\V1ACY2TD\b64_2[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_CURRENT_USER\Software\MuleAppData
Deleted ! - HKEY_CURRENT_USER\Software\FFC
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-403863162-2946916207-3588246446-1001\Software\Local AppWizard-Generated Applications\msnmsgr
Deleted ! - HKEY_USERS\S-1-5-21-403863162-2946916207-3588246446-1001\Software\Local AppWizard-Generated Applications\winfilse
Deleted ! - HKEY_USERS\S-1-5-21-403863162-2946916207-3588246446-1001\Software\MuleAppData
Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\msnmsgr
Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Wlansvc - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
WinDefend - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Moutpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Users\anne\Documents\Keygen
C:\Users\anne\Documents\Tuneup 2008 Utilities Deutsch Keygen.txt
C:\Users\anne\Documents\FantasticJourney\Crack.exe
C:\Users\anne\Documents\Keygen\keymaker.exe
---------------- ! End of report ! ------------------
Pourquoi avoir utilisé l'option 2 sans accord...
Message édité par Angeldark le 16-11-2008 à 19:06:29
Répondre à Angeldark
et voici le mien
----------------- FindyKill V4.700 ------------------
* User : philippe pasty - MOI-XGV71GDWJ3H
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 13/11/08 par Chiquitine29
* Recherche effectuée à 19:12:27 le 16/11/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\system32\ctfmon.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\120890.EXE-2EE3616F.pf
Found ! - C:\WINDOWS\prefetch\121390.EXE-0E9875DC.pf
Found ! - C:\WINDOWS\prefetch\127671.EXE-09275805.pf
Found ! - C:\WINDOWS\prefetch\127734.EXE-19A954F5.pf
Found ! - C:\WINDOWS\prefetch\130203.EXE-34EEF99C.pf
Found ! - C:\WINDOWS\prefetch\132421.EXE-0675D598.pf
Found ! - C:\WINDOWS\prefetch\133375.EXE-2C026FF2.pf
Found ! - C:\WINDOWS\prefetch\142859.EXE-17C68D60.pf
Found ! - C:\WINDOWS\prefetch\146109.EXE-17133AA9.pf
Found ! - C:\WINDOWS\prefetch\14670906.EXE-14D46984.pf
Found ! - C:\WINDOWS\prefetch\14672687.EXE-3523AC35.pf
Found ! - C:\WINDOWS\prefetch\14708812.EXE-39C852C3.pf
Found ! - C:\WINDOWS\prefetch\14721375.EXE-323BD179.pf
Found ! - C:\WINDOWS\prefetch\148906.EXE-1201E8B1.pf
Found ! - C:\WINDOWS\prefetch\29459765.EXE-0C5B86A6.pf
Found ! - C:\WINDOWS\prefetch\29500171.EXE-2C5CA53D.pf
Found ! - C:\WINDOWS\prefetch\29512812.EXE-319166C9.pf
Found ! - C:\WINDOWS\prefetch\44293531.EXE-218824C2.pf
Found ! - C:\WINDOWS\prefetch\44304609.EXE-3180782F.pf
Found ! - C:\WINDOWS\prefetch\44339046.EXE-3A024EF5.pf
Found ! - C:\WINDOWS\prefetch\84468.EXE-23040BA8.pf
Found ! - C:\WINDOWS\prefetch\89531.EXE-0D4F93B6.pf
Found ! - C:\WINDOWS\prefetch\90171.EXE-11A2A9A6.pf
Found ! - C:\WINDOWS\prefetch\90578.EXE-15B93459.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-28B39D15.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [16/11/2008 16:15] - C:\WINDOWS\system32\mdelk.exe
Found ! [16/11/2008 16:15] - C:\WINDOWS\system32\wintems.exe
Found ! [16/11/2008 18:21] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Found ! [16/11/2008 17:20] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [16/11/2008 17:20] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [18/05/2006 08:10] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [16/11/2008 17:24] - "C:\WINDOWS\system32\drivers\downld"
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\100046.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\100359.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\101171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\102125.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\102953.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\105578.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\106687.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\106718.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\107078.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\107250.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\107281.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\108437.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\109015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\109343.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\110640.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\110828.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\113093.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\113125.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\115015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\115031.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\117859.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\118000.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\118515.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\118593.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\119109.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\119468.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\120000.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\120890.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\121390.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\122328.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\123703.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\124781.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\127671.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\127734.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\130125.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\130203.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\130640.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\131250.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\132421.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\132453.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\132640.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\132656.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\133375.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\134265.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\134656.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\134812.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\136562.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\137015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\137406.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\137984.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\138531.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\139000.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\139078.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\139187.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\139406.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\139781.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\140656.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\140937.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\141734.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\142562.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\144015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\145734.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14672687.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14692734.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14693812.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14700875.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\147015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14708812.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14715671.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\147187.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14727140.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14729843.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14731609.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\147593.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14770359.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14774140.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14788281.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\148312.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14851390.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\148843.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14893031.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14910750.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14919578.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\149234.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\14976921.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\149859.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\150875.