Virus plus qu'etrange, Win32 ...
Résolu/Fermé
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
-
28 déc. 2008 à 15:22
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 - 29 déc. 2008 à 02:04
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 - 29 déc. 2008 à 02:04
A voir également:
- Virus plus qu'etrange, Win32 ...
- Puadimanager win32 ✓ - Forum Virus
- Puabundler win32 - Forum Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Hacktool win32 autokms ✓ - Forum Virus
48 réponses
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 15:23
28 déc. 2008 à 15:23
Salut,
Tu es infecté par Bagle, en téléchargeant des cracks via le peer to peer.
Télécharge FindyKill (Merci à Chiquitine29 !!)
= = = = >>> En cliquant ici <<< = = = =
Fais un clic droit sur le lien, Enregistrer la cible sous (Internet Explorer) ou Enregistrer la cible du lien sous (Firefox) …
Choisis d’enregistrer le fichier sur le bureau.
Double clique sur FindyKill.exe
Choisis l’option 1 (Recherche)
Un rapport va s’ouvrir, poste le dans ta prochaine réponse.
Note :
Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\FindyKill.txt)
Tu es infecté par Bagle, en téléchargeant des cracks via le peer to peer.
Télécharge FindyKill (Merci à Chiquitine29 !!)
= = = = >>> En cliquant ici <<< = = = =
Fais un clic droit sur le lien, Enregistrer la cible sous (Internet Explorer) ou Enregistrer la cible du lien sous (Firefox) …
Choisis d’enregistrer le fichier sur le bureau.
Double clique sur FindyKill.exe
Choisis l’option 1 (Recherche)
Un rapport va s’ouvrir, poste le dans ta prochaine réponse.
Note :
Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\FindyKill.txt)
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:27
28 déc. 2008 à 15:27
----------------- FindyKill V4.710 ------------------
* User : S‚bastien - SEBASTIEN
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 15:26:31 le 28/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\Sébastien\Application Data\drivers\winupgro.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Sébastien\Application Data\drivers\downld\483078.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iPod\bin\iPodService.exe
--------------- [ Processus infectieux stoppés ] ----------------
"C:\Documents and Settings\Sébastien\Application Data\drivers\downld\483078.exe" (2132)
"C:\Documents and Settings\Sébastien\Application Data\drivers\winupgro.exe" (1816)
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-0258829F.pf
Found ! - C:\WINDOWS\Prefetch\EVID4226PATCH.EXE-02AA0CB5.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [28/12/2008 15:16] - C:\WINDOWS\system32\mdelk.exe
Found ! [28/12/2008 15:16] - C:\WINDOWS\system32\wintems.exe
Found ! [28/12/2008 15:16] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\S‚bastien\Application Data
Found ! [28/12/2008 15:19] - "C:\Documents and Settings\S‚bastien\Application Data\m\flec006.exe"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m\list.oct"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m\data.oct"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m\srvlist.oct"
Found ! [28/12/2008 15:21] - "C:\Documents and Settings\S‚bastien\Application Data\m\shared"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m"
Found ! [28/12/2008 15:08] - "C:\Documents and Settings\S‚bastien\Application Data\drivers"
Found ! [28/12/2008 15:16] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa.sys"
Found ! [28/12/2008 15:16] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa2.sys"
Found ! [15/06/2005 07:02] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\winupgro.exe"
Found ! [28/12/2008 15:23] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\downld"
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\110015.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\120593.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\139281.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140437.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140468.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\147250.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\189437.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\191734.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\277640.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\316921.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317671.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317812.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\338968.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340296.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340953.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\341859.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\344218.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\346156.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\464343.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465078.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465546.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\483078.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497218.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497750.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\498031.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61187.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61687.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\65203.exe
»»»» Presence des fichiers dans C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5
* User : S‚bastien - SEBASTIEN
