Sujet Précédent Sujet Suivant

Probleme d anti virus

Fermé
blondie - 28 déc. 2008 à 16:43
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 14 janv. 2009 à 00:19
Bonjour,
Je n arrive plus a installer d anti virus.Jai fais un scan et voici ce qui me donne.
Que dois je faire?
Merci a celui qui repondra.

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1475
Windows 5.1.2600 Service Pack 2

08/12/2008 20:39:30
mbam-log-2008-12-08 (20-39-30).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 186224
Temps écoulé: 49 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 25

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\torrentmanager.webmanager (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\torrentmanager.webmanager.1 (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Files: 946 -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\SystemDoctor 2006 Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\qquas_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\qquas_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\qquas.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\100078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\100625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\150218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\93671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\96859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\129828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\132531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XGW52G1V\b64[3].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\SystemDoctor 2006 Free\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\Propriétaire\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\kzwdmhoe_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kzwdmhoe_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\Documents and Settings\Propriétaire\Bureau\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
A voir également:

45 réponses

Réponse 1 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 17:48
Oué ! Une perle ce Chiquitine :)
3
blondie
28 déc. 2008 à 18:00
-------------- UsbFix V2.413.4 ---------------

* User : krystel - SEBASTIEN
* Outils mis a jours le 11/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 17:58:17 le 28/12/2008
* Windows Xp - Internet Explorer 7.0.5730.11


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\DOCUME~1\krystel\LOCALS~1\Temp\1.tmp\b2e.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

F: - Lecteur de CD-ROM


--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe


+- Listing des fichiers présents :

[31/05/2005 18:12][--a------] C:\AUTOEXEC.BAT
[06/09/2006 19:48][-rahs----] C:\NTDETECT.COM
[11/12/2007 10:57][-rahs----] C:\boot.ini
[03/12/2007 12:54][--a------] C:\ASLog.txt
[03/12/2007 12:54][--a------] C:\caavsetupLog.txt
[03/12/2007 12:54][--a------] C:\caisslog.txt
[03/12/2007 12:54][--a------] C:\FindyKill.txt
[03/12/2007 12:54][--a------] C:\hcwclear.txt
[03/12/2007 12:54][--a------] C:\Log.txt
[03/12/2007 12:54][--a------] C:\Prodinfo.txt
[03/12/2007 12:54][--a------] C:\UsbFix.txt
[01/01/2004 20:05][--a------] C:\CONFIG.SYS
[01/01/2004 20:05][--a------] C:\hiberfil.sys
[01/01/2004 20:05][--a------] C:\IO.SYS
[01/01/2004 20:05][--a------] C:\MSDOS.SYS
[01/01/2004 20:05][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe


+- Listing des fichiers présents :

[27/07/2001 20:07][---hs----] D:\AUTOEXEC.BAT
[25/07/2001 12:00][---hs----] D:\NTDETECT.COM
[09/01/2002 09:52][---hs----] D:\BOOT.INI
[09/01/2002 09:52][---hs----] D:\Desktop.ini
[09/01/2002 09:52][---hs----] D:\WINBOM.INI
[10/09/2002 07:21][---hs----] D:\Folder.htt
[27/07/2001 20:07][---hs----] D:\CONFIG.SYS
[27/07/2001 20:07][---hs----] D:\IO.SYS
[27/07/2001 20:07][---hs----] D:\MSDOS.SYS
[27/07/2001 20:07][---hs----] D:\RCBoot.sys

--------------- [ Lecteur E ] ----------------

E: - Lecteur de CD-ROM


+- Listing des fichiers présents :


--------------- [ Lecteur F ] ----------------

F: - Lecteur de CD-ROM


+- Listing des fichiers présents :


--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
LogitechSoftwareUpdate="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
WorksFUD=C:\Program Files\Microsoft Works\wkfud.exe
Microsoft Works Portfolio=C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
Microsoft Works Update Detection=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
EoEngine=
EoFlip=
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HPDJ Taskbar Utility=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
Share-to-Web Namespace Daemon=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
SweetIM=C:\Program Files\SweetIM\Messenger\SweetIM.exe
DLA=C:\WINDOWS\System32\DLA\DLACTRLW.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Mountpoint2 ] ----------------


-> Recherche négative.

