Sujet Précédent Sujet Suivant

Virus et impossible d'installer un antivirus!

Résolu/Fermé
David - 14 janv. 2009 à 11:05
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 - 14 janv. 2009 à 18:39
Bonjour, J'ai besoin de votre aide! J'ai attraper des virus sur mon pc, donc j'ai plus de sons, mon antivirus avast c'est arreter, ma machine est tres lente, j'ai plein de popup quand je surf et surtout je suis incapable d'installer un nouvel antivirus!!! Si quelqu'un pouvai m'aider ca serai sympa!! Merci d'avance
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
14 janv. 2009 à 11:18
programme win32 non valide=Bagle
3
Réponse 2 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 11:22
* Télécharger ComboFix (par sUBs) sur le Bureau pour le virus bagle.
* Double-cliquer combofix.exe.
* Il est vivement recommandé d'installer la Console de récupération !
* Appuyer sur la touche Y (Yes) pour démarrer le scan.
* Le rapport sera crée dans: C:\Combofix.txt.
* Refaire un rapport HijackThis, et fixer les lignes correspondantes comme indiqué plus haut.



Le tutoriel officiel se trouve à cette adresse :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

1
Réponse 3 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 11:08
Télécharge le fichier d'installation d'HijackThis.

Enregistre HJTInstall.exe sur ton bureau.

Double-clique sur HJTInstall.exe pour lancer le programme

Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis

Accepte la licence en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

Tutoriaux (ne fixe rien pour le moment !!)

0
Réponse 4 / 22
David
14 janv. 2009 à 11:12
J'arrive pas a installer ton programme, il me mets que c'est pas un programme win32 valide!!!?? Merci en tout cas de votre aide.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 11:13
essaye de faire celui :

Telecharge malwarebytes

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log


Tutoriaux
0
Réponse 6 / 22
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
14 janv. 2009 à 11:23
Bagle va probablement interdire l'accès de combofix
y a mieux pour bagle
->Findykill<-
0
Réponse 7 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 11:30
# Etape 1/ Télécharge :

- FindyKill http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe (Chiquitine29) sur le Bureau.


Note importante : l'infection bagle s'installant au moyen d'un crack/keygen, tu dois IMPERATIVEMENT supprimer ce type de fichier.

# Etape 2/

Lance l'installation avec les paramètres par défaut
- Double-clique sur le raccourci FindyKill sur le Bureau (sous Vista : clic droit sur le raccourci --> Exécuter en temps qu'Administrateur)
- Au menu principal, sélectionne l'option 1 (Recherche)
- Le rapport est sauvegardé à la racine du disque dur (C:\FindyKill.txt )
Avant de faire quoi que ce soit d'autre, il est fortement recommandé de poster le rapport sur le forum pour avoir l'avis d'un spécialiste.Après confirmation par un intervenant qualifié du forum, passe au nettoyage

0
Réponse 8 / 22
David
14 janv. 2009 à 12:03
Je suis actuellemnt en train de faire un scan avec Malwarebytes', je poste le résultat ou j'arrete pour faire ce que vous me dites plus bas??
0
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 12:10
fini le scan ensuite tu fera findykill.
0
Réponse 9 / 22
David
14 janv. 2009 à 13:58
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1649
Windows 5.1.2600 Service Pack 2

14/01/2009 13:57:54
mbam-log-2009-01-14 (13-57-48).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 160077
Temps écoulé: 2 hour(s), 38 minute(s), 53 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 41

