Sujet Précédent Sujet Suivant

NTSB/bagle

Fermé
fanny - 29 déc. 2008 à 15:58
dready76 Messages postés 17 Date d'inscription mercredi 31 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009 - 31 déc. 2008 à 19:35
Bonjour,
j'ai eu un gros probleme...En effet, mon ordinateur c'est éteint tout d'un coup et au démarrage avast ne fonctionné plus..."avast n'est pas une application Win32"..de plus quand l'ordinateur redémarre il y a une fenetre qui s'ouvre:NTSB
QUELQU'UN POURRAIT IL M'AIDER SVP...

65 réponses

Réponse 1 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 17:19
--> Télécharge UsbFix (de Chiquitine29) sur ton Bureau.

--> Lance l'installation avec les paramètres par défaut.

--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

--> Double-clique sur le raccourci UsbFix sur ton Bureau.

--> Choisis l'option 1 (Nettoyage).

--> Le PC va redémarrer.

--> Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
1
fanny
29 déc. 2008 à 17:41
-------------- UsbFix V2.413.8 ---------------

* User : couturier - ALAIN
* Outils mis a jours le 27/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 17:36:50 le 29/12/2008
* Windows Xp - Internet Explorer 7.0.5730.13


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\Userinit.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe


--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe


+- Listing des fichiers présents :

[26/03/2008 12:04][--a------] C:\AUTOEXEC.BAT
[02/03/2006 13:00][-rahs----] C:\NTDETECT.COM
[10/12/2008 20:30][--ahs----] C:\boot.ini
[17/10/2008 08:56][--a------] C:\ExtractLog.txt
[17/10/2008 08:56][--a------] C:\FindyKill.txt
[17/10/2008 08:56][--a------] C:\UsbFix.txt
[26/03/2008 12:04][--a------] C:\CONFIG.SYS
[26/03/2008 12:04][--a------] C:\hiberfil.sys
[26/03/2008 12:04][--a------] C:\IO.SYS
[26/03/2008 12:04][--a------] C:\MSDOS.SYS
[26/03/2008 12:04][--a------] C:\pagefile.sys

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\Userinit.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
mgsxlybzqwgil=C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\coviokgwkc.dll"
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fe54d55-c10d-11dc-b0c9-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{408cb81e-b208-11dc-b0af-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{410a1fec-dbf5-11dc-b0ed-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{410a1fec-dbf5-11dc-b0ed-00d0d08a84f5}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{410a1fec-dbf5-11dc-b0ed-00d0d08a84f5}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af676934-92bb-11dd-b1ff-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af676934-92bb-11dd-b1ff-00d0d08a84f5}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af676934-92bb-11dd-b1ff-00d0d08a84f5}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4e3892e-92a8-11db-aef2-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4e3892e-92a8-11db-aef2-00d0d08a84f5}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4e3892e-92a8-11db-aef2-00d0d08a84f5}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc0964f2-3550-11dc-afea-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc0964f2-3550-11dc-afea-00d0d08a84f5}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc0964f2-3550-11dc-afea-00d0d08a84f5}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd707ad0-fc07-11dc-b133-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd707ad0-fc07-11dc-b133-00d0d08a84f5}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd707ad0-fc07-11dc-b133-00d0d08a84f5}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff954a22-0a6c-11db-add7-00d0d08a84f5}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff954a22-0a6c-11db-add7-00d0d08a84f5}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff954a22-0a6c-11db-add7-00d0d08a84f5}\Shell\open\Command

--------------- [ Nettoyage des disques ] ----------------


--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[26/03/2008 12:04][--a------] C:\AUTOEXEC.BAT
[02/03/2006 13:00][-rahs----] C:\NTDETECT.COM
[10/12/2008 20:30][--ahs----] C:\boot.ini

--------------- ! Fin du rapport ! ----------------
0
Réponse 2 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 16:00
Salut,

"mon ordinateur c'est éteint tout d'un coup et au démarrage avast ne fonctionné plus"
---> Tu as oublié le passage où tu as bêtement cliqué sur le crack infecté.

--> Télécharge FindyKill (par Chiquitine29/T'Chiki) sur ton Bureau.

--> Lance l'installation avec les paramètres par défaut.

--> Double-clique sur le raccourci FindyKill sur ton Bureau.

--> Au menu principal, choisis l'option 1 (Recherche).

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
0
fanny
29 déc. 2008 à 16:16
merci de prendre du temps pr mon probleme!!
voici le rapport


----------------- FindyKill V4.710 ------------------

* User : couturier - ALAIN
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 16:12:17 le 29/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_svc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\couturier\Application Data\drivers\downld\289093.exe

--------------- [ Processus infectieux stoppés ] ----------------


"C:\Documents and Settings\couturier\Application Data\drivers\downld\289093.exe" (1256)
"C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe" (1824)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [29/12/2008 15:41] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\211375.EXE-1CB139F5.pf
Found ! - C:\WINDOWS\prefetch\270109.EXE-0D668E4D.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-06C898AB.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-0EF461CE.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-02ADCB08.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [29/12/2008 15:41] - C:\WINDOWS\system32\mdelk.exe
Found ! [29/12/2008 15:41] - C:\WINDOWS\system32\wintems.exe
Found ! [29/12/2008 15:41] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\couturier\Application Data

