Sujet Précédent Sujet Suivant

Quelqu'un connai ce virus?

Résolu/Fermé
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 - 3 janv. 2009 à 09:58
 Laurent555 - 21 janv. 2009 à 14:00
Bonjour,
depui quelque temps j'ai mon pc qui a un gros problème tous d'abord je ne peut pas redémarré en mode sans echec , l'antivirus est desactivé et je ne peut pas le réactiver , impossible derestaurer le système , impossible de formater , impossible de suprimer qoique ce soit,impossible d'installé car lorsque je veut faire ça il me dit windows installer est mal instalé alors que je n'i est pas toucher et enfin je n'ai plu de son je ne peut plu regarder de video et écouté de musique a partir de mon pc car il me dit que les periphérique audio ne sont pas instalé en bref mon pc est bloqué et j'aimeré savoir si quelq'un a deja eu affaire a ce virus

43 réponses

Réponse 1 / 43
Utilisateur anonyme
3 janv. 2009 à 10:09
Salut,

Avant de formater :

FindyKill de Chiquitine29

▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

▶ Laisse toi guider pour l'installer.

▶ Double clic sur " FindyKill." pour lancer l'outil .

▶ Choisis La langue:F pour français

▶ Choisis l'option 1 . Puis laisses travailler ...

▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

Les-risques-securitaires-du-peer-to-peer

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
2
Réponse 2 / 43
Utilisateur anonyme
3 janv. 2009 à 10:52
Re,

Vire sa =>
C:\Documents and Settings\Helene\Bureau\prog\musik symt‚tike\autre\- Corona Dj - Move The Sound (Crack Dub Mix) - (Electric Tk).mp3 =>Source d'infection.

Ensuite fait sa:

▶ Télécharge hijackthis

▶ Enregistre la cible sous .... "le bureau"

▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

▶ Clique sur Install ensuite sur "I Accept"

▶ Clique sur" Do a scan system and save log file"

▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

▶ Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
2
Réponse 3 / 43
Elarion Messages postés 173 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 5 février 2016 26
3 janv. 2009 à 10:01
beh reinstalle windows .. .
0
Réponse 4 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 10:07
comment je reinstalle windows??
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 43
Elarion Messages postés 173 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 5 février 2016 26
3 janv. 2009 à 10:08
beh le truc c'est u boot sur le cd 'installation de windows que tu devrais avoir .. sinon beh rdv dans l'underground .. bref . beh tu boot sur le cd et hop t'installe tranquillement ton windows et t'aura un formatage de ton disk avec ca
0
Réponse 6 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 10:16
alors voila le rapport

---------------- FindyKill V4.710 ------------------

* User : Helene - ACER-19B694409A
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 10:12:40 le 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Documents and Settings\Helene\Mes documents\Res.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Processus infectieux stoppés ] ----------------


"C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe" (1964)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\Prefetch\DOSKEY.EXE-04460F8C.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [03/01/2009 09:49] - C:\WINDOWS\system32\mdelk.exe
Found ! [03/01/2009 09:49] - C:\WINDOWS\system32\wintems.exe
Found ! [03/01/2009 09:49] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Helene\Application Data