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 15:26:31 le 28/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\Sébastien\Application Data\drivers\winupgro.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Sébastien\Application Data\drivers\downld\483078.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iPod\bin\iPodService.exe
--------------- [ Processus infectieux stoppés ] ----------------
"C:\Documents and Settings\Sébastien\Application Data\drivers\downld\483078.exe" (2132)
"C:\Documents and Settings\Sébastien\Application Data\drivers\winupgro.exe" (1816)
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-0258829F.pf
Found ! - C:\WINDOWS\Prefetch\EVID4226PATCH.EXE-02AA0CB5.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [28/12/2008 15:16] - C:\WINDOWS\system32\mdelk.exe
Found ! [28/12/2008 15:16] - C:\WINDOWS\system32\wintems.exe
Found ! [28/12/2008 15:16] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\S‚bastien\Application Data
Found ! [28/12/2008 15:19] - "C:\Documents and Settings\S‚bastien\Application Data\m\flec006.exe"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m\list.oct"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m\data.oct"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m\srvlist.oct"
Found ! [28/12/2008 15:21] - "C:\Documents and Settings\S‚bastien\Application Data\m\shared"
Found ! [28/12/2008 15:20] - "C:\Documents and Settings\S‚bastien\Application Data\m"
Found ! [28/12/2008 15:08] - "C:\Documents and Settings\S‚bastien\Application Data\drivers"
Found ! [28/12/2008 15:16] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa.sys"
Found ! [28/12/2008 15:16] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa2.sys"
Found ! [15/06/2005 07:02] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\winupgro.exe"
Found ! [28/12/2008 15:23] - "C:\Documents and Settings\S‚bastien\Application Data\drivers\downld"
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\110015.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\120593.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\139281.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140437.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140468.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\147250.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\189437.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\191734.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\277640.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\316921.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317671.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317812.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\338968.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340296.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340953.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\341859.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\344218.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\346156.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\464343.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465078.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465546.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\483078.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497218.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497750.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\498031.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61187.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61687.exe
Found ! [28/12/2008 15:23] - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\65203.exe
»»»» Presence des fichiers dans C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:29
28 déc. 2008 à 15:29
je fais up, car je ne vois plus le post, ? 0_o
Ah il est déplacé dans virus ! j'ai eu peur, ^^
Ah il est déplacé dans virus ! j'ai eu peur, ^^
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 15:29
28 déc. 2008 à 15:29
Ton rapport n'est pas complet mais ce n'est pas grave.
Poste celui là complètement par contre :
Nettoyage :
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal, choisis l’option 2 (Suppression)
/!\ Il y aura deux redémarrages, laisse travailler l’outil jusqu’à l’apparition du message "nettoyage effectué" /!\
/!\ Ne te sert pas du pc durant la suppression, ton bureau ne sera pas accessible, c’est normal ! /!\</gras>
= = = = >>> Ensuite poste le rapport FindyKill.txt <<< = = = =
Notes :
* Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\ FindyKill.txt)
* Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide
Poste celui là complètement par contre :
Nettoyage :
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal, choisis l’option 2 (Suppression)
/!\ Il y aura deux redémarrages, laisse travailler l’outil jusqu’à l’apparition du message "nettoyage effectué" /!\
/!\ Ne te sert pas du pc durant la suppression, ton bureau ne sera pas accessible, c’est normal ! /!\</gras>
= = = = >>> Ensuite poste le rapport FindyKill.txt <<< = = = =
Notes :
* Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\ FindyKill.txt)
* Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:30
28 déc. 2008 à 15:30
je fais ce que tu m'a dit,
je te post le rapport précedent mais complet cette fois si !
je suis un peu trop rapide defois, la preuve je me chop des virus, :S
je te post le rapport précedent mais complet cette fois si !
je suis un peu trop rapide defois, la preuve je me chop des virus, :S
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:44
28 déc. 2008 à 15:44
je n'arrive pas a poster le rapport en fesant le copier coller ,???
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 15:46
28 déc. 2008 à 15:46
Tu le prend ici ?