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [10/09/2002 07:21][---hs----] D:\Folder.htt

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[31/05/2005 18:12][--a------] C:\AUTOEXEC.BAT
[06/09/2006 19:48][-rahs----] C:\NTDETECT.COM
[11/12/2007 10:57][-rahs----] C:\boot.ini
[27/07/2001 20:07][---hs----] D:\AUTOEXEC.BAT
[25/07/2001 12:00][---hs----] D:\NTDETECT.COM
[09/01/2002 09:52][---hs----] D:\BOOT.INI
[09/01/2002 09:52][---hs----] D:\Desktop.ini
[09/01/2002 09:52][---hs----] D:\WINBOM.INI

--------------- ! Fin du rapport ! ----------------
0
blondie
28 déc. 2008 à 18:08
je fais quoi maintenant?
0
Réponse 2 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
28 déc. 2008 à 17:46
il travaille vraiment bien le fix de Chiquitine29 ;-)
Bravo !
Ok je ne fais qu'observer de temps à autre ;-)
2
Réponse 3 / 45
Marilyn.Manson Messages postés 2772 Date d'inscription dimanche 4 mai 2008 Statut Membre Dernière intervention 18 décembre 2010 171
28 déc. 2008 à 16:45
Oula! Les virus doivent être contents dans ton pc :S

installe antivir : http://www.commentcamarche.net/telecharger/telecharger 55 antivir
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
0
blondie
28 déc. 2008 à 16:47
salut je peu pas installer anti vir lors de l instalation il me dit qu il y a eu un soucis et que je dois ercommencer et la ca ne marche toujours pas
0
Réponse 4 / 45
tsumens Messages postés 3051 Date d'inscription samedi 27 octobre 2007 Statut Membre Dernière intervention 28 mai 2009 384
28 déc. 2008 à 16:47
bonjour
ton scan tu l'as fait avec malwarebytes c'est ça?Il a détecté des virus et il les a virés.A la suite tu as voulu installer un AV sans succès?Quel AV?
0
blondie
28 déc. 2008 à 16:49
j ai essayer avg et norton .aucun des deux ne s installe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
28 déc. 2008 à 16:51
salut vs 2
tsumens, ça te met pas la puce à l'oreille ?

C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
0
tsumens Messages postés 3051 Date d'inscription samedi 27 octobre 2007 Statut Membre Dernière intervention 28 mai 2009 384
28 déc. 2008 à 16:58
salut
bin je n'ai jamais eu affaire à ce genre de bestioles,mais les "rootkits"j'aime pas surtout le "bagle" !si tu peux m'en dire plus !
0
Réponse 6 / 45
tsumens Messages postés 3051 Date d'inscription samedi 27 octobre 2007 Statut Membre Dernière intervention 28 mai 2009 384
28 déc. 2008 à 16:52
Le problème est que si tu n'avais pas d'AV,il faut en installer un et surtout le mettre à jour avant toute chose.Cela fait rescanner la machine hors connexion et en mode sans échec.
0
blondie
28 déc. 2008 à 16:54
Desole mais moi et les ordi j ai du mal. comment dois je proceder?
0
Réponse 7 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
28 déc. 2008 à 16:57
(Worm.Bagle) ;-)
0
Réponse 8 / 45
Franklin MARIVAUX Messages postés 75 Date d'inscription vendredi 4 avril 2008 Statut Membre Dernière intervention 17 janvier 2016
28 déc. 2008 à 16:58
--bondie bonjour

Suite a tes problèmes,j'ai eu la meme chose,j'en avait ras le bol.
Je ne sais pas de quel pays ou quel serveur t'assiste,personnellement je suis de (be)pour 3€ par mois par belgacom
j'ai le complet de Symantec+Norton
Tout est filtré en tant réel et analysé;
Franklin
Ne te décourage pas méme si ce n'est pas marrant
Si tu achète le logiciel,j'ai oublié de regarder avant de t'envoyer le message!!!! mais je penses qu'il est sur le site CCM
A plus
Franklin MARIVAUX
exodus
0
Réponse 9 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
28 déc. 2008 à 17:05
Ok ,
Bagle est un ver qui justement empêche le démarrage ou l'installation des divers systèmes de protection.
D'ou l'erreur que blonde rencontre.
Application non valide qu'il indique.
NB: Je ne veut vraiment plus faire de désinfections.
Seulement je vous indique la procédure, car en plus que blonde a plus de protections, elle va infecter les autres. donc, je copie-colle ceci d,un post de G!ily que vous devez appliquer 'presto'.