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\151531.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\152390.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\152828.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\153937.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\154015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\154593.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\154625.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\156171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\157109.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\157421.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\157625.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\161250.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\161343.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\161484.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\171234.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\171546.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\176609.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\179109.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\179671.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\179703.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\182953.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\183453.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\187093.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\189234.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\194703.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\196906.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\199968.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\200968.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\202984.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\205796.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\210734.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\215421.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\215703.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\216281.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\22909937.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\22954734.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\22957703.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\237515.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\238781.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\249390.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\251031.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\251703.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\253265.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\255781.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\256890.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\257671.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\257875.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\259421.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\261406.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\266046.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\267406.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\268640.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\270437.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\270953.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\271218.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\272187.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\273406.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\274765.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\277093.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\280125.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\281890.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\287125.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\291218.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\292906.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29459765.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29483031.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29484078.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29500171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29507171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29515937.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\298390.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29842515.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\29860796.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\299015.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\301062.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\302687.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\313390.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\313437.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\316078.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\390875.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\410125.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44282718.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44283765.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44293531.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44304609.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44312531.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44343156.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44404343.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44442937.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\44460859.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\84468.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\85171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\867109.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\88187.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\891171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\89531.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\90171.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\94109.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\96296.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\98484.exe
Found ! [16/11/2008 17:24] C:\WINDOWS\system32\drivers\downld\98578.exe
»»»» Presence des fichiers dans C:\Documents and Settings\philippe pasty\Application Data
Found ! [16/11/2008 17:22] - "C:\Documents and Settings\philippe pasty\Application Data\m\flec006.exe"
Found ! [16/11/2008 17:22] - "C:\Documents and Settings\philippe pasty\Application Data\m\list.oct"
Found ! [16/11/2008 17:22] - "C:\Documents and Settings\philippe pasty\Application Data\m\data.oct"
Found ! [16/11/2008 17:22] - "C:\Documents and Settings\philippe pasty\Application Data\m\srvlist.oct"
Found ! [16/11/2008 17:24] - "C:\Documents and Settings\philippe pasty\Application Data\m\shared"
Found ! [14/11/2008 17:00] - "C:\Documents and Settings\philippe pasty\Application Data\m"
»»»» Presence des fichiers dans C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp
Found ! - C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\Rar$EX00.906\install_patch.exe
»»»» Presence des fichiers dans C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\8SC0YQEX\b64_1[1].jpg
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\E35GV7FK\b64[1].jpg
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\E35GV7FK\b64_1[1].jpg
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\U5AGN53S\b64_2[1].jpg
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\U5AGN53S\b64_3[1].jpg
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64[1].jpg
Found ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64_2[1].jpg
--------------- [ Registre / Startup ] ----------------
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SkyTel REG_SZ SkyTel.EXE
RTHDCPL REG_SZ RTHDCPL.EXE
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
nwiz REG_SZ nwiz.exe /install
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Microsoft Works Update Detection REG_SZ C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
CTxfiHlp REG_SZ CTXFIHLP.EXE
CTHelper REG_SZ CTHELPER.EXE
Alcmtr REG_SZ ALCMTR.EXE
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
EA Core REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe -silent
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
EapHost - Type de démarrage = 3
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
simplement parce que ce n'est pas moi qui l'ai mis en route. Je ne suis qu'une pauvre petite chose débutante et vulnérable en mode panique !
capucine51 : tu te crées ton propre sujet merci 
Relance FindyKill en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NB : Un redémarrage est parfois nécessaire, FindyKill t'enverra un message si cela est nécessaire.