Found ! [29/12/2008 15:13] - "C:\Documents and Settings\couturier\Application Data\m\flec006.exe"
Found ! [29/12/2008 15:41] - "C:\Documents and Settings\couturier\Application Data\m\shared"
Found ! [29/12/2008 15:41] - "C:\Documents and Settings\couturier\Application Data\m"
Found ! [29/12/2008 11:05] - "C:\Documents and Settings\couturier\Application Data\drivers"
Found ! [29/12/2008 15:41] - "C:\Documents and Settings\couturier\Application Data\drivers\srosa.sys"
Found ! [29/12/2008 15:41] - "C:\Documents and Settings\couturier\Application Data\drivers\srosa2.sys"
Found ! [18/05/2005 09:03] - "C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe"
Found ! [29/12/2008 15:45] - "C:\Documents and Settings\couturier\Application Data\drivers\downld"
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\121968.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\122656.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\123109.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\206359.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\211375.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\215234.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\216109.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\216843.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\229531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\230625.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\231218.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\232171.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\233859.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\235265.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\243265.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\244375.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\245765.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\253390.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\253984.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\254156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\254609.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\254625.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\254812.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\258375.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\260656.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\264953.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\266156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\266328.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\267031.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\267046.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\267218.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\268109.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\268531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\270109.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\270156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\270875.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\271578.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\271734.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\272031.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\272125.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\272531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\273671.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\273843.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\275296.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\289093.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\292500.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\293062.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\293531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\293843.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\294609.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\295093.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\295281.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\295812.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\296500.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\297921.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\298328.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\298546.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\300078.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\304078.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\305468.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\306484.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\306781.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\307250.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\307781.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\308296.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\314468.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\315406.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\315703.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\316062.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\316515.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\316625.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\317515.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\319203.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\320484.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\336078.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\338312.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\338687.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\339093.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\339343.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\339921.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\340390.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\346890.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\352562.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\353578.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\353906.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\356984.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\357609.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\358031.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\379296.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\386156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\390046.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\390796.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\391031.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\431062.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\431796.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\431984.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\445093.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\446515.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\447234.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\448312.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\450968.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\452671.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\462468.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\474218.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\474828.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\475468.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\47796.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\481281.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\48796.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\49015.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\494531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\495109.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\495546.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\507312.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\507953.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\508156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\50859.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\51218.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\51359.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\51531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\516125.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\520984.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\522359.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\523078.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\52343.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\524062.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\526578.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\52734.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\527406.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\527750.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\527875.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\528593.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\54109.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\54437.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\549406.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\550062.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\550515.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\55484.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\554984.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\55578.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\55656.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\56625.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\569937.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\570515.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\570890.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\57750.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\57968.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\58359.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\58531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\589562.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\601453.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\602234.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\602625.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\65531.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\66156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\75359.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\75937.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\76578.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\78515.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\79453.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\79484.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\80015.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\80156.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\80828.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\86546.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\87125.exe
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Application Data\drivers\downld\87593.exe

»»»» Presence des fichiers dans C:\DOCUME~1\COUTUR~1\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5

Found ! [29/12/2008 11:23] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\9LQ2GAOU\b64_1[1].jpg
Found ! [29/12/2008 12:19] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64[1].jpg
Found ! [29/12/2008 15:13] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64[2].jpg
Found ! [29/12/2008 12:21] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_1[1].jpg
Found ! [29/12/2008 15:15] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_1[2].jpg
Found ! [29/12/2008 12:00] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[1].jpg
Found ! [29/12/2008 15:11] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[2].jpg
Found ! [29/12/2008 15:41] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[3].jpg
Found ! [29/12/2008 12:05] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64[1].jpg
Found ! [29/12/2008 12:07] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64_1[1].jpg
Found ! [29/12/2008 11:18] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64_3[1].jpg
Found ! [29/12/2008 11:08] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\LO3J0NY7\b64[1].jpg
Found ! [29/12/2008 15:37] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\LO3J0NY7\mxd[1].jpg
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\b64_2[1].jpg
Found ! [29/12/2008 11:05] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\b64_3[1].jpg
Found ! [29/12/2008 11:57] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\mxd[1].jpg
Found ! [29/12/2008 11:21] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\TWKWJ9S3\mxd[1].jpg
Found ! [29/12/2008 11:21] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64[1].jpg
Found ! [29/12/2008 11:23] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64_2[1].jpg
Found ! [29/12/2008 12:16] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64_3[1].jpg
Found ! [29/12/2008 11:10] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_1[1].jpg
Found ! [29/12/2008 15:45] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_1[2].jpg
Found ! [29/12/2008 12:21] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_2[1].jpg
Found ! [29/12/2008 15:16] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_2[2].jpg
Found ! [29/12/2008 11:05] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_3[1].jpg
Found ! [29/12/2008 15:14] - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\mxd[1].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
mgsxlybzqwgil=C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\coviokgwkc.dll"
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\software\local appwizard-generated applications\qttask]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\run]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Samsung Media Studio]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\open\Command


------------------- ! Fin du rapport ! --------------------
0
Réponse 3 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 16:18
--> Supprime tes cracks et keygens.

--> Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir.

--> Double-clique sur le raccourci FindyKill sur ton Bureau.

--> Au menu principal, choisis l'option 2 (Suppression).

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

--> Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
0
fanny
29 déc. 2008 à 16:28
----------------- FindyKill V4.710 ------------------

* User : couturier - ALAIN
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 16:22:58 the 29/12/2008
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\Userinit.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\211375.EXE-1CB139F5.pf
Deleted ! - C:\WINDOWS\prefetch\270109.EXE-0D668E4D.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-06C898AB.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-0EF461CE.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-02ADCB08.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys

»»»» Supression files in C:\Documents and Settings\couturier\Application Data

Deleted ! - "C:\Documents and Settings\couturier\Application Data\m\flec006.exe"
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\(PROGRAMMI).crack.per.nod32.by.nave.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\A1 iPod Video Converter 1.2.10.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Abcc Music to MP3 AMR AAC OGG Converter Pro 5.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Active Wallpaper Changer 3.8.1 Build 117.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Adaptive Modeler 1.1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Advanced IE History Bar 1.1.2.45.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Alibre Design Xpress 11.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\All Video to AVI DivX Xvid Converter 1.7.4.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\All Video to PSP Converter 1.7.4.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\All-in-1 Personal Organizer 4.0.20.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Anti-keylogger for IE 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Anytexto 2.00.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ATSurround Processor for foobar2000 0.1.6a.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Audio To RM Converter 1.00.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Ava Find 1.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\AvoCalc Calculator 1.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Backup Chunker 2.2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\BmpHtmlFun 0.9 Build 19.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\by.josete.nod32.2.51.12-para.64bits+.extension-Imprescindible.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Camtix Web Video Publisher 1.02.02.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Cepstral ClockBot 1.01.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\CGIndia toolbar for Firefox 1.5.0.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ChatChecker 3.9.9.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Chevrolet Impala Screensaver 1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Classic Style Menus and Toolbars for Microsoft Word 2007 4.0.32.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Conversational Hypnosis eBook 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Cookie Monster 0.95.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Crack.-.Norton.Antivirus.Nav.2002-2003.Liveupdate.Subscription.(Works).zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Cute Partition Manager 0.9.8.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\CyberStar Online Timer And Remote System Manager 2.7.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\D. J. Elite-Party Edition 8.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\DC CPUInfo 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\DigitalNotes Toolbar 1.3.0.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Docklet OpenClose CD 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Door Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\DVD to Audio Converter 1.01.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\EMS SQL Manager for DBISAM 1.6.5.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\EnHanced XI Vol.1 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\eTextWizard 1.98.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Ewido.4.0.BETA.Cracked.Testato.ok.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Excel List Files In Folder Software 7.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Exec Utility 1.5.1.0013.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ExtraSMS 1.7.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Fantasy World 5.07.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Filezilla Password Decoder 1.03.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Find MS Access Databases Wizard.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Flash Video MX Pro 5.0.9.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Flobo PSD Recovery 2.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\FMReader 5.0.2777.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Genetica Pro 3.0.1914.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\GeoVisu 4.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Goo DVD To WMA Converter 1.00.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Hiyah Birds 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\HKMessageReceiver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\HotKeyz 2.7.2.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\HTML QuickForm Pilot 1.00.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ID3man 5.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\IDEAL Calendar 4.7.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Image Cut 1.507.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Incident 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Info101 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Inventrix 3.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\InviziVault 1.0 Build 196608.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Jaguar X-Type Screensaver 2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.5.0.388.FRENCH.+.Clé.valid.au.02.02.2007.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Kastelorizo Island Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\LanMate 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Li'l Atomic Clock 1.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Lunar Colongitude 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Microsoft 70-553 Exam 12.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Microsoft SQL Server Express Utility 1.0.2130.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Movies Search 1.06.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Need4 Audio Recorder 5.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Network Info Requester 1.01.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\New York Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Norton SystemWorks Premier Edition 11.0.0.67.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\NovaStor Online Backup 5.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\NutriGenie Weight Perfect 7.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Opell DVD to AVI MPEG MOV RM FLV iPod PSP 3GP Zune Converter 2.3.4.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\OutlookExport 1.19.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PageFix 2.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PC-Symantec.Norton.Antivirus.2006.Spanish-FastSCeNe.[www.gamepcrip.com].zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PDF U Split Desktop Edition 1.16.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PoolMagic CARE+ 8.84.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ProcessJuggler 0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\RationalPlan Multi Project 3.9.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Rebuilt.Avg.Antivirus.V.7.1.Italiano.Con.Seriale.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\RoamV 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Roger Wilco 1.4.1.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ScreenGrabber 0.01.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Secret Media 3.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Singing Tutor 4.1.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Skylook 1.5.3.134.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\SmallSQL Database 0.15.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\SMSem 1.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Soft191 Bookmark Converter 1.03a Beta.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Sothink Photo Album Maker 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Sounding Keyboard and Mouse 3.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\spiderWEB 7.0.0.0 Pre-release 1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Stationery 0.4.8.11.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Super Utilities Vista Version 8.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Symantec.Backup.Exec.v10d.Rev.5629.Crack.-.Keygen.-.Serial.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\SyncMyCal 1.7.66.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Tatarca Til Paketi [Tatar Language Pack] 2.0.0.4Beta.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Text Area Resizer & Mover 1.79.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Text Mining Tool 1.1.4.2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\The Address Manager 6.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\The Legend Online toolbar for Firefox 1.5.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TimeLogger 1.0.2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TimerFox 0.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TinyCOBOL 0.63.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Toyota JGTC Screensaver 2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Turin's Webcams 1.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TV Digital Mobile (Symbian) 3.20.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Ultra Mobile 3GP Video Converter 4.2.1021.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\UseShots Editor 0.6.0.59 Beta.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Valise Light 3.4-1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Vocabula 1.0.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Wallpaper Scout 1.51.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\WhiteBoard 2.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Whitewash 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\WinCleaner UAC Switch 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Windows Restart 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\WxCopy 1.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Xabbu 0.1.21.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ZylGSM 1.06.zip
Deleted ! - "C:\Documents and Settings\couturier\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\m"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\121968.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\122656.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\123109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\206359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\211375.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\215234.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\216109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\216843.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\229531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\230625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\231218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\232171.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\233859.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\235265.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\243265.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\244375.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\245765.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\253390.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\253984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254609.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254812.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\258375.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\260656.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\264953.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\266156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\266328.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\267031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\267046.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\267218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\268109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\268531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\270109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\270156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\270875.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\271578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\271734.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\272031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\272125.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\272531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\273671.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\273843.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\275296.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\289093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\292500.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\293062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\293531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\293843.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\294609.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\295093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\295281.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\295812.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\296500.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\297921.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\298328.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\298546.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\300078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\304078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\305468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\306484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\306781.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\307250.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\307781.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\308296.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\314468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\315406.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\315703.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\316062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\316515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\316625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\317515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\319203.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\320484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\336078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\338312.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\338687.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\339093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\339343.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\339921.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\340390.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\346890.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\352562.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\353578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\353906.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\356984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\357609.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\358031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\379296.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\386156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\390046.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\390796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\391031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\431062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\431796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\431984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\445093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\446515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\447234.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\448312.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\450968.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\452671.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\462468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\474218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\474828.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\475468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\47796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\481281.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\48796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\49015.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\494531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\495109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\495546.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\507312.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\507953.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\508156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\50859.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\51218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\51359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\51531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\516125.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\520984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\522359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\523078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\52343.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\524062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\526578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\52734.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\527406.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\527750.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\527875.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\528593.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\54109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\54437.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\549406.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\550062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\550515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\55484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\554984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\55578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\55656.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\56625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\569937.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\570515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\570890.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\57750.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\57968.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\58359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\58531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\589562.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\601453.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\602234.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\602625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\65531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\66156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\75359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\75937.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\76578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\78515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\79453.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\79484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\80015.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\80156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\80828.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\86546.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\87125.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\87593.exe
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\COUTUR~1\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\9LQ2GAOU\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\LO3J0NY7\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\LO3J0NY7\mxd[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\mxd[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\TWKWJ9S3\mxd[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !


+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------

Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\open\Command

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\#SharedObjects\5M4Q9AXV\crackle.com
C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\#SharedObjects\5M4Q9AXV\crackle.com\crackleSettings.sol
C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol


---------------- ! End of report ! ------------------
0
fanny
29 déc. 2008 à 16:32
j'ai envoié le rapport mais rien n'apparait sur le forum...
0
Réponse 4 / 65
Bidoulleux02 Messages postés 38 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 18 janvier 2009
29 déc. 2008 à 16:31
J'ai exactement le même problème, mais est ton obligé de supprimé tout les cracks si l'on sait quel est le crack responsable ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 16:32
"mais est ton obligé de supprimé tout les cracks si l'on sait quel est le crack responsable ?"
---> Tu ne voudrais pas que je t'aide à en trouver pendant que tu y es, non ?
0
fanny
29 déc. 2008 à 16:35
voila le deuxieme rapport:


----------------- FindyKill V4.710 ------------------

* User : couturier - ALAIN
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 16:22:58 the 29/12/2008
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\Userinit.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\211375.EXE-1CB139F5.pf
Deleted ! - C:\WINDOWS\prefetch\270109.EXE-0D668E4D.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-06C898AB.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-0EF461CE.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-02ADCB08.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys

»»»» Supression files in C:\Documents and Settings\couturier\Application Data

Deleted ! - "C:\Documents and Settings\couturier\Application Data\m\flec006.exe"
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\(PROGRAMMI).crack.per.nod32.by.nave.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\A1 iPod Video Converter 1.2.10.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Abcc Music to MP3 AMR AAC OGG Converter Pro 5.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Active Wallpaper Changer 3.8.1 Build 117.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Adaptive Modeler 1.1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Advanced IE History Bar 1.1.2.45.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Alibre Design Xpress 11.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\All Video to AVI DivX Xvid Converter 1.7.4.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\All Video to PSP Converter 1.7.4.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\All-in-1 Personal Organizer 4.0.20.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Anti-keylogger for IE 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Anytexto 2.00.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ATSurround Processor for foobar2000 0.1.6a.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Audio To RM Converter 1.00.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Ava Find 1.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\AvoCalc Calculator 1.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Backup Chunker 2.2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\BmpHtmlFun 0.9 Build 19.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\by.josete.nod32.2.51.12-para.64bits+.extension-Imprescindible.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Camtix Web Video Publisher 1.02.02.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Cepstral ClockBot 1.01.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\CGIndia toolbar for Firefox 1.5.0.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ChatChecker 3.9.9.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Chevrolet Impala Screensaver 1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Classic Style Menus and Toolbars for Microsoft Word 2007 4.0.32.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Conversational Hypnosis eBook 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Cookie Monster 0.95.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Crack.-.Norton.Antivirus.Nav.2002-2003.Liveupdate.Subscription.(Works).zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Cute Partition Manager 0.9.8.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\CyberStar Online Timer And Remote System Manager 2.7.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\D. J. Elite-Party Edition 8.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\DC CPUInfo 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\DigitalNotes Toolbar 1.3.0.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Docklet OpenClose CD 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Door Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\DVD to Audio Converter 1.01.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\EMS SQL Manager for DBISAM 1.6.5.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\EnHanced XI Vol.1 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\eTextWizard 1.98.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Ewido.4.0.BETA.Cracked.Testato.ok.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Excel List Files In Folder Software 7.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Exec Utility 1.5.1.0013.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ExtraSMS 1.7.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Fantasy World 5.07.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Filezilla Password Decoder 1.03.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Find MS Access Databases Wizard.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Flash Video MX Pro 5.0.9.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Flobo PSD Recovery 2.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\FMReader 5.0.2777.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Genetica Pro 3.0.1914.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\GeoVisu 4.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Goo DVD To WMA Converter 1.00.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Hiyah Birds 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\HKMessageReceiver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\HotKeyz 2.7.2.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\HTML QuickForm Pilot 1.00.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ID3man 5.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\IDEAL Calendar 4.7.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Image Cut 1.507.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Incident 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Info101 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Inventrix 3.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\InviziVault 1.0 Build 196608.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Jaguar X-Type Screensaver 2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.5.0.388.FRENCH.+.Clé.valid.au.02.02.2007.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Kastelorizo Island Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\LanMate 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Li'l Atomic Clock 1.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Lunar Colongitude 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Microsoft 70-553 Exam 12.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Microsoft SQL Server Express Utility 1.0.2130.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Movies Search 1.06.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Need4 Audio Recorder 5.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Network Info Requester 1.01.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\New York Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Norton SystemWorks Premier Edition 11.0.0.67.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\NovaStor Online Backup 5.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\NutriGenie Weight Perfect 7.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Opell DVD to AVI MPEG MOV RM FLV iPod PSP 3GP Zune Converter 2.3.4.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\OutlookExport 1.19.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PageFix 2.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PC-Symantec.Norton.Antivirus.2006.Spanish-FastSCeNe.[www.gamepcrip.com].zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PDF U Split Desktop Edition 1.16.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\PoolMagic CARE+ 8.84.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ProcessJuggler 0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\RationalPlan Multi Project 3.9.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Rebuilt.Avg.Antivirus.V.7.1.Italiano.Con.Seriale.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\RoamV 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Roger Wilco 1.4.1.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ScreenGrabber 0.01.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Secret Media 3.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Singing Tutor 4.1.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Skylook 1.5.3.134.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\SmallSQL Database 0.15.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\SMSem 1.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Soft191 Bookmark Converter 1.03a Beta.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Sothink Photo Album Maker 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Sounding Keyboard and Mouse 3.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\spiderWEB 7.0.0.0 Pre-release 1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Stationery 0.4.8.11.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Super Utilities Vista Version 8.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Symantec.Backup.Exec.v10d.Rev.5629.Crack.-.Keygen.-.Serial.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\SyncMyCal 1.7.66.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Tatarca Til Paketi [Tatar Language Pack] 2.0.0.4Beta.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Text Area Resizer & Mover 1.79.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Text Mining Tool 1.1.4.2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\The Address Manager 6.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\The Legend Online toolbar for Firefox 1.5.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TimeLogger 1.0.2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TimerFox 0.6.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TinyCOBOL 0.63.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Toyota JGTC Screensaver 2.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Turin's Webcams 1.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\TV Digital Mobile (Symbian) 3.20.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Ultra Mobile 3GP Video Converter 4.2.1021.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\UseShots Editor 0.6.0.59 Beta.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Valise Light 3.4-1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Vocabula 1.0.0.1.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Wallpaper Scout 1.51.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\WhiteBoard 2.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Whitewash 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\WinCleaner UAC Switch 1.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Windows Restart 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\WxCopy 1.5.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\Xabbu 0.1.21.zip
Deleted ! - C:\Documents and Settings\couturier\Application Data\m\shared\ZylGSM 1.06.zip
Deleted ! - "C:\Documents and Settings\couturier\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\m"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\121968.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\122656.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\123109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\206359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\211375.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\215234.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\216109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\216843.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\229531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\230625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\231218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\232171.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\233859.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\235265.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\243265.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\244375.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\245765.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\253390.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\253984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254609.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\254812.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\258375.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\260656.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\264953.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\266156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\266328.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\267031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\267046.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\267218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\268109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\268531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\270109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\270156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\270875.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\271578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\271734.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\272031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\272125.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\272531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\273671.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\273843.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\275296.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\289093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\292500.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\293062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\293531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\293843.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\294609.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\295093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\295281.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\295812.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\296500.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\297921.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\298328.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\298546.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\300078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\304078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\305468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\306484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\306781.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\307250.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\307781.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\308296.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\314468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\315406.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\315703.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\316062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\316515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\316625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\317515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\319203.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\320484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\336078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\338312.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\338687.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\339093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\339343.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\339921.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\340390.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\346890.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\352562.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\353578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\353906.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\356984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\357609.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\358031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\379296.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\386156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\390046.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\390796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\391031.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\431062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\431796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\431984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\445093.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\446515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\447234.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\448312.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\450968.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\452671.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\462468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\474218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\474828.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\475468.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\47796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\481281.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\48796.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\49015.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\494531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\495109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\495546.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\507312.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\507953.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\508156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\50859.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\51218.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\51359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\51531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\516125.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\520984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\522359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\523078.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\52343.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\524062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\526578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\52734.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\527406.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\527750.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\527875.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\528593.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\54109.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\54437.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\549406.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\550062.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\550515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\55484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\554984.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\55578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\55656.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\56625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\569937.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\570515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\570890.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\57750.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\57968.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\58359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\58531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\589562.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\601453.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\602234.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\602625.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\65531.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\66156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\75359.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\75937.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\76578.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\78515.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\79453.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\79484.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\80015.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\80156.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\80828.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\86546.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\87125.exe
Deleted ! - C:\Documents and Settings\couturier\Application Data\drivers\downld\87593.exe
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\couturier\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\COUTUR~1\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\9LQ2GAOU\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BGQMO8VR\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\BZLRRJYH\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\LO3J0NY7\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\LO3J0NY7\mxd[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\RVFJVS8P\mxd[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\TWKWJ9S3\mxd[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\Y6OMF339\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\couturier\Local Settings\Temporary Internet Files\Content.IE5\YCZF3EJD\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-2366115807-3377660124-3793208125-1006\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !


+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------

Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcd8228e-195a-11da-ac45-00038a000015}\Shell\open\Command

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\#SharedObjects\5M4Q9AXV\crackle.com
C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\#SharedObjects\5M4Q9AXV\crackle.com\crackleSettings.sol
C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com
C:\Documents and Settings\couturier\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol


---------------- ! End of report ! ------------------
0
Réponse 6 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 16:36
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
fanny
29 déc. 2008 à 16:40
contenu de log.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by couturier at 2008-12-29 16:38:45
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 163 GB (88%) free of 185 GB
Total RAM: 511 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:03, on 29/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_svc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\couturier\Bureau\RSIT.exe
C:\Program Files\trend micro\couturier.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st#
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [mgsxlybzqwgil] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\coviokgwkc.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\couturier\Application Data\m\flec006.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: eAcceleration Notification Service (eac_notifysvc) - eAcceleration Corp - C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_svc.exe
O23 - Service: eAcceleration Product Manager Service (eac_productsvc) - eAcceleration Corp - C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
0
Réponse 7 / 65
Bidoulleux02 Messages postés 38 Date d'inscription vendredi 9 février 2007 Statut Membre Dernière intervention 18 janvier 2009
29 déc. 2008 à 16:36
J'ai pas besoin d'aide pour ça je pose juste une question, car je n'ai pas envie d'aller supprimer mes trucs si je sais lequel a installé le virus.
0
Réponse 8 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 16:40
"J'ai pas besoin d'aide pour ça je pose juste une question, car je n'ai pas envie d'aller supprimer mes trucs si je sais lequel a installé le virus."
---> Je ne peux pas te répondre.
0
fanny
29 déc. 2008 à 16:40
info.txt logfile of random's system information tool 1.05 2008-12-29 16:39:04

