N'est pas une application Win32 valide.

valosky Messages postés 12 Statut Membre -  
 V-X -
Bonjour,

j'ai un ptit ou gro souci a vou de me le dire,

Alors quand je veu installé un logiciel anti virus sa met ceci ( ... n'es pa une application win 32 valide. )

je pense que c'es un virus ( peu etre que je me trompe ) mais commen l'enlevé ci je ne peu pa installé de logiciel

pour, et aussi je n'ai plu de peripheriques audio et m'a cam ne fonction plus avec msn

pour info je n'y connai pa grand chose en pc jai juste les bases donc soyer gentil avec moi lol

merci d'avance pour votre aide

et Bonne année 2009 a tous

Cordialement .
Configuration: Windows XP
Internet Explorer 7.0

28 réponses

  • 1
  • 2
  1. Qu'est-ce à dire
     
    Ce n’est pas un virus, cela veut dire que le logiciel que vous tentez d’installer n’est pas compatible avec votre Windows. Il vous suffit de contacter le revendeur du logiciel, lequel est-ce par ailleurs de logiciel.

    Pour tous vos drivers, le site de votre constructeur les stocke tous, il vous suffit donc de vous y rendre, de choisir support, drivers, téléchargement, d’entrer les référencent exacte de votre ordinateur et voilà.
    0
  2. valosky Messages postés 12 Statut Membre
     
    j'ai essayer plusieur logiciel anti virus avast pc tools etc et meme avec d'autre logiciel sa le fait en tou k merci pour le

    peripherique audio sa marche c super et est il possible que je recupere une version plu recente de windows ou reussir

    a validé ma version

    encore merci
    0
  3. Qu'est-ce à dire
     
    Pour mettre à jour Windows XP qui est passé au SP3 depuis 6 mois.
    http://www.microsoft.com/downloads/details.aspx?displaylang=fr&FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4
    0
  4. valosky Messages postés 12 Statut Membre
     
    alors j'ai bien telechargé le lien que vou m'avez mi et justemen sa me met update.exe que ce n'es pa une application

    win32 valide sa me l'affiche juste avan la fin de l'extraction ( echec lors de l'extraction )

    dsl

    et encore merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    il s'agit du virus win32/Bagle qui modifie le "comportement" (le code) des exécutable ,c à d les fichier avec les extension .exe que ce soit des application ou des installeurs de logiciel , juste au moment ou tu clic dessus.

    mais , il existe tout de même des outils de désinfection (anti Bagle ou autres) conçu par les différents compagnies Antivirus , qui sont mis gratuitement a la disposition des utilisateurs

    voici quelque un que tu peu télécharger (utilisez un ou plusieurs si nécessaire , mais un outil a la fois)

    celui de F-secure
    http://www.f-secure.com/download-purchase/tools.shtml#F-Bagle
    >télécharge le fichier .Zip tu le décompresser dans un dossier > ensuite tu clic sur le fichier exécutable qu'il contient

    ceux de Bitdefender (4 fichiers qui porte le nom win32.Bagle car le dit virus a plusieurs variantes)
    https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html

    et celui la qui prend en charge plusieurs variantes de Bagle
    http://www.sharewareplaza.com/W32-Bagle-Worm-and-its-variants-removal-download_36687.html

    j'ajoute aussi ceux de Kaspersky
    https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
    0
    1. valosky
       
      j'ai bien fai tou ce qui il y a d'ecri et il me trouve rien par contre j'ai acheté norton 360 Version 2 et la il me trouve plu de 400 virus et jutemen il trouve ce qui m'empeche d'installé m'es logiciel le nom de ce qui me fai chier ( dsl ) bloodhound.bagle et il m'en trouve 15 sur mon pc le probleme je peu pa terminé l'installation de norton a cause de ça maintenan que vou avez le nom peu etre que ca va ou aidé

      je reste a votre disposition

      merci Beaucoup
      0
    2. valosky
       
      je vien de me rendre compte que en faite bloodhound.bagle ce n'es pa le nom de mon probleme c'es seulemen norton qui detecte de nouveau virus qu'il ne connai pa
      0
  7. V-X
     
    Salut,

    Fait sa:

    FindyKill de Chiquitine29

    ▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

    ( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

    ▶ Laisse toi guider pour l'installer.

