N'est pas une application Win32 valide.

valosky Messages postés 12 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

j'ai un ptit ou gro souci a vou de me le dire,

Alors quand je veu installé un logiciel anti virus sa met ceci ( ... n'es pa une application win 32 valide. )

je pense que c'es un virus ( peu etre que je me trompe ) mais commen l'enlevé ci je ne peu pa installé de logiciel

pour, et aussi je n'ai plu de peripheriques audio et m'a cam ne fonction plus avec msn

pour info je n'y connai pa grand chose en pc jai juste les bases donc soyer gentil avec moi lol

merci d'avance pour votre aide

et Bonne année 2009 a tous

Cordialement .

28 réponses

  • 1
  • 2
Réponse 1 / 28
Qu'est-ce à dire
 
Ce n’est pas un virus, cela veut dire que le logiciel que vous tentez d’installer n’est pas compatible avec votre Windows. Il vous suffit de contacter le revendeur du logiciel, lequel est-ce par ailleurs de logiciel.

Pour tous vos drivers, le site de votre constructeur les stocke tous, il vous suffit donc de vous y rendre, de choisir support, drivers, téléchargement, d’entrer les référencent exacte de votre ordinateur et voilà.
0
Réponse 2 / 28
valosky Messages postés 12 Statut Membre
 
j'ai essayer plusieur logiciel anti virus avast pc tools etc et meme avec d'autre logiciel sa le fait en tou k merci pour le

peripherique audio sa marche c super et est il possible que je recupere une version plu recente de windows ou reussir

a validé ma version

encore merci
0
Réponse 3 / 28
Qu'est-ce à dire
 
Pour mettre à jour Windows XP qui est passé au SP3 depuis 6 mois.
http://www.microsoft.com/downloads/details.aspx?displaylang=fr&FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4
0
Réponse 4 / 28
valosky Messages postés 12 Statut Membre
 
alors j'ai bien telechargé le lien que vou m'avez mi et justemen sa me met update.exe que ce n'es pa une application

win32 valide sa me l'affiche juste avan la fin de l'extraction ( echec lors de l'extraction )

dsl

et encore merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 28
Utilisateur anonyme
 
il s'agit du virus win32/Bagle qui modifie le "comportement" (le code) des exécutable ,c à d les fichier avec les extension .exe que ce soit des application ou des installeurs de logiciel , juste au moment ou tu clic dessus.

mais , il existe tout de même des outils de désinfection (anti Bagle ou autres) conçu par les différents compagnies Antivirus , qui sont mis gratuitement a la disposition des utilisateurs

voici quelque un que tu peu télécharger (utilisez un ou plusieurs si nécessaire , mais un outil a la fois)

celui de F-secure
http://www.f-secure.com/download-purchase/tools.shtml#F-Bagle
>télécharge le fichier .Zip tu le décompresser dans un dossier > ensuite tu clic sur le fichier exécutable qu'il contient

ceux de Bitdefender (4 fichiers qui porte le nom win32.Bagle car le dit virus a plusieurs variantes)
https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html

et celui la qui prend en charge plusieurs variantes de Bagle
http://www.sharewareplaza.com/W32-Bagle-Worm-and-its-variants-removal-download_36687.html

j'ajoute aussi ceux de Kaspersky
https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
0
valosky
 
j'ai bien fai tou ce qui il y a d'ecri et il me trouve rien par contre j'ai acheté norton 360 Version 2 et la il me trouve plu de 400 virus et jutemen il trouve ce qui m'empeche d'installé m'es logiciel le nom de ce qui me fai chier ( dsl ) bloodhound.bagle et il m'en trouve 15 sur mon pc le probleme je peu pa terminé l'installation de norton a cause de ça maintenan que vou avez le nom peu etre que ca va ou aidé

je reste a votre disposition

merci Beaucoup
0
valosky
 
je vien de me rendre compte que en faite bloodhound.bagle ce n'es pa le nom de mon probleme c'es seulemen norton qui detecte de nouveau virus qu'il ne connai pa
0
Réponse 6 / 28
Utilisateur anonyme
 
Salut,

Fait sa:

FindyKill de Chiquitine29

▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

▶ Laisse toi guider pour l'installer.

