avast ne fonctionne plus

sophaies

6 Décembre 2008 09:42:30

quand j'allume l'ordi le symbole avast n'est pas là
et quand je veus le mettre en route il est écris que avast exe n'est pas une application win 32 valide
j'ai peur d'avoir eus un virus
merci de m'aider

Autres pages sur : avast fonctionne

| Etre averti des réponses
| Alerter

Répondre à sophaies

Egwene

6 Décembre 2008 10:36:12

Bonjour,

Je vais t'aider à résoudre ton problème. Merci de suivre à la lettre mes instructions et de ne pas prendre d'initiatives personnelles. Si tu as la moindre question, je suis à ton écoute.

Merci de prendre en compte que je suis bénévole et que j'ai une vie privée : je passe au moins une fois par jour.

Si tu penses avoir été oublié, envoie-moi un MP pour me le signaler.

Télécharge FindyKill ([#ff0000]Chiquitine29[/#ff]) sur ton Bureau.

Lance l'installation du programme en exécutant le fichier téléchargé.

Double-clique maintenant sur le raccourci de FindyKill.

Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

Poste le rapport généré dans ta prochaine réponse.

NB : La barre des tâches et les icônes vont disparaître pendant la recherche.

| Alerter

Répondre à Egwene

sophaies

6 Décembre 2008 10:58:44

voici le rapport

----------------- FindyKill V4.706 ------------------

* User : Sophie - ORDI-51C93CF87A
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 27/11/08 par Chiquitine29
* Recherche effectuée à 10:52:16 le 06/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\101109.EXE-22DFBB00.pf
Found ! - C:\WINDOWS\prefetch\102765.EXE-0CBF6F40.pf
Found ! - C:\WINDOWS\prefetch\110562.EXE-3B44ED1F.pf
Found ! - C:\WINDOWS\prefetch\114968.EXE-3319C921.pf
Found ! - C:\WINDOWS\prefetch\124281.EXE-02C04714.pf
Found ! - C:\WINDOWS\prefetch\144375.EXE-3440CA2D.pf
Found ! - C:\WINDOWS\prefetch\147718.EXE-121EED7A.pf
Found ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
Found ! - C:\WINDOWS\prefetch\70234.EXE-0033D584.pf
Found ! - C:\WINDOWS\prefetch\73234.EXE-2B368647.pf
Found ! - C:\WINDOWS\prefetch\81953.EXE-25F80793.pf
Found ! - C:\WINDOWS\prefetch\96515.EXE-169F212B.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-31FA43E9.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SERIAL.EXE-1A8C9070.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [06/12/2008 10:33] - C:\WINDOWS\system32\mdelk.exe
Found ! [06/12/2008 10:33] - C:\WINDOWS\system32\wintems.exe
Found ! [06/12/2008 10:33] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [06/12/2008 10:32] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [06/12/2008 10:32] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [26/08/2006 06:06] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [06/12/2008 10:35] - "C:\WINDOWS\system32\drivers\downld"
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\101109.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\101500.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\101640.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\102765.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\102796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\103296.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\105484.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\105875.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\106156.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\110562.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\111312.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\111765.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\114968.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\116203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\117093.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\117531.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\117828.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\121531.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\122125.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\124281.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\125187.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\125250.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\126906.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\131656.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\131859.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\132187.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\132421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\132437.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\133484.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\135640.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\135937.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\138421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\138468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139140.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139437.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139968.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\140312.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\142625.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\142890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\142984.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\144375.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\144531.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\146750.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\147343.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\147718.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\149343.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\150406.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\151203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\153203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\153765.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\154453.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\157250.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\157796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\158109.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\159375.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\161062.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\162343.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\162765.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\164171.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\164937.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170031.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170671.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170968.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\173203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\173234.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\177562.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\178109.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\178312.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\178437.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\180906.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\181281.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\182046.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\182890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\183203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\183796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\185265.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\185390.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\186687.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\186796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\187312.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\187421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\188109.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\188468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\189375.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\189968.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\191609.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193187.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193703.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193843.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193937.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\194781.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\197171.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\197718.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\198656.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\198906.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\199171.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\199468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\202187.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\203000.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\203093.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\204140.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\205718.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\206203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\207984.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\209484.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\209500.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\210359.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\210468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\213843.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\213875.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\214093.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\218593.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\218906.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\220265.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\222140.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\223218.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\223890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\224796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\225171.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\225203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\225750.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\226390.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\226421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\229062.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\230031.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\231812.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\232171.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\232218.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\233734.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\235015.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\235890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\236890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\237562.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\237640.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\240625.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\242687.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\242703.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\245812.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\246500.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\246703.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\246953.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\247921.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\249687.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\251468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\252421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\252890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\254640.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\256375.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\257640.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\258203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\258531.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\259187.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\259984.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\260156.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\260468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\262625.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\263031.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\263921.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\264671.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\264890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\265937.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\268343.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\269359.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\271671.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\272812.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\274156.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\282312.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\294468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\294640.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\295625.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\303515.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\309234.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\314109.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\322250.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\324750.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\327078.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\328265.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\328734.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\330093.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\339140.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\353562.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\375656.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\381796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\401234.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\56546.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\56765.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\57796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\58046.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\58203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\58437.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\59390.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\60484.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\60843.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\61781.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\62343.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\62609.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\62718.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\64421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\64546.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\65281.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\66703.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\68812.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\69578.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\70234.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71062.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71156.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71234.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71859.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\72687.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\72921.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73125.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73171.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73234.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73265.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73421.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73937.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\74046.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\74468.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\74843.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\75281.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\75734.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\76203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\78125.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\79875.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\80343.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\81953.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\82796.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\83656.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\83718.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\85203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\86359.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\88203.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\89453.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\90546.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\91093.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\91656.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\92890.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\96046.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\96515.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\97437.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\98453.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\98703.exe
Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\99468.exe

»»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Application Data

Found ! [05/12/2008 17:24] - "C:\Documents and Settings\Sophie\Application Data\m\flec006.exe"
Found ! [06/12/2008 10:32] - "C:\Documents and Settings\Sophie\Application Data\m\list.oct"
Found ! [06/12/2008 10:32] - "C:\Documents and Settings\Sophie\Application Data\m\data.oct"
Found ! [06/12/2008 10:33] - "C:\Documents and Settings\Sophie\Application Data\m\srvlist.oct"
Found ! [06/12/2008 10:33] - "C:\Documents and Settings\Sophie\Application Data\m\shared"
Found ! [02/12/2008 21:53] - "C:\Documents and Settings\Sophie\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\Sophie\LOCALS~1\Temp