Found ! [03/01/2009 09:52] - "C:\Documents and Settings\Helene\Application Data\m\flec006.exe"
Found ! [03/01/2009 09:52] - "C:\Documents and Settings\Helene\Application Data\m\list.oct"
Found ! [03/01/2009 09:52] - "C:\Documents and Settings\Helene\Application Data\m\data.oct"
Found ! [03/01/2009 09:52] - "C:\Documents and Settings\Helene\Application Data\m\srvlist.oct"
Found ! [30/12/2008 09:17] - "C:\Documents and Settings\Helene\Application Data\m\shared"
Found ! [30/12/2008 09:17] - "C:\Documents and Settings\Helene\Application Data\m"
Found ! [29/12/2008 20:26] - "C:\Documents and Settings\Helene\Application Data\drivers"
Found ! [02/01/2009 18:34] - "C:\Documents and Settings\Helene\Application Data\drivers\srosa.sys"
Found ! [02/01/2009 18:34] - "C:\Documents and Settings\Helene\Application Data\drivers\srosa2.sys"
Found ! [06/09/2006 05:03] - "C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe"
Found ! [29/12/2008 20:26] - "C:\Documents and Settings\Helene\Application Data\drivers\downld"
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1822000.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1824000.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1824062.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1860531.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\200375.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\200750.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\206062.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\227109.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\227843.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\228187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\347687.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\390468.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\391328.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\391359.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\405109.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\406515.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\407171.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\408125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\408968.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\409421.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\432281.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\432875.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\433234.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\439593.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\449109.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\449906.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\450625.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\503312.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\503890.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\504093.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1152343.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1156187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1164234.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1222093.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1223937.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1224281.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1429250.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1478281.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1479187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1479218.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1499140.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1500750.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1501468.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1502375.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1503125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1503687.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1536359.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1537015.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1537406.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1560500.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1561578.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1565984.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1616125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1616703.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1616953.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1298046.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1298781.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1298796.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\1311375.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\79187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\89203.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\89218.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\101453.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\408140.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\416968.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\601640.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\602703.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\603125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\770546.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\776968.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\777812.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\778078.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\809343.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\810125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\810187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\822500.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\823812.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\824203.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\824921.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\825734.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\826359.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\899703.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\900421.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\900718.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\906156.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\909843.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\914546.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\915187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\915593.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\949484.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\950015.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\950062.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\424859.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\425187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\429218.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\476125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\478812.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\479125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\568031.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\576625.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\577453.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\577656.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\609187.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\609921.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\609937.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\622921.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\624546.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\625312.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\626281.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\627078.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\627625.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\647843.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\648421.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\648781.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\690093.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\690984.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\691453.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\721859.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\724843.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\724906.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\383562.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\386546.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\392937.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\446640.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\448312.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\448656.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\532609.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\538734.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\539953.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\540125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\576406.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\580125.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\580234.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\598250.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\599812.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\600468.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\601484.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\602437.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\603062.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\624796.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\625484.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\625906.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\636953.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\637796.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\638453.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\657109.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\667000.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\667531.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\667593.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54910406.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54910843.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54917296.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54937562.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54938234.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54938546.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\54962781.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55102500.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55103640.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55108203.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55108984.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55109140.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55139703.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55140609.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55140687.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55153875.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55155078.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55155640.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55156593.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55157468.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55158046.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55177515.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55178265.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55178578.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55184890.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55201062.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55201937.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55202515.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55235421.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55236062.exe
Found ! [29/12/2008 20:26] - C:\Documents and Settings\Helene\Application Data\drivers\downld\55236187.exe

»»»» Presence des fichiers dans C:\DOCUME~1\Helene\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Helene\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
LaunchApp=Alaunch
IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PCMService="C:\Program Files\Arcade\PCMService.exe"
IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
EPM-DM=c:\acer\epm\epm-dm.exe
ePowerManagement=C:\Acer\ePM\ePM.exe boot
LManager=C:\Program Files\Launch Manager\QtZgAcer.EXE
eRecoveryService=C:\Program Files\Acer\eRecovery\Monitor.exe
USB Storage Toolbox=C:\Documents and Settings\Helene\Mes documents\Res.EXE
SsAAD.exe=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
ShStatEXE="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
McAfeeUpdaterUI="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
Network Associates Error Reporting Service="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\software\local appwizard-generated applications\install]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Launch Tool]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\serial]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 7 / 43
Utilisateur anonyme
3 janv. 2009 à 10:17
Re,

tu as des cracks vire les.