▶ Double clic sur " FindyKill." pour lancer l'outil .

▶ Choisis La langue:F pour français

▶ Choisis l'option 1 . Puis laisses travailler ...

▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

Les-risques-securitaires-du-peer-to-peer

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 7 / 28
Utilisateur anonyme
 
Re,

Passe findykill STP
0
valosky
 
voici le raport



----------------- FindyKill V4.712 ------------------

* User : Admin - XPSP2-A0BDB837D
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 14/01/09 par Chiquitine29
* Recherche effectuée à 19:44:38 le 14/01/2009
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\documents and settings\admin.xpsp2-a0bdb837d\local settings\application data\gsske.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\flec006.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Processus infectieux stoppés ] ----------------




--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [02/09/2008 23:03] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\100718.EXE-094457AC.pf
Found ! - C:\WINDOWS\prefetch\101531.EXE-2D59FF2A.pf
Found ! - C:\WINDOWS\prefetch\101578.EXE-20067E22.pf
Found ! - C:\WINDOWS\prefetch\101828.EXE-2BD353EA.pf
Found ! - C:\WINDOWS\prefetch\105625.EXE-2EE6E78F.pf
Found ! - C:\WINDOWS\prefetch\110875.EXE-04C10821.pf
Found ! - C:\WINDOWS\prefetch\111750.EXE-3B27E856.pf
Found ! - C:\WINDOWS\prefetch\114515.EXE-36DE1C8C.pf
Found ! - C:\WINDOWS\prefetch\114875.EXE-12B7A4D5.pf
Found ! - C:\WINDOWS\prefetch\120015.EXE-0D71A3C4.pf
Found ! - C:\WINDOWS\prefetch\120171.EXE-0B33FB99.pf
Found ! - C:\WINDOWS\prefetch\125093.EXE-11A97690.pf
Found ! - C:\WINDOWS\prefetch\125859.EXE-06419CEA.pf
Found ! - C:\WINDOWS\prefetch\126187.EXE-0A47F565.pf
Found ! - C:\WINDOWS\prefetch\130000.EXE-0E5294E7.pf
Found ! - C:\WINDOWS\prefetch\132484.EXE-0CE28A80.pf
Found ! - C:\WINDOWS\prefetch\133078.EXE-24000657.pf
Found ! - C:\WINDOWS\prefetch\136640.EXE-02BE8299.pf
Found ! - C:\WINDOWS\prefetch\144281.EXE-01D36FE2.pf
Found ! - C:\WINDOWS\prefetch\146062.EXE-2C37FA9B.pf
Found ! - C:\WINDOWS\prefetch\149796.EXE-1E0683E9.pf
Found ! - C:\WINDOWS\prefetch\151375.EXE-23324550.pf
Found ! - C:\WINDOWS\prefetch\154781.EXE-0B63E37D.pf
Found ! - C:\WINDOWS\prefetch\160203.EXE-338BB6D1.pf
Found ! - C:\WINDOWS\prefetch\161875.EXE-15FAF1F1.pf
Found ! - C:\WINDOWS\prefetch\175000.EXE-02861490.pf
Found ! - C:\WINDOWS\prefetch\193500.EXE-0452EEE5.pf
Found ! - C:\WINDOWS\prefetch\22369406.EXE-1F2270DB.pf
Found ! - C:\WINDOWS\prefetch\22382015.EXE-2E6C59C6.pf
Found ! - C:\WINDOWS\prefetch\29787328.EXE-05085272.pf
Found ! - C:\WINDOWS\prefetch\29802250.EXE-1054E261.pf
Found ! - C:\WINDOWS\prefetch\29812515.EXE-11C4560C.pf
Found ! - C:\WINDOWS\prefetch\29846843.EXE-0B87BCD0.pf
Found ! - C:\WINDOWS\prefetch\36890765.EXE-0167D238.pf
Found ! - C:\WINDOWS\prefetch\36900234.EXE-1478508F.pf
Found ! - C:\WINDOWS\prefetch\36907625.EXE-25D67990.pf
Found ! - C:\WINDOWS\prefetch\36911640.EXE-0C9CA77F.pf
Found ! - C:\WINDOWS\prefetch\36918015.EXE-04F4C8EE.pf
Found ! - C:\WINDOWS\prefetch\36957468.EXE-1D7DFB7D.pf
Found ! - C:\WINDOWS\prefetch\72937.EXE-083FE357.pf
Found ! - C:\WINDOWS\prefetch\7808187.EXE-08B90D6B.pf
Found ! - C:\WINDOWS\prefetch\7817796.EXE-22F499A8.pf
Found ! - C:\WINDOWS\prefetch\7840546.EXE-19529F75.pf
Found ! - C:\WINDOWS\prefetch\7845093.EXE-11FD6557.pf
Found ! - C:\WINDOWS\prefetch\7850546.EXE-19C90B0E.pf
Found ! - C:\WINDOWS\prefetch\7885656.EXE-1015FE91.pf
Found ! - C:\WINDOWS\prefetch\79843.EXE-0BA1D097.pf
Found ! - C:\WINDOWS\prefetch\80812.EXE-1E825206.pf
Found ! - C:\WINDOWS\prefetch\86843.EXE-362E15C1.pf
Found ! - C:\WINDOWS\prefetch\91578.EXE-0F65A758.pf
Found ! - C:\WINDOWS\prefetch\93187.EXE-187400E9.pf
Found ! - C:\WINDOWS\prefetch\97843.EXE-0DA6E3EE.pf
Found ! - C:\WINDOWS\prefetch\FLEC003.EXE-2B605168.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-370E2858.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [14/01/2009 17:57] - C:\WINDOWS\system32\mdelk.exe
Found ! [14/01/2009 17:57] - C:\WINDOWS\system32\wintems.exe
Found ! [14/01/2009 18:59] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [31/07/2008 13:51] - C:\WINDOWS\system32\drivers\mdelk.exe
Found ! [14/01/2009 18:01] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [31/07/2008 13:51] - C:\WINDOWS\system32\drivers\hldrrr.exe
Found ! [14/01/2009 17:59] - "C:\WINDOWS\system32\drivers\downld"