======Uninstall list======

-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Acceleration Software\Anti-Virus\ws_uninst.exe" -s
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->C:\PROGRA~1\ACCELE~1\ANTI-V~1\regsvr32.exe /u /s C:\PROGRA~1\ACCELE~1\ANTI-V~1\ssupload.dll
-->C:\PROGRA~1\ACCELE~1\ANTI-V~1\regsvr32.exe /u /s C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnr.dll
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\PROGRA~1\FICHIE~1\EACCEL~1\SysSnap\syssnap.exe -UnregServer
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A32C786-85DE-48F8-9E54-848B3E34A90C}\setup.exe" -l0x40c -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
6000 Wierder op Lëtzebuergesch-->C:\WINDOWS\uninst.exe -f"C:\Program Files\CTeam\6000W\DeIsL1.isu" -c"C:\Program Files\CTeam\6000W\_ISREG32.DLL"
Adobe Acrobat 4.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Cosmopolitan Virtual Look-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TLC-Edusoft\Cosmopolitan Virtual Look\UninstCos.isu"
DirectX Media Runtime 5.1-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DXM51.INF,Uninstall.NT
Electronic Arts Game Updater-->C:\WINDOWS\IsUninst.exe -f"c:\Program Files\EACom\Update\Uninst.isu"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Encyclopédie Générale Interactive 99-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TLC-Edusoft\Encyclopedie Generale Interactive 99\Uninst.isu"
eoEngine 7.1-->"C:\Program Files\EoRezo\unins000.exe"
Feeding Frenzy-->C:\PROGRA~1\GAMEHO~1\FEEDIN~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\FEEDIN~1\INSTALL.LOG
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Garmin Communicator Plugin-->MsiExec.exe /X{10B3936F-0E93-4431-8E7B-3FEA5DAC88C3}
GdgAnglais5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{239C1CAC-BA05-40B5-A7A0-C86FEFF50304}\Setup.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Grand Prix 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4961DB6-A3F3-11D3-BE67-0000B4A81FC5}\setup.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Je chante et je joue avec Lapin Malin-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{075429DA-47AF-43F1-B889-91BAD1942442}\setup.exe"
Lapin Malin Maternelle 1 + Atelier de dessin & de musique-->C:\Program Files\Mindscape\Lapin Malin Maternelle 1 + Atelier de dessin & de musique\uninstall.exe
Lapin Malin Maternelle 2 + Atelier de dessin & de musique-->C:\Program Files\Mindscape\Lapin Malin Maternelle 2 + Atelier de dessin & de musique\uninstall.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
L'Odyssée d'Abe-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\L'Odyssée d'Abe\Uninst.isu"
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - Dictionnaire encyclopédique 2001-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Dictionnaire encyclopédique 2001\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{9112040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de licences personnelles-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,Uninstall
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Need For Speed - Porsche 2000-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Electronic Arts\Need For Speed - Porsche 2000\uninst.log"
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Packard Bell InfoCentre-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B04AC0A3-7A0F-4E38-9DE7-FD1E4CE47D8C}\setup.exe"
Portable MP3 Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19FA2AF9-AEA1-4D7D-8CCE-B292FECA50D8}\Setup.exe" -l0x40c
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Rocket Mania Deluxe 1.02-->C:\Program Files\Zone.Com Deluxe Games\Rocket Mania Deluxe\PopUninstall.exe "C:\Program Files\Zone.Com Deluxe Games\Rocket Mania Deluxe\Install.log"
RON Tool Offersfortoday-->C:\WINDOWS\system32\ggdmjmifjnanhu.exe
Samsung Digital Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B79684C-6DAC-438C-8F30-10DF65C2068F}\Setup.exe"
Samsung Master-->C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe -runfromtemp -l0x040c -removeonly
Samsung Media Studio-->C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe -runfromtemp -l0x040c -removeonly
ScanButton 2.4-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ScanButton 2.4\Uninst.isu"
Search Assistant Searchersmart-->C:\WINDOWS\system32\yeiqkudqzenhjmovn.dll-uninst.exe
SimTractor 3.12-->MsiExec.exe /I{AE2E3787-E898-46D7-BFF3-FB1DE516DBE1}
SimTractor 3.66f-->MsiExec.exe /I{989876E6-27B9-4E2C-9873-F599FB52ECF1}
Smart Link 56K Modem-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
StopSign by eAcceleration-->C:\PROGRA~1\FICHIE~1\EACCEL~1\INSTAL~1\eaccelsetup.exe -AddRemove
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Theme Park World-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Bullfrog\Theme Park World\Uninst.isu" -c"C:\Program Files\Bullfrog\Theme Park World\uninst.dll" -BFLANG=1036
Total Immersion Racing-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C2FE0127-0F86-43C7-824E-AA78E6B5F4F3}\setup.exe"
Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
ZTE ZXDSL852-->"C:\Program Files\ZTE Corporation\ZXDSL852\setup.exe" -u

======Security center information======

AV: StopSign Antivirus FREE TRIAL diagnostic version (disabled) (outdated)
AS: StopSign Antispyware FREE TRIAL diagnostic version (disabled) (outdated)

System event log

Computer Name: ALAIN
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 55256
Source Name: Service Control Manager
Time Written: 20081130115654.000000+060
Event Type: Informations
User:

Computer Name: ALAIN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

Record Number: 55255
Source Name: Service Control Manager
Time Written: 20081130115654.000000+060
Event Type: Informations
User: ALAIN\couturier

Computer Name: ALAIN
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 55254
Source Name: Service Control Manager
Time Written: 20081130115654.000000+060
Event Type: erreur
User:

Computer Name: ALAIN
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 55253
Source Name: Service Control Manager
Time Written: 20081130115654.000000+060
Event Type: Informations
User:

Computer Name: ALAIN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

Record Number: 55252
Source Name: Service Control Manager
Time Written: 20081130115654.000000+060
Event Type: Informations
User: ALAIN\couturier

Application event log

Computer Name: ALAIN
Event Code: 26
Message:
Record Number: 20528
Source Name: ISService
Time Written: 20071225102612.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ALAIN
Event Code: 26
Message:
Record Number: 20527
Source Name: ccSetMgr
Time Written: 20071225102611.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ALAIN
Event Code: 26
Message:
Record Number: 20526
Source Name: ccProxy
Time Written: 20071225102610.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: ALAIN
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur ALAIN\couturier alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 20525
Source Name: Userenv
Time Written: 20071225004732.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: ALAIN
Event Code: 101
Message: msnmsgr (8636) Le moteur de base de données est arrêté.