T'as un problème ? Passe sur CCM!
Il n'y a pas de problème sans solution.
* Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\ FindyKill.txt)--
T'as un problème ? Passe sur CCM!
Il n'y a pas de problème sans solution.
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:49
28 déc. 2008 à 15:49
il veut pas le coller !
je les dans le presse papier enfin je les copier !mais c au niveau de coller que sa ne marche pas :S
je les dans le presse papier enfin je les copier !mais c au niveau de coller que sa ne marche pas :S
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:50
28 déc. 2008 à 15:50
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Power Shutdown 5.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Priore SmartCard for .NET 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PS-Find 1.24.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Radiotracker Platinum 5.0.23014.1400.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Readmine 0.9.136.1121 Beta 1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Real Cut 1D 7.8.5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Recover Data for Linux 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Scramble 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Seafood 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Show 'N Spell 2.12.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Sliced File Upload 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SMNAPT Port Mapping 2.0.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Solid PDF Creator Plus 2.0 Build 36.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Speaking Event Reminder 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SQLWays 3.9.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Suntime 1.0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\TaskPatrol Pro 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UCALC 4.0.czip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UUID Vault 1.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VeryPDF PDF Editor 2.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VideoCap Live ActiveX Control 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virtuosa 5.20.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virusbuster.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Visualizer Image Browser 2.3.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Volvo Various Screensaver.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\WMI and SMART Component 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\XFile 2.021.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ZMatrix 1.5.2.zip
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\110015.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\120593.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\139281.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140468.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\147250.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\189437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\191734.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\277640.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\316921.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317671.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317812.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\338968.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340296.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340953.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\341859.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\344218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\346156.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\464343.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465546.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\483078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497750.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\498031.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61187.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61687.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\65203.exe
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\JAS3ZLGX\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\ULLYNIXW\b64_3[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-746137067-926492609-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Priore SmartCard for .NET 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PS-Find 1.24.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Radiotracker Platinum 5.0.23014.1400.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Readmine 0.9.136.1121 Beta 1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Real Cut 1D 7.8.5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Recover Data for Linux 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Scramble 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Seafood 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Show 'N Spell 2.12.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Sliced File Upload 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SMNAPT Port Mapping 2.0.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Solid PDF Creator Plus 2.0 Build 36.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Speaking Event Reminder 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SQLWays 3.9.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Suntime 1.0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\TaskPatrol Pro 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UCALC 4.0.czip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UUID Vault 1.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VeryPDF PDF Editor 2.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VideoCap Live ActiveX Control 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virtuosa 5.20.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virusbuster.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Visualizer Image Browser 2.3.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Volvo Various Screensaver.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\WMI and SMART Component 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\XFile 2.021.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ZMatrix 1.5.2.zip
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\110015.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\120593.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\139281.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140468.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\147250.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\189437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\191734.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\277640.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\316921.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317671.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317812.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\338968.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340296.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340953.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\341859.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\344218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\346156.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\464343.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465546.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\483078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497750.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\498031.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61187.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61687.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\65203.exe
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\JAS3ZLGX\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\ULLYNIXW\b64_3[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-746137067-926492609-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 15:55
28 déc. 2008 à 15:55
J'ai coller le rapport sur mon ancien blog,
https://cheveauxdu50.skyrock.com/
Y a qu'un article et c'est celui de report,
Dsl, mais le rapport ne veut pas se copier sur CCM
https://cheveauxdu50.skyrock.com/
Y a qu'un article et c'est celui de report,
Dsl, mais le rapport ne veut pas se copier sur CCM
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 15:55
28 déc. 2008 à 15:55
Rapport toujours pas complet : poste juste le deuxième en entier.
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 15:59
28 déc. 2008 à 15:59
Lol ok.