»»»» Presence des fichiers dans C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data

Found ! [14/01/2009 17:57] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\flec006.exe"
Found ! [14/01/2009 17:58] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\list.oct"
Found ! [14/01/2009 17:59] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\data.oct"
Found ! [14/01/2009 17:59] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\srvlist.oct"
Found ! [14/01/2009 18:00] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared"
Found ! [29/12/2008 22:34] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m"
Found ! [14/01/2009 14:02] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires\flec003.exe"
Found ! [14/01/2009 17:58] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires"

»»»» Presence des fichiers dans C:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp



Merci beaucoup
0
Réponse 8 / 28
Utilisateur anonyme
 
Re,

Poste le rapport findykill a partir de =>»»»» Presence des fichiers dans C:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp

Merci
0
valosky
 
la par contre je compren pa ptit rapel je n'y connai pa grand chose en pc je sui allé voir dan le dossier que vou m'avé di c:/ ... et le dossier est vide je supose que c'es logique

encore désolé merci de me donné plu d'explication

merci
0
Réponse 9 / 28
Utilisateur anonyme
 
Re,

Pas grave.

Findykill de chiquitine29 option 2:

▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

▶ Double-clique sur le raccourci FindyKill sur ton bureau

▶ Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

▶ Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 10 / 28
valosky
 
voici le nouveau rapor



----------------- FindyKill V4.712 ------------------

* User : Admin - XPSP2-A0BDB837D
* executed from : C:\Program Files\FindyKill
* Update on 14/01/09 par Chiquitine29
* Start at 0:18:24 the 15/01/2009
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\14803593.EXE-26F27C84.pf
Deleted ! - C:\WINDOWS\prefetch\14847843.EXE-1DDF292F.pf
Deleted ! - C:\WINDOWS\prefetch\14868781.EXE-1E2B1D13.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-370E2858.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\mdelk.exe
Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\hldrrr.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data

Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\.Net Advanced Button 2.0.3211.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\1 Nutty Santa Screen Saver 2.8.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\3D Stockcar Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\642-513 Practice Exam Testing Engine Software 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Abacre Photo Editor 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Abee MP3 Duplicates Finder 3.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Able PostScript Converter 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ACF Notes 1.1.7.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Active Lock 1.4.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ad-Aware 2008 7.1.0.11 Final.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\AIMP 2.51 Build 323.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Amadis Video to FLV Converter 3.7.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\AntiVir PersonalEdition Premium with KeyGen.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ASP pure file upload with progress 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Auto Click Link Buddy 2.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\AV Media Copy 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Avast.4.5.Pro.ITA.+.Keygen.+.Skins.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Avatar Buddies 1.0.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\BlueSync 1.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\BrowserSizer 1.5.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CCMreporter for Cisco Callmanager 1.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CDex 1.70 Beta 2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ChangePaper 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CHIBI NINJA mail 1.1.5.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CodeMarkers 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Connection Meter 7.3.8.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Countdown to the Beijing Olympics 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Database Browser Control - TanDB 1.01.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\DjView 4.4.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\DotnetSwitch 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\DVD Audio Ripper Deluxe 3.0.2007.205.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Dynamic Compressor 1.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Easy DVD Ripper & Converter 3.0.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Eazy Code 6.4.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ebay Toolbar 3.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\EBSQ Art of the Day 0.1.2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ECTI 1.5.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\EMO TaskDev Planner 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Equi Buzz 1.01.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Eyes Dropper 3.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\FaceGate 2.01.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\File Sync 3.2.0 Build 0405.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\FMOD Designer 4.11.00 Development.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Freagair Mini Search 1.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Free Sticky Notes 4.4.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Gene Tree 2.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\HARDiNFO 2005 Enterprise 5.01.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\HeadShot0104 ScreenMate 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Heatsoft Clone Cleaner Lite 1.06.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\I+ Installer Lite 1.10.0.