Findykill de chiquitine29 option 2:

▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

▶ Double-clique sur le raccourci FindyKill sur ton bureau

▶ Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

𥭮nsuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 8 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 10:19
ok merci de tes conseil
0
Réponse 9 / 43
Utilisateur anonyme
3 janv. 2009 à 10:19
Re,

C'est pas fini.
0
Réponse 10 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 10:50
alor voila le rapport de netoyage



----------------- FindyKill V4.710 ------------------

* User : Helene - ACER-19B694409A
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 10:46:25 the 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\DOSKEY.EXE-04460F8C.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys

»»»» Supression files in C:\Documents and Settings\Helene\Application Data

Deleted ! - "C:\Documents and Settings\Helene\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Aoork DVD2MP4 Pro 3.0.88 Build 218b.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\No room's List Manager 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\PasteCopy.NET 0.8.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Facebook Developer Toolkit 1.2.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Lexus GS Screensaver 1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\GAX reloaded 2.01.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Realmedia RM RMVB Converter 3.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Matrix Reloaded Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\GeoDataSource .NET Control 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Alarm 1.6.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\SME TigerShark 2006 (Visual Information for Sage) 1.4.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\AKS Image Comparer 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Portable PMeter 1.03.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Map Grabber 1.2.3 Beta.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Microcrypt Pro 3.18.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Soccer Team Icons.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\FlashFXP Password Recovery 1.0.160.2006.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Virtual Hymnal 2.01.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\JKR Icon Extract 1.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Find Junk Files 6.01.20 Build 3182.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Anchorun 1.2.3.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\EOD 1.2.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Call of Duty 3 Screensaver (PS3) 1.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\BlazingTools Instant Source 1.45.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Business News Google Gadget 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ASP.NET Report Maker 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Pos Multimedia Privacy Keeper 1.3.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\AudioTune Professional 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Master Password Timeout 0.2.7.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Tab History 1.0.5.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Norton.AntiVirus.-.Internet.Security.2007.Final.Product.Key.&.Activation.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Widget of Happiness 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Radio 100FM Player 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Wav2MP3 Wizard 3.2 Build 354.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Rainforest Fairies 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\EasyByte Ticker 1.2.2.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\McAfee_Internet_Security_Suite_9.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\idv Kvadur 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Dolphin Screensaver 5 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Infinite Menus 10.4.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Shrek 3 Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\DwgConverter 3.6.0.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Clear File Upload Fields 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Email ProGen 2.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\iOpus Secure Email Attachments - Encrypted and Self-extracting 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Local Headlines 0.0.0.2.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Panda Z 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Marketing Crawler 1.1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Image Printer Standard 2.00.772.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\PNGwriter 0.5.3.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\EasySky 3.01.15.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Sir Sir.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\SYMANTEC.ANTIVIRUS.CORPORATE.V10.0.2.2000.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Power CD+G to Video Karaoke Converter 1.0.15.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Taskbar Control 2.01.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\iTunes Top 25 Songs 2.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\File Defender 1.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Compact AutoRunner 1.0.1 Build 100.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Localizer 1.0.1.3.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\EuroOffice Map Chart 2.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\1-Hour Search Engine Optimization Crash Course 1.5.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\kinkimono font 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Cross-Database Comparator Pro 6.0 build 27969.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\E-Mail Server 3.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ActiveScan Cleaner 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ACIO Ovulation Calendar 2.7.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Color Coder 1.35.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\HandyFTP 1.0.21.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ABC Amber Outlook Converter 9.29.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Mangle-It C++ Obfuscator 2.2.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\The Dwarves 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Soft Filter 3.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 Russian - Estonian 4.1.29.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Dolphin Dreams Screensaver 5.05.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Systemscripter 6.01.20.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\GraphPaper 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Recovery for Excel 4.1 Build 096244.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\SeekSpeak 1.0.20080728.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\HEXtreme 2.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Sci-Fi Voices For MorphVOX.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\OCR File Splitter 2.8.0.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ReminderWiz 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\LED Banner+BBC CNN 1.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Access MDE Compiler 1.4.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\[MOBILE GAME] Giochi Per Motorola A1000.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Nutshell 1.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Phatboy ImageSlicer 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Excel to PDF Batch Convert Multiple Files Software 7.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Ultra.Mobile.3GP.Video.Converter.v3.0.4.0421b-Serial_CiM.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\SC UniPad 1.20.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Audio Graphing Calculator 2.0.4.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\SV2 Page Tracker 1.02b.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Fidelity Market Monitor Widget 1.2 Beta.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Nidesoft DVD to PSP Converter 5.1.06.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Zipboard 2.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Aggiorno 1.2.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\[APP]AVG.Antivirus.Professional.7.0.289.(con.Seriale).zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ZoomIt 2.2.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\C-Photo Recovery 2.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\pdf-Recover Professional 4.0.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Photowall 1.0.5.6.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Zero Assumption Disk Space Visualizer 1.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\KeepV Flash Converter 2.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\AVI DVD Burner 2008 5.1.0.20.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Ogg File Cutter 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Panda.Antivirus.+.Firewall.2007.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ThumbsPlus Screensaver 5.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\StockControl 1.0.3.8.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\PasswordFox 1.10.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\$hopKeep 4.4.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\DVDWriterPro2 1.008.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Tweak PDF 1.33.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Easy 3D Objects 1.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Math Solver II 1.1.2.54.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Rhapsody 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\ezGrid .NET 2.0.21.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Symantec_Norton_SystemWorks_2003_Pro_Fr_by_Eclozion_(Bin)_[Gathaka].zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Stardust Image Encoder 2004 TE 4.0.0.62.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Free Quick Word to Pdf Converter 5.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Finale SongWriter 2005.r4.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\TopDesk 3.0b.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Fontdinerdotcom Jazz Dark 001.000.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Avral Tramigo 1.0.6.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Atelier Web Remote Commander 6.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Catacombae DiskUsageAnalyzer 1.00.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\DB2 Data Wizard 8.4.0.1.zip
Deleted ! - C:\Documents and Settings\Helene\Application Data\m\shared\Monsieur Chat or Space Invaders Clock 1.2.zip