J'essaye de le poster :
----------------- FindyKill V4.710 ------------------
* User : S‚bastien - SEBASTIEN
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 15:37:32 the 28/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\EVID4226PATCH.EXE-02AA0CB5.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-0258829F.pf
»»»» Supression files in C:\WINDOWS\system32
Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt
»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Supression files in C:\WINDOWS\system32\drivers
Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
»»»» Supression files in C:\Documents and Settings\S‚bastien\Application Data
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\2D GhostForest Interactive Saver 05 3.5.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\A Drink For All Ages.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\A.L.A.R.M. 1.01.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\AACGain 1.8.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ActiveLine 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\AF ScreenSaver 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Angie BareFoot 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\AVG.Antivirus.Professional.Licence.Keygen.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\BASIC-256 0.9.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Best 5 Games For Windows Mobile Smartphone.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Best of My WaterWorks 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Blu-ray Region Code Remover 2.5.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Brutality Extra Font 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Case Changer 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Cat-Scope 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\CM Central Station 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Creative MediaSource Plugin for CD Burner 3.10.18.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\CT Tiles 1.0.6.2634.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Cybervizion 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\DBFOPEN (DBF Viewer and Editor) 2.10.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\DiskSizer 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\DWG to PDF Converter Pro 3.90.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Easewe Auto Shutdown System 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Easy Uninstaller 1.5.61.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EasyCD 2.5 Beta 0.32.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\eDrive.v5.1.3.1 + crack by Roby.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EL-VIS9 DRUGDRIVE.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EMCO Remote Audit 2.1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\European Geography Tutor 1.7.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EZ Backup IE and Outlook Express Pro 6.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Family Budget 1.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\FB-SQL 1.2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\FlashSpring Pro 3.0.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\FlyEdit 1.1.8.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Frames 1.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Fullscreen Photo Viewer 1.8.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Grady Profile 3.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\HBEDV.(00).AntiVir.Pro.Keyfile.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Hexagonal Grid 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\HotFM radio widget 0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\How To Get Rich In Real Estate 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Hythial Pro 1.3.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Ivkom 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Jabirnet's Countdown 1.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Jamdat Mobile Kasparov Chessmate v1.0.14 Working Keygen By Atomic Punk.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Jason DVD and Video to SWF Converter 5.00.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Julia Stiles Screensaver1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Kaspersky Anti-Virus Update 6 December 2008.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Legendary Dinosaurs
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Master Click 1.0.0.225.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MasterSeries 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Math Flight 2.2.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Microsoft Robotics Developer Studio Express Edition 2.0.913.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MIDI Random Jukebox 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MP3 to WAVE Converter 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MX AJAX Toolbox 1.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\My Uninstaller 2.16.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MyFileFinder 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MyMiniMessenger(MMM) 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Neo File Manager 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\odbc2charp 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ot=K22.Full.pack.updated-fixed.Release.01-2007.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Peme Screen Saver 1.0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Phase 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Photo Collage 2.06.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PhotonShow 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PICVideo Lossless JPEG Codec.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\POES North Aurora Gadget 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Pograms.-.Kaspersky.Personal.Antivirus.2006.licence.key.updated-fixed.11-2006.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Power Shutdown 5.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Priore SmartCard for .NET 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PS-Find 1.24.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Radiotracker Platinum 5.0.23014.1400.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Readmine 0.9.136.1121 Beta 1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Real Cut 1D 7.8.5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Recover Data for Linux 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Scramble 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Seafood 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Show 'N Spell 2.12.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Sliced File Upload 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SMNAPT Port Mapping 2.0.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Solid PDF Creator Plus 2.0 Build 36.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Speaking Event Reminder 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SQLWays 3.9.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Suntime 1.0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\TaskPatrol Pro 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UCALC 4.0.czip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UUID Vault 1.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VeryPDF PDF Editor 2.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VideoCap Live ActiveX Control 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virtuosa 5.20.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virusbuster.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Visualizer Image Browser 2.3.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Volvo Various Screensaver.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\WMI and SMART Component 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\XFile 2.021.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ZMatrix 1.5.2.zip