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ICQ Mobile (Jimm 0.52 Mod by XaTTaB).zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\IGetMail 2.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\iKlax Player 1.0.80408.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ImageExpress 1.0.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Inquiry Management System 1.1a.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Interactive Voice Guide 4.7.25.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Investment And Loan Calculator 1.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JAJAH - Web-Activated Telephony 1.0.1711.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Jellyfish Curious Creatures Screensaver 1.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JKae.Komponents.Kalendar 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JMount 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JOC Email Checker 3.3.1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JODConverter 2.2.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Kaspersky Anti-Virus Personal 8.0.0.506.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Kaspersky.Anti-Virus.6.0.0.299.(espaÇñol.-.spanish).+.key.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ketura 2007.1273.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\KJAZZ 88.1 (KKJZ) Radio 2.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\KzxMetal 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\LanHelper 1.82.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Latest Del.icio.us Posts 1.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Learn Visual Basic .NET 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\LingvoSoft Picture Dictionary 2008 Spanish - Polish 1.2.26.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Lock it and Protect Pro 2.03.08.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Look 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Luscious Landscapes Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MapStar MapPro Beta 2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Max Privacy Protector 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MaxSoundex 1.00.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\McAfee.VirusScan.v10.0.27.Retail.Crack.-.Keygen.-.Serial.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MD5 Tool 1.5.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\memo.ua 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MER Time 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Mewa Film 1.4.4 Alpha.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Mortgage Matrix Calculator 3.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MouseScroller 1.4.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Moxon Rectangle Generator 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MPEG to 3GP Converter 1.00.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MySurf Professional 2.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\NCS Power Control Library 0.07b.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\NetNews Agent 1.19p.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Netretina 7.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\NoteMe! 1.14.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\OrkutAlert 0.8 Alpha R2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\OverSoft CPU Informer 0.98.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PaintBuster 12.4.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Panda.Antivirus.Titanium.Platinium.Crack.Or.Keygen.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Paraben's Image Viewer 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PC Screen Spy Monitor 6.25.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PC Weather Machine 1.2.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PDFSealer 6.09 build 1739.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PhoneBook95 Professional Edition 3.02.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PhotoMazing 2.60.00.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Pluginlab Site Maps 2.0.8.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PowerSave Prank 1.00.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Quest 4.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Quick Background Note 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Royale Theme for WinXP - Official.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\RTF Convertor 1.0.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ruby Multimedia Icons 1.10.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\SharePoint Capacity Planning Tool 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Shock Messenger 0.1.1.2.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Softpedia Christmas Wallpaper Pack 2004b.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\StarSpangled Screen Saver 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Super Simple RSS 3.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Superversion Spanish PalmOS 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Sweet Hearts MP3 E-Card 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Symantec.Norton.Ghost.Version.10.keygen.Working.Nov2005.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Systemsymbols 1.0.2.1.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\TextEdit 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Txt2PDF 3.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Userbase Software Sales Tracking 1.5.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\UserHealth 1.3.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\VideoTrak 2.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\XB Image Viewer 1.0.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\XS Finance Professional 2.21.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\yakForFree Yak Community Client 1.1 9100a stamp 23166.zip
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ZebSpeech 2.0.0.zip
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m"
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires\flec003.exe"
Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires"