Répondre à Angeldark
j'ai fait les manips cependant je n'ai pas eu de rapport d'affiché
il n'apparait pas dans c:\FINDYKILL.txt
dois je relancer findykill et poster avec l'option 1 ?
dans l'immediat la fenetre de findy kill est toujours ouverte elle est rouge et m'indique que cleaning complete que je dois appuyer sur une touche pour avoir le rapport mais j'ai rien
donc je relance option 1?
Il y a eu des changements uc MOINS de 10 % (arf arf arf !!!)
l'icone comme quoi mon pc n'est plus protegé est revenu (re-arf!)
les instructions herr direktor !?
AHHHH voila voila
----------------- FindyKill V4.700 ------------------
* User : philippe pasty - MOI-XGV71GDWJ3H
* executed from : C:\Program Files\FindyKill
* Update on 13/11/08 par Chiquitine29
* Start at 7:47:01 the 17/11/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\120890.EXE-2EE3616F.pf
Deleted ! - C:\WINDOWS\prefetch\121390.EXE-0E9875DC.pf
Deleted ! - C:\WINDOWS\prefetch\127671.EXE-09275805.pf
Deleted ! - C:\WINDOWS\prefetch\127734.EXE-19A954F5.pf
Deleted ! - C:\WINDOWS\prefetch\130203.EXE-34EEF99C.pf
Deleted ! - C:\WINDOWS\prefetch\132421.EXE-0675D598.pf
Deleted ! - C:\WINDOWS\prefetch\133375.EXE-2C026FF2.pf
Deleted ! - C:\WINDOWS\prefetch\142859.EXE-17C68D60.pf
Deleted ! - C:\WINDOWS\prefetch\146109.EXE-17133AA9.pf
Deleted ! - C:\WINDOWS\prefetch\14670906.EXE-14D46984.pf
Deleted ! - C:\WINDOWS\prefetch\14672687.EXE-3523AC35.pf
Deleted ! - C:\WINDOWS\prefetch\14708812.EXE-39C852C3.pf
Deleted ! - C:\WINDOWS\prefetch\14721375.EXE-323BD179.pf
Deleted ! - C:\WINDOWS\prefetch\148906.EXE-1201E8B1.pf
Deleted ! - C:\WINDOWS\prefetch\29459765.EXE-0C5B86A6.pf
Deleted ! - C:\WINDOWS\prefetch\29500171.EXE-2C5CA53D.pf
Deleted ! - C:\WINDOWS\prefetch\29512812.EXE-319166C9.pf
Deleted ! - C:\WINDOWS\prefetch\44293531.EXE-218824C2.pf
Deleted ! - C:\WINDOWS\prefetch\44304609.EXE-3180782F.pf
Deleted ! - C:\WINDOWS\prefetch\44339046.EXE-3A024EF5.pf
Deleted ! - C:\WINDOWS\prefetch\84468.EXE-23040BA8.pf
Deleted ! - C:\WINDOWS\prefetch\89531.EXE-0D4F93B6.pf
Deleted ! - C:\WINDOWS\prefetch\90171.EXE-11A2A9A6.pf
Deleted ! - C:\WINDOWS\prefetch\90578.EXE-15B93459.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-28B39D15.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
»»»» Supression files in C:\WINDOWS\system32
Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt
»»»» Supression files in C:\WINDOWS\system32\drivers
Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\100046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\100359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\102125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\102953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\105578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\106687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\106718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\107078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\107250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\107281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\108437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\109015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\109343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\110640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\110828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\112437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\113093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\113125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\115015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\115031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\118000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\118421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\118515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\118593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\119109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\119468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\120000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\120890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\121390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\122328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\123703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\124781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\125734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\127671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\127734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\129343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\130125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\130203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\130640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\131250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\133375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\134265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\134812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\136562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\137015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\137406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\137984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\138250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\138531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\141734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\142562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\144015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\145734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14672687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14692734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14693812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14700875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14708812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14715671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14727140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14729843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14731609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14770359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14774140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14788281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14798390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14814031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14815140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\148312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14832484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14838046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14851390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\148843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14893031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14910750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14917156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14919578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\149234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14976921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14984906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\149859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15026078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15062140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\150875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\151531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\152390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