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sk9ou0s (Worm.Bagel) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sk9ou0s (Worm.Bagel) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sk9ou0s (Worm.Bagel) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ewyky (Adware.Navipromo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gissi (Adware.Navipromo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qukiy (Adware.Navipromo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\weqqywa (Adware.Navipromo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Dossier(s) infecté(s):
C:\Documents and Settings\David\Application Data\m (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\David\Local Settings\Application Data\ewyky_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\ewyky_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\ewyky.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\ewyky.exe (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\gissi_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\gissi_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\gissi.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\gissi.exe (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy.exe (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa.exe (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\David\Application Data\drivers\srosa2.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079891.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079911.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079969.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079990.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP389\A0080051.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP390\A0080093.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080118.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080119.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080138.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080139.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081164.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081277.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081299.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081418.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081440.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081468.sys (Worm.Bagel) -> No action taken.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP394\A0081670.sys (Worm.Bagel) -> No action taken.
C:\Documents and Settings\David\Application Data\m\data.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\David\Application Data\m\list.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\David\Application Data\m\srvlist.oct (Trojan.Agent) -> No action taken.
C:\WINDOWS\rundll32.exe (Backdoor.Bot) -> No action taken.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
C:\Documents and Settings\David\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
0
Réponse 10 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 14:01
tu fait afficher rapport puis supprimer le tout et reposte le rapport ensuite supprime tout ce qu'il y a en quarantaine. Merci.
0
Réponse 11 / 22
David
14 janv. 2009 à 14:07
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1649
Windows 5.1.2600 Service Pack 2

14/01/2009 14:07:20
mbam-log-2009-01-14 (14-07-20).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 160077
Temps écoulé: 2 hour(s), 38 minute(s), 53 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 41

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sk9ou0s (Worm.Bagel) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sk9ou0s (Worm.Bagel) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sk9ou0s (Worm.Bagel) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ewyky (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gissi (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qukiy (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\weqqywa (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\David\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\David\Local Settings\Application Data\ewyky_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\ewyky_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\ewyky.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\ewyky.exe (Adware.Navipromo.H) -> Delete on reboot.
C:\Documents and Settings\David\Local Settings\Application Data\gissi_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\gissi_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\gissi.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\gissi.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\qukiy.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Local Settings\Application Data\weqqywa.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Application Data\drivers\srosa2.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079891.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079911.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079969.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP388\A0079990.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP389\A0080051.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP390\A0080093.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080118.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080119.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080138.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0080139.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081164.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081277.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081299.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081418.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081440.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP391\A0081468.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C855543B-3CD2-457A-BA83-0C2226FA9711}\RP394\A0081670.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\David\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\rundll32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\David\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
0
Réponse 12 / 22
David
14 janv. 2009 à 14:17
Alors j'ai rebooter et vider la quarantaine, qu'es ce qu'il faut faire maintenant?
0
Réponse 13 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 14:18
findykill.
0
Réponse 14 / 22
David
14 janv. 2009 à 14:21
oki, merci beaucoup, c'est parti!!
0
Réponse 15 / 22
David
14 janv. 2009 à 14:29
----------------- FindyKill V4.711 ------------------

* User : David - TITANIUM
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 14:21:09 le 14/01/2009
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Documents and Settings\David\Application Data\drivers\winupgro.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe

--------------- [ Processus infectieux stoppés ] ----------------


"C:\Documents and Settings\David\Application Data\drivers\winupgro.exe" (132)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\105156.EXE-23328DE8.pf
Found ! - C:\WINDOWS\prefetch\122703.EXE-02BAA76C.pf
Found ! - C:\WINDOWS\prefetch\1377656.EXE-235E6EAF.pf
Found ! - C:\WINDOWS\prefetch\1493140.EXE-107E003C.pf
Found ! - C:\WINDOWS\prefetch\1494875.EXE-1D8CC82C.pf
Found ! - C:\WINDOWS\prefetch\150859.EXE-3842F9EA.pf
Found ! - C:\WINDOWS\prefetch\160421.EXE-1AF36E24.pf
Found ! - C:\WINDOWS\prefetch\162437.EXE-15FB9F46.pf
Found ! - C:\WINDOWS\prefetch\16489531.EXE-1A5D20FD.pf
Found ! - C:\WINDOWS\prefetch\16577078.EXE-2845B261.pf
Found ! - C:\WINDOWS\prefetch\16585953.EXE-077E8BDA.pf
Found ! - C:\WINDOWS\prefetch\16683515.EXE-1190441A.pf
Found ! - C:\WINDOWS\prefetch\16688703.EXE-17911DF5.pf
Found ! - C:\WINDOWS\prefetch\16717578.EXE-0FDA4438.pf
Found ! - C:\WINDOWS\prefetch\16724906.EXE-084507F0.pf
Found ! - C:\WINDOWS\prefetch\16860468.EXE-30D10DD4.pf
Found ! - C:\WINDOWS\prefetch\16861671.EXE-0279F4EC.pf
Found ! - C:\WINDOWS\prefetch\16967781.EXE-01A572C7.pf
Found ! - C:\WINDOWS\prefetch\16968109.EXE-2F9F2BAF.pf
Found ! - C:\WINDOWS\prefetch\17004531.EXE-35CAF6BE.pf
Found ! - C:\WINDOWS\prefetch\17071000.EXE-04C9612E.pf
Found ! - C:\WINDOWS\prefetch\1945234.EXE-0172A66B.pf
Found ! - C:\WINDOWS\prefetch\1948546.EXE-27A06B8D.pf
Found ! - C:\WINDOWS\prefetch\2057843.EXE-05D67A64.pf
Found ! - C:\WINDOWS\prefetch\2060437.EXE-0D6DB225.pf
Found ! - C:\WINDOWS\prefetch\2061390.EXE-0DCCBCE5.pf
Found ! - C:\WINDOWS\prefetch\2062562.EXE-071227D3.pf
Found ! - C:\WINDOWS\prefetch\2220156.EXE-1CE66E68.pf
Found ! - C:\WINDOWS\prefetch\2225687.EXE-377E8156.pf
Found ! - C:\WINDOWS\prefetch\2252859.EXE-13771DCA.pf
Found ! - C:\WINDOWS\prefetch\2257156.EXE-26376FCF.pf
Found ! - C:\WINDOWS\prefetch\286828.EXE-10BE6940.pf
Found ! - C:\WINDOWS\prefetch\346687.EXE-22B24A98.pf
Found ! - C:\WINDOWS\prefetch\378656.EXE-380C89F0.pf
Found ! - C:\WINDOWS\prefetch\455078.EXE-088EBD9D.pf
Found ! - C:\WINDOWS\prefetch\460921.EXE-30E0B07C.pf
Found ! - C:\WINDOWS\prefetch\488750.EXE-2B0CB45A.pf
Found ! - C:\WINDOWS\prefetch\5731078.EXE-2C61DA8C.pf
Found ! - C:\WINDOWS\prefetch\57693390.EXE-00D3E0D9.pf
Found ! - C:\WINDOWS\prefetch\57994671.EXE-26EFA73F.pf
Found ! - C:\WINDOWS\prefetch\5834906.EXE-1FDE8822.pf
Found ! - C:\WINDOWS\prefetch\5884453.EXE-287F96BC.pf
Found ! - C:\WINDOWS\prefetch\5937906.EXE-003E97E3.pf
Found ! - C:\WINDOWS\prefetch\5975953.EXE-3B749990.pf
Found ! - C:\WINDOWS\prefetch\603968.EXE-3746C25F.pf
Found ! - C:\WINDOWS\prefetch\6094750.EXE-1A482FCC.pf
Found ! - C:\WINDOWS\prefetch\72418031.EXE-3B69BD98.pf
Found ! - C:\WINDOWS\prefetch\72524546.EXE-234E4917.pf
Found ! - C:\WINDOWS\prefetch\72631265.EXE-2B352FA2.pf
Found ! - C:\WINDOWS\prefetch\730312.EXE-0204BEB7.pf
Found ! - C:\WINDOWS\prefetch\777968.EXE-06DC8FBC.pf
Found ! - C:\WINDOWS\prefetch\8145328.EXE-18C6ABE5.pf
Found ! - C:\WINDOWS\prefetch\8147234.EXE-290FA355.pf
Found ! - C:\WINDOWS\prefetch\87051906.EXE-2BE56356.pf
Found ! - C:\WINDOWS\prefetch\87206046.EXE-0CC7D6D9.pf
Found ! - C:\WINDOWS\prefetch\882890.EXE-3143ED51.pf
Found ! - C:\WINDOWS\prefetch\916828.EXE-014F9FE1.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-16BCD688.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-00B28C46.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [14/01/2009 14:15] - C:\WINDOWS\system32\mdelk.exe
Found ! [14/01/2009 14:15] - C:\WINDOWS\system32\wintems.exe
Found ! [14/01/2009 14:15] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\David\Application Data