    ▶ Double clic sur " FindyKill." pour lancer l'outil .

    ▶ Choisis La langue:F pour français

    ▶ Choisis l'option 1 . Puis laisses travailler ...

    ▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

    ( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

    Les-risques-securitaires-du-peer-to-peer

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  8. V-X
     
    Re,

    Passe findykill STP
    0
    1. valosky
       
      voici le raport



      ----------------- FindyKill V4.712 ------------------

      * User : Admin - XPSP2-A0BDB837D
      * Emplacement : C:\Program Files\FindyKill
      * Outils Mis a jours le 14/01/09 par Chiquitine29
      * Recherche effectuée à 19:44:38 le 14/01/2009
      * Windows XP - Internet Explorer 7.0.5730.13

      ((((((((((((((((( *** Recherche *** ))))))))))))))))))


      --------------- [ Processus actifs ] ----------------


      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\csrss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
      C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
      C:\Program Files\Java\jre6\bin\jqs.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\WgaTray.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Search Settings\SearchSettings.exe
      C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      C:\documents and settings\admin.xpsp2-a0bdb837d\local settings\application data\gsske.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
      C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\flec006.exe
      C:\Program Files\eMule\emule.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE

      --------------- [ Processus infectieux stoppés ] ----------------




      --------------- [ Fichiers/Dossiers infectieux ] ----------------


      »»»» Presence des fichiers dans C:

      Found ! [02/09/2008 23:03] - C:\InfoSat.txt

      »»»» Presence des fichiers dans C:\WINDOWS


      »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

      Found ! - C:\WINDOWS\prefetch\100718.EXE-094457AC.pf
      Found ! - C:\WINDOWS\prefetch\101531.EXE-2D59FF2A.pf
      Found ! - C:\WINDOWS\prefetch\101578.EXE-20067E22.pf
      Found ! - C:\WINDOWS\prefetch\101828.EXE-2BD353EA.pf
      Found ! - C:\WINDOWS\prefetch\105625.EXE-2EE6E78F.pf
      Found ! - C:\WINDOWS\prefetch\110875.EXE-04C10821.pf
      Found ! - C:\WINDOWS\prefetch\111750.EXE-3B27E856.pf
      Found ! - C:\WINDOWS\prefetch\114515.EXE-36DE1C8C.pf
      Found ! - C:\WINDOWS\prefetch\114875.EXE-12B7A4D5.pf
      Found ! - C:\WINDOWS\prefetch\120015.EXE-0D71A3C4.pf
      Found ! - C:\WINDOWS\prefetch\120171.EXE-0B33FB99.pf
      Found ! - C:\WINDOWS\prefetch\125093.EXE-11A97690.pf
      Found ! - C:\WINDOWS\prefetch\125859.EXE-06419CEA.pf
      Found ! - C:\WINDOWS\prefetch\126187.EXE-0A47F565.pf
      Found ! - C:\WINDOWS\prefetch\130000.EXE-0E5294E7.pf
      Found ! - C:\WINDOWS\prefetch\132484.EXE-0CE28A80.pf
      Found ! - C:\WINDOWS\prefetch\133078.EXE-24000657.pf
      Found ! - C:\WINDOWS\prefetch\136640.EXE-02BE8299.pf
      Found ! - C:\WINDOWS\prefetch\144281.EXE-01D36FE2.pf
      Found ! - C:\WINDOWS\prefetch\146062.EXE-2C37FA9B.pf
      Found ! - C:\WINDOWS\prefetch\149796.EXE-1E0683E9.pf
      Found ! - C:\WINDOWS\prefetch\151375.EXE-23324550.pf
      Found ! - C:\WINDOWS\prefetch\154781.EXE-0B63E37D.pf
      Found ! - C:\WINDOWS\prefetch\160203.EXE-338BB6D1.pf
      Found ! - C:\WINDOWS\prefetch\161875.EXE-15FAF1F1.pf
      Found ! - C:\WINDOWS\prefetch\175000.EXE-02861490.pf
      Found ! - C:\WINDOWS\prefetch\193500.EXE-0452EEE5.pf
      Found ! - C:\WINDOWS\prefetch\22369406.EXE-1F2270DB.pf
      Found ! - C:\WINDOWS\prefetch\22382015.EXE-2E6C59C6.pf
      Found ! - C:\WINDOWS\prefetch\29787328.EXE-05085272.pf
      Found ! - C:\WINDOWS\prefetch\29802250.EXE-1054E261.pf
      Found ! - C:\WINDOWS\prefetch\29812515.EXE-11C4560C.pf
      Found ! - C:\WINDOWS\prefetch\29846843.EXE-0B87BCD0.pf
      Found ! - C:\WINDOWS\prefetch\36890765.EXE-0167D238.pf
      Found ! - C:\WINDOWS\prefetch\36900234.EXE-1478508F.pf
      Found ! - C:\WINDOWS\prefetch\36907625.EXE-25D67990.pf
      Found ! - C:\WINDOWS\prefetch\36911640.EXE-0C9CA77F.pf
      Found ! - C:\WINDOWS\prefetch\36918015.EXE-04F4C8EE.pf
      Found ! - C:\WINDOWS\prefetch\36957468.EXE-1D7DFB7D.pf
      Found ! - C:\WINDOWS\prefetch\72937.EXE-083FE357.pf
      Found ! - C:\WINDOWS\prefetch\7808187.EXE-08B90D6B.pf
      Found ! - C:\WINDOWS\prefetch\7817796.EXE-22F499A8.pf
      Found ! - C:\WINDOWS\prefetch\7840546.EXE-19529F75.pf
      Found ! - C:\WINDOWS\prefetch\7845093.EXE-11FD6557.pf
      Found ! - C:\WINDOWS\prefetch\7850546.EXE-19C90B0E.pf
      Found ! - C:\WINDOWS\prefetch\7885656.EXE-1015FE91.pf
      Found ! - C:\WINDOWS\prefetch\79843.EXE-0BA1D097.pf
      Found ! - C:\WINDOWS\prefetch\80812.EXE-1E825206.pf
      Found ! - C:\WINDOWS\prefetch\86843.EXE-362E15C1.pf
      Found ! - C:\WINDOWS\prefetch\91578.EXE-0F65A758.pf
      Found ! - C:\WINDOWS\prefetch\93187.EXE-187400E9.pf
      Found ! - C:\WINDOWS\prefetch\97843.EXE-0DA6E3EE.pf
      Found ! - C:\WINDOWS\prefetch\FLEC003.EXE-2B605168.pf
      Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-370E2858.pf
      Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
      Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
      Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf

      »»»» Presence des fichiers dans C:\WINDOWS\system32

      Found ! [14/01/2009 17:57] - C:\WINDOWS\system32\mdelk.exe
      Found ! [14/01/2009 17:57] - C:\WINDOWS\system32\wintems.exe
      Found ! [14/01/2009 18:59] - C:\WINDOWS\system32\ban_list.txt

      »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

      Found ! [31/07/2008 13:51] - C:\WINDOWS\system32\drivers\mdelk.exe
      Found ! [14/01/2009 18:01] - C:\WINDOWS\system32\drivers\srosa.sys
      Found ! [31/07/2008 13:51] - C:\WINDOWS\system32\drivers\hldrrr.exe
      Found ! [14/01/2009 17:59] - "C:\WINDOWS\system32\drivers\downld"

      »»»» Presence des fichiers dans C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data

      Found ! [14/01/2009 17:57] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\flec006.exe"
      Found ! [14/01/2009 17:58] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\list.oct"
      Found ! [14/01/2009 17:59] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\data.oct"
      Found ! [14/01/2009 17:59] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\srvlist.oct"
      Found ! [14/01/2009 18:00] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared"
      Found ! [29/12/2008 22:34] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m"
      Found ! [14/01/2009 14:02] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires\flec003.exe"
      Found ! [14/01/2009 17:58] - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires"

      »»»» Presence des fichiers dans C:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp



      Merci beaucoup
      0
  9. V-X
     
    Re,

    Poste le rapport findykill a partir de =>»»»» Presence des fichiers dans C:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp

    Merci
    0
    1. valosky
       
      la par contre je compren pa ptit rapel je n'y connai pa grand chose en pc je sui allé voir dan le dossier que vou m'avé di c:/ ... et le dossier est vide je supose que c'es logique

      encore désolé merci de me donné plu d'explication

      merci
      0
  10. V-X
     
    Re,

    Pas grave.