»»»» Supression files in C:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\ffl[3].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\ffl[2].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\ffl[3].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\ffl[4].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[2].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[3].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[4].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\file[1].txt
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\servernames[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BHJDF68S\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_3[4].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_5[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_5[4].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64[4].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\ffl[2].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_5[4].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_5[5].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64_5[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_5[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_5[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\ffl[2].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\b64[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\file[1].txt
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LSW3YCQI\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LSW3YCQI\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LSW3YCQI\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\ffl[2].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\b64[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\b64[4].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\file[1].txt
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RTMURBNO\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RTMURBNO\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RTMURBNO\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\ffl[1].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\ffl[2].htm
Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_CURRENT_USER\Software\FirstRRRun
Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\Local AppWizard-Generated Applications\hldrrr
Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\Local AppWizard-Generated Applications\mdelk
Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\Local AppWizard-Generated Applications\nideiect
Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\MuleAppData

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Showing of hidden files has been repaired !



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------

Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f2ccd0a-be1d-11dd-8577-001617e4706d}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f2ccd0a-be1d-11dd-8577-001617e4706d}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f2ccd0a-be1d-11dd-8577-001617e4706d}\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61835129-9ad7-11dd-8524-001617e4706d}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61835129-9ad7-11dd-8524-001617e4706d}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61835129-9ad7-11dd-8524-001617e4706d}\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6609d049-b89b-11dd-8568-001617e4706d}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6609d049-b89b-11dd-8568-001617e4706d}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6609d049-b89b-11dd-8568-001617e4706d}\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b788dedb-97b2-11dd-851b-001617e4706d}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b788dedb-97b2-11dd-851b-001617e4706d}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b788dedb-97b2-11dd-851b-001617e4706d}\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5025d92-a289-11dd-8536-001617e4706d}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5025d92-a289-11dd-8536-001617e4706d}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5025d92-a289-11dd-8536-001617e4706d}\Shell\open\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0e6480-ba4e-11dd-856c-001617e4706d}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0e6480-ba4e-11dd-856c-001617e4706d}\Shell\explore\Command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0e6480-ba4e-11dd-856c-001617e4706d}\Shell\open\Command

--------------- [ Searching Other Infections ] ----------------


Références de comparaison Bagle MD5 :