\152828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\153937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\154015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\154593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\154625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\156171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\161250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\161343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\161484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\171234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\171546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\176609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\179109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\179671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\179703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\180343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\183453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\189234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\194703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\196906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\199968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\200968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\202984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\205796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\210734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\215421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\215703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\216281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\225531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\22909937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\22954734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\22957703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\237515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\238781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\249390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\251031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\251703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\253265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\255781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\256890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\257671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\257875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\259421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\261406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\266046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\267406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\268640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\270437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\270953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\271218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\272187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\273406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\274765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\277093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\280125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\281890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\287125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\291218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\292906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29459765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29483031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29484078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29500171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29507171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29515937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\298390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29842515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29860796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\299015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\301062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\302687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\313390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\313437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\316078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\390875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\410125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44282718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44283765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44293531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44304609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44312531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44343156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44404343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44442937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\44460859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\76390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\77562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\84468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\85171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\867109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\88187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\891171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\89531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\90171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\94109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98578.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"
»»»» Supression files in C:\Documents and Settings\philippe pasty\Application Data
Deleted ! - "C:\Documents and Settings\philippe pasty\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\philippe pasty\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\philippe pasty\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\philippe pasty\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\3DMF Workshop 0.6d.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Abaiko Disk Space Monitor 2.02.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\ABC's_of_Service_Management_4.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Acala_DivX_to_iPod_2.3.3.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Acronis_True_Image_Home_10.0_Build_4940.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\AGuardDog_Sheild_1.0.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Alert Phone 1.28.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Allspamaway for Outlook Express 1.0.0.98.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Andalib Organizer 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\antivirus.bitdefender.9.free.and.manual.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Antivirus.Panda.Platinium.2005.Esp.Crack.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Anyimax iPhone Video Converter Suite 1.51 Build 808.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\AtomPark_E-mail_Logger_v1.43.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\AudioTime_3.0_Cracked.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Autumn_Lake_Demo_Screensaver_1.0_Key+Serial.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Avast_Professional_Edition_4.7.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Avira.Premium.Security.Suite.v7.00.00.47.GERMAN.Incl.Serial-NoBody.