Found ! [14/01/2009 14:16] - "C:\Documents and Settings\David\Application Data\m\flec006.exe"
Found ! [14/01/2009 14:16] - "C:\Documents and Settings\David\Application Data\m\list.oct"
Found ! [14/01/2009 14:16] - "C:\Documents and Settings\David\Application Data\m\data.oct"
Found ! [14/01/2009 14:16] - "C:\Documents and Settings\David\Application Data\m\srvlist.oct"
Found ! [14/01/2009 14:17] - "C:\Documents and Settings\David\Application Data\m\shared"
Found ! [14/01/2009 14:16] - "C:\Documents and Settings\David\Application Data\m"
Found ! [14/01/2009 14:15] - "C:\Documents and Settings\David\Application Data\drivers"
Found ! [14/01/2009 14:15] - "C:\Documents and Settings\David\Application Data\drivers\srosa.sys"
Found ! [14/01/2009 14:15] - "C:\Documents and Settings\David\Application Data\drivers\srosa2.sys"
Found ! [27/03/2005 08:06] - "C:\Documents and Settings\David\Application Data\drivers\winupgro.exe"
Found ! [14/01/2009 14:19] - "C:\Documents and Settings\David\Application Data\drivers\downld"

»»»» Presence des fichiers dans C:\DOCUME~1\David\LOCALS~1\Temp

Found ! - C:\DOCUME~1\David\LOCALS~1\Temp\QZTEMP\install_crack.exe

»»»» Presence des fichiers dans C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5