Télécharges FindyKill de Chiquitine29 :

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

->Enregistres le sur ton bureau et pas ailleurs !

!! Déconnectes toi et fermes toute applications en cours !!

( Si ton anti-virus s'affolle au moment de l'enregistrement ou de l'utilisation de l'outil , ignore l'alerte ...)

-> Cliques sur "FindyKill.exe" pour lancer l'installe de l'outil . Ne touche surtout pas aux paramètres d'installation.


Notes importantes :
* si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

--> Double cliques sur le raccourci " FindyKill " qui est sur ton bureau .

-->choisis l'option 1 ( recherche ) . Puis laisses travailler l'outil sans rien toucher ...

Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

Voilà.
( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )
0
Réponse 10 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 17:08
Salut blondi, jal ;-)

il manque une patte a ton lien jal , hi hi`

findykill

bises`
0
Réponse 11 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
28 déc. 2008 à 17:12
oupss, salut G!rly ;-)
Je suis fais comme un rat ,,,,,,,mdr*(?%%((?*&&.
Take care ;-) corrigé...
0
blondie
28 déc. 2008 à 17:23
----------------- FindyKill V4.710 ------------------

* User : krystel - SEBASTIEN
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 17:13:57 le 28/12/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\e-Carte Bleue Caisse d'Epargne\ecbl-cnce.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\MDELK.EXE-03C4D2B7.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [22/12/2008 19:11] - C:\WINDOWS\system32\mdelk.exe
Found ! [22/12/2008 19:11] - C:\WINDOWS\system32\wintems.exe
Found ! [23/12/2008 21:11] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [25/02/2006 09:04] - C:\WINDOWS\system32\drivers\mdelk.exe
Found ! [23/12/2008 21:10] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [25/02/2006 09:04] - C:\WINDOWS\system32\drivers\hldrrr.exe
Found ! [23/12/2008 11:32] - "C:\WINDOWS\system32\drivers\downld"
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\100015.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\100828.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\101781.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\1020859.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\102750.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\1029984.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\103578.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\104203.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\104281.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\105390.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\105703.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\106562.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\106953.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\107750.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\108546.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\109109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\112640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\113265.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\113593.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\114375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\114406.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\117484.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\117859.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\118437.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\123000.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\123187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\124156.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\125078.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\126343.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\126937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\132375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\133234.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\136687.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\137734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\140750.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\140796.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\141375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\143234.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\146062.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\147984.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\149000.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\149703.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\152031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\155750.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\157046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\157078.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\159593.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\162312.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\162906.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\163734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\164343.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\165015.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\166156.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\166234.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\166390.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\166921.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\167031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\167109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\167265.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\167906.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\168093.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\173171.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\173578.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\174109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\174281.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\174687.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\176375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\176468.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\177781.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\178031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\178125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\179296.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\179406.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\180046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\180125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\181125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\182187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\182453.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\182796.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\185125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\187515.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\187937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\189000.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\192734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\193484.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\195234.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\195437.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\196015.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\197265.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\197781.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\198656.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\199046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\200468.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\200828.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\201843.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\203281.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\204734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\206359.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\206703.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\206734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\207671.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\211640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\213046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\213593.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\215984.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\216734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\216796.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\218062.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\219031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\222906.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\223500.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\225828.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\226109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\226812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\227078.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\227656.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\227859.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\229390.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\231656.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\232421.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\233140.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\233359.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\234484.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\236031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\237593.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\238078.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\240453.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\244625.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\244812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\245562.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\246062.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\251546.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\251812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\252140.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\254640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\256468.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\257453.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\258000.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\258640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\259140.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\260390.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\263546.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\265843.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\266265.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\270421.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\273578.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\274359.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\276187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\276281.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\282640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\285078.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\285218.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\285343.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\287734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\289515.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\291406.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\291531.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\293515.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\296687.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\297312.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\307031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\315046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\315609.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\316812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\321468.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\328812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\329343.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\330734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\331156.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\331875.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\332937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\334343.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\335734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\335750.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\336375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\339062.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\340187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\343593.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\346125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\346234.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\347046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\347640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\348156.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\348812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\349828.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\353218.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\353937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\355781.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\359734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\360078.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\367109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\370781.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\376937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\384656.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\386343.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\392468.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\392625.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4037796.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4045281.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4053609.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4055171.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4060703.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4061531.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4063578.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4094156.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4120359.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4133453.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\413703.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4151296.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\415484.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\416062.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4181046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\4188906.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\421406.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\438609.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\447187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\460937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\465031.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\470625.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\480312.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\496562.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\511796.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\520187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\522234.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\527359.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\532203.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\534171.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\68734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\68937.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\73296.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\74515.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\74578.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\80375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\80765.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\80812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\81187.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\81750.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\83562.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\85609.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\86640.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\86734.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\86953.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\872781.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\87375.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\877421.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\87828.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\882109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\882812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\887109.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\887515.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\89093.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\90453.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\906718.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\91296.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\91625.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\93125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\93953.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\95390.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\95578.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\95812.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\958656.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\96046.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\96500.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\96546.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\96890.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\96921.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\97062.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\97421.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\97656.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\98125.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\98218.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\98687.exe
Found ! [23/12/2008 11:32] - C:\WINDOWS\system32\drivers\downld\990375.exe