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\110015.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\120593.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\139281.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140468.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\147250.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\189437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\191734.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\277640.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\316921.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317671.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317812.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\338968.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340296.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340953.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\341859.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\344218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\346156.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\464343.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465546.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\483078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497750.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\498031.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61187.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61687.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\65203.exe
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\JAS3ZLGX\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\ULLYNIXW\b64_3[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-746137067-926492609-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
J'essaye de le poster :
----------------- FindyKill V4.710 ------------------
* User : S‚bastien - SEBASTIEN
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 15:37:32 the 28/12/2008
* Windows XP - Internet Explorer 6.0.2900.5512
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\EVID4226PATCH.EXE-02AA0CB5.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-0258829F.pf
»»»» Supression files in C:\WINDOWS\system32
Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt
»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Supression files in C:\WINDOWS\system32\drivers
Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
»»»» Supression files in C:\Documents and Settings\S‚bastien\Application Data
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\2D GhostForest Interactive Saver 05 3.5.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\A Drink For All Ages.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\A.L.A.R.M. 1.01.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\AACGain 1.8.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ActiveLine 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\AF ScreenSaver 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Angie BareFoot 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\AVG.Antivirus.Professional.Licence.Keygen.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\BASIC-256 0.9.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Best 5 Games For Windows Mobile Smartphone.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Best of My WaterWorks 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Blu-ray Region Code Remover 2.5.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Brutality Extra Font 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Case Changer 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Cat-Scope 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\CM Central Station 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Creative MediaSource Plugin for CD Burner 3.10.18.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\CT Tiles 1.0.6.2634.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Cybervizion 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\DBFOPEN (DBF Viewer and Editor) 2.10.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\DiskSizer 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\DWG to PDF Converter Pro 3.90.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Easewe Auto Shutdown System 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Easy Uninstaller 1.5.61.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EasyCD 2.5 Beta 0.32.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\eDrive.v5.1.3.1 + crack by Roby.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EL-VIS9 DRUGDRIVE.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EMCO Remote Audit 2.1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\European Geography Tutor 1.7.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\EZ Backup IE and Outlook Express Pro 6.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Family Budget 1.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\FB-SQL 1.2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\FlashSpring Pro 3.0.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\FlyEdit 1.1.8.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Frames 1.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Fullscreen Photo Viewer 1.8.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Grady Profile 3.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\HBEDV.(00).AntiVir.Pro.Keyfile.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Hexagonal Grid 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\HotFM radio widget 0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\How To Get Rich In Real Estate 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Hythial Pro 1.3.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Ivkom 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Jabirnet's Countdown 1.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Jamdat Mobile Kasparov Chessmate v1.0.14 Working Keygen By Atomic Punk.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Jason DVD and Video to SWF Converter 5.00.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Julia Stiles Screensaver1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Kaspersky Anti-Virus Update 6 December 2008.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Legendary Dinosaurs