Record Number: 20524
Source Name: ESENT
Time Written: 20071225004301.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=2f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 9 / 65
fanny
29 déc. 2008 à 16:52
svp Destrio5 j'ai besoin de votre aide...
0
Réponse 10 / 65
T'Chiki Messages postés 59 Date d'inscription vendredi 26 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009 6
29 déc. 2008 à 16:55
Salut,


quel est le crack responsable ?

celui qui a un exe (fichier executable) avec un icone comme une ambulance

/!\ A lire dans tons cas 1 : http://www.libellules.ch/...
/!\ A lire dans tons cas 2 : http://forum.malekal.com/ftopic893.php
/!\ A visionner : http://secuboxlabs.fr/archives/computertoday.html
0
Réponse 11 / 65
fanny
29 déc. 2008 à 17:08
besoin de destrio5
0
Réponse 12 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 17:12
---> Réinstalle les applications qui ont été infectés pendant que je regarde les rapports RSIT.
0
Réponse 13 / 65
fanny
29 déc. 2008 à 17:17
je réinstalle avast puisque c'est le seul programme qui ne fonctionne pas
0
Réponse 14 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 17:44
---> Désinstalle eoEngine 7.1.

● Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
● Double-clique sur l'icône Ad-remover située sur ton Bureau.
● Au menu principal, choisis l'option "A".
● Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 15 / 65
fanny
29 déc. 2008 à 17:47
juste une petite question..cela permet il de désinstaller eoEngine 7.1. ou faut il que avant de faire tout sa je dois le désinstaller manuellement??!!
0
Réponse 16 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 17:49
Désinstalle-le manuellement et AD-Remover virera les traces.
0
Réponse 17 / 65
fanny
29 déc. 2008 à 17:56
--------- Logfile of AD-Remover 1.0.8.1 by C_XX ---------

# START at: 17:55:30 | Lun 29/12/2008 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal

# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: ALAIN | USER: couturier ( Current user is an administrator)

# DRIVE(S):
- C:\ (File System: NTFS)

# Internet Explorer v7.0.5730.13

--------- [ RUNNING PROCESSES: 22 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_svc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\couturier\Application Data\drivers\winupgro.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------


+-----------------------| Boonty/Boonty Games Elements found :

.

+-----------------------| Eorezo Elements found :

"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
.
[29/12/2008 17:54|d--------] C:\PROGRA~1\EoRezo
[27/06/2007 13:56|--a------] C:\PROGRA~1\EoRezo\CONFME~1.CYP
[09/10/2008 18:24|d--------] C:\PROGRA~1\EoRezo\EoAdv
[09/10/2008 18:24|--a------] C:\PROGRA~1\EoRezo\eoEngine.url
[04/03/2008 15:13|--a------] C:\PROGRA~1\EoRezo\EOMULT~1.DLL
[08/08/2008 12:56|--a------] C:\PROGRA~1\EoRezo\EOREZO~1.DLL
[15/06/2007 13:49|--a------] C:\PROGRA~1\EoRezo\EOREZO~4.DLL
[14/08/2007 12:45|--a------] C:\PROGRA~1\EoRezo\EO6115~1.DLL
[03/09/2007 11:22|--a------] C:\PROGRA~1\EoRezo\EO4511~1.DLL
[20/09/2007 13:05|--a------] C:\PROGRA~1\EoRezo\EO4515~1.DLL
[21/11/2007 10:14|--a------] C:\PROGRA~1\EoRezo\EO5519~1.DLL
[07/02/2008 16:33|--a------] C:\PROGRA~1\EoRezo\EO551D~1.DLL
[09/05/2007 15:57|--a------] C:\PROGRA~1\EoRezo\EOREZO~2.DLL
[15/06/2007 13:49|--a------] C:\PROGRA~1\EoRezo\EOREZO~3.DLL
[06/07/2007 14:55|--a------] C:\PROGRA~1\EoRezo\EO6CF9~1.DLL
[24/08/2007 15:15|--a------] C:\PROGRA~1\EoRezo\EO400A~1.DLL
[22/11/2007 10:51|--a------] C:\PROGRA~1\EoRezo\EO400E~1.DLL
[08/07/2008 10:44|--a------] C:\PROGRA~1\EoRezo\EO5002~1.DLL
[08/08/2008 11:22|--a------] C:\PROGRA~1\EoRezo\EO5006~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\FREEIM~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\Host.cyp
[09/10/2008 18:24|d--------] C:\PROGRA~1\EoRezo\lang
[27/06/2008 11:23|--a------] C:\PROGRA~1\EoRezo\MNGINS~1.DLL
[09/10/2008 18:24|--a------] C:\PROGRA~1\EoRezo\unins000.dat
[09/10/2008 18:24|--a------] C:\PROGRA~1\EoRezo\unins000.exe
[21/12/2007 10:23|--a------] C:\PROGRA~1\EoRezo\user.cyp
[09/05/2007 15:57|--a------] C:\PROGRA~1\EoRezo\EoAdv\EoAdv.dll
[09/10/2008 18:24|--a------] C:\PROGRA~1\EoRezo\EoAdv\eoAdv.url
[24/09/2008 08:24|--a------] C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~3.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IH935B~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IH0447~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~2.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~4.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_en.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_es.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_fr.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_it.xml
[29/12/2008 17:44|d--------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo
[04/12/2008 20:18|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\cmhost.cyp
[04/12/2008 18:19|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\CONFME~1.CYP
[04/12/2008 18:19|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\CONFME~1.OLD
[04/12/2008 18:21|d--------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\db
[06/12/2008 14:41|d--------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\EODESK~1
[29/12/2008 17:48|d--------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\eoStats
[04/12/2008 20:18|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\host.cyp
[04/12/2008 20:18|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\user.cyp
[04/12/2008 18:21|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\db\cat.cyp
[06/12/2008 14:41|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\EODESK~1\config.xml
[06/12/2008 14:41|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\EODESK~1\EODESK~1.HTM
[06/12/2008 14:41|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\EODESK~1\USERCO~1.XML
[29/12/2008 17:50|--a------] C:\DOCUME~1\COUTUR~1\APPLIC~1\EoRezo\eoStats\eoStats.txt
[29/12/2008 11:20|--a------] C:\DOCUME~1\COUTUR~1\Cookies\COF832~1.TXT
[12/11/2008 21:56|--a------] C:\DOCUME~1\COUTUR~1\Cookies\CO3EA2~1.TXT

+-----------------------| Everest Poker Elements found :

.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.