4ab5d3ca612c7fcdd392151aec822b28 C:\WINDOWS\system32\mdelk.exe
4ab5d3ca612c7fcdd392151aec822b28 C:\WINDOWS\system32\wintems.exe
d650e945c74199f544a6adbff9da0887 C:\WINDOWS\system32\drivers\hldrrr.exe
d650e945c74199f544a6adbff9da0887 C:\WINDOWS\system32\drivers\mdelk.exe


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss.xml
C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml


---------------- ! End of report ! ------------------




merci beaucoup
0
Réponse 11 / 28
Utilisateur anonyme
 
Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :



:files
C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss.xml
C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml

:commands
[purity]
[emptytemp]
[reboot]



---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
▶ Télécharge hijackthis

▶ Enregistre la cible sous .... "le bureau"

▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

▶ Clique sur Install ensuite sur "I Accept"

▶ Clique sur" Do a scan system and save log file"

▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

▶ Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 12 / 28
valosky Messages postés 12 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:22, on 15/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Muscbrigade] c:\Musicbrigade\Musicbrigade.exe check
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "c:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Scroll-In-Mouse V2.0.lnk = C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 13 / 28
valosky Messages postés 12 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:22, on 15/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Muscbrigade] c:\Musicbrigade\Musicbrigade.exe check
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "c:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Scroll-In-Mouse V2.0.lnk = C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 14 / 28
Utilisateur anonyme
 
Re,

Tu as fait sa ?
0
Réponse 15 / 28
valosky Messages postés 12 Statut Membre
 
oui je l'ai fai en esperan que je l'ai bien fai mai sinon oui je l'ai fai
0
Réponse 16 / 28
Utilisateur anonyme
 
Re,

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
0
Réponse 17 / 28
valosky Messages postés 12 Statut Membre
 
========== FILES ==========
File/Folder C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss.xml not found.
File/Folder C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml not found.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01152009_160521

Files moved on Reboot...
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.

voici le rapor que vou m'avez demandé
0
Réponse 18 / 28
Utilisateur anonyme
 
Re,

Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

--->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

Tuto ici : TUTO
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :

Double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 19 / 28
valosky Messages postés 12 Statut Membre
 
ComboFix 09-01-13.04 - guillaume 2009-01-15 17:53:39.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1022.702 [GMT 1:00]
Lancé depuis: c:\documents and settings\guillaume\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-15 au 2009-01-15 ))))))))))))))))))))))))))))))))))))
.

2009-01-15 17:49 . 2009-01-15 17:49 <REP> d-------- c:\windows\LastGood
2009-01-15 16:12 . 2009-01-15 16:12 <REP> d-------- c:\program files\Trend Micro
2009-01-15 16:05 . 2009-01-15 16:05 <REP> d-------- C:\_OTMoveIt
2009-01-15 15:23 . 2009-01-15 15:23 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-15 15:23 . 2009-01-15 15:23 <REP> d-------- c:\documents and settings\guillaume\Application Data\Malwarebytes
2009-01-15 15:23 . 2009-01-15 15:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-15 15:23 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-15 15:23 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-15 15:01 . 2008-10-16 14:09 43,544 --a------ c:\windows\system32\wups2.dll
2009-01-15 15:01 . 2008-10-16 14:09 35,864 --a------ c:\windows\system32\wucltui.dll.mui
2009-01-15 15:01 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuaucpl.cpl.mui
2009-01-15 15:01 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui
2009-01-15 15:01 . 2008-10-16 14:07 19,992 --a------ c:\windows\system32\wuaueng.dll.mui
2009-01-15 14:54 . 2009-01-15 15:50 <REP> d-------- c:\program files\Symantec
2009-01-15 14:49 . 2009-01-15 14:49 <REP> d---s---- c:\documents and settings\guillaume\UserData
2008-12-21 19:04 . 2008-12-21 19:04 <REP> d-------- c:\documents and settings\guillaume\Application Data\AVGTOOLBAR
2008-12-21 19:03 . 2008-12-21 19:03 <REP> d-------- c:\program files\AVG
2008-12-21 19:03 . 2008-12-21 19:04 <REP> d-------- c:\documents and settings\All Users\Application Data\avg8
2008-12-21 18:47 . 2008-12-21 18:47 <REP> d-------- c:\program files\Alwil Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-15 14:50 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2009-01-15 14:47 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-01-15 14:29 250 ----a-w c:\documents and settings\guillaume\Application Data\wklnhst.dat
2008-12-21 23:30 --------- d-----w c:\documents and settings\guillaume\Application Data\dvdcss
2008-12-21 17:54 --------- d-----w c:\program files\ScannerU
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
.