Deleted ! - "C:\Documents and Settings\Helene\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\m"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1822000.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1824000.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1824062.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1860531.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\200375.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\200750.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\206062.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\227109.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\227843.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\228187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\347687.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\390468.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\391328.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\391359.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\405109.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\406515.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\407171.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\408125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\408968.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\409421.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\432281.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\432875.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\433234.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\439593.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\449109.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\449906.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\450625.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\503312.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\503890.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\504093.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1152343.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1156187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1164234.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1222093.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1223937.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1224281.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1429250.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1478281.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1479187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1479218.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1499140.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1500750.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1501468.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1502375.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1503125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1503687.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1536359.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1537015.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1537406.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1560500.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1561578.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1565984.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1616125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1616703.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1616953.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1298046.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1298781.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1298796.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\1311375.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\79187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\89203.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\89218.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\101453.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\408140.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\416968.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\601640.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\602703.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\603125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\770546.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\776968.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\777812.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\778078.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\809343.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\810125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\810187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\822500.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\823812.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\824203.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\824921.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\825734.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\826359.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\899703.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\900421.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\900718.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\906156.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\909843.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\914546.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\915187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\915593.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\949484.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\950015.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\950062.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\424859.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\425187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\429218.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\476125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\478812.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\479125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\568031.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\576625.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\577453.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\577656.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\609187.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\609921.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\609937.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\622921.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\624546.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\625312.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\626281.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\627078.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\627625.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\647843.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\648421.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\648781.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\690093.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\690984.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\691453.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\721859.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\724843.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\724906.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\383562.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\386546.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\392937.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\446640.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\448312.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\448656.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\532609.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\538734.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\539953.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\540125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\576406.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\580125.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\580234.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\598250.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\599812.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\600468.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\601484.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\602437.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\603062.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\624796.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\625484.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\625906.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\636953.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\637796.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\638453.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\657109.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\667000.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\667531.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\667593.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54910406.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54910843.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54917296.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54937562.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54938234.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54938546.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\54962781.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55102500.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55103640.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55108203.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55108984.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55109140.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55139703.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55140609.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55140687.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55153875.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55155078.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55155640.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55156593.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55157468.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55158046.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55177515.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55178265.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55178578.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55184890.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55201062.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55201937.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55202515.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55235421.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55236062.exe
Deleted ! - C:\Documents and Settings\Helene\Application Data\drivers\downld\55236187.exe
Deleted ! - "C:\Documents and Settings\Helene\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Helene\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\Helene\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\Helene\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Other deleting ] ----------------