Found ! - C:\DOCUME~1\Sophie\LOCALS~1\Temp\PatchByFile.tmp

»»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

Found ! [04/12/2008 12:20] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64[1].jpg
Found ! [03/12/2008 21:40] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64_3[1].jpg
Found ! [13/11/2008 11:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\D36439BF6AFB645FD2B2F5627D57B[1].jpg
Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\465B17821B64D17F71B71A14C5C76[1].jpg
Found ! [02/12/2008 21:51] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[1].jpg
Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[2].jpg
Found ! [03/12/2008 09:36] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_1[1].jpg
Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_3[1].jpg
Found ! [05/12/2008 11:11] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\mxd[1].jpg
Found ! [04/12/2008 21:25] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_1[1].jpg
Found ! [02/12/2008 22:02] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_2[1].jpg
Found ! [03/12/2008 09:48] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[1].jpg
Found ! [03/12/2008 12:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[2].jpg
Found ! [05/12/2008 16:28] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\mxd[1].jpg
Found ! [02/12/2008 15:59] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\23B4DAB643DDCCC6976EA3177DC13[1].jpg
Found ! [03/12/2008 21:40] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64[1].jpg
Found ! [03/12/2008 10:13] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64_2[1].jpg
Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\AGZ52X8N\b64[1].jpg
Found ! [03/12/2008 10:57] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_2[1].jpg
Found ! [04/12/2008 18:53] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[1].jpg
Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[2].jpg
Found ! [04/12/2008 21:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[1].jpg
Found ! [03/12/2008 09:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64[1].jpg
Found ! [02/12/2008 22:01] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64_3[1].jpg
Found ! [03/12/2008 21:41] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64[1].jpg
Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_1[1].jpg
Found ! [05/12/2008 16:27] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_2[1].jpg
Found ! [06/12/2008 10:33] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_3[1].jpg
Found ! [03/12/2008 10:59] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[1].jpg
Found ! [03/12/2008 12:50] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[2].jpg
Found ! [04/12/2008 18:54] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[3].jpg
Found ! [04/12/2008 21:27] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64[1].jpg
Found ! [03/12/2008 12:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64_1[1].jpg
Found ! [04/12/2008 12:20] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\mxd[1].jpg
Found ! [02/12/2008 22:01] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_1[1].jpg
Found ! [02/12/2008 21:51] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_3[1].jpg
Found ! [03/12/2008 10:59] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[1].jpg
Found ! [05/12/2008 17:04] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[2].jpg
Found ! [04/12/2008 17:19] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64_2[1].jpg
Found ! [02/12/2008 22:01] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64[1].jpg
Found ! [03/12/2008 10:12] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_1[1].jpg
Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_2[1].jpg
Found ! [05/12/2008 17:23] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_3[1].jpg
Found ! [03/12/2008 09:38] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[1].jpg
Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[2].jpg
Found ! [05/12/2008 11:11] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64[1].jpg
Found ! [04/12/2008 21:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_2[1].jpg
Found ! [04/12/2008 17:17] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_3[1].jpg
Found ! [03/12/2008 21:40] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\mxd[1].jpg
Found ! [05/12/2008 16:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64[1].jpg
Found ! [04/12/2008 18:53] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[1].jpg
Found ! [05/12/2008 17:23] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[2].jpg
Found ! [05/12/2008 16:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_3[1].jpg
Found ! [03/12/2008 09:37] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\mxd[1].jpg
Found ! [03/12/2008 09:38] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[1].jpg
Found ! [03/12/2008 09:48] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[2].jpg
Found ! [03/12/2008 12:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[3].jpg
Found ! [04/12/2008 12:19] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64_2[1].jpg
Found ! [03/12/2008 09:48] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\b64_3[1].jpg
Found ! [05/12/2008 17:04] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\mxd[1].jpg
Found ! [02/12/2008 22:00] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\X86FQDVJ\b64_2[1].jpg
Found ! [14/11/2008 11:04] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\YWARJ6V5\WMPe2e22d50-88db-4979-92c5-78049b9b64bc[1]..jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
NVMixerTray="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\serial]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\SuperCopier2]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

| Alerter

Répondre à sophaies

Egwene

6 Décembre 2008 11:23:41

Re,

Relance FindyKill en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.

NB : Un redémarrage est parfois nécessaire, FindyKill vous enverra un message si cela est nécessaire.

Puis :

1) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

2) ~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/partner/default/kavweb...

Clique sur Accept

Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.

clique une nouvelle fois sur "Accept"

Les bases de mises à jour vont s'installer, patiente un moment

Clique sur Next.

Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

3) Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)

Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

[#008040]Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau

Comment va le PC ? Toujours des problèmes ?

| Alerter

Répondre à Egwene

sophaies

6 Décembre 2008 11:40:45

----------------- FindyKill V4.706 ------------------

* User : Sophie - ORDI-51C93CF87A
* executed from : C:\Program Files\FindyKill
* Update on 27/11/08 par Chiquitine29
* Start at 12:33:52 the 06/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\101109.EXE-22DFBB00.pf
Deleted ! - C:\WINDOWS\prefetch\102765.EXE-0CBF6F40.pf
Deleted ! - C:\WINDOWS\prefetch\110562.EXE-3B44ED1F.pf
Deleted ! - C:\WINDOWS\prefetch\114968.EXE-3319C921.pf
Deleted ! - C:\WINDOWS\prefetch\124281.EXE-02C04714.pf
Deleted ! - C:\WINDOWS\prefetch\144375.EXE-3440CA2D.pf
Deleted ! - C:\WINDOWS\prefetch\147718.EXE-121EED7A.pf
Deleted ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
Deleted ! - C:\WINDOWS\prefetch\70234.EXE-0033D584.pf
Deleted ! - C:\WINDOWS\prefetch\73234.EXE-2B368647.pf
Deleted ! - C:\WINDOWS\prefetch\81953.EXE-25F80793.pf
Deleted ! - C:\WINDOWS\prefetch\96515.EXE-169F212B.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-31FA43E9.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\SERIAL.EXE-1A8C9070.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\102765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\102796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\103296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\105484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\105875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\106156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\108656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\110562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\114968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\116203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\121531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\122125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\124281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\125187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\125250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\126906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\131656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\131859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\133484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\135640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\135937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\136187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\138421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\138468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\139968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\142625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\142890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\142984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\144375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\144531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\146750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\149343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\150406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\151203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\153171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\153203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\153765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\154453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\154687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\158109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\158250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\159375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\161062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\164171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\164937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\170031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\170468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\170671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\170968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\173203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\173234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\177562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\178109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\178312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\178437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\180906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\181281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\183203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\183796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\185265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\185390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\186687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\186796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\188109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\188468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\189375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\189968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\191609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\192265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\193187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\193703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\193843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\193937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\194781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\197171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\197718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\198656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\198906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\199171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\199468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\202187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\202781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\203000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\203093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\204140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\205718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\206203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\207984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\209484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\209500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\210359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\210468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\213843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\213875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\214093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\217500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\218593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\218906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\220265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\222140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\223218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\223890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\224796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\225171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\225203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\225750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\226390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\226421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\229062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\230031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\231812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\232171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\232218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\233734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\235015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\235890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\236890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\237562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\237640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\240625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\242687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\242703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\245812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\246500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\246703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\246953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\247921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\249687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\251468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\252421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\252890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\254640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\256375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\257640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\258203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\258531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\259187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\259984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\260156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\260468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\262625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\263031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\263921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\264671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\264890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\265937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\268343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\269359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\274156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\282312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\294468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\294640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\295625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\303515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\309234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\314109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\322250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\324750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\327078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\328265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\328734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\330093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\339140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\353562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\375656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\381796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\401234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\56546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\56765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\57796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\58046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\58203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\58437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\59390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\60484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\60843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\61781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\62343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\62609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\62718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\64421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\64546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\65281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\65578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\66703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\68812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\69578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\70234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\71062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\71156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\71234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\71468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\71859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\72687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\72921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\75281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\75734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\76203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\76281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\78125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\79875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\80343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\81953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\82796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\83656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\83718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\85203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\85312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\86359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\88203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\89453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\90546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\91093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\91656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\92890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\93281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\97437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\99468.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\Sophie\Application Data

Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\1337player Build 27.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\1964 0.9.9.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\2_Symantec.NORTON.ANTISPAM.2005.keygen.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\3DProducer_2.2.1_(Patch).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\4Musics_WAV_to_WMA_Converter_4.0_[With_Crack].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\7art Happy Halloween Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Advanced_StartUp_Manager_1.41.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Aiglon Process Killer 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\AlphaScript_2.00.0006.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\American_Flags_in_NY_Screensaver_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\AnimatedAlien_ScreenMate_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Audio_Recorder_Pro_3.20.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\AWPunk 1.0.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Battlefield_1942_Desert_Combat_Extended_Mod.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BBC_World_Service_Player_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BCWipe_3.10.5.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Bernard_and_Hank_1.2.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BitSlice 4.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BitWise Chat 1.7.3.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BL-Monitor_2.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BlueIM_1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Breeze Standard Edition 5.5.4.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Buensoft German 2004.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Bytescout Watermarking 1.11.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\CD-DA to WAV 3.21 (KeyGen).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Cell_Racing_1.0_(KeyGen).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Champions League BetWidget 1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Chilkat Charset .NET.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Clickie_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ClipBird 2.1.1 Build 1019.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Commenter_1.07.02.98.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Computer-Expert_Supervisors_Pack_1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ConceptDraw_VI_Standard_6.2_(With_Crack).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Convert_to_Ringtone_Wizard_1.4.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Cool-Dog_Volume_Control_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Courier_3.0_[Cracked].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Daniusoft_DVD_to_3GP_Converter_1.1.10.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DBScripter for Oracle 1.13.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DiceMan_2.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Djuggler 1.1.4.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\dsFSR 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DupeX 3.2.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Dupe_Destroyer_5.2_[KeyGen].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DVD Bitrate Calculator 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Easy_Label_Designer_Plus_1.9.11.22.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Excel Merge (Combine) Cells, Columns, Rows & Data Software 7.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\EZMem Optimizer 2.0.26.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Fanfiction Downloader 3.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\FantasySword_RPG_II_Final.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Folder_Organizer_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\FreeSNMP_1.3.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\FreeUndelete_2.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Fresh_System_2.1.4_Patch.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\full_antivirus(Kaspersky_avast_antivir_norman_avwinsfx_f-prot.updated-fixed.06-2006.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\galaxySpy v1.1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\GdViewer OCX 4.1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\GeoClock 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\GymLogger 1.01.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Hardware_Sensors_Monitor_4.3.1.2.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Hyper_Start_1.0.8.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ImageWell_2.1_build_227.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Imagistik_Image_Driver_Lite_1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ImgViewer32 2.60.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Indian_Radio_Tooly_4.5.147.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\iView 3.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\I_AM_Screensaver_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\JavaScript_Library_Archive_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Jump Style Player Widget 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Kernel_Palm_PDB_4.03.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Knowbody Stamp It 4.0.6.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Landscapes_Screensaver_3.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Launch Pivot 1.6.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Linera_Uninstall_Manager_Lite_1.2_(With_Crack).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Luxurious_1.02.000_KeyGen.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Magic Audio CD Burner VCL 1.00.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Maillist_Express_Pro_6.20_Patch.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\MapObjects_LT_2.0a_(Serial).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Mindjet_MindManager_Mac_6.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\MSSQL2MySQL_PRO_1.4.3.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\MySQL Migration Toolkit 2.3.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\NetSend 1.00.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\NKTWAB 2.1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\P.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Paessler_Netflow_Tester_1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\PanoGraph_1.07_Serial.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\PDF2Text_Batch_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Permanent Erase.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Photo Collage Screensaver 1.2.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Photo_DVD_Maker_7.71_Key.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Pocket_DivX_Player_0.8.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Port Mapper 1.0.5.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Portable Celtx 0.9.9.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Protogem_1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\QuickLines Command for AutoCAD 1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\QuickPersonnel 1.7.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Radio Uniton 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\RemindMe_1.0.49.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Remove_Office_98_Utility_1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\SceneSaver 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\SecureBit_LoginXpress_1.0.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Service_Query_1.0_Patch.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Shop'NCook_Reader_3.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\SmartPlugin Professional 2.2.05-rc1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Stained Glass Hearts 1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\StarMail_Home_2.0.01.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Symantec.AntiVirus.Corporate.v10.1.4.4000.GERMAN-TBE.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Tark (Temporary Bookmarks) 0.28.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\TealInfo_4.32.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\TerminalServiceAgent_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\The_Cleaner_Pro_4.2_build_4319_[Key+Serial].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\the_faster_toolbar_for_Firefox_1.5.0.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\The_StarMessage_Diary_2.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ToDo_1.3.8.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\TrafficBooster_1.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\URLy Warning 2.02.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\UsefulRest (former Protector of Health) 2.7a Build 122.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Video DeNoise for VirtualDub 2.0.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Video Edit Converter Pro 2.5.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\VLPropertyList_2.0_[Crack].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Voiced_Keyboard_3.0_[Patch].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WinJanitor_1.1.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WinMPG_iPod_Converter_2.0_[Key].zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WinMX Turbo Booster 4.7.5 (Crack).zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WiseDesktop 1.5.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Wondershare DVD to Flash Converter 2.4.31.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\World Time System Tray 1.3.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\XMedia Backup 4.1.1 Serial.zip
Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ZylGSM 1.00.zip
Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m"

»»»» Supression files in C:\DOCUME~1\Sophie\LOCALS~1\Temp

Deleted ! - C:\DOCUME~1\Sophie\LOCALS~1\Temp\PatchByFile.tmp

»»»» Supression files in C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{B643238D-38BC-4236-AFDE-0551FB315BD9}.jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\D36439BF6AFB645FD2B2F5627D57B[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\465B17821B64D17F71B71A14C5C76[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\23B4DAB643DDCCC6976EA3177DC13[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\AGZ52X8N\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[3].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[3].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[4].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\X86FQDVJ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\YWARJ6V5\WMPe2e22d50-88db-4979-92c5-78049b9b64bc[1]..jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