    Findykill de chiquitine29 option 2:

    ▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

    ▶ Double-clique sur le raccourci FindyKill sur ton bureau

    ▶ Au menu principal, choisisl'option 2 (Suppression)

    /!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

    ▶ Ensuite, poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  11. valosky
     
    voici le nouveau rapor

    ----------------- FindyKill V4.712 ------------------

    * User : Admin - XPSP2-A0BDB837D
    * executed from : C:\Program Files\FindyKill
    * Update on 14/01/09 par Chiquitine29
    * Start at 0:18:24 the 15/01/2009
    * Windows XP - Internet Explorer 7.0.5730.13

    ((((((((((((((( *** deleting *** ))))))))))))))))))

    --------------- [ Active Processes ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    C:\WINDOWS\system32\logonui.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    --------------- [ Infected files / folders ] ----------------

    »»»» Supression files in C:

    Deleted ! - C:\InfoSat.txt

    »»»» Supression files in C:\WINDOWS

    »»»» Supression files in C:\WINDOWS\Prefetch

    Deleted ! - C:\WINDOWS\prefetch\14803593.EXE-26F27C84.pf
    Deleted ! - C:\WINDOWS\prefetch\14847843.EXE-1DDF292F.pf
    Deleted ! - C:\WINDOWS\prefetch\14868781.EXE-1E2B1D13.pf
    Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-370E2858.pf
    Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
    Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
    Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf

    »»»» Supression files in C:\WINDOWS\system32

    Deleted ! - C:\WINDOWS\system32\mdelk.exe
    Deleted ! - C:\WINDOWS\system32\wintems.exe
    Deleted ! - C:\WINDOWS\system32\ban_list.txt

    »»»» Supression files in C:\WINDOWS\system32\drivers

    Deleted ! - C:\WINDOWS\system32\drivers\mdelk.exe
    Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
    Deleted ! - C:\WINDOWS\system32\drivers\hldrrr.exe
    Deleted ! - "C:\WINDOWS\system32\drivers\downld"

    »»»» Supression files in C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data