Infected ! - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> Deleted !

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\Local AppWizard-Generated Applications\MsnMsgr
Deleted ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-389188441-603057427-4086080872-1005\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !


+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

F: - Lecteur amovible

G: - Lecteur amovible


+- deleting files :

Deleted ! - G:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Helene\Bureau\prog\musik symt‚tike\autre\- Corona Dj - Move The Sound (Crack Dub Mix) - (Electric Tk).mp3


---------------- ! End of report ! ------------------
0
Réponse 11 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 10:52
j'ai fait une nouvelle recherche le logiciel ne peut pa accéder a certaine clé voila ce qu'il dit



----------------- FindyKill V4.710 ------------------

* User : Helene - ACER-19B694409A
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 10:51:23 le 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\windows-kb890830-v2.5.exe
d:\76dbd9a6437a8ed9766f6855e29cfb\mrtstub.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\MRT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch


»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Helene\Application Data


»»»» Presence des fichiers dans C:\DOCUME~1\Helene\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Helene\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
drvsyskit=C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe
german.exe=C:\WINDOWS\system32\wintems.exe
mule_st_key=C:\Documents and Settings\Helene\Application Data\m\flec006.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
LaunchApp=Alaunch
IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PCMService="C:\Program Files\Arcade\PCMService.exe"
IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
EPM-DM=c:\acer\epm\epm-dm.exe
ePowerManagement=C:\Acer\ePM\ePM.exe boot
LManager=C:\Program Files\Launch Manager\QtZgAcer.EXE
eRecoveryService=C:\Program Files\Acer\eRecovery\Monitor.exe
USB Storage Toolbox=C:\Documents and Settings\Helene\Mes documents\Res.EXE
SsAAD.exe=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
ShStatEXE="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
McAfeeUpdaterUI="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
Network Associates Error Reporting Service="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1


--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | german.exe
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | mule_st_key

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

Ip6Fw - Type de démarrage = 2

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

F: - Lecteur amovible

G: - Lecteur amovible


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 12 / 43
Utilisateur anonyme
3 janv. 2009 à 10:53
Re,

Fait le message 10 et rien d'autres
0
Réponse 13 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 10:56
le rapport de hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:39, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Documents and Settings\Helene\Mes documents\Res.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Helene\Application Data\m\flec006.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A778172-52FB-4A73-A8BA-F7CB835A2030}: NameServer = 80.10.246.2,80.10.246.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA2D124A-16D8-408F-8616-82FE1EC0AEB8}: NameServer = 81.253.149.1 80.10.246.3
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
0
Réponse 14 / 43
Utilisateur anonyme
3 janv. 2009 à 10:59
Re,


▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 15 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 11:03
le premier rapport