+- deleting files :

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

--------------- [ Searching Cracks / Keygen ] ----------------

---------------- ! End of report ! ------------------

| Alerter

Répondre à sophaies

sophaies

6 Décembre 2008 13:11:30

on me demande un code d'accé quand je commence l'installation de malwareyte's Anti-Malware sur mon Bureau.

| Alerter

Répondre à sophaies

sophaies

6 Décembre 2008 16:32:09

j'ai réussit voici le rapport
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1466
Windows 5.1.2600 Service Pack 3

06/12/2008 17:20:47
mbam-log-2008-12-06 (17-20-42).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 89669
Temps écoulé: 58 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 43

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e0731ad0-39cf-4605-b00e-116fd54ed29a} (Adware.DosPopToolbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{84bb6d9a-127b-465b-82cb-15a4b83fe98c} (Adware.DosPopToolbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{925c57ae-2bb0-41c3-ba2b-ba2908ba434f} (Adware.DosPopToolbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e67d5bc7-7129-493e-9281-f47bdaface4f} (Adware.DosPopToolbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07ca483f-30bc-425d-823d-48620a3bd13f} (Adware.DosPopToolbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07ca483f-30bc-425d-823d-48620a3bd13f} (Adware.DosPopToolbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07ca483f-30bc-425d-823d-48620a3bd13f} (Adware.DosPopToolbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{57cadc46-58ff-4105-b733-5a9f3fc9783c} (Adware.DosPopToolbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\IEToolbar (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator (Adware.DosPopToolbar) -> No action taken.
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\IEToolbar\Share Accelerator\tbhelper.dll (Trojan.BHO) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007526.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007558.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007570.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007725.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007735.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP58\A0007790.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP58\A0007846.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP58\A0007862.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0007965.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0007979.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008070.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008089.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008118.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008133.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008150.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008165.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008194.sys (Worm.Bagel) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\basis.xml (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\basis.xml.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\icons.bmp (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\icons.bmp.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_16.bmp (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_16.bmp.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_24.bmp (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_24.bmp.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\info.txt (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\info.txt.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\LOGO.BMP (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\LOGO.BMP.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.crc (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.crc.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.dll (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.dll.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\tbhelper.dll.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\uninstall.exe (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\uninstall.exe.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\update.exe (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\update.exe.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\version.txt (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\version.txt.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\your_logo.png (Adware.DosPopToolbar) -> No action taken.
C:\Program Files\IEToolbar\Share Accelerator\your_logo.png.virtual.lnk (Adware.DosPopToolbar) -> No action taken.

| Alerter

Répondre à sophaies

sophaies

6 Décembre 2008 17:09:01

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Sophie ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:30 Go (Free:20 Go)
D:\ (Local Disk) - NTFS - Total:156 Go (Free:110 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|18:06 )

--------------------\\ Listing des dossiers dans APPLIC~1

[23/10/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/11/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
[23/10/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/12/2008|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[06/12/2008|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/11/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/11/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/10/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[06/12/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[23/10/2008|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/12/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[23/10/2008|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[22/11/2008|15:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[23/10/2008|20:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Adobe
[23/10/2008|22:22] C:\DOCUME~1\Sophie\APPLIC~1\Ahead
[03/11/2008|20:13] C:\DOCUME~1\Sophie\APPLIC~1\CyberLink
[03/12/2008|14:38] C:\DOCUME~1\Sophie\APPLIC~1\Help
[23/10/2008|20:07] C:\DOCUME~1\Sophie\APPLIC~1\Identities
[03/11/2008|19:20] C:\DOCUME~1\Sophie\APPLIC~1\LimeWire
[25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Macromedia
[06/12/2008|14:24] C:\DOCUME~1\Sophie\APPLIC~1\Malwarebytes
[03/12/2008|14:06] C:\DOCUME~1\Sophie\APPLIC~1\Microsoft
[25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Mozilla
[03/11/2008|18:28] C:\DOCUME~1\Sophie\APPLIC~1\Sun
[23/10/2008|20:36] C:\DOCUME~1\Sophie\APPLIC~1\Talkback
[25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Thunderbird
[02/12/2008|20:08] C:\DOCUME~1\Sophie\APPLIC~1\uTorrent
[30/10/2008|13:45] C:\DOCUME~1\Sophie\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/12/2008 17:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[01/11/2008|18:02] C:\Program Files\Adobe
[27/11/2008|13:04] C:\Program Files\Alice SSID
[23/10/2008|20:28] C:\Program Files\Alwil Software
[23/10/2008|20:00] C:\Program Files\ComPlus Applications
[02/12/2008|16:04] C:\Program Files\Conduit
[23/10/2008|20:59] C:\Program Files\CyberLink
[23/10/2008|20:56] C:\Program Files\DivX
[23/10/2008|21:03] C:\Program Files\DivX Total Pack
[23/10/2008|20:26] C:\Program Files\D-Link
[30/10/2008|14:00] C:\Program Files\Eltima Software
[23/10/2008|21:51] C:\Program Files\Fichiers communs
[06/12/2008|12:36] C:\Program Files\FindyKill
[27/11/2008|13:02] C:\Program Files\InstallShield Installation Information
[23/10/2008|22:12] C:\Program Files\Internet Explorer
[06/12/2008|18:02] C:\Program Files\Java
[23/10/2008|20:57] C:\Program Files\K-Lite Codec Pack
[03/11/2008|19:21] C:\Program Files\LimeWire
[02/12/2008|21:27] C:\Program Files\MAGIX
[06/12/2008|14:24] C:\Program Files\Malwarebytes' Anti-Malware
[23/10/2008|21:57] C:\Program Files\Messenger
[23/10/2008|20:40] C:\Program Files\Messenger Plus! Live
[23/10/2008|21:41] C:\Program Files\Microsoft AutoRoute
[23/10/2008|20:03] C:\Program Files\microsoft frontpage
[23/10/2008|21:51] C:\Program Files\Microsoft Office
[23/10/2008|21:51] C:\Program Files\Microsoft Visual Studio
[23/10/2008|21:51] C:\Program Files\Microsoft Works
[23/10/2008|21:49] C:\Program Files\Microsoft.NET
[02/12/2008|16:04] C:\Program Files\Mininova
[23/10/2008|20:52] C:\Program Files\Movie Maker
[29/10/2008|09:49] C:\Program Files\Mozilla Firefox
[06/12/2008|17:57] C:\Program Files\Mozilla Thunderbird
[23/10/2008|19:59] C:\Program Files\MSN
[23/10/2008|19:59] C:\Program Files\MSN Gaming Zone
[23/10/2008|22:14] C:\Program Files\MSN Messenger
[23/10/2008|21:32] C:\Program Files\Nero
[23/10/2008|20:49] C:\Program Files\NetMeeting
[23/10/2008|20:19] C:\Program Files\NVIDIA Corporation
[23/10/2008|19:59] C:\Program Files\Online Services
[23/10/2008|20:49] C:\Program Files\Outlook Express
[23/10/2008|20:50] C:\Program Files\Radio Fr Solo
[06/12/2008|12:49] C:\Program Files\Registry Mechanic
[13/11/2008|20:42] C:\Program Files\Secured IE
[12/11/2008|14:21] C:\Program Files\securedie
[23/10/2008|20:01] C:\Program Files\Services en ligne
[03/11/2008|18:30] C:\Program Files\Sun
[23/10/2008|20:36] C:\Program Files\SuperCopier2
[23/10/2008|20:07] C:\Program Files\Uninstall Information
[08/11/2008|01:08] C:\Program Files\uTorrent
[23/10/2008|20:57] C:\Program Files\VideoLAN
[23/10/2008|20:57] C:\Program Files\Webteh
[23/10/2008|20:40] C:\Program Files\Windows Live
[23/10/2008|21:04] C:\Program Files\Windows Media Connect 2
[04/12/2008|21:24] C:\Program Files\Windows Media Player
[23/10/2008|20:49] C:\Program Files\Windows NT
[23/10/2008|20:01] C:\Program Files\WindowsUpdate
[23/10/2008|20:53] C:\Program Files\WinRAR
[23/10/2008|20:03] C:\Program Files\xerox
[03/12/2008|14:31] C:\Program Files\Yahoo!
[12/11/2008|14:47] C:\Program Files\Zapu
[03/12/2008|10:42] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[23/10/2008|20:38] C:\Program Files\Fichiers communs\Adobe
[23/10/2008|21:33] C:\Program Files\Fichiers communs\Ahead
[23/10/2008|21:51] C:\Program Files\Fichiers communs\DESIGNER
[23/10/2008|20:19] C:\Program Files\Fichiers communs\InstallShield
[12/11/2008|14:28] C:\Program Files\Fichiers communs\Microsoft Shared
[23/10/2008|20:00] C:\Program Files\Fichiers communs\MSSoap
[23/10/2008|20:19] C:\Program Files\Fichiers communs\NVIDIA Shared
[23/10/2008|21:51] C:\Program Files\Fichiers communs\ODBC
[23/10/2008|20:01] C:\Program Files\Fichiers communs\Services
[23/10/2008|21:51] C:\Program Files\Fichiers communs\SpeechEngines
[23/10/2008|21:50] C:\Program Files\Fichiers communs\System