((((((((((((((((((((((((((((( snapshot@2009-01-15_17.48.16.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-15 15:10:24 64,836 ----a-w c:\windows\system32\perfc009.dat
+ 2009-01-15 16:51:35 64,836 ----a-w c:\windows\system32\perfc009.dat
- 2009-01-15 15:10:24 78,088 ----a-w c:\windows\system32\perfc00C.dat
+ 2009-01-15 16:51:35 78,088 ----a-w c:\windows\system32\perfc00C.dat
- 2009-01-15 15:10:24 406,880 ----a-w c:\windows\system32\perfh009.dat
+ 2009-01-15 16:51:35 406,880 ----a-w c:\windows\system32\perfh009.dat
- 2009-01-15 15:10:24 474,210 ----a-w c:\windows\system32\perfh00C.dat
+ 2009-01-15 16:51:35 474,210 ----a-w c:\windows\system32\perfh00C.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MSMSGS"="c:\progra~1\MESSEN~1\Msmsgs.exe" [2005-08-31 1658592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-05 7323648]
"Muscbrigade"="c:\musicbrigade\Musicbrigade.exe" [2005-12-22 40960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"InstantAccess"="c:\program files\ScannerU\TBRIDGE\BIN\InstantAccess.EXE" [1998-07-07 37376]
"RegisterDropHandler"="c:\program files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE" [1998-07-07 22528]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2006-01-05 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 c:\windows\RTHDCPL.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"RegisterDropHandler"="c:\program files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE" [1998-07-07 22528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Scroll-In-Mouse V2.0.lnk - c:\program files\A.C\Scroll-In-Mouse V2.0\Scroll.exe [2007-03-16 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=

R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2006-08-03 215040]
S4 BulkUsb;Plustek USB Scanner;c:\windows\system32\drivers\usbscan.sys [2007-03-16 15104]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\AutoRun\command - J:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb0b3a7e-c90e-11dd-8951-003005b3042a}]
\Shell\AutoRun\command - E:\nideiect.com
\Shell\explore\Command - E:\nideiect.com
\Shell\open\Command - E:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaad2d23-865d-11dd-892f-003005b3042a}]
\Shell\AutoRun\command - K:\nideiect.com
\Shell\explore\Command - K:\nideiect.com
\Shell\open\Command - K:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6ffd3c4-d864-11dc-88c2-003005b3042a}]
\Shell\AutoRun\command - E:\nideiect.com
\Shell\explore\Command - E:\nideiect.com
\Shell\open\Command - E:\nideiect.com
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 17:54:11
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1527725298-3504637059-1939994038-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Heure de fin: 2009-01-15 17:54:48
ComboFix-quarantined-files.txt 2009-01-15 16:54:47
ComboFix2.txt 2009-01-15 16:49:33

Avant-CF: 281 993 228 288 octets libres
Après-CF: 281,987,325,952 octets libres

127
voici le dernier rapor
0
Réponse 20 / 28
Utilisateur anonyme
 
Re,

Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

Mets le à jour

▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait

▶ clique sur Rechercher

▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.


Tutoriel pour MalwareByte's
0

Discussions similaires

Nom de champs du tableau croisé dynamique non valide
Kazooie123 -
SajDri -

6 réponses
Pb Windows 7, .EXE n'est pas app win32 valide
Witeric -
Lio -

15 réponses
StartMenuExperienceHost c'est quoi ?
golfeur68 -
fabul -

3 réponses