info.txt logfile of random's system information tool 1.05 2009-01-03 11:01:47

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->Dummy
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eManager for Notebook-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Acer eNetManagement-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePowerManagement-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Arcade 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CCleaner (remove only)-->"C:\Program Files\eMule\001100\CCleaner\uninst.exe"
Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Conexant AC-Link Audio-->CIAunwdm.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Cossacks - European Wars-->C:\WINDOWS\uncsetup.exe
eMule Plus 1.2b-->"C:\Program Files\eMule\unins000.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Hide IP NG 1.41-->"C:\Program Files\Hide IP NG\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
McAfee VirusScan Enterprise-->MsiExec.exe /I{4DCA2739-9D16-4B55-808C-E72CD70A5BD3}
mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
OLYMPUS CAMEDIA Master 1.2-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\OLYMPUS\CAMEDIA Master\Uninst.isu"
OpenMG Limited Patch 4.1-05-13-31-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.1-05-13-31-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.1.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL
Photo Viewer 3.03fs-->C:\Program Files\Photo Viewer 3.03fs\Uninstal.exe
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE" -uninstall
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_00661025\HXFSETUP.EXE -U -Iqta00665.inf
SonicStage 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8E50332B-772C-4AEA-BF56-94DE6A1D5F10} /l1036
USB Disk Win98 Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}\Setup.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\YAHOO!\Common\YINSTH~1.DLL

System event log

Computer Name: ACER-19B694409A
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

Record Number: 77772
Source Name: Service Control Manager
Time Written: 20081229120357.000000+060
Event Type: Informations
User: ACER-19B694409A\Helene

Computer Name: ACER-19B694409A
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 77771
Source Name: Service Control Manager
Time Written: 20081229120357.000000+060
Event Type: erreur
User:

Computer Name: ACER-19B694409A
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 77770
Source Name: Service Control Manager
Time Written: 20081229120357.000000+060
Event Type: Informations
User:

Computer Name: ACER-19B694409A
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

Record Number: 77769
Source Name: Service Control Manager
Time Written: 20081229120357.000000+060
Event Type: Informations
User: ACER-19B694409A\Helene

Computer Name: ACER-19B694409A
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 77768
Source Name: Service Control Manager
Time Written: 20081229120357.000000+060
Event Type: erreur
User:

Application event log

Computer Name: ACER-19B694409A
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 8924
Source Name: SecurityCenter
Time Written: 20080724095110.000000+120
Event Type: Informations
User:

Computer Name: ACER-19B694409A
Event Code: 0
Message:
Record Number: 8923
Source Name: RegSrvc
Time Written: 20080724095106.000000+120
Event Type: Informations
User:

Computer Name: ACER-19B694409A
Event Code: 0
Message:
Record Number: 8922
Source Name: EvtEng
Time Written: 20080724095049.000000+120
Event Type: Informations
User:

Computer Name: ACER-19B694409A
Event Code: 1
Message:
Record Number: 8921
Source Name: SSScsiSV
Time Written: 20080723190348.000000+120
Event Type: Informations
User:

Computer Name: ACER-19B694409A
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 8920
Source Name: SecurityCenter
Time Written: 20080723190346.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Intel\Wireless\Bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

le second rappord

Logfile of random's system information tool 1.05 (written by random/random)
Run by Helene at 2009-01-03 11:01:45
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 12 GB (33%) free of 36 GB
Total RAM: 1022 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:46, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Helene\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Helene.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Documents and Settings\Helene\Mes documents\Res.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Helene\Application Data\drivers\winupgro.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Helene\Application Data\m\flec006.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A778172-52FB-4A73-A8BA-F7CB835A2030}: NameServer = 80.10.246.2,80.10.246.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA2D124A-16D8-408F-8616-82FE1EC0AEB8}: NameServer = 81.253.149.1 80.10.246.3
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
0
Réponse 16 / 43
Utilisateur anonyme
3 janv. 2009 à 11:04
Re,

Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

--->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

Tuto ici : TUTO
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :

Double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 17 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 11:08
je doit écrire c-fix comme nom du fichier c'est ça?
0
Réponse 18 / 43
Utilisateur anonyme
3 janv. 2009 à 11:10
Re,

Non tu double clic sur l'icone "COMBOFIX" et ensuite tu Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

--->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 19 / 43
download me Messages postés 215 Date d'inscription mardi 16 décembre 2008 Statut Membre Dernière intervention 13 février 2020 4
3 janv. 2009 à 11:12
je peut laissé mes clé USB ?
0
Réponse 20 / 43
Utilisateur anonyme
3 janv. 2009 à 11:13
Re,


NON.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses