NTBS investigators flight recorder black box
AnToiinee
Messages postés
4
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Voila j'ai un problème avec mon ordinateur au démarrage "NTBS investigators flight recorder (black box) analyser" s'affiche j'ai tout essaye Elibagla, Malwarebytes, mon anti virus ne marche plus et je ne peux plus en installer un autre, mon ordinateur rame et j'arrive a accéder au mode sans échec que très rarement j'ai ce probleme depuis hier et j'ai regardé dans les autres sujets, ou on a éxpliqué qu'il fallait utiliser le logiciel FindyKill mais quand j'analyse il me dise no matching processus not found, et voila le premier scan :
----------------- FindyKill V4.710 ------------------
* User : Toussainte - XPSP2-FF9508420
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 17:30:43 le 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe
C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe
C:\PROGRA~1\Wanadoo\Watch.exe
--------------- [ Processus infectieux stoppés ] ----------------
"C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe" (2524)
"C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe" (2580)
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\179796.EXE-3A258004.pf
Found ! - C:\WINDOWS\prefetch\182625.EXE-25B01EB5.pf
Found ! - C:\WINDOWS\prefetch\214937.EXE-2CA0D989.pf
Found ! - C:\WINDOWS\prefetch\333734.EXE-2D27611C.pf
Found ! - C:\WINDOWS\prefetch\334375.EXE-2413E043.pf
Found ! - C:\WINDOWS\prefetch\345640.EXE-14388285.pf
Found ! - C:\WINDOWS\prefetch\427687.EXE-0FF2C2AA.pf
Found ! - C:\WINDOWS\prefetch\439921.EXE-0E49F4A2.pf
Found ! - C:\WINDOWS\prefetch\591625.EXE-1CD4A728.pf
Found ! - C:\WINDOWS\prefetch\623343.EXE-03B6750A.pf
Found ! - C:\WINDOWS\prefetch\78875.EXE-28277429.pf
Found ! - C:\WINDOWS\prefetch\82218.EXE-39004692.pf
Found ! - C:\WINDOWS\prefetch\83046.EXE-06632DFE.pf
Found ! - C:\WINDOWS\prefetch\920656.EXE-03D244CA.pf
Found ! - C:\WINDOWS\prefetch\935328.EXE-37749746.pf
Found ! - C:\WINDOWS\prefetch\954484.EXE-2C6F8DCF.pf
Found ! - C:\WINDOWS\prefetch\972140.EXE-15D1F2D5.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-373F953A.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-095EC3CD.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [03/01/2009 17:27] - C:\WINDOWS\system32\mdelk.exe
Found ! [03/01/2009 17:27] - C:\WINDOWS\system32\wintems.exe
Found ! [03/01/2009 17:30] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Toussainte\Application Data
Found ! [03/01/2009 17:19] - "C:\Documents and Settings\Toussainte\Application Data\m\flec006.exe"
Found ! [03/01/2009 17:20] - "C:\Documents and Settings\Toussainte\Application Data\m\list.oct"
Found ! [03/01/2009 17:20] - "C:\Documents and Settings\Toussainte\Application Data\m\data.oct"
Found ! [03/01/2009 17:21] - "C:\Documents and Settings\Toussainte\Application Data\m\srvlist.oct"
Found ! [03/01/2009 17:25] - "C:\Documents and Settings\Toussainte\Application Data\m\shared"
Found ! [03/01/2009 17:21] - "C:\Documents and Settings\Toussainte\Application Data\m"
Found ! [03/01/2009 17:10] - "C:\Documents and Settings\Toussainte\Application Data\drivers"
Found ! [03/01/2009 17:27] - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa.sys"
Found ! [03/01/2009 17:27] - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa2.sys"
Found ! [21/08/2006 02:02] - "C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe"
Found ! [03/01/2009 17:29] - "C:\Documents and Settings\Toussainte\Application Data\drivers\downld"
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\128890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\129625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\130031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\157140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\157921.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\158265.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\158671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\159140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\159250.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\170453.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\173875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\179796.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\180468.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\180921.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\182625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\183390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\183890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\214937.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\303343.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\321093.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\326609.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\327109.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\333734.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\334375.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\338328.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\338718.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\340031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\340781.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\340937.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\345640.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\402890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\406562.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\406984.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\419515.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\420015.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\420500.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\427687.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\439921.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\49515.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\52484.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\52500.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\55062.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\55078.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\56671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\591625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\59671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\59875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\599093.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\601000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\601265.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\623343.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\633000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\633640.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\634218.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\71828.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\71875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\72031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\72125.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\75968.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\76000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\76031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\77562.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\78875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\807062.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\808390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\808468.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\82218.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\825156.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\825171.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\825343.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\828671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\83046.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\831078.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\832890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\834781.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\836390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\837484.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\846781.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\848187.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\849312.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\851140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\852562.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\853703.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\909703.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\910734.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\911296.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\920656.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\925390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\925953.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\926765.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\928140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\928718.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\928953.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\935328.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\946140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\946625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\947000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\954484.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\971406.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\972140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\972718.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\973203.exe
»»»» Presence des fichiers dans C:\DOCUME~1\TOUSSA~1\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5
Found ! [03/01/2009 17:16] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[1].jpg
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[2].jpg
Found ! [03/01/2009 17:25] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_2[1].jpg
Found ! [03/01/2009 14:37] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_3[1].jpg
Found ! [03/01/2009 14:42] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[1].jpg
Found ! [03/01/2009 17:19] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[2].jpg
Found ! [03/01/2009 17:24] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_1[1].jpg
Found ! [03/01/2009 17:14] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[1].jpg
Found ! [03/01/2009 17:27] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[2].jpg
Found ! [03/01/2009 17:27] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[3].jpg
Found ! [03/01/2009 17:24] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[1].jpg
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[2].jpg
Found ! [03/01/2009 14:34] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_3[1].jpg
Found ! [03/01/2009 17:19] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64[1].jpg
Found ! [03/01/2009 14:40] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[1].jpg
Found ! [03/01/2009 17:16] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[2].jpg
Found ! [03/01/2009 17:25] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_2[1].jpg
Found ! [03/01/2009 17:15] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_3[1].jpg
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
WOOKIT=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
msnmsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
city browse=C:\DOCUME~1\TOUSSA~1\APPLIC~1\README~1\Support View.exe
AdobeUpdater=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
VeohPlugin="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
OODefragTray=C:\WINDOWS\system32\oodtray.exe
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
WinampAgent="C:\Program Files\Winamp\winampa.exe"
WOOWATCH=C:\PROGRA~1\Wanadoo\Watch.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
NokiaMServer=C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
Nokia FastStart="C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
AdobeCS4ServiceManager="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
WARN POP TRUST LIES=C:\Documents and Settings\All Users\Application Data\Camp Mess Warn Pop\Idle program.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Support View]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\SUPPOR~1]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur de CD-ROM
F: - Lecteur fixe
G: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
S'il vous plait aidez vous je ne sais vraiment plus quoi faire et je suis très paniqué
Voila j'ai un problème avec mon ordinateur au démarrage "NTBS investigators flight recorder (black box) analyser" s'affiche j'ai tout essaye Elibagla, Malwarebytes, mon anti virus ne marche plus et je ne peux plus en installer un autre, mon ordinateur rame et j'arrive a accéder au mode sans échec que très rarement j'ai ce probleme depuis hier et j'ai regardé dans les autres sujets, ou on a éxpliqué qu'il fallait utiliser le logiciel FindyKill mais quand j'analyse il me dise no matching processus not found, et voila le premier scan :
----------------- FindyKill V4.710 ------------------
* User : Toussainte - XPSP2-FF9508420
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 17:30:43 le 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe
C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe
C:\PROGRA~1\Wanadoo\Watch.exe
--------------- [ Processus infectieux stoppés ] ----------------
"C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe" (2524)
"C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe" (2580)
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\179796.EXE-3A258004.pf
Found ! - C:\WINDOWS\prefetch\182625.EXE-25B01EB5.pf
Found ! - C:\WINDOWS\prefetch\214937.EXE-2CA0D989.pf
Found ! - C:\WINDOWS\prefetch\333734.EXE-2D27611C.pf
Found ! - C:\WINDOWS\prefetch\334375.EXE-2413E043.pf
Found ! - C:\WINDOWS\prefetch\345640.EXE-14388285.pf
Found ! - C:\WINDOWS\prefetch\427687.EXE-0FF2C2AA.pf
Found ! - C:\WINDOWS\prefetch\439921.EXE-0E49F4A2.pf
Found ! - C:\WINDOWS\prefetch\591625.EXE-1CD4A728.pf
Found ! - C:\WINDOWS\prefetch\623343.EXE-03B6750A.pf
Found ! - C:\WINDOWS\prefetch\78875.EXE-28277429.pf
Found ! - C:\WINDOWS\prefetch\82218.EXE-39004692.pf
Found ! - C:\WINDOWS\prefetch\83046.EXE-06632DFE.pf
Found ! - C:\WINDOWS\prefetch\920656.EXE-03D244CA.pf
Found ! - C:\WINDOWS\prefetch\935328.EXE-37749746.pf
Found ! - C:\WINDOWS\prefetch\954484.EXE-2C6F8DCF.pf
Found ! - C:\WINDOWS\prefetch\972140.EXE-15D1F2D5.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-373F953A.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-095EC3CD.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [03/01/2009 17:27] - C:\WINDOWS\system32\mdelk.exe
Found ! [03/01/2009 17:27] - C:\WINDOWS\system32\wintems.exe
Found ! [03/01/2009 17:30] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Toussainte\Application Data
Found ! [03/01/2009 17:19] - "C:\Documents and Settings\Toussainte\Application Data\m\flec006.exe"
Found ! [03/01/2009 17:20] - "C:\Documents and Settings\Toussainte\Application Data\m\list.oct"
Found ! [03/01/2009 17:20] - "C:\Documents and Settings\Toussainte\Application Data\m\data.oct"
Found ! [03/01/2009 17:21] - "C:\Documents and Settings\Toussainte\Application Data\m\srvlist.oct"
Found ! [03/01/2009 17:25] - "C:\Documents and Settings\Toussainte\Application Data\m\shared"
Found ! [03/01/2009 17:21] - "C:\Documents and Settings\Toussainte\Application Data\m"
Found ! [03/01/2009 17:10] - "C:\Documents and Settings\Toussainte\Application Data\drivers"
Found ! [03/01/2009 17:27] - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa.sys"
Found ! [03/01/2009 17:27] - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa2.sys"
Found ! [21/08/2006 02:02] - "C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe"
Found ! [03/01/2009 17:29] - "C:\Documents and Settings\Toussainte\Application Data\drivers\downld"
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\128890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\129625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\130031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\157140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\157921.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\158265.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\158671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\159140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\159250.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\170453.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\173875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\179796.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\180468.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\180921.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\182625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\183390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\183890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\214937.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\303343.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\321093.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\326609.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\327109.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\333734.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\334375.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\338328.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\338718.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\340031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\340781.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\340937.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\345640.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\402890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\406562.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\406984.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\419515.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\420015.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\420500.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\427687.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\439921.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\49515.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\52484.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\52500.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\55062.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\55078.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\56671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\591625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\59671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\59875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\599093.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\601000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\601265.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\623343.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\633000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\633640.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\634218.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\71828.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\71875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\72031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\72125.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\75968.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\76000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\76031.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\77562.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\78875.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\807062.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\808390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\808468.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\82218.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\825156.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\825171.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\825343.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\828671.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\83046.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\831078.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\832890.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\834781.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\836390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\837484.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\846781.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\848187.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\849312.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\851140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\852562.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\853703.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\909703.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\910734.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\911296.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\920656.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\925390.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\925953.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\926765.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\928140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\928718.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\928953.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\935328.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\946140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\946625.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\947000.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\954484.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\971406.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\972140.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\972718.exe
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Application Data\drivers\downld\973203.exe
»»»» Presence des fichiers dans C:\DOCUME~1\TOUSSA~1\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5
Found ! [03/01/2009 17:16] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[1].jpg
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[2].jpg
Found ! [03/01/2009 17:25] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_2[1].jpg
Found ! [03/01/2009 14:37] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_3[1].jpg
Found ! [03/01/2009 14:42] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[1].jpg
Found ! [03/01/2009 17:19] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[2].jpg
Found ! [03/01/2009 17:24] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_1[1].jpg
Found ! [03/01/2009 17:14] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[1].jpg
Found ! [03/01/2009 17:27] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[2].jpg
Found ! [03/01/2009 17:27] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[3].jpg
Found ! [03/01/2009 17:24] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[1].jpg
Found ! [03/01/2009 17:29] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[2].jpg
Found ! [03/01/2009 14:34] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_3[1].jpg
Found ! [03/01/2009 17:19] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64[1].jpg
Found ! [03/01/2009 14:40] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[1].jpg
Found ! [03/01/2009 17:16] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[2].jpg
Found ! [03/01/2009 17:25] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_2[1].jpg
Found ! [03/01/2009 17:15] - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_3[1].jpg
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
WOOKIT=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
msnmsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
city browse=C:\DOCUME~1\TOUSSA~1\APPLIC~1\README~1\Support View.exe
AdobeUpdater=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
VeohPlugin="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
OODefragTray=C:\WINDOWS\system32\oodtray.exe
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
WinampAgent="C:\Program Files\Winamp\winampa.exe"
WOOWATCH=C:\PROGRA~1\Wanadoo\Watch.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
NokiaMServer=C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
Nokia FastStart="C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
AdobeCS4ServiceManager="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
WARN POP TRUST LIES=C:\Documents and Settings\All Users\Application Data\Camp Mess Warn Pop\Idle program.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Support View]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\SUPPOR~1]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
- sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
- sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur de CD-ROM
F: - Lecteur fixe
G: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
S'il vous plait aidez vous je ne sais vraiment plus quoi faire et je suis très paniqué
A voir également:
- NTBS investigators flight recorder black box
- Apowersoft screen recorder - Télécharger - Capture d'écran
- Free sound recorder - Télécharger - Audio & Musique
- Avs video recorder - Télécharger - TV & Vidéo
- Jitbit macro recorder - Télécharger - Confidentialité
- Adresse ip box - Guide
6 réponses
Salut,
Findykill de chiquitine29 option 2:
▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir
▶ Double-clique sur le raccourci FindyKill sur ton bureau
▶ Au menu principal, choisisl'option 2 (Suppression)
/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\
▶ Ensuite, poste le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Findykill de chiquitine29 option 2:
▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir
▶ Double-clique sur le raccourci FindyKill sur ton bureau
▶ Au menu principal, choisisl'option 2 (Suppression)
/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\
▶ Ensuite, poste le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Alors j'ai reussit a faire le lancement FindyKill le scan aussi, ensuite ça m'a permit d'installer Kaspersky et de faire une recherche de virus, le scan vient de se terminer mais voila le probleme c'est que ça fait la troisième fois que j'y arrive depuis hier et quand je redémarre mon ordinateur le virus revient.
Re,
Fait ce que je te dit et poste moi le rapport de findykill option 2 et rien d'autres te donne la suite.
Fait ce que je te dit et poste moi le rapport de findykill option 2 et rien d'autres te donne la suite.
----------------- FindyKill V4.710 ------------------
* User : Toussainte - XPSP2-FF9508420
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 18:29:27 the 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Toussainte\Application Data
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\TOUSSA~1\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\294HOPKL\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\294HOPKL\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\294HOPKL\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\4TOP2XST\b64[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\TTNFDK9K\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\TTNFDK9K\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_3[1].jpg
--------------- [ Other deleting ] ----------------
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\MsnMsgr
Deleted ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\winupgro
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur de CD-ROM
F: - Lecteur fixe
G: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\Toussainte\Recent\Adobe.Photoshop.CS2.v9.0.1.FR.Incl-Crack.et.Keygen.[emule-island.com].rar.lnk
---------------- ! End of report ! ------------------
Voilaa !
* User : Toussainte - XPSP2-FF9508420
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 18:29:27 the 03/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Toussainte\Application Data
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\winupgro.exe"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Toussainte\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\TOUSSA~1\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\294HOPKL\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\294HOPKL\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\294HOPKL\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\4TOP2XST\b64[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\6HHKIBDS\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\TTNFDK9K\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\TTNFDK9K\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\8DAZSLAR\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\G9EZW1YJ\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\GP2701MF\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Toussainte\Local Settings\Temporary Internet Files\Content.IE5\SDIR4PUB\b64_3[1].jpg
--------------- [ Other deleting ] ----------------
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\MsnMsgr
Deleted ! - HKEY_USERS\S-1-5-21-527237240-963894560-1801674531-1003\Software\Local AppWizard-Generated Applications\winupgro
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
E: - Lecteur de CD-ROM
F: - Lecteur fixe
G: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\Toussainte\Recent\Adobe.Photoshop.CS2.v9.0.1.FR.Incl-Crack.et.Keygen.[emule-island.com].rar.lnk
---------------- ! End of report ! ------------------
Voilaa !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re,
Vire sa:
C:\Documents and Settings\Toussainte\Recent\Adobe.Photoshop.CS2.v9.0.1.FR.Incl-Crack.et.Keygen.[emule-island.com].rar.lnk
▶ Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
CCLEANER
▶ Lance-le. Va dans "Options" puis "Avancé",
▶ Tu décoches la case "Effacer uniquement les fichiers etc...".
▶ Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage.
▶ Tu vas dans "Registre", tu fais "Chercher des erreurs".
Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.
▶ Un tuto ( aide )
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
▶ Télécharge hijackthis
▶ Enregistre la cible sous .... "le bureau"
▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation
▶ Clique sur Install ensuite sur "I Accept"
▶ Clique sur" Do a scan system and save log file"
▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
▶ Tuto hijackthis(Merci à Balltrap34)
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Vire sa:
C:\Documents and Settings\Toussainte\Recent\Adobe.Photoshop.CS2.v9.0.1.FR.Incl-Crack.et.Keygen.[emule-island.com].rar.lnk
▶ Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
CCLEANER
▶ Lance-le. Va dans "Options" puis "Avancé",
▶ Tu décoches la case "Effacer uniquement les fichiers etc...".
▶ Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage.
▶ Tu vas dans "Registre", tu fais "Chercher des erreurs".
Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.
▶ Un tuto ( aide )
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
▶ Télécharge hijackthis
▶ Enregistre la cible sous .... "le bureau"
▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation
▶ Clique sur Install ensuite sur "I Accept"
▶ Clique sur" Do a scan system and save log file"
▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
▶ Tuto hijackthis(Merci à Balltrap34)
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Bonjour,
j'ai le même problème que : AnToiinee, le samedi 3 janvier 2009 à 17:44:43
pour gagné du temps voici mon rapport:
Désolé d'être aussi bref c'est pour éviter de poser la même question.
Vous remerciant par avance.
----------------- FindyKill V4.712 ------------------
* User : Polo - APOLOSIO
* executed from : C:\Program Files\FindyKill
* Update on 14/01/09 par Chiquitine29
* Start at 17:05:47 the 17/01/2009
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf
»»»» Supression files in C:\WINDOWS\system32
Not deleted !! - C:\WINDOWS\system32\mdelk.exe
Not deleted !! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Polo\Application Data
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\1Z0-007 Oracle OCP DBA9i Introduction to Oracle9i
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\360Voice Desktop 4.02.2a.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\3D Grapher 1.21.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\3D Tropical Island Screen Saver 1.0b.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Actualizacion.Mcafee.De.Por.Vida.updated-fixed.01-2007.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Alice DVD to H.264 MP4 Converter 5.38.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Ambages 001.000.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AMORTSC 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AnimatedCamero ScreenMate 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AppCompactor 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Atomic Word Password Recovery 1.50.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Attachments Processor for Outlook 4.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Australian Landscapes 09 Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Auto-Talk 4.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AWT Font Shower 2.7 Build 9228.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Background Buddy Pro 3.05.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Big Clock 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Black Steel 1.2.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\BMW E39 Screensaver 1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Calvary of Albuquerque 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Chilkat Zip C++ Library -.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Christmas Textures 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Classic Menu for Excel 3.5.0.113.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\COM Explorer 2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Coollector 2.28.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\CopyShell 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\CPU Led Indicator 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Crack.Panda.Platinum.Internet.Security.2005.v9.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Dark Super 1.0.4.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Delete FXP Files 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Directory Synchronizer 0.3 Build 226.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\DX 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Easy Text To HTML Converter 3.0.0.057.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Eset.NOD32.Antivirus.Administrator.Edition.v2.50.16.PROPER-DVT.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Eva Mendes Screensaver1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Find Toolbar Tweaks 2.0.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Font Viewer 2.00.382.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Free System Tweaker 4.5.0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\FreeNetEnumerator 1.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Freewind SQL Converter 1.8.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Gimao Browser 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Glossword 1.8.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\GoodOk DVD Ripper 5.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\HTML Template Browser 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Humanclock 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\IBFireBackup 2.6.0.76.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\icecream 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\IceLand 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\ID AntiPopup 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\iMiser Web Organizer 3.1 SR1 Build 1075.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Ivan Video to 3GP + DVD to 3GP 1.11.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\IWEB Dashboard 1.0.0.40.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Java HTTP Client 2.5.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Jokes Screen Saver 2.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Jovem Pan AM 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\K2xMon 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Kaufman Launch Cleaner 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\KingConvert For Coby PMP-3522 4.0.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\LingvoSoft FlashCards English German 1.5.07.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\LvG Spellcheck 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MacAfee.Virusscan.-.8.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MailChecker 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Maximus CD Player 3.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Mayweed Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Mcafee.Viruscan.Enterprise-2004.8.0I.16-07-2004.Ilimitado.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Microsoft Agent Network Chat 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Mister Wong Toolbar 1.1.8a.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Morning Glory 1.0.14.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MouseaWay 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Movie to GIF Converter 2.20.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MyBusinessCatalog Gold 6.4.0.18.87.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MySQL Delete (Remove) Duplicate Entries Software 7.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NetFilter SDK 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NetMac 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\New Chronicles Of Rebecca 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NewPlay 4 Audio Full Edition 4.05.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Nod32_2.51.30_ita.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Nod32_by_soft-best.net.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Nokia Gps Route 66 Mobile 2007 [Mapas de Espa¤a y Portugal].zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Norton.AntiVirus.2004.LiveUpdate.to.2090.by.Xp.for.EWS.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Noted 2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NotePad SX 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\OBJ Export for SolidWorks 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Obsidian Menu 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Omniquad Surfwall - Enterprise Manager 2.882.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Opera Christmas Widget! 1.6.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\OSPC
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Paragon CD-ROM Emulator Network 3.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Paste MSDN URL 1.0.2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\pdf2picture 6.5.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Pepys Personal Edition 1.0.2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Phoebus 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Photo2Web Publisher 1.00.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Privacy Inspector 2.00.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Qdeo 1.0 Beta.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\QDQ Search 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\QRCode 2D Barcode ActiveX 3.0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\RE
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Registry Accelerator 5.1.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Reverb Rack R-ii 2.6.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Sam's Interactive Reader 1.10.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Scalable Fabric 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\SetBrowser 1.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\SharePoint Vista Sidebar Gadget Preview 0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Shuffle Radio Tuner 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Shutdown System Manager 1.00.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Sony Vegas Movie Studio Platinum 9.0b Build 85.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\soul cage screensaver 01.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\StreamAware 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Super MIDI Scripter 0.830.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Symantec.Norton.Ghost.2006.v10.Retail.+.Crack.+.Code.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Telepen Barcode Font 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Trailfire 1.5.12010.2584.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Trojan.Lodear Removal Tool 1.3.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\TTHmachine 1.02 beta.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\TurboFTP 6.00 Build 712.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\TV Set 1.0.0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Twins File Merger 3.86.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Video and Music to iPod Converter 4.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\VisualHash 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Wav to MP3 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Web Pictures Downloader 2.0 SR 100.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Window Magician 1.1.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Winguard Popup Remover 1.17.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\WordBanker English-Croatian 6.4.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\xSync File Synchronizer 2.0.26.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\XtraTools 2008 1.7.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Zero-X BeatQuantizer 1.52.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\[Antivirus].Panda.Platinium.Internet.Security.(2009).zip
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\shared"
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\m"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\drivers\srosa2.sys"
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\drivers\winupgro.exe"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\drivers\downld"
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\Polo\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64[3].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\file[1].txt
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\mxd[3].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\6TEJSM4O\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\VQU82VKM\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\VQU82VKM\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\file[1].txt
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\VQU82VKM\mxd[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_USERS\S-1-5-21-68334855-1302535486-174330245-1007\Software\Local AppWizard-Generated Applications\winupgro
Deleted ! - HKEY_USERS\S-1-5-21-68334855-1302535486-174330245-1007\Software\FFC
Deleted ! - HKEY_USERS\S-1-5-21-68334855-1302535486-174330245-1007\Software\MuleAppData
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
F: - Lecteur de CD-ROM
M: - Lecteur fixe
+- deleting files :
Not deleted !! - F:\autorun.inf
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Other Infections ] ----------------
j'ai le même problème que : AnToiinee, le samedi 3 janvier 2009 à 17:44:43
pour gagné du temps voici mon rapport:
Désolé d'être aussi bref c'est pour éviter de poser la même question.
Vous remerciant par avance.
----------------- FindyKill V4.712 ------------------
* User : Polo - APOLOSIO
* executed from : C:\Program Files\FindyKill
* Update on 14/01/09 par Chiquitine29
* Start at 17:05:47 the 17/01/2009
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf
»»»» Supression files in C:\WINDOWS\system32
Not deleted !! - C:\WINDOWS\system32\mdelk.exe
Not deleted !! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Polo\Application Data
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\1Z0-007 Oracle OCP DBA9i Introduction to Oracle9i
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\360Voice Desktop 4.02.2a.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\3D Grapher 1.21.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\3D Tropical Island Screen Saver 1.0b.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Actualizacion.Mcafee.De.Por.Vida.updated-fixed.01-2007.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Alice DVD to H.264 MP4 Converter 5.38.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Ambages 001.000.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AMORTSC 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AnimatedCamero ScreenMate 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AppCompactor 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Atomic Word Password Recovery 1.50.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Attachments Processor for Outlook 4.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Australian Landscapes 09 Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Auto-Talk 4.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\AWT Font Shower 2.7 Build 9228.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Background Buddy Pro 3.05.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Big Clock 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Black Steel 1.2.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\BMW E39 Screensaver 1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Calvary of Albuquerque 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Chilkat Zip C++ Library -.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Christmas Textures 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Classic Menu for Excel 3.5.0.113.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\COM Explorer 2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Coollector 2.28.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\CopyShell 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\CPU Led Indicator 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Crack.Panda.Platinum.Internet.Security.2005.v9.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Dark Super 1.0.4.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Delete FXP Files 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Directory Synchronizer 0.3 Build 226.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\DX 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Easy Text To HTML Converter 3.0.0.057.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Eset.NOD32.Antivirus.Administrator.Edition.v2.50.16.PROPER-DVT.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Eva Mendes Screensaver1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Find Toolbar Tweaks 2.0.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Font Viewer 2.00.382.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Free System Tweaker 4.5.0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\FreeNetEnumerator 1.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Freewind SQL Converter 1.8.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Gimao Browser 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Glossword 1.8.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\GoodOk DVD Ripper 5.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\HTML Template Browser 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Humanclock 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\IBFireBackup 2.6.0.76.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\icecream 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\IceLand 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\ID AntiPopup 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\iMiser Web Organizer 3.1 SR1 Build 1075.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Ivan Video to 3GP + DVD to 3GP 1.11.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\IWEB Dashboard 1.0.0.40.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Java HTTP Client 2.5.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Jokes Screen Saver 2.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Jovem Pan AM 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\K2xMon 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Kaufman Launch Cleaner 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\KingConvert For Coby PMP-3522 4.0.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\LingvoSoft FlashCards English German 1.5.07.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\LvG Spellcheck 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MacAfee.Virusscan.-.8.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MailChecker 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Maximus CD Player 3.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Mayweed Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Mcafee.Viruscan.Enterprise-2004.8.0I.16-07-2004.Ilimitado.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Microsoft Agent Network Chat 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Mister Wong Toolbar 1.1.8a.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Morning Glory 1.0.14.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MouseaWay 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Movie to GIF Converter 2.20.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MyBusinessCatalog Gold 6.4.0.18.87.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\MySQL Delete (Remove) Duplicate Entries Software 7.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NetFilter SDK 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NetMac 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\New Chronicles Of Rebecca 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NewPlay 4 Audio Full Edition 4.05.