»»»» Presence des fichiers dans C:\Documents and Settings\krystel\Application Data


»»»» Presence des fichiers dans C:\DOCUME~1\krystel\LOCALS~1\Temp

Found ! - C:\DOCUME~1\krystel\LOCALS~1\Temp\PatchByFile.tmp

»»»» Presence des fichiers dans C:\Documents and Settings\krystel\Local Settings\Temporary Internet Files\Content.IE5

Found ! [05/09/2008 20:46] - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\D3987B641C134048B815DB578D607F42_more.jpg
Found ! [19/12/2008 19:32] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\7NF2QB18\b64[1].jpg
Found ! [20/12/2008 12:40] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\86LQ10TY\b64_1[1].jpg
Found ! [22/12/2008 12:59] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\86LQ10TY\mxd[1].jpg
Found ! [19/12/2008 19:31] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\9XOTDBUG\b64_1[2].jpg
Found ! [11/12/2008 12:51] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\9XOTDBUG\b64_3[1].jpg
Found ! [20/12/2008 12:41] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\EMUEQG22\b64[1].jpg
Found ! [21/12/2008 18:30] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\EMUEQG22\b64_3[1].jpg
Found ! [19/12/2008 19:32] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GI9H1N9G\b64[1].jpg
Found ! [16/12/2008 19:24] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\46a3c52d6e36f57fd2a3e5b5452ab64f-150x150[1].jpg
Found ! [20/12/2008 12:42] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\b64[2].jpg
Found ! [05/08/2008 13:11] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\b64_3[1].jpg
Found ! [22/12/2008 12:58] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\b64_3[2].jpg
Found ! [07/07/2008 12:06] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\J66SINKR\b64_2[1].jpg
Found ! [23/12/2008 11:30] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\J66SINKR\b64_2[2].jpg
Found ! [17/12/2008 20:05] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K0FHFAI2\b64[1].jpg
Found ! [21/12/2008 18:30] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K9X7RD2V\b64[1].jpg
Found ! [22/12/2008 12:58] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K9X7RD2V\b64[2].jpg
Found ! [19/12/2008 19:32] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K9X7RD2V\b64_3[1].jpg
Found ! [23/12/2008 11:30] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\L21XA1G5\b64[1].jpg
Found ! [22/12/2008 19:12] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\L21XA1G5\b64_2[2].jpg
Found ! [22/12/2008 12:59] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\MHZYW6GS\b64[2].jpg
Found ! [22/12/2008 12:56] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\MHZYW6GS\b64_1[1].jpg
Found ! [03/08/2008 13:24] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\MHZYW6GS\b64_3[2].jpg
Found ! [23/12/2008 11:30] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\P7H1I4I0\b64_1[1].jpg
Found ! [05/08/2008 22:32] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\P7H1I4I0\b64_2[1].jpg
Found ! [22/12/2008 13:09] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\RSNH6HN8\b64[1].jpg
Found ! [22/12/2008 19:11] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\RSNH6HN8\b64_3[1].jpg
Found ! [05/08/2008 13:11] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\TNUVLC0K\b64_1[1].jpg
Found ! [22/12/2008 12:58] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\TNUVLC0K\b64_3[1].jpg
Found ! [22/12/2008 13:09] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\U87KQR4W\b64[1].jpg
Found ! [15/10/2008 21:26] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\VU0GYXX5\49645f354e7872644b64535658453530565741-100x100-0-0[1].jpg
Found ! [22/12/2008 12:56] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\VU0GYXX5\b64_2[1].jpg
Found ! [21/12/2008 18:30] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\VU0GYXX5\b64_3[1].jpg
Found ! [05/08/2008 13:11] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\XGW52G1V\b64[1].jpg
Found ! [20/12/2008 12:41] - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\XGW52G1V\b64_3[1].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
LogitechSoftwareUpdate="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
WorksFUD=C:\Program Files\Microsoft Works\wkfud.exe
Microsoft Works Portfolio=C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
Microsoft Works Update Detection=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
EoEngine=
EoFlip=
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HPDJ Taskbar Utility=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
Share-to-Web Namespace Daemon=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
SweetIM=C:\Program Files\SweetIM\Messenger\SweetIM.exe
DLA=C:\WINDOWS\System32\DLA\DLACTRLW.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\MMDiag]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