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Bill_Redirect_Serial_COMPort_to_Keyboard_3.0D_[Patch].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\bitdefender.plus.v10.+.serial.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\BlindWrite_Profiler_3.1.0.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Blog_Reader_Screensaver_1.1_[Cracked].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Blue_Satin_Skin_-_MorphVOX_Add-on_1.0.2.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\BLZ Extractor 1.0.1.148.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Borg_Clock_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Brutus 2006.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\ByteWasher 2.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\CafePress Search 1.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Calendar_DIY_1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\CBWallpaper_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\CL Command Clipper 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Click'n_Design_3D_5.1.4_Crack.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Club_Lab_1.00.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\ComGuard 0.12.0451.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Compare_It!_3.86_(Cracked).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Control_Icon_Collection_1.0_[With_Crack].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\DataGridView_Columns_.NET_2.0_assembly_1.04.3_(KeyGen).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Desktop Pulse 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\DiagramDraw 1.00.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Directors_NotePad_1.0a.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Don't Forget 3.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\E-mail_Saver_3.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Earthsim_browser_1.5.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\EasyPhotoImager_1.0_Cracked.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\EGTray_k7.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Employee_Planner_1.46.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\ESBCalc 5.1.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\ESET.NOD32.AV.Administrator.Edition.Win2KXP.v2.12.2.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Euromatic Expense (French) 1.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Excellence_Flash_Speed_200%_3.7.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\FaceShop Pro 3.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\FileSpy Pro 2.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Finders_Keepers_4.00.0_With_Crack.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Flash Menu Builder 1.0 (Cracked).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Flash_Terminal_4.2.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\FoxPro2MSSQL Pro 1.0.2 Cracked.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Funny Typing 1.6.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\GdPicture_Light_OCX_-_Image_Processing_ActiveX_2.9.1_[Key].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Go_Game_Hamete_and_Overplay_for_Symbian_Series_90_1.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Heroes of Might and Magic IV v2.2 to v3.0 patch.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Inspector-Parker_1.02.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Interactive Message Response System e2.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\IP_Manager_2.4.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\iShield_1.0.18.39_[Key+Serial].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\ISMSRAT 1.01.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\JuliaGenerator 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\K-Lite_Pro_2.0.0.1_KeyGen.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\kaspersky.anti-virus.for.server.windows.4.5.0.58.with.key.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Kaspersky.Antivirus.PACK.OF.5.Keys.expire.2008.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\KeepNTouch 1.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Kentuckiana_Weather_Radio_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Leadville_Astronaut_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\LingvoSoft_Dictionary_2007_English_-_Latvian_4.0.22_[Patch].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\MailList_King_6.06.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Math_Password_Recovery_1.0_[With_Crack].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Media Player Puppeteer for iTunes 2.0.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Mega Search 1.3.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\MidiSyn_1.7.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Midnight_Mars_Browser_1.4.6.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\MOBILedit!_Forensic_2.3.0.14_(Cracked).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Mobile_3GP_Converter_1.0.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Monterey Barcode Creator 3.0.7.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Multifunctional Analog Clock 1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Musicstacker 2.0.1 [Patch].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\MUTE File Sharing 0.5.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\My Calculator 2.994.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Newsgroups_Post_Master_8.8.8_[Key].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\NOD32.Anti-Virus.System.v.2.51.30.NT.2000.XP.2003.x64.ESP.+.RegFile_DnGnMsTr.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\On2_Flix_Standard_8.005.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\One-Year_Bible_Reading_Calendar_1.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Opell DVD to 3GP Converter 2.2.7.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Photo_Snap_2.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Picture_Window_Pro_4.0.1.6.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\PJCSearch_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Plato_Video_To_iPod_Converter_3.71_(Patch).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Pocket_Quran_1.5.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Port Monitor ActiveX Component 1.5.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Pricing and Breakeven Analysis Excel 2.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Recipes_Galore_5.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Replace and Rename 1.8.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Resource .NET 2.9.3017.28240.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\S10_RedEyes_2.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SC_BirthdayMinder_1.0a.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SelectView 2.2.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SelfEvaluator_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Sharepoint Administration Extension Pack 2003.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Shortcut_Doctor_3.1_(Serial).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SiteChange2Email 1.0.1.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\sitehelpdesk_7.2_[Patch].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Skeleton Constructor 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Skypify_Callbound_1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Smartworks - Project Planner 4.9.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Snappy PhotoCard Creator Professional 2.00.2181.