Found ! [04/01/2009 22:42] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\2NTV83ZD\b64[1].jpg
Found ! [04/01/2009 23:10] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64[1].jpg
Found ! [02/01/2009 21:52] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_1[1].jpg
Found ! [04/01/2009 22:45] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_1[2].jpg
Found ! [12/01/2009 20:20] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_1[3].jpg
Found ! [02/01/2009 21:56] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_2[1].jpg
Found ! [04/01/2009 23:01] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_2[2].jpg
Found ! [12/01/2009 20:18] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_3[1].jpg
Found ! [05/01/2009 19:52] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\mxd[1].jpg
Found ! [14/01/2009 09:32] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\mxd[2].jpg
Found ! [14/01/2009 14:15] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\DXMH4CWF\b64_3[1].jpg
Found ! [27/12/2008 16:42] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64[1].jpg
Found ! [02/01/2009 21:55] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64[2].jpg
Found ! [30/12/2008 18:02] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_1[1].jpg
Found ! [30/12/2008 18:02] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_2[1].jpg
Found ! [14/01/2009 09:34] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_2[2].jpg
Found ! [27/12/2008 20:44] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_3[1].jpg
Found ! [01/01/2009 19:57] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_3[2].jpg
Found ! [14/01/2009 09:31] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_3[3].jpg
Found ! [30/12/2008 17:58] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\mxd[2].jpg
Found ! [14/01/2009 14:16] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\FM3W370Y\b64[1].jpg
Found ! [14/01/2009 14:15] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P0Q5KDUZ\file[1].txt
Found ! [14/01/2009 14:16] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P0Q5KDUZ\mxd[1].jpg
Found ! [14/01/2009 10:36] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\PK29XOPO\b64_1[1].jpg
Found ! [02/01/2009 21:58] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\PK29XOPO\b64_2[1].jpg
Found ! [27/12/2008 20:47] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64[1].jpg
Found ! [28/12/2008 16:45] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_1[1].jpg
Found ! [02/01/2009 21:56] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_1[2].jpg
Found ! [27/12/2008 12:40] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[1].jpg
Found ! [30/12/2008 22:08] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[2].jpg
Found ! [31/12/2008 23:06] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[3].jpg
Found ! [04/01/2009 23:12] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[4].jpg
Found ! [12/01/2009 20:24] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[5].jpg
Found ! [14/01/2009 10:36] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[6].jpg
Found ! [26/12/2008 20:31] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[1].jpg
Found ! [27/12/2008 12:35] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[2].jpg
Found ! [29/12/2008 20:28] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[3].jpg
Found ! [30/12/2008 17:57] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[4].jpg
Found ! [30/12/2008 22:03] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[5].jpg
Found ! [31/12/2008 18:50] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[6].jpg
Found ! [02/01/2009 20:19] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[7].jpg
Found ! [04/01/2009 22:39] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[8].jpg
Found ! [04/01/2009 23:12] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_5[1].jpg
Found ! [29/12/2008 20:29] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\mxd[2].jpg
Found ! [31/12/2008 18:55] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\mxd[4].jpg
Found ! [04/01/2009 22:43] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\mxd[5].jpg
Found ! [30/12/2008 22:06] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64[1].jpg
Found ! [31/12/2008 23:04] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64[2].jpg
Found ! [29/12/2008 20:32] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[1].jpg
Found ! [30/12/2008 22:07] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[2].jpg
Found ! [30/12/2008 22:07] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[3].jpg
Found ! [14/01/2009 10:34] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[4].jpg
Found ! [28/12/2008 16:46] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_2[1].jpg
Found ! [29/12/2008 20:33] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_2[2].jpg
Found ! [30/12/2008 18:02] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_2[3].jpg
Found ! [27/12/2008 16:40] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[1].jpg
Found ! [28/12/2008 16:40] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[2].jpg
Found ! [28/12/2008 19:50] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[3].jpg
Found ! [30/12/2008 17:57] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[4].jpg
Found ! [12/01/2009 20:17] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\mxd[1].jpg
Found ! [29/12/2008 20:30] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[1].jpg
Found ! [30/12/2008 17:59] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[2].jpg
Found ! [30/12/2008 17:59] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[3].jpg
Found ! [30/12/2008 22:06] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[4].jpg
Found ! [31/12/2008 18:52] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[5].jpg
Found ! [04/01/2009 22:58] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[6].jpg
Found ! [14/01/2009 10:34] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[7].jpg
Found ! [30/12/2008 18:02] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[1].jpg
Found ! [04/01/2009 22:40] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[2].jpg
Found ! [04/01/2009 23:00] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[3].jpg
Found ! [04/01/2009 23:00] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[4].jpg
Found ! [27/12/2008 16:44] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_2[1].jpg
Found ! [28/12/2008 19:56] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_2[2].jpg
Found ! [31/12/2008 19:02] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_2[3].jpg
Found ! [30/12/2008 22:03] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_3[1].jpg
Found ! [31/12/2008 23:02] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_3[2].jpg
Found ! [01/01/2009 19:57] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_3[3].jpg
Found ! [02/01/2009 21:54] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\b64[1].jpg
Found ! [04/01/2009 22:56] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\b64_1[1].jpg
Found ! [05/01/2009 19:55] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\b64_2[1].jpg
Found ! [12/01/2009 20:20] - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\mxd[1].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
PC Suite Tray="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Cmaudio=RunDll32 cmicnfg.cpl,CMICtrlWnd
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
Synchronization Manager=%SystemRoot%\system32\mobsync.exe /logon
BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
LogitechCommunicationsManager="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
LogitechQuickCamRibbon="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
LVCOMSX="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\software\local appwizard-generated applications\install_crack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\install_patch]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NMBgMonitor]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\Local AppWizard-Generated Applications\install_crack
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_crack
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR

/!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

/!\ Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

/!\ Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

/!\ Mode sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4


--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

E: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 16 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 14:40
# Etape 3/

Branche toutes tes sources de données externes au PC (clés USB, disques durs externes, lecteurs mp3, iPod...) sans les ouvrir- Relance FindyKill,
- Cette fois, sélectionne l'option 2 (Suppression) au menu principal.
- Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "Nettoyage effectué !"
- Ensuite poste le rapport C:\FindyKill.txt
0
Réponse 17 / 22
David
14 janv. 2009 à 15:17
----------------- FindyKill V4.711 ------------------

* User : David - TITANIUM
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 15:06:40 the 14/01/2009
* Windows XP - Internet Explorer 7.0.5730.11


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\105156.EXE-23328DE8.pf
Deleted ! - C:\WINDOWS\prefetch\122703.EXE-02BAA76C.pf
Deleted ! - C:\WINDOWS\prefetch\1377656.EXE-235E6EAF.pf
Deleted ! - C:\WINDOWS\prefetch\1493140.EXE-107E003C.pf
Deleted ! - C:\WINDOWS\prefetch\1494875.EXE-1D8CC82C.pf
Deleted ! - C:\WINDOWS\prefetch\150859.EXE-3842F9EA.pf
Deleted ! - C:\WINDOWS\prefetch\160421.EXE-1AF36E24.pf
Deleted ! - C:\WINDOWS\prefetch\162437.EXE-15FB9F46.pf
Deleted ! - C:\WINDOWS\prefetch\16489531.EXE-1A5D20FD.pf
Deleted ! - C:\WINDOWS\prefetch\16577078.EXE-2845B261.pf
Deleted ! - C:\WINDOWS\prefetch\16585953.EXE-077E8BDA.pf
Deleted ! - C:\WINDOWS\prefetch\16683515.EXE-1190441A.pf
Deleted ! - C:\WINDOWS\prefetch\16688703.EXE-17911DF5.pf
Deleted ! - C:\WINDOWS\prefetch\16717578.EXE-0FDA4438.pf
Deleted ! - C:\WINDOWS\prefetch\16724906.EXE-084507F0.pf
Deleted ! - C:\WINDOWS\prefetch\16860468.EXE-30D10DD4.pf
Deleted ! - C:\WINDOWS\prefetch\16861671.EXE-0279F4EC.pf
Deleted ! - C:\WINDOWS\prefetch\16967781.EXE-01A572C7.pf
Deleted ! - C:\WINDOWS\prefetch\16968109.EXE-2F9F2BAF.pf
Deleted ! - C:\WINDOWS\prefetch\17004531.EXE-35CAF6BE.pf
Deleted ! - C:\WINDOWS\prefetch\17071000.EXE-04C9612E.pf
Deleted ! - C:\WINDOWS\prefetch\1945234.EXE-0172A66B.pf
Deleted ! - C:\WINDOWS\prefetch\1948546.EXE-27A06B8D.pf
Deleted ! - C:\WINDOWS\prefetch\2057843.EXE-05D67A64.pf
Deleted ! - C:\WINDOWS\prefetch\2060437.EXE-0D6DB225.pf
Deleted ! - C:\WINDOWS\prefetch\2061390.EXE-0DCCBCE5.pf
Deleted ! - C:\WINDOWS\prefetch\2062562.EXE-071227D3.pf
Deleted ! - C:\WINDOWS\prefetch\2220156.EXE-1CE66E68.pf
Deleted ! - C:\WINDOWS\prefetch\2225687.EXE-377E8156.pf
Deleted ! - C:\WINDOWS\prefetch\2252859.EXE-13771DCA.pf
Deleted ! - C:\WINDOWS\prefetch\2257156.EXE-26376FCF.pf
Deleted ! - C:\WINDOWS\prefetch\286828.EXE-10BE6940.pf
Deleted ! - C:\WINDOWS\prefetch\346687.EXE-22B24A98.pf
Deleted ! - C:\WINDOWS\prefetch\378656.EXE-380C89F0.pf
Deleted ! - C:\WINDOWS\prefetch\455078.EXE-088EBD9D.pf
Deleted ! - C:\WINDOWS\prefetch\460921.EXE-30E0B07C.pf
Deleted ! - C:\WINDOWS\prefetch\488750.EXE-2B0CB45A.pf
Deleted ! - C:\WINDOWS\prefetch\5731078.EXE-2C61DA8C.pf
Deleted ! - C:\WINDOWS\prefetch\57693390.EXE-00D3E0D9.pf
Deleted ! - C:\WINDOWS\prefetch\57994671.EXE-26EFA73F.pf
Deleted ! - C:\WINDOWS\prefetch\5834906.EXE-1FDE8822.pf
Deleted ! - C:\WINDOWS\prefetch\5884453.EXE-287F96BC.pf
Deleted ! - C:\WINDOWS\prefetch\5937906.EXE-003E97E3.pf