- des fichiers cachés non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

G: - Lecteur amovible


+- Contenu de l'autorun : D:\autorun.inf

[AUTORUN]
OPEN=Info.exe folder.htt 480 480


+- Contenu de l'autorun : G:\autorun.inf

[AutoRun]
open=nideiect.com
;shell\open=Open(&O)
shell\open\Command=nideiect.com
shell\open\Default=1
;shell\explore=Manager(&X)
shell\explore\Command=nideiect.com


+- presence des fichiers :

Found ! [10/09/2002 17:02][---hs----] - D:\autorun.inf
Found ! [10/09/2002 11:54][---hs----] - D:\info.exe
Found ! [16/12/2008 12:37][---h-----] - G:\autorun.inf
Found ! [25/02/2006 09:04][---h-----] - G:\nideiect.com


--------------- [ Registre / Mountpoint2 ] ----------------

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6750226-8909-11d9-a2df-806d6172696f}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d675022a-8909-11d9-a2df-c9f91bf05814}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d675022a-8909-11d9-a2df-c9f91bf05814}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d675022a-8909-11d9-a2df-c9f91bf05814}\Shell\open\Command


------------------- ! Fin du rapport ! --------------------
0
Réponse 12 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
28 déc. 2008 à 17:27
Il est tout de même 'intéressant' de voir toutes les merdouilles qui s'installent y compris dans le 'temp' quand les barrières sont ouvertes...
Vive Microsoft &*(%&?%$.
Aller s'y pour la suite . je file
0
Réponse 13 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 17:30
tu laisses tout en chantier jal ? lol

blondie

passe l´option deux de findikyll et post son rapport stp

@+
0
blondie
28 déc. 2008 à 17:44
----------------- FindyKill V4.710 ------------------

* User : krystel - SEBASTIEN
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 17:35:47 the 28/12/2008
* Windows XP - Internet Explorer 7.0.5730.11


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\System32\alg.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-03C4D2B7.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\mdelk.exe
Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\hldrrr.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\100015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\100828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\101781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1020859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\102750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1029984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\103578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\104203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\104281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\105390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\105703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\106562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\106953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\107750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\108546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\109109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\112640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\113265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\113593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\114375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\114406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\118437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\123000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\123187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\124156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\125078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\126343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\126937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\132375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\133234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\136687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\137734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\141375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\143234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\146062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\149000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\149703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\152031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\155750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\157078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\159593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\162906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\163734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\164343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\165015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\167031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\167109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\167265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\167906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\168093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\173171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\173578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\174109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\174281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\174687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\176375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\176468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\177781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\178031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\178125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\179296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\179406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\180046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\180125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\181125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\185125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\189000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\192734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\193484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\195234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\195437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\196015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\197265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\197781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\198656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\199046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\200468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\200828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\201843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\203281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\204734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\206359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\206703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\206734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\207671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\211640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\213046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\213593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\215984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\216734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\216796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\218062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\219031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\222906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\223500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\225828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\226109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\226812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\227078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\227656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\227859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\229390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\231656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\232421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\233140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\233359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\234484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\236031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\237593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\238078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\240453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\244625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\244812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\245562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\246062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\251546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\251812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\252140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\254640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\256468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\257453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\258000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\258640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\259140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\260390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\263546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\265843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\266265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\270421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\273578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\274359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\276187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\276281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\282640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\285078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\285218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\285343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\287734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\289515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\291406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\291531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\293515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\296687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\297312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\307031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\315046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\315609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\316812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\321468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\328812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\329343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\330734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\331156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\331875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\332937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\334343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\335734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\335750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\336375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\339062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\340187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\343593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\346125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\346234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\347046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\347640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\348156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\348812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\349828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\353218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\353937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\355781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\359734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\360078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\367109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\370781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\376937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\384656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\386343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\392468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\392625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4037796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4045281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4053609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4055171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4060703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4061531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4063578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4094156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4120359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4133453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\413703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4151296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\415484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\416062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4181046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\4188906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\421406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\438609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\447187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\460937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\465031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\470625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\480312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\496562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\511796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\520187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\522234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\527359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\532203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\534171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\68734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\68937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\73296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\80375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\80765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\80812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\81187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\81750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\83562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\85609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\86640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\86734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\86953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\872781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\87375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\877421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\87828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\882109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\882812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\887109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\887515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\89093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\90453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\906718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\91296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\91625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\93125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\93953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\95390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\95578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\95812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\958656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\96921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\97062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\97421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\97656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\98687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\990375.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\krystel\Application Data


»»»» Supression files in C:\DOCUME~1\krystel\LOCALS~1\Temp

Deleted ! - C:\DOCUME~1\krystel\LOCALS~1\Temp\PatchByFile.tmp

»»»» Supression files in C:\Documents and Settings\krystel\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\D3987B641C134048B815DB578D607F42_more.jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\7NF2QB18\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\86LQ10TY\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\86LQ10TY\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\9XOTDBUG\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\9XOTDBUG\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\EMUEQG22\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\EMUEQG22\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GI9H1N9G\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\46a3c52d6e36f57fd2a3e5b5452ab64f-150x150[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\b64[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\GYR81ID3\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\J66SINKR\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\J66SINKR\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K0FHFAI2\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K9X7RD2V\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K9X7RD2V\b64[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\K9X7RD2V\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\L21XA1G5\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\L21XA1G5\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\MHZYW6GS\b64[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\MHZYW6GS\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\MHZYW6GS\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\P7H1I4I0\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\P7H1I4I0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\RSNH6HN8\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\RSNH6HN8\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\TNUVLC0K\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\TNUVLC0K\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\U87KQR4W\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\VU0GYXX5\49645f354e7872644b64535658453530565741-100x100-0-0[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\VU0GYXX5\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\VU0GYXX5\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\XGW52G1V\b64[1].jpg
Deleted ! - C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5\XGW52G1V\b64_3[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Showing of hidden files has been repaired !



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

G: - Lecteur amovible


+- deleting files :

Deleted ! - D:\autorun.inf
Deleted ! - D:\info.exe
Deleted ! - G:\autorun.inf
Deleted ! - G:\nideiect.com

--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------



---------------- ! End of report ! ------------------
0
Réponse 14 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 17:45
ok bondie

passe ceci voir :

Telecharge UsbFix sur ton bureau

http://sd-1.archive-host.com/membres/up/1366464061/UsbFix.rar

dezip le sur ton bureau

--> Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci UsbFix sur ton bureau

--> Le pc va redémarer

-->Apres redémarrage post le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides

@+
0
blondie
28 déc. 2008 à 17:51
il me demande : 1 nettoyage 2 vaccination 3 desinstaler 4 quitter
0
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406 > blondie
28 déc. 2008 à 17:53
Fais l´option 1 et post le rapport stp
0
Réponse 15 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 18:12
blondie,

installes :