    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\flec006.exe"
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\list.oct"
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\data.oct"
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\srvlist.oct"
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\.Net Advanced Button 2.0.3211.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\1 Nutty Santa Screen Saver 2.8.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\3D Stockcar Screensaver 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\642-513 Practice Exam Testing Engine Software 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Abacre Photo Editor 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Abee MP3 Duplicates Finder 3.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Able PostScript Converter 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ACF Notes 1.1.7.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Active Lock 1.4.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ad-Aware 2008 7.1.0.11 Final.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\AIMP 2.51 Build 323.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Amadis Video to FLV Converter 3.7.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\AntiVir PersonalEdition Premium with KeyGen.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ASP pure file upload with progress 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Auto Click Link Buddy 2.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\AV Media Copy 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Avast.4.5.Pro.ITA.+.Keygen.+.Skins.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Avatar Buddies 1.0.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\BlueSync 1.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\BrowserSizer 1.5.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CCMreporter for Cisco Callmanager 1.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CDex 1.70 Beta 2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ChangePaper 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CHIBI NINJA mail 1.1.5.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\CodeMarkers 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Connection Meter 7.3.8.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Countdown to the Beijing Olympics 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Database Browser Control - TanDB 1.01.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\DjView 4.4.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\DotnetSwitch 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\DVD Audio Ripper Deluxe 3.0.2007.205.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Dynamic Compressor 1.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Easy DVD Ripper & Converter 3.0.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Eazy Code 6.4.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ebay Toolbar 3.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\EBSQ Art of the Day 0.1.2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ECTI 1.5.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\EMO TaskDev Planner 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Equi Buzz 1.01.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Eyes Dropper 3.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\FaceGate 2.01.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\File Sync 3.2.0 Build 0405.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\FMOD Designer 4.11.00 Development.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Freagair Mini Search 1.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Free Sticky Notes 4.4.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Gene Tree 2.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\HARDiNFO 2005 Enterprise 5.01.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\HeadShot0104 ScreenMate 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Heatsoft Clone Cleaner Lite 1.06.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\I+ Installer Lite 1.10.0.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ICQ Mobile (Jimm 0.52 Mod by XaTTaB).zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\IGetMail 2.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\iKlax Player 1.0.80408.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ImageExpress 1.0.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Inquiry Management System 1.1a.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Interactive Voice Guide 4.7.25.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Investment And Loan Calculator 1.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JAJAH - Web-Activated Telephony 1.0.1711.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Jellyfish Curious Creatures Screensaver 1.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JKae.Komponents.Kalendar 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JMount 1.0.0.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JOC Email Checker 3.3.1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\JODConverter 2.2.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Kaspersky Anti-Virus Personal 8.0.0.506.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Kaspersky.Anti-Virus.6.0.0.299.(espaÇñol.-.spanish).+.key.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ketura 2007.1273.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\KJAZZ 88.1 (KKJZ) Radio 2.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\KzxMetal 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\LanHelper 1.82.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Latest Del.icio.us Posts 1.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Learn Visual Basic .NET 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\LingvoSoft Picture Dictionary 2008 Spanish - Polish 1.2.26.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Lock it and Protect Pro 2.03.08.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Look 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Luscious Landscapes Screensaver 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MapStar MapPro Beta 2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Max Privacy Protector 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MaxSoundex 1.00.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\McAfee.VirusScan.v10.0.27.Retail.Crack.-.Keygen.-.Serial.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MD5 Tool 1.5.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\memo.ua 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MER Time 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Mewa Film 1.4.4 Alpha.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Mortgage Matrix Calculator 3.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MouseScroller 1.4.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Moxon Rectangle Generator 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MPEG to 3GP Converter 1.00.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\MySurf Professional 2.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\NCS Power Control Library 0.07b.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\NetNews Agent 1.19p.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Netretina 7.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\NoteMe! 1.14.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\OrkutAlert 0.8 Alpha R2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\OverSoft CPU Informer 0.98.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PaintBuster 12.4.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Panda.Antivirus.Titanium.Platinium.Crack.Or.Keygen.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Paraben's Image Viewer 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PC Screen Spy Monitor 6.25.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PC Weather Machine 1.2.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PDFSealer 6.09 build 1739.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PhoneBook95 Professional Edition 3.02.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PhotoMazing 2.60.00.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Pluginlab Site Maps 2.0.8.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\PowerSave Prank 1.00.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Quest 4.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Quick Background Note 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Royale Theme for WinXP - Official.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\RTF Convertor 1.0.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Ruby Multimedia Icons 1.10.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\SharePoint Capacity Planning Tool 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Shock Messenger 0.1.1.2.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Softpedia Christmas Wallpaper Pack 2004b.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\StarSpangled Screen Saver 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Super Simple RSS 3.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Superversion Spanish PalmOS 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Sweet Hearts MP3 E-Card 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Symantec.Norton.Ghost.Version.10.keygen.Working.Nov2005.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Systemsymbols 1.0.2.1.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\TextEdit 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Txt2PDF 3.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\Userbase Software Sales Tracking 1.5.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\UserHealth 1.3.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\VideoTrak 2.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\XB Image Viewer 1.0.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\XS Finance Professional 2.21.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\yakForFree Yak Community Client 1.1 9100a stamp 23166.zip
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared\ZebSpeech 2.0.0.zip
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m\shared"
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\m"
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires\flec003.exe"
    Deleted ! - "C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Application Data\hidires"

    »»»» Supression files in C:\DOCUME~1\ADMIN~1.XPS\LOCALS~1\Temp

    »»»» Supression files in C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5

    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\10R3UUP9\ffl[3].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_2[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\b64_5[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4OVSP760\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64_2[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\4YWI53WB\ffl[2].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64_5[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\ffl[3].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\ffl[4].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\5LQ7G8ON\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_5[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[2].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[3].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\ffl[4].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\file[1].txt
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\8UMG6I82\servernames[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BHJDF68S\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_3[4].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_5[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\BKT7XRYA\b64_5[4].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64[4].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_5[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\C8PS9G9G\ffl[2].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_5[4].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\GF4H3QWL\b64_5[5].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\b64_5[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\I33BMMLP\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_5[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_5[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\IFD2E4LG\b64_5[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\L6F2ZC84\ffl[2].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LM7AY4DK\file[1].txt
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LSW3YCQI\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LSW3YCQI\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\LSW3YCQI\b64_5[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\b64_3[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\NTR0MLKW\ffl[2].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_2[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\OB13GXDT\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\b64[4].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\file[1].txt
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RIALKCDC\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RTMURBNO\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RTMURBNO\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\RTMURBNO\b64_3[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_2[2].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_2[3].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\ffl[1].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\ffl[2].htm
    Deleted ! - C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Temporary Internet Files\Content.IE5\SZGO3DWB\mxd[1].jpg