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Nod32_2.51.30_ita.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Nod32_by_soft-best.net.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Nokia Gps Route 66 Mobile 2007 [Mapas de Espa¤a y Portugal].zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Norton.AntiVirus.2004.LiveUpdate.to.2090.by.Xp.for.EWS.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Noted 2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\NotePad SX 1.2.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\OBJ Export for SolidWorks 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Obsidian Menu 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Omniquad Surfwall - Enterprise Manager 2.882.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Opera Christmas Widget! 1.6.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\OSPC
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Paragon CD-ROM Emulator Network 3.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Paste MSDN URL 1.0.2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\pdf2picture 6.5.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Pepys Personal Edition 1.0.2.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Phoebus 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Photo2Web Publisher 1.00.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Privacy Inspector 2.00.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Qdeo 1.0 Beta.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\QDQ Search 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\QRCode 2D Barcode ActiveX 3.0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\RE
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Registry Accelerator 5.1.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Reverb Rack R-ii 2.6.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Sam's Interactive Reader 1.10.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Scalable Fabric 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\SetBrowser 1.4.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\SharePoint Vista Sidebar Gadget Preview 0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Shuffle Radio Tuner 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Shutdown System Manager 1.00.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Sony Vegas Movie Studio Platinum 9.0b Build 85.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\soul cage screensaver 01.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\StreamAware 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Super MIDI Scripter 0.830.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Symantec.Norton.Ghost.2006.v10.Retail.+.Crack.+.Code.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Telepen Barcode Font 1.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Trailfire 1.5.12010.2584.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Trojan.Lodear Removal Tool 1.3.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\TTHmachine 1.02 beta.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\TurboFTP 6.00 Build 712.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\TV Set 1.0.0.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Twins File Merger 3.86.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Video and Music to iPod Converter 4.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\VisualHash 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Wav to MP3 1.0.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Web Pictures Downloader 2.0 SR 100.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Window Magician 1.1.3.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Winguard Popup Remover 1.17.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\WordBanker English-Croatian 6.4.1.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\xSync File Synchronizer 2.0.26.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\XtraTools 2008 1.7.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\Zero-X BeatQuantizer 1.52.zip
Deleted ! - C:\Documents and Settings\Polo\Application Data\m\shared\[Antivirus].Panda.Platinium.Internet.Security.(2009).zip
Deleted ! - "C:\Documents and Settings\Polo\Application Data\m\shared"
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\m"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\drivers\srosa2.sys"
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\drivers\winupgro.exe"
Deleted ! - "C:\Documents and Settings\Polo\Application Data\drivers\downld"
Not deleted !! - "C:\Documents and Settings\Polo\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\Polo\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\0NWJOGFV\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\2O51R0MA\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64[3].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JF8SIH2E\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\file[1].txt
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\T9O06ZLJ\mxd[3].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\6TEJSM4O\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\VQU82VKM\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\VQU82VKM\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\H0BKLMN8\file[1].txt
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\JQH55AV0\servernames[1].htm
Deleted ! - C:\Documents and Settings\Polo\Local Settings\Temporary Internet Files\Content.IE5\VQU82VKM\mxd[1].jpg
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_USERS\S-1-5-21-68334855-1302535486-174330245-1007\Software\Local AppWizard-Generated Applications\winupgro
Deleted ! - HKEY_USERS\S-1-5-21-68334855-1302535486-174330245-1007\Software\FFC
Deleted ! - HKEY_USERS\S-1-5-21-68334855-1302535486-174330245-1007\Software\MuleAppData
--------------- [ States / Restarting of services ] ----------------
+- Safe boot mode restored !
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
F: - Lecteur de CD-ROM
M: - Lecteur fixe
+- deleting files :
Not deleted !! - F:\autorun.inf
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Other Infections ] ----------------