--------------------\\ Process

( 37 Processes )

IEXPLORE.EXE ~ [PID:2352]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Sophie\LOCALS~1\Temp\nsi2.tmp
C:\DOCUME~1\Sophie\LOCALS~1\Temp\nspE.tmp
C:\DOCUME~1\Sophie\LOCALS~1\Temp\nsr10.tmp
C:\DOCUME~1\Sophie\Cookies\sophie@advertstream[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@adultfriendfinder[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@advertising[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@adin.bigpoint[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@bigpoint[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@adopt.euroclick[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@pacificpoker[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@partypoker[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@fr1.seafight[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@seafight[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@seafight[3].txt
C:\DOCUME~1\Sophie\Cookies\sophie@www.seafight[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-06 18:07:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\drivers\downld
==> BAGLE <==

| Alerter

Répondre à sophaies

Egwene

6 Décembre 2008 19:24:24

Re,

Tu as mal lu la procédure :
C:\Documents and Settings\All Users\Menu Démarrer\Security Troubleshooting.url (Rogue.Link) -> No action taken.

Une fois le scan terminé, clique sur "Afficher les résultats" et enregistre le rapport sur ton Bureau.

Clique enfin sur "Supprimer la sélection".

Recommence stp.

| Alerter

Répondre à Egwene

sophaies

6 Décembre 2008 21:53:24

je vais recommencer la procédure merci

| Alerter

Répondre à sophaies

sophaies

6 Décembre 2008 21:54:51

----------------- FindyKill V4.706 ------------------

* User : Sophie - ORDI-51C93CF87A
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 27/11/08 par Chiquitine29
* Recherche effectuée à 22:51:24 le 06/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

»»»» Presence des fichiers dans C:\WINDOWS\system32

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [06/12/2008 17:56] - "C:\WINDOWS\system32\drivers\downld"

»»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Application Data

»»»» Presence des fichiers dans C:\DOCUME~1\Sophie\LOCALS~1\Temp

»»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background
RegistryMechanic=C:\Program Files\Registry Mechanic\RegMech.exe /H

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
NVMixerTray="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\SuperCopier2]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\bisoft

--------------- [ Etat / Services ] ----------------

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

EapHost - Type de démarrage = 2

Ip6Fw - Type de démarrage = 2

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

| Alerter

Répondre à sophaies

sophaies

6 Décembre 2008 22:02:14

----------------- FindyKill V4.706 ------------------

* User : Sophie - ORDI-51C93CF87A
* executed from : C:\Program Files\FindyKill
* Update on 27/11/08 par Chiquitine29
* Start at 22:58:18 the 06/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

»»»» Supression files in C:\WINDOWS\system32

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\Sophie\Application Data

»»»» Supression files in C:\DOCUME~1\Sophie\LOCALS~1\Temp

»»»» Supression files in C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{B643238D-38BC-4236-AFDE-0551FB315BD9}.jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\D36439BF6AFB645FD2B2F5627D57B[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\465B17821B64D17F71B71A14C5C76[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\23B4DAB643DDCCC6976EA3177DC13[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\AGZ52X8N\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[3].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[2].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[3].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[4].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\X86FQDVJ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\YWARJ6V5\WMPe2e22d50-88db-4979-92c5-78049b9b64bc[1]..jpg
Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{B643238D-38BC-4236-AFDE-0551FB315BD9}.jpg

--------------- [ Registry / Infected keys ] ----------------

--------------- [ States / Restarting of services ] ----------------

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

+- deleting files :

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

--------------- [ Searching Cracks / Keygen ] ----------------

---------------- ! End of report ! ------------------

| Alerter

Répondre à sophaies

Egwene

6 Décembre 2008 23:02:32

Re,

C'est la procédure avec MBAM que j'aurais aimé que tu recommences.

| Alerter

Répondre à Egwene

sophaies

6 Décembre 2008 23:18:03

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1467
Windows 5.1.2600 Service Pack 3

07/12/2008 00:14:14
mbam-log-2008-12-07 (00-14-14).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 89837
Temps écoulé: 59 minute(s), 25 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

| Alerter

Répondre à sophaies

Egwene

7 Décembre 2008 10:24:46

Re,

Essaye Kaspersky online ici :

Supprime Kaspersky online via ajout/suppression de programmes du panneau de configuration.

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.

Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.

Choisis par la suite l'analyse du Poste de travail

Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

| Alerter

Répondre à Egwene

sophaies

7 Décembre 2008 11:19:10

Sunday, December 7, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, December 07, 2008 03:56:00
Records in database: 1441542

Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan statistics
Files scanned 43950
Threat name 2
Infected objects 2
Suspicious objects 0
Duration of the scan 01:05:05

File name Threat name Threats count
C:\Program Files\FindyKill\Tools\Kill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1

C:\Program Files\SuperCopier2\SuperCopier2.exe Infected: Trojan-Downloader.Win32.Bagle.agx 1

The selected area was scanned.

| Alerter

Répondre à sophaies

sophaies

7 Décembre 2008 11:25:29

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Sophie ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:30 Go (Free:20 Go)
D:\ (Local Disk) - NTFS - Total:156 Go (Free:110 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 07/12/2008|12:21 )

--------------------\\ Listing des dossiers dans APPLIC~1

[23/10/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/11/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
[23/10/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/12/2008|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[06/12/2008|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/11/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/11/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/10/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[07/12/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[23/10/2008|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/12/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[23/10/2008|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[22/11/2008|15:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[23/10/2008|20:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Adobe
[23/10/2008|22:22] C:\DOCUME~1\Sophie\APPLIC~1\Ahead
[03/11/2008|20:13] C:\DOCUME~1\Sophie\APPLIC~1\CyberLink
[03/12/2008|14:38] C:\DOCUME~1\Sophie\APPLIC~1\Help
[23/10/2008|20:07] C:\DOCUME~1\Sophie\APPLIC~1\Identities
[03/11/2008|19:20] C:\DOCUME~1\Sophie\APPLIC~1\LimeWire
[25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Macromedia
[06/12/2008|14:24] C:\DOCUME~1\Sophie\APPLIC~1\Malwarebytes
[03/12/2008|14:06] C:\DOCUME~1\Sophie\APPLIC~1\Microsoft
[25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Mozilla
[03/11/2008|18:28] C:\DOCUME~1\Sophie\APPLIC~1\Sun
[23/10/2008|20:36] C:\DOCUME~1\Sophie\APPLIC~1\Talkback
[25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Thunderbird
[02/12/2008|20:08] C:\DOCUME~1\Sophie\APPLIC~1\uTorrent
[30/10/2008|13:45] C:\DOCUME~1\Sophie\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[07/12/2008 00:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[01/11/2008|18:02] C:\Program Files\Adobe
[27/11/2008|13:04] C:\Program Files\Alice SSID
[23/10/2008|20:28] C:\Program Files\Alwil Software
[23/10/2008|20:00] C:\Program Files\ComPlus Applications
[02/12/2008|16:04] C:\Program Files\Conduit
[23/10/2008|20:59] C:\Program Files\CyberLink
[23/10/2008|20:56] C:\Program Files\DivX
[23/10/2008|21:03] C:\Program Files\DivX Total Pack
[23/10/2008|20:26] C:\Program Files\D-Link
[30/10/2008|14:00] C:\Program Files\Eltima Software
[23/10/2008|21:51] C:\Program Files\Fichiers communs
[06/12/2008|23:00] C:\Program Files\FindyKill
[27/11/2008|13:02] C:\Program Files\InstallShield Installation Information
[23/10/2008|22:12] C:\Program Files\Internet Explorer
[06/12/2008|18:02] C:\Program Files\Java
[23/10/2008|20:57] C:\Program Files\K-Lite Codec Pack
[03/11/2008|19:21] C:\Program Files\LimeWire
[02/12/2008|21:27] C:\Program Files\MAGIX
[06/12/2008|14:24] C:\Program Files\Malwarebytes' Anti-Malware
[23/10/2008|21:57] C:\Program Files\Messenger
[23/10/2008|20:40] C:\Program Files\Messenger Plus! Live
[23/10/2008|21:41] C:\Program Files\Microsoft AutoRoute
[23/10/2008|20:03] C:\Program Files\microsoft frontpage
[23/10/2008|21:51] C:\Program Files\Microsoft Office
[23/10/2008|21:51] C:\Program Files\Microsoft Visual Studio
[23/10/2008|21:51] C:\Program Files\Microsoft Works
[23/10/2008|21:49] C:\Program Files\Microsoft.NET
[02/12/2008|16:04] C:\Program Files\Mininova
[23/10/2008|20:52] C:\Program Files\Movie Maker
[29/10/2008|09:49] C:\Program Files\Mozilla Firefox
[07/12/2008|10:51] C:\Program Files\Mozilla Thunderbird
[23/10/2008|19:59] C:\Program Files\MSN
[23/10/2008|19:59] C:\Program Files\MSN Gaming Zone
[23/10/2008|22:14] C:\Program Files\MSN Messenger
[23/10/2008|21:32] C:\Program Files\Nero
[23/10/2008|20:49] C:\Program Files\NetMeeting
[23/10/2008|20:19] C:\Program Files\NVIDIA Corporation
[23/10/2008|19:59] C:\Program Files\Online Services
[23/10/2008|20:49] C:\Program Files\Outlook Express
[23/10/2008|20:50] C:\Program Files\Radio Fr Solo
[06/12/2008|12:49] C:\Program Files\Registry Mechanic
[13/11/2008|20:42] C:\Program Files\Secured IE
[12/11/2008|14:21] C:\Program Files\securedie
[23/10/2008|20:01] C:\Program Files\Services en ligne
[03/11/2008|18:30] C:\Program Files\Sun
[23/10/2008|20:36] C:\Program Files\SuperCopier2
[23/10/2008|20:07] C:\Program Files\Uninstall Information
[08/11/2008|01:08] C:\Program Files\uTorrent
[23/10/2008|20:57] C:\Program Files\VideoLAN
[23/10/2008|20:57] C:\Program Files\Webteh
[23/10/2008|20:40] C:\Program Files\Windows Live
[23/10/2008|21:04] C:\Program Files\Windows Media Connect 2
[04/12/2008|21:24] C:\Program Files\Windows Media Player
[23/10/2008|20:49] C:\Program Files\Windows NT
[23/10/2008|20:01] C:\Program Files\WindowsUpdate
[23/10/2008|20:53] C:\Program Files\WinRAR
[23/10/2008|20:03] C:\Program Files\xerox
[03/12/2008|14:31] C:\Program Files\Yahoo!
[12/11/2008|14:47] C:\Program Files\Zapu
[03/12/2008|10:42] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[23/10/2008|20:38] C:\Program Files\Fichiers communs\Adobe
[23/10/2008|21:33] C:\Program Files\Fichiers communs\Ahead
[23/10/2008|21:51] C:\Program Files\Fichiers communs\DESIGNER
[23/10/2008|20:19] C:\Program Files\Fichiers communs\InstallShield
[12/11/2008|14:28] C:\Program Files\Fichiers communs\Microsoft Shared
[23/10/2008|20:00] C:\Program Files\Fichiers communs\MSSoap
[23/10/2008|20:19] C:\Program Files\Fichiers communs\NVIDIA Shared
[23/10/2008|21:51] C:\Program Files\Fichiers communs\ODBC
[23/10/2008|20:01] C:\Program Files\Fichiers communs\Services
[23/10/2008|21:51] C:\Program Files\Fichiers communs\SpeechEngines
[23/10/2008|21:50] C:\Program Files\Fichiers communs\System

--------------------\\ Process

( 37 Processes )

IEXPLORE.EXE ~ [PID:3052]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Sophie\Cookies\sophie@advertstream[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@adultfriendfinder[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@advertising[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@adin.bigpoint[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@bigpoint[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@adopt.euroclick[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@pacificpoker[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@partypoker[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@fr1.seafight[2].txt
C:\DOCUME~1\Sophie\Cookies\sophie@seafight[1].txt
C:\DOCUME~1\Sophie\Cookies\sophie@seafight[3].txt
C:\DOCUME~1\Sophie\Cookies\sophie@www.seafight[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 12:22:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\drivers\downld
==> BAGLE <==

Aucune autre infection trouvée !