+-----------------------| It's TV Elements found :

.

+-----------------------| Sweetim Elements found :

.

+-----------------------| ADDED SCAN :

+--[HKEY_CURRENT_USER\..\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

mgsxlybzqwgil REG_SZ C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\coviokgwkc.dll"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

+--[HKEY_USERS\.DEFAULT\..\Run]


+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.google.fr/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

- "C:\AD-report-Scan-29.12.2008.log" (~6847 bytes)

# END at: 17:55:51 | 29/12/2008 - Time elapsed: 21.1 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 122 lines ]
+---------------------------------------------------------------------------+
0
Réponse 18 / 65
T'Chiki Messages postés 59 Date d'inscription vendredi 26 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009 6
29 déc. 2008 à 17:57
C pas une blague ...
0
Réponse 19 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 17:57
/!\ Déconnecte-toi et ferme toutes applications en cours /!\

● Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.

● Coche à l'écran de sélection :
http://sd-1.archive-host.com/membres/up/16506160323759868/Capturer-ADR.JPG

Suppression Boonty/BoontyGames (Si trouvé)
Suppression Eorezo (Si trouvé)
Suppression Everest Poker (Si trouvé)
Suppression Funwebproduct/MyWay/MyWebsearch (Si trouvé)
Suppression Messenger Skinner (Si trouvé)
Suppression Sweetim (Si trouvé)
Suppression It's TV (Si trouvé)

● Puis choisis S, le programme va travailler.

● Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report.log)

/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
0
fanny
29 déc. 2008 à 18:05
j'ai fait ce que vous m'avez indiquez mais aprés avoir indiqué S il n'y a pas de rapport...la fenetre se ferme et rien ne se passe
0
dready76 Messages postés 17 Date d'inscription mercredi 31 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009
31 déc. 2008 à 19:18
Bonjour Destrio5,

Suite à une télechargement douteux (je sais c'est mal :-( ), j'ai été infecté par Bagle. les symptômes sont les même que tous le monde dans les différents post précedent. J'ai essayé ELIBAGLA puis combo-fix mais le virus est toujours là apparement car je ne peux toujours pas lancer avast. Par ailleurs je n'ai plus non plus de son, malgré la réinstallation des mes drivers audio.
J'ai suivi les conseils donnés sur le forum et j'ai lancé un scan avec Findykill. Voilà le rapport findykill.txt, Serais tu assez charitable pour m'aider !!!

Merci d'avance pour ta réponse.

Mika




----------------- FindyKill V4.710 ------------------

* User : User - PC-34DF6F5DB527
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 18:32:35 le 31/12/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\145062.EXE-08D7C39F.pf
Found ! - C:\WINDOWS\prefetch\312218.EXE-01739B7F.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-256EDED2.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\User\Application Data

Found ! [31/12/2008 18:07] - "C:\Documents and Settings\User\Application Data\drivers"

»»»» Presence des fichiers dans C:\DOCUME~1\User\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5

Found ! [10/11/2006 09:39] - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\7B5560BB781B40259A06350E9B643B6E_more.jpg
Found ! [13/06/2008 17:31] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\AlbumArt_{029da419-75bc-47d9-b339-5dccb647d110}_Large.jpg
Found ! [09/06/2008 21:24] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\AlbumArt_{4e56b041-703e-45c6-8b64-f4ea50a57418}_Large.jpg
Found ! [09/06/2008 19:46] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\AlbumArt_{73f301fc-c920-41b6-bb64-6dc2e63c49c5}_Large.jpg
Found ! [09/06/2008 19:34] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\AlbumArt_{7afec50b-4810-48d9-b64c-632dcacc9ab8}_Large.jpg
Found ! [09/06/2008 18:36] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\AlbumArt_{bc6eb64f-fc29-4c79-8168-207b4acd1447}_Large.jpg
Found ! [09/06/2008 19:38] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\ZuneArt_{413B645F-BC71-4A47-8F8E-FAF709566066}.jpg
Found ! [13/06/2008 17:49] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\ZuneArt_{4C3AB646-3A34-49FE-827B-F7974622980A}.jpg
Found ! [13/06/2008 18:06] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\ZuneArt_{7F1D3F6B-74B0-4453-A6A6-2FB6405DDF6C}.jpg
Found ! [29/05/2008 17:56] - C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Zune\Art Cache\ZuneArt_{E652FF15-F681-4B64-9D8B-87C6B0DD570B}.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
TVAgent WiFi=C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
LVCOMSX=C:\WINDOWS\system32\LVCOMSX.EXE
LogitechVideoRepair=C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray=C:\Program Files\Logitech\Video\LogiTray.exe
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
ISUSPM Startup="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Look 'n' Stop="C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
OODefragTray=C:\WINDOWS\system32\oodtray.exe
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
RTHDCPL=RTHDCPL.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\software\local appwizard-generated applications\key_gen]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\ManifestEngine]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-1606980848-1844823847-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur de CD-ROM

E: - Lecteur fixe


+- Contenu de l'autorun : D:\autorun.inf

[autorun]
open = ASUSACPI.exe
icon = asus.ico


+- presence des fichiers :

Found ! [26/04/2005 13:31][-r-------] - D:\autorun.inf


--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297 > dready76 Messages postés 17 Date d'inscription mercredi 31 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009
31 déc. 2008 à 19:20
Je veux bien t'aider mais fais ton propre sujet ;)
0
dready76 Messages postés 17 Date d'inscription mercredi 31 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009 > Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023
31 déc. 2008 à 19:35
ok je le fais de suite.

Merki
0
Réponse 20 / 65
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
29 déc. 2008 à 18:06
Tu as bien coché les cases avant de lancer la suppression ?
0
fanny
29 déc. 2008 à 18:09
j'ai tapé 1,2,3,4,5,6,S
0