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SocketWatch_3.5b_(Cracked).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Softabar Command Line Email Client 1.2.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\StereoStocker 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SV2_Page_Tracker_1.02b.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\SWF-AVI-GIF_Converter_1.02_[Serial].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Task Manager (Black Bench) 1.0 (Cracked).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\The_Daily_Murder_1.3.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\The_Sims_-_Kezz_Purple_Strip_skin.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Tiger Puzzle 1.10.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Url_Spider_Jeanie_3.3.8.0_[Key+Serial].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Vallen Zipper 1.60 Build 2005.0401.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Virtual Metronome 2.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\VS2005 Addins 1.02.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\WAP Proof 2.0 [With Crack].zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\WarehouseNet_2.18_(Key+Serial).zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Webawy 1.0.zip
Deleted ! - C:\Documents and Settings\philippe pasty\Application Data\m\shared\Zoom_1.01.zip
Deleted ! - "C:\Documents and Settings\philippe pasty\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\philippe pasty\Application Data\m"
»»»» Supression files in C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp
Deleted ! - C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\Rar$EX00.906\install_patch.exe
»»»» Supression files in C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\8SC0YQEX\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\E35GV7FK\b64[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\E35GV7FK\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\E35GV7FK\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\E35GV7FK\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\U5AGN53S\b64[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\U5AGN53S\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\U5AGN53S\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\U5AGN53S\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\b64_3[2].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_CURRENT_USER\Software\FFC
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\Local AppWizard-Generated Applications\install_patch
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse
Deleted ! - HKEY_USERS\S-1-5-21-1343024091-1123561945-725345543-1004\Software\MuleAppData
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Moutpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\philippe pasty\Mes documents\0papa\ARTRAGE\ArtRage.2.5.Full.version KeyGen.rar
C:\Documents and Settings\philippe pasty\Mes documents\0papa\jeux\Crysis Warhead (pc) FR-ENG-GER-SPA-ITA-CZ-HUN-POL-RUS - crack simplifi‚ - by TEKNOMADE.iso
C:\Documents and Settings\philippe pasty\Mes documents\a trier\Corel Paint Shop Pro Photo 11 Fr Crack multilanguage.rar
C:\Documents and Settings\philippe pasty\Mes documents\a trier\Crysis (pc) FR-ENG crack simplifi‚+serial+bonus - by TEKNOMADE.iso
C:\Documents and Settings\philippe pasty\Mes documents\a trier\Winrar v3.80 Fr Incl-Crack.zip
C:\Documents and Settings\philippe pasty\Mes documents\UTILITAIRES\ArtRage.2.5.Full.version KeyGen.rar
C:\Documents and Settings\philippe pasty\Mes documents\UTILITAIRES\LMSOFT.Web.Creator.Pro.v4.0.0.5.Incl.Crack.[sharethefiles.com].rar
C:\Documents and Settings\philippe pasty\Recent\Corel Paint Shop Pro X v10.0 + KeyGen.lnk
C:\Documents and Settings\philippe pasty\Recent\LMSOFT.Web.Creator.Pro.v4.0.0.5.Incl.Crack.[sharethefiles.com].lnk
C:\Documents and Settings\philippe pasty\Recent\Paint.Shop.Pro.Photo.XI.v11.0_keygen.lnk
C:\Documents and Settings\philippe pasty\Recent\rebuilt.Corel Paint Shop Pro X v10.0 + KeyGen.lnk
---------------- ! End of report ! ------------------
bon bin il semblerait que tout soit ok vitesse antivirus les progs s'ouvrent
un grand merci a angeldark (je recommande comme on pourrait dire sur un site de ventes par encheres..... ;-)))
pouf, dans les favoris
merci encore
Reposte quand même un rapport Hijackthis.
Répondre à Angeldark
voili
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:52, on 17/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\8SC0YQEX\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activ [...] stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mi [...] 7503943593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7503929250
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/J [...] 586-jc.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/ [...] cfscan.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 9130 bytes
On va remplacer Avast!.
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
Répondre à Angeldark
ouais allez on y va ! (en fait j'ai fait uneboulette en installant avast)
je pensais antivir j'ai lu ton post a ce sujet mais bon ...au fait je protege mes couriels avec quoi ? atout a l'heure pour le scan
merci
Protéger ses courriers ?
Répondre à Angeldark
voila le rapport
Avira AntiVir Personal
Report file date: lundi 17 novembre 2008 22:45
Scanning for 1038808 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MOI-XGV71GDWJ3H
Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 18:51:21
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 18:51:27
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 18:51:30
ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 17/11/2008 18:51:31
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 17/11/2008 18:51:58
AESCN.DLL : 8.1.1.5 123251 Bytes 17/11/2008 18:51:56
AERDL.DLL : 8.1.1.3 438645 Bytes 17/11/2008 18:51:55
AEPACK.DLL : 8.1.3.4 393591 Bytes 17/11/2008 18:51:52
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 17/11/2008 18:51:49
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 17/11/2008 18:51:47
AEHELP.DLL : 8.1.1.3 119157 Bytes 17/11/2008 18:51:38
AEGEN.DLL : 8.1.1.0 319859 Bytes 17/11/2008 18:51:36
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 17/11/2008 18:51:33
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 17/11/2008 18:51:31
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 17 novembre 2008 22:45
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'Core.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'CTHELPER.EXE' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\philippe pasty\Local Settings\Temporary Internet Files\Content.IE5\ZWOOWY9I\scnAVengine1141040[1].cab
[0] Archive type: CAB (Microsoft)
--> scnAVengine.inf
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: lundi 17 novembre 2008 23:37
Used time: 51:54 Minute(s)
The scan has been done completely.
6613 Scanning directories
261301 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
261299 Files not concerned
1479 Archives were scanned
6 Warnings
0 Notes
oui quand je dis proteger mes couriers je veux dire par la est ce que je suis a l'abri d'une cochonnerie pouvant arriver via un mail
en tout cas merci pour ton aide
Le seul risque d'infection par les mails provient des pièces jointes. La seule chose à savoir est qu'il ne faut ouvrir les pièces que si elle proviennent d'un contact connu.
Répondre à Angeldark
ok merci a toi et bonne soirée
( on en apprend tous les jours !)
Bon surf.
Répondre à Angeldark
Il y a 254 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