[F:918][D:14]-> C:\DOCUME~1\Sophie\LOCALS~1\Temp
[F:596][D:0]-> C:\DOCUME~1\Sophie\Cookies
[F:462][D:5]-> C:\DOCUME~1\Sophie\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|18:07 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 07/12/2008|12:23 - Option : [1]

--------------------\\ Fin du rapport a 12:23:27

| Alerter

Répondre à sophaies

Egwene

7 Décembre 2008 11:29:28

Re,

Ok j'ai trouvé la source de la réinfection

Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

Télécharge ComboFix (sUBs[/#f]) sur ton Bureau.

Renomme-le avant téléchargement en suivant cette procédure : pcastuces.com

Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )

File::
C:\Program Files\SuperCopier2\SuperCopier2.exe

=> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

- Colles y le texte (CTRL + V)
- Enregistre ce fichier dans : Bureau
- Nom du fichier : [#f0000e]CFScript

- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer
- Quitte le Bloc Notes

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.

S'il te demande d'installer la console de récupération, accepte.

Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

Poste un nouveau rapport hijackthis.

| Alerter

Répondre à Egwene

sophaies

7 Décembre 2008 17:48:36

nouveau rapport hijackthis.
ComboFix 08-12-06.06 - Sophie 2008-12-07 18:45:28.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.272 [GMT 1:00]
Lancé depuis: c:\documents and settings\Sophie\Bureau\Combo-Fix.exe.exe
Commutateurs utilisés :: c:\documents and settings\Sophie\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
c:\program files\SuperCopier2\SuperCopier2.exe 8
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-07 au 2008-12-07 ))))))))))))))))))))))))))))))))))))
.

2008-12-07 17:48 . 2008-12-07 18:32 <REP> d-------- C:\ComboFix
2008-12-07 12:30 . 2008-12-07 12:30 <REP> d-------- c:\windows\system32\Kaspersky Lab
2008-12-07 12:30 . 2008-12-07 12:30 <REP> d-------- c:\windows\LastGood
2008-12-06 18:05 . 2008-12-07 12:23 <REP> d-------- C:\Lop SD
2008-12-06 18:02 . 2008-12-06 18:02 <REP> d-------- c:\program files\Java
2008-12-06 18:02 . 2008-12-06 18:02 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-06 14:24 . 2008-12-06 14:24 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-06 14:24 . 2008-12-06 14:24 <REP> d-------- c:\documents and settings\Sophie\Application Data\Malwarebytes
2008-12-06 14:24 . 2008-12-06 14:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-06 14:24 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-06 14:24 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-06 10:51 . 2008-12-06 23:00 <REP> d-------- c:\program files\FindyKill
2008-12-04 21:24 . 2008-12-04 21:24 23,392 --a------ c:\windows\system32\nscompat.tlb
2008-12-04 21:24 . 2008-12-04 21:24 16,832 --a------ c:\windows\system32\amcompat.tlb
2008-12-03 14:35 . 2008-12-03 14:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-03 14:31 . 2008-12-03 14:31 <REP> d-------- c:\program files\Yahoo!
2008-12-03 10:42 . 2008-12-03 10:42 <REP> d-------- c:\windows\system32\ZoneLabs
2008-12-03 10:42 . 2008-12-03 10:42 <REP> d-------- c:\program files\Zone Labs
2008-12-03 10:42 . 2008-07-09 09:05 1,086,952 --a------ c:\windows\system32\zpeng24.dll
2008-12-03 10:42 . 2008-12-03 10:42 352,624 --a------ c:\windows\system32\vsconfig.xml
2008-12-03 10:40 . 2008-12-03 10:42 <REP> d-------- c:\windows\Internet Logs
2008-12-02 21:28 . 2008-12-02 21:28 <REP> d-------- c:\documents and settings\All Users\Application Data\MAGIX
2008-12-02 21:27 . 2008-12-02 21:27 <REP> d-------- c:\program files\MAGIX
2008-12-02 21:27 . 2002-09-21 00:33 1,089,536 --a------ c:\windows\system32\ROBOEX32.DLL
2008-12-02 21:27 . 1998-10-15 17:28 85,504 --a------ c:\windows\system32\HtmlWH.dll
2008-12-02 21:27 . 1999-01-28 14:44 49,152 --a------ c:\windows\system32\INETWH32.dll
2008-12-02 21:26 . 2008-12-02 21:26 <REP> d-------- c:\windows\system32\MAGIX
2008-12-02 21:26 . 2007-03-19 12:53 663,552 --a------ c:\windows\system32\mgxoschk.dll
2008-12-02 21:26 . 2008-12-02 21:26 6,768 --a------ c:\windows\mgxoschk.ini
2008-12-02 16:04 . 2008-12-02 16:04 <REP> d-------- c:\program files\Mininova
2008-12-02 16:04 . 2008-12-02 16:04 <REP> d-------- c:\program files\Conduit
2008-11-27 13:04 . 2008-11-27 13:04 <REP> d-------- c:\program files\Alice SSID
2008-11-27 13:02 . 2006-11-02 17:12 348,416 --a------ c:\windows\system32\drivers\rt73.sys
2008-11-27 13:02 . 2003-10-14 06:30 94,208 --a------ c:\windows\system32\GTW32N50.dll
2008-11-27 13:02 . 2003-09-26 14:28 31,930 --a------ c:\windows\system32\GTNDIS3.VXD
2008-11-27 13:02 . 2003-09-26 13:15 15,872 --a------ c:\windows\system32\GTNDIS5.sys
2008-11-15 19:57 . 2008-11-15 19:57 <REP> d-------- C:\Poker
2008-11-12 14:31 . 2008-11-12 14:31 1,904 --a------ c:\windows\system32\drivers\ndisrd.sys.virtual.lnk
2008-11-12 14:31 . 2008-11-12 14:31 1,789 --a------ c:\windows\system32\Msvcrtd.dll.virtual.lnk
2008-11-12 14:31 . 2008-11-12 14:31 1,789 --a------ c:\windows\system32\msiexec.exe.virtual.lnk
2008-11-12 14:28 . 2008-11-12 14:47 <REP> d-------- c:\program files\Zapu
2008-11-12 14:28 . 2004-02-17 00:00 434,252 --a------ c:\windows\system32\Msvcrtd.dll
2008-11-12 14:22 . 2008-11-12 14:22 <REP> d-------- C:\Virtual
2008-11-12 14:21 . 2008-11-12 14:21 <REP> d-------- c:\windows\E4153266612C460FAB94C9DB6802459A.TMP
2008-11-12 14:21 . 2008-11-12 14:21 <REP> d-------- c:\program files\securedie
2008-11-12 14:21 . 2008-11-12 14:35 <REP> d-------- c:\documents and settings\All Users\Application Data\BufferZone
2008-11-12 14:20 . 2008-11-13 20:42 <REP> d-------- c:\program files\Secured IE
2008-11-12 13:21 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 13:21 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-08 01:08 . 2008-11-08 01:08 <REP> d-------- c:\program files\uTorrent
2008-11-08 01:08 . 2008-12-07 18:44 <REP> d-------- c:\documents and settings\Sophie\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-07 17:40 --------- d-----w c:\program files\Mozilla Thunderbird
2008-12-07 17:33 --------- d-----w c:\program files\SuperCopier2
2008-12-06 23:16 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-06 17:02 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-11-27 12:02 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-22 13:44 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-03 19:13 --------- d-----w c:\documents and settings\Sophie\Application Data\CyberLink
2008-11-03 18:21 --------- d-----w c:\program files\LimeWire
2008-11-03 18:20 --------- d-----w c:\documents and settings\Sophie\Application Data\LimeWire
2008-11-03 17:30 --------- d-----w c:\program files\Sun
2008-10-30 13:00 --------- d-----w c:\program files\Eltima Software
2008-10-25 11:39 --------- d-----w c:\documents and settings\Sophie\Application Data\Thunderbird
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 21:22 --------- d-----w c:\documents and settings\Sophie\Application Data\Ahead
2008-10-23 21:14 --------- d-----w c:\program files\MSN Messenger
2008-10-23 20:51 --------- d-----w c:\program files\Microsoft Works
2008-10-23 20:49 --------- d-----w c:\program files\Microsoft.NET
2008-10-23 20:41 --------- d-----w c:\program files\Microsoft AutoRoute
2008-10-23 20:33 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-10-23 20:32 --------- d-----w c:\program files\Nero
2008-10-23 20:32 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2008-10-23 20:04 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-23 20:03 --------- d-----w c:\program files\DivX Total Pack
2008-10-23 19:59 --------- d-----w c:\program files\CyberLink
2008-10-23 19:59 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2008-10-23 19:57 --------- d-----w c:\program files\Webteh
2008-10-23 19:57 --------- d-----w c:\program files\VideoLAN
2008-10-23 19:57 --------- d-----w c:\program files\K-Lite Codec Pack
2008-10-23 19:56 --------- d-----w c:\program files\DivX
2008-10-23 19:50 --------- d-----w c:\program files\Radio Fr Solo
2008-10-23 19:40 --------- d-----w c:\program files\Windows Live
2008-10-23 19:40 --------- d-----w c:\program files\Messenger Plus! Live
2008-10-23 19:38 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-10-23 19:36 --------- d-----w c:\documents and settings\Sophie\Application Data\Talkback
2008-10-23 19:28 --------- d-----w c:\program files\Alwil Software
2008-10-23 19:26 --------- d-----w c:\program files\D-Link
2008-10-23 19:19 --------- d-----w c:\program files\NVIDIA Corporation
2008-10-23 19:19 --------- d-----w c:\program files\Fichiers communs\NVIDIA Shared
2008-10-23 19:19 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-10-23 19:03 --------- d-----w c:\program files\microsoft frontpage
2008-10-23 19:01 --------- d-----w c:\program files\Services en ligne
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{cd36797a-70f3-4acd-8825-623d3b896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]
"{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2008-11-23 1784856]

[HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd36797a-70f3-4acd-8825-623d3b896881}]
2007-09-06 12:28 1453080 --a------ c:\program files\securedie\tbsecu.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
2008-11-23 23:03 1784856 --a------ c:\program files\Mininova\tbMini.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{cd36797a-70f3-4acd-8825-623d3b896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]
"{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2008-11-23 1784856]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CD36797A-70F3-4ACD-8825-623D3B896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]
"{F592709F-FF4A-4862-B659-4AFABDA56312}"= "c:\program files\Mininova\tbMini.dll" [2008-11-23 1784856]

[HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

[HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2008-07-08 2828184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-12-06 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-06 136600]
"nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Sophie\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\Sophie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-11-28 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"vidc.XVID"= xvid.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"d:\\eMule\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Zapu\\Zapu\\wDivi.exe"=

S1 aswSP;avast! Self Protection; []
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys []
S3 eltima_usb_stub;ELTIMA Usb Stub;c:\windows\system32\DRIVERS\usbstub.sys [2008-10-30 11392]
S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [2008-10-30 66432]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.msn.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FireFox -: Profile - c:\documents and settings\Sophie\Application Data\Mozilla\Firefox\Profiles\ki3ft5q7.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.fr
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.msn.fr/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 18:46:22
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-12-07 18:47:07
ComboFix-quarantined-files.txt 2008-12-07 17:46:45
ComboFix2.txt 2008-12-07 17:34:25

Avant-CF: 22 161 707 008 octets libres
Après-CF: 22,157,541,376 octets libres

209 --- E O F --- 2008-12-06 12:40:22

| Alerter

Répondre à sophaies

Egwene

7 Décembre 2008 19:48:53

Re,

Désinstalle Avast! et réinstalle-le : il remarche ?

Poste un nouveau rapport DDS.txt, et poste-moi le fichier attach.txt que je t'avais demandé de mettre de côté. Ensuite :

1) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

2) ~Fais une analyse antivirus en ligne sur le site de Kaspersky
http://www.kaspersky.com/kos/eng/partner/default/kavweb...

Clique sur Accept

Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.

clique une nouvelle fois sur "Accept"

Les bases de mises à jour vont s'installer, patiente un moment

Clique sur Next.

Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

3) Télécharge Toolbar-S&D ([#006dff]Team IDN

) sur ton Bureau.

Lance l'installation du programme en exécutant le fichier téléchargé.

Double-clique maintenant sur le raccourci de Toolbar-S&D.

Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.

Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

Poste le rapport généré. (C:\TB.txt)

Comment va le PC ? Toujours des problèmes ?

| Alerter

Répondre à Egwene

sophaies

7 Décembre 2008 20:47:21

merci beaucoup mon pc va bien et avast refonctionne

| Alerter

Répondre à sophaies

Egwene

7 Décembre 2008 20:59:38

Fais ce que je t'ai demandé.

| Alerter

Répondre à Egwene

Tom's guide dans le monde