Deleted ! - C:\WINDOWS\prefetch\5975953.EXE-3B749990.pf
Deleted ! - C:\WINDOWS\prefetch\603968.EXE-3746C25F.pf
Deleted ! - C:\WINDOWS\prefetch\6094750.EXE-1A482FCC.pf
Deleted ! - C:\WINDOWS\prefetch\72418031.EXE-3B69BD98.pf
Deleted ! - C:\WINDOWS\prefetch\72524546.EXE-234E4917.pf
Deleted ! - C:\WINDOWS\prefetch\72631265.EXE-2B352FA2.pf
Deleted ! - C:\WINDOWS\prefetch\730312.EXE-0204BEB7.pf
Deleted ! - C:\WINDOWS\prefetch\777968.EXE-06DC8FBC.pf
Deleted ! - C:\WINDOWS\prefetch\8145328.EXE-18C6ABE5.pf
Deleted ! - C:\WINDOWS\prefetch\8147234.EXE-290FA355.pf
Deleted ! - C:\WINDOWS\prefetch\87051906.EXE-2BE56356.pf
Deleted ! - C:\WINDOWS\prefetch\87206046.EXE-0CC7D6D9.pf
Deleted ! - C:\WINDOWS\prefetch\882890.EXE-3143ED51.pf
Deleted ! - C:\WINDOWS\prefetch\916828.EXE-014F9FE1.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-16BCD688.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-00B28C46.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\David\Application Data

Deleted ! - "C:\Documents and Settings\David\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\David\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\David\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\David\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\(InternetSecurity).McAfee.VirusScan.+.Firewall.+.Antispam.+.Privacy.service.8.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\3DM Export for Inventor 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\aaxIniFile 1.0.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Acid-Base Titration 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\AcroBatch 1.5.1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Agile Zune Video Converter 3.0.2.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Air Travel Toolkit - USA 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\All Video Converter Pro 4.3.6.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Amazing Photo Editor 7.6.5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\APS Identity SDK.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Ardamax Keylogger Lite 1.2.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\At The Farm Icons 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Audiomatic 1.21.06.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Avaide FLV Converter 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Babylon Builder 2.2 build 0004.0000.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Batch.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\BiNnYs Orkut Toolbar 1.5.0.8.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Blender Portable 2.45 Pre-Release 5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Bonds 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Buzz Instant Messenger 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\CBB TextPrinter 2.3.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\centrif 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Chi Vuol Essere Milionario - Nokia N80.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\ClamAV 0.93.3-1a.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\CLC Combined Workbench 4.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Cleantouch ImportGST Reloaded 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\ComicWizard 4.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Cookie Drift 0.103a.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Crack.Kaspersky.Anti-Virus.