Telecharge et instales l'antivirus Antivir Personal Edition Classic :

->https://www.malekal.com/avira-free-security-antivirus-gratuit/

https://www.avira.com/en/prime

En francais :

https://www.avira.com/

Reglages :

en image :

http://speedweb1.free.fr/frames2.php?page=tuto5

mes explications :

une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
ceux qui ne voie pas root kit search : clcik sur le parapluie dans ta barre des tache > dans la fenetre d´antivir click sur local protection click en suite sur scanner
dans la fenetre de droite : tu a rootkit search vers le bas > tu developpe en appuyant sur le petit +
et coche tes disques...
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level

puis

Télécharge HijackThis ici :

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+
0
blondie
28 déc. 2008 à 19:10
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:28, on 28/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://outlook.live.com/owa/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbShar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\System32\mstask.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: e-Carte Bleue Caisse d'Epargne.lnk = C:\Program Files\e-Carte Bleue Caisse d'Epargne\ecbl-cnce.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{400473F1-AC6C-491F-AFF5-6FCF91F01D42}: NameServer = 212.216.172.62,213.26.80.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
blondie
28 déc. 2008 à 19:19
un peu longue desole
0
Réponse 16 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 19:19
blondie,

desinstalles correctement mcafee

Desinstaller McAfee:
http://tools.mcafeehelp.com/doc.php?siteid=1&docid=71541&support=ts

puis

Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :

http://sd-1.archive-host.com/membres/up/1366464061/AD-R.exe

! Déconnecte toi et ferme toutes applications en cours !

* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

@+
0
blondie
29 déc. 2008 à 18:43
Des conneries ? lol
0
Réponse 17 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
28 déc. 2008 à 19:31
...
0
blondie
29 déc. 2008 à 11:43
J ai pas eu le temps de continuer
J ai essayer d ouvrir le lien pour mcafree mais il ne s ouvre pas et il est deja desinstaller mais il apparait toujours dans mon program files et j ai pas desinstaller dans ce fichier.
0
Réponse 18 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
29 déc. 2008 à 13:35
allo Blondie, as-tu Ccleaner ?
Si non, installes-le (Sans la barre Yahoo) que tu décoches à l'installation.
Une fois installé, vas dans les options et 'décoches' la case des fichiers de plus de 48 heures.,
Lance le nettoyage 2 a 3 fois, jusqu'a l'obtention de 0 bit supprimé.
Ensuite vas sur 'Registres' puis chercher des erreurs. Corriges 'toutes' les erreurs complet plusieurs fois, jusqu'a 'aucune erreur trouvée'.
Finalement vas sur l'onglet 'outils' de Ccleaner et cherches pour mc Afee, puis supprimes-le par 'Lancer la désinstallation'.
Alors tu refais encore le nettoyage complet et erreurs de registres de la même façon.
G!rly va revenir dans la journée pour te donner la suite.
@+

https://filehippo.com/download_ccleaner/
0
Réponse 19 / 45
jalobservateur Messages postés 7372 Date d'inscription lundi 16 juillet 2007 Statut Contributeur sécurité Dernière intervention 10 mai 2012 930
29 déc. 2008 à 16:18
Ok je viens de voir qu'il est dans les services ce McAfee.
Alors avant de faire ccleaner ci-haut.
Vas sur Démarrer/Exécuter et tappes ' services.msc ' puis vas sur le service de McAfee /cliques droite dessus et désactives-le.
Vérifies aussi avec le gestionnaire 'Crtl/alt/supp si son processus y est et termine-le. , par la suite, désinstalles et fais les indications postés plus haut et remets un log hjts pour confirmer.
0
blondie
29 déc. 2008 à 18:33
Salut,
J ai ete dans executer mais je ne peu pas le desactiver. Je peu rien faire acces refuse
0
Réponse 20 / 45
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
29 déc. 2008 à 16:40
Coucou ;-)
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Comment taper le anti slash?
Flagadatof -
SANG -

26 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
comment obtenir un slash inversé ?
Quynh-Anh -
Quynh-Anh -

5 réponses