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Master Click 1.0.0.225.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MasterSeries 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Math Flight 2.2.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Microsoft Robotics Developer Studio Express Edition 2.0.913.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MIDI Random Jukebox 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MP3 to WAVE Converter 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MX AJAX Toolbox 1.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\My Uninstaller 2.16.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MyFileFinder 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\MyMiniMessenger(MMM) 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Neo File Manager 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\odbc2charp 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ot=K22.Full.pack.updated-fixed.Release.01-2007.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Peme Screen Saver 1.0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Phase 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Photo Collage 2.06.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PhotonShow 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PICVideo Lossless JPEG Codec.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\POES North Aurora Gadget 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Pograms.-.Kaspersky.Personal.Antivirus.2006.licence.key.updated-fixed.11-2006.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Power Shutdown 5.1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Priore SmartCard for .NET 1.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\PS-Find 1.24.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Radiotracker Platinum 5.0.23014.1400.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Readmine 0.9.136.1121 Beta 1.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Real Cut 1D 7.8.5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Recover Data for Linux 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Scramble 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Seafood 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Show 'N Spell 2.12.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Sliced File Upload 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SMNAPT Port Mapping 2.0.0.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Solid PDF Creator Plus 2.0 Build 36.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Speaking Event Reminder 1.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\SQLWays 3.9.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Suntime 1.0.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\TaskPatrol Pro 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UCALC 4.0.czip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\UUID Vault 1.4.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VeryPDF PDF Editor 2.2.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\VideoCap Live ActiveX Control 2.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virtuosa 5.20.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Virusbuster.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Visualizer Image Browser 2.3.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\Volvo Various Screensaver.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\WMI and SMART Component 5.0.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\XFile 2.021.zip
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\m\shared\ZMatrix 1.5.2.zip
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\m"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\110015.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\120593.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\139281.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\140468.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\147250.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\189437.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\191734.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\277640.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\316921.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317671.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\317812.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\338968.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340296.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\340953.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\341859.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\344218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\346156.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\464343.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\465546.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\483078.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497218.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\497750.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\498031.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61187.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\61687.exe
Deleted ! - C:\Documents and Settings\S‚bastien\Application Data\drivers\downld\65203.exe
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\S‚bastien\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\JAS3ZLGX\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\S‚bastien\Local Settings\Temporary Internet Files\Content.IE5\ULLYNIXW\b64_3[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-746137067-926492609-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 16:02
28 déc. 2008 à 16:02
Parfait, attends un peu, le rapport est coincé, j'ai alerté un modo pour qu'il soit débloqué.
Je l'ai bien consulté sur ton skyblog.
On continue :
- Télécharge HijackThis Version 2.02 :
= = = = >>> En cliquant ici <<< = = = =
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
Je l'ai bien consulté sur ton skyblog.
On continue :
- Télécharge HijackThis Version 2.02 :
= = = = >>> En cliquant ici <<< = = = =
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 16:03
28 déc. 2008 à 16:03
Bah je viens de le faire lance le logiciel taper 2,
mon ordi a redemarré deux fois, j'ai copier le rapport qui étant a la racine de mon Disque C,
mais dans CCM le rapport ne veut pas ce collé donc je les collé dans mon ancien skyblog,,
mon ordi a redemarré deux fois, j'ai copier le rapport qui étant a la racine de mon Disque C,
mais dans CCM le rapport ne veut pas ce collé donc je les collé dans mon ancien skyblog,,
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 16:11
28 déc. 2008 à 16:11
que veut tu que je fasse?
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 16:20
28 déc. 2008 à 16:20
Bagle pas eradiqué,
Help
Help
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 16:38
28 déc. 2008 à 16:38
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 16:48
28 déc. 2008 à 16:48
Escuuze moi j'avais pas vue, la je suis en panik total,
J'ai mi antivir, et il me detect des cheveaux de troie,
deux en particulier,
TR / bagle.gen.B
TR/ Rootkit.gen
je les mes en quarantaine il apparit toujour !
J'ai mi antivir, et il me detect des cheveaux de troie,
deux en particulier,
TR / bagle.gen.B
TR/ Rootkit.gen
je les mes en quarantaine il apparit toujour !
crapoulou
Messages postés
28160
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
21 mai 2024
7 998
28 déc. 2008 à 16:50
28 déc. 2008 à 16:50
Refais l'option 1 de Findykill et hijackthis !
neodu50
Messages postés
388
Date d'inscription
vendredi 9 mai 2008
Statut
Membre
Dernière intervention
18 mars 2010
3
28 déc. 2008 à 16:50
28 déc. 2008 à 16:50
je fais HIjackthis ... sa marche enfin !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:47, on 28/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\program files\avira\antivir personaledition classic\avcenter.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Sébastien\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Sébastien\Application Data\m\flec006.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:47, on 28/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\program files\avira\antivir personaledition classic\avcenter.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Sébastien\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Sébastien\Application Data\m\flec006.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