    --------------- [ Registry / Infected keys ] ----------------

    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
    Deleted ! - HKEY_CURRENT_USER\Software\FirtR
    Deleted ! - HKEY_CURRENT_USER\Software\FirstRRRun
    Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\Local AppWizard-Generated Applications\hldrrr
    Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\Local AppWizard-Generated Applications\mdelk
    Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\Local AppWizard-Generated Applications\nideiect
    Deleted ! - HKEY_USERS\S-1-5-21-746137067-1979792683-725345543-1003\Software\MuleAppData

    --------------- [ States / Restarting of services ] ----------------

    +- Safe boot mode restored !

    +- Showing of hidden files has been repaired !

    +- Services : [ Auto=2 / Request=3 / Disable=4 ]

    Ndisuio - Type of startup = 3

    EapHost - Type of startup = 2

    Ip6Fw - Type of startup = 2

    SharedAccess - Type of startup = 2

    wuauserv - Type of startup = 2

    wscsvc - Type of startup = 2

    --------------- [ Cleaning removable drives ] ----------------

    +- Informations :

    C: - Lecteur fixe

    +- deleting files :

    --------------- [ Registry / Mountpoint2 ] ----------------

    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f2ccd0a-be1d-11dd-8577-001617e4706d}\Shell\AutoRun\command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f2ccd0a-be1d-11dd-8577-001617e4706d}\Shell\explore\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f2ccd0a-be1d-11dd-8577-001617e4706d}\Shell\open\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61835129-9ad7-11dd-8524-001617e4706d}\Shell\AutoRun\command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61835129-9ad7-11dd-8524-001617e4706d}\Shell\explore\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61835129-9ad7-11dd-8524-001617e4706d}\Shell\open\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6609d049-b89b-11dd-8568-001617e4706d}\Shell\AutoRun\command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6609d049-b89b-11dd-8568-001617e4706d}\Shell\explore\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6609d049-b89b-11dd-8568-001617e4706d}\Shell\open\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b788dedb-97b2-11dd-851b-001617e4706d}\Shell\AutoRun\command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b788dedb-97b2-11dd-851b-001617e4706d}\Shell\explore\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b788dedb-97b2-11dd-851b-001617e4706d}\Shell\open\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5025d92-a289-11dd-8536-001617e4706d}\Shell\AutoRun\command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5025d92-a289-11dd-8536-001617e4706d}\Shell\explore\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5025d92-a289-11dd-8536-001617e4706d}\Shell\open\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0e6480-ba4e-11dd-856c-001617e4706d}\Shell\AutoRun\command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0e6480-ba4e-11dd-856c-001617e4706d}\Shell\explore\Command
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0e6480-ba4e-11dd-856c-001617e4706d}\Shell\open\Command

    --------------- [ Searching Other Infections ] ----------------

    Références de comparaison Bagle MD5 :

    4ab5d3ca612c7fcdd392151aec822b28 C:\WINDOWS\system32\mdelk.exe
    4ab5d3ca612c7fcdd392151aec822b28 C:\WINDOWS\system32\wintems.exe
    d650e945c74199f544a6adbff9da0887 C:\WINDOWS\system32\drivers\hldrrr.exe
    d650e945c74199f544a6adbff9da0887 C:\WINDOWS\system32\drivers\mdelk.exe

    --------------- [ Searching Cracks / Keygen ] ----------------

    C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss.xml
    C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml

    ---------------- ! End of report ! ------------------

    merci beaucoup
    0
  12. V-X
     
    Re,

    ---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
    http://oldtimer.geekstogo.com/OTMoveIt3.exe

    ---> Double-clique sur OTMoveIt3.exe afin de le lancer.

    ---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :


    :files
    C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss.xml
    C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml

    :commands
    [purity]
    [emptytemp]
    [reboot]


    ---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

    ---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

    ---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    ▶ Télécharge hijackthis

    ▶ Enregistre la cible sous .... "le bureau"

    ▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

    ▶ Clique sur Install ensuite sur "I Accept"

    ▶ Clique sur" Do a scan system and save log file"

    ▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

    ▶ Tuto hijackthis(Merci à Balltrap34)

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  13. valosky Messages postés 12 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:12:22, on 15/01/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\notepad.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MESSEN~1\Msmsgs.exe
    C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Muscbrigade] c:\Musicbrigade\Musicbrigade.exe check
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.EXE /h
    O4 - HKLM\..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
    O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "c:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
    O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
    O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Scroll-In-Mouse V2.0.lnk = C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    0
  14. valosky Messages postés 12 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:12:22, on 15/01/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\notepad.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MESSEN~1\Msmsgs.exe
    C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Muscbrigade] c:\Musicbrigade\Musicbrigade.exe check
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.EXE /h
    O4 - HKLM\..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
    O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "c:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
    O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
    O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Scroll-In-Mouse V2.0.lnk = C:\Program Files\A.C\Scroll-In-Mouse V2.0\Scroll.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    0
  15. valosky Messages postés 12 Statut Membre
     
    oui je l'ai fai en esperan que je l'ai bien fai mai sinon oui je l'ai fai
    0
  16. V-X
     
    Re,

    ---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    0
  17. valosky Messages postés 12 Statut Membre
     
    ========== FILES ==========
    File/Folder C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss.xml not found.
    File/Folder C:\Documents and Settings\Admin.XPSP2-A0BDB837D\Local Settings\Application Data\Sopcast\rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml not found.
    ========== COMMANDS ==========
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01152009_160521

    Files moved on Reboot...
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.

    voici le rapor que vou m'avez demandé
    0
  18. V-X
     
    Re,

    Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

    Fais exactement ce qui suit :

    Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
    Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

    --------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
    !! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

    ---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

    --->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

    Tuto ici : TUTO
    ---------------------------------------------------------------------------------------------------------------------------------

    Ensuite :

    Double-clique sur C-Fix.exe (= combofix.exe ) .

    Appuie sur une touche pour démarrer le scan .

    Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

    Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  19. valosky Messages postés 12 Statut Membre
     
    ComboFix 09-01-13.04 - guillaume 2009-01-15 17:53:39.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1022.702 [GMT 1:00]
    Lancé depuis: c:\documents and settings\guillaume\Bureau\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-15 au 2009-01-15 ))))))))))))))))))))))))))))))))))))
    .

    2009-01-15 17:49 . 2009-01-15 17:49 <REP> d-------- c:\windows\LastGood
    2009-01-15 16:12 . 2009-01-15 16:12 <REP> d-------- c:\program files\Trend Micro
    2009-01-15 16:05 . 2009-01-15 16:05 <REP> d-------- C:\_OTMoveIt
    2009-01-15 15:23 . 2009-01-15 15:23 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2009-01-15 15:23 . 2009-01-15 15:23 <REP> d-------- c:\documents and settings\guillaume\Application Data\Malwarebytes
    2009-01-15 15:23 . 2009-01-15 15:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-01-15 15:23 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2009-01-15 15:23 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
    2009-01-15 15:01 . 2008-10-16 14:09 43,544 --a------ c:\windows\system32\wups2.dll
    2009-01-15 15:01 . 2008-10-16 14:09 35,864 --a------ c:\windows\system32\wucltui.dll.mui
    2009-01-15 15:01 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuaucpl.cpl.mui
    2009-01-15 15:01 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui
    2009-01-15 15:01 . 2008-10-16 14:07 19,992 --a------ c:\windows\system32\wuaueng.dll.mui
    2009-01-15 14:54 . 2009-01-15 15:50 <REP> d-------- c:\program files\Symantec
    2009-01-15 14:49 . 2009-01-15 14:49 <REP> d---s---- c:\documents and settings\guillaume\UserData
    2008-12-21 19:04 . 2008-12-21 19:04 <REP> d-------- c:\documents and settings\guillaume\Application Data\AVGTOOLBAR
    2008-12-21 19:03 . 2008-12-21 19:03 <REP> d-------- c:\program files\AVG
    2008-12-21 19:03 . 2008-12-21 19:04 <REP> d-------- c:\documents and settings\All Users\Application Data\avg8
    2008-12-21 18:47 . 2008-12-21 18:47 <REP> d-------- c:\program files\Alwil Software

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-15 14:50 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
    2009-01-15 14:47 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
    2009-01-15 14:29 250 ----a-w c:\documents and settings\guillaume\Application Data\wklnhst.dat
    2008-12-21 23:30 --------- d-----w c:\documents and settings\guillaume\Application Data\dvdcss
    2008-12-21 17:54 --------- d-----w c:\program files\ScannerU
    2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
    2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
    2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
    2008-10-16 13:12 202,776 ----a-w c:\windows\system32\wuweb.dll
    2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
    2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
    2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2009-01-15_17.48.16.28 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2009-01-15 15:10:24 64,836 ----a-w c:\windows\system32\perfc009.dat
    + 2009-01-15 16:51:35 64,836 ----a-w c:\windows\system32\perfc009.dat
    - 2009-01-15 15:10:24 78,088 ----a-w c:\windows\system32\perfc00C.dat
    + 2009-01-15 16:51:35 78,088 ----a-w c:\windows\system32\perfc00C.dat
    - 2009-01-15 15:10:24 406,880 ----a-w c:\windows\system32\perfh009.dat
    + 2009-01-15 16:51:35 406,880 ----a-w c:\windows\system32\perfh009.dat
    - 2009-01-15 15:10:24 474,210 ----a-w c:\windows\system32\perfh00C.dat
    + 2009-01-15 16:51:35 474,210 ----a-w c:\windows\system32\perfh00C.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
    "MSMSGS"="c:\progra~1\MESSEN~1\Msmsgs.exe" [2005-08-31 1658592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-05 7323648]
    "Muscbrigade"="c:\musicbrigade\Musicbrigade.exe" [2005-12-22 40960]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "InstantAccess"="c:\program files\ScannerU\TBRIDGE\BIN\InstantAccess.EXE" [1998-07-07 37376]
    "RegisterDropHandler"="c:\program files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE" [1998-07-07 22528]
    "SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
    "nwiz"="nwiz.exe" [2006-01-05 c:\windows\system32\nwiz.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 c:\windows\RTHDCPL.EXE]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "RegisterDropHandler"="c:\program files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.EXE" [1998-07-07 22528]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
    Scroll-In-Mouse V2.0.lnk - c:\program files\A.C\Scroll-In-Mouse V2.0\Scroll.exe [2007-03-16 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\Msmsgs.exe"=

    R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2006-08-03 215040]
    S4 BulkUsb;Plustek USB Scanner;c:\windows\system32\drivers\usbscan.sys [2007-03-16 15104]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
    \Shell\AutoRun\command - J:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb0b3a7e-c90e-11dd-8951-003005b3042a}]
    \Shell\AutoRun\command - E:\nideiect.com
    \Shell\explore\Command - E:\nideiect.com
    \Shell\open\Command - E:\nideiect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaad2d23-865d-11dd-892f-003005b3042a}]
    \Shell\AutoRun\command - K:\nideiect.com
    \Shell\explore\Command - K:\nideiect.com
    \Shell\open\Command - K:\nideiect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6ffd3c4-d864-11dc-88c2-003005b3042a}]
    \Shell\AutoRun\command - E:\nideiect.com
    \Shell\explore\Command - E:\nideiect.com
    \Shell\open\Command - E:\nideiect.com
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/fuji/defaults/su/*https://fr.yahoo.com/?p=us
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-15 17:54:11
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-1527725298-3504637059-1939994038-1007\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    Heure de fin: 2009-01-15 17:54:48
    ComboFix-quarantined-files.txt 2009-01-15 16:54:47
    ComboFix2.txt 2009-01-15 16:49:33

    Avant-CF: 281 993 228 288 octets libres
    Après-CF: 281,987,325,952 octets libres

    127
    voici le dernier rapor
    0
  20. V-X
     
    Re,

    Télécharge et installe MalwareByte's Anti-Malware
    Malwarebyte

    Mets le à jour

    ▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

    ▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait

    ▶ clique sur Rechercher

    ▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

    Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

    Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

    Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

    Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

    Tutoriel pour MalwareByte's
    0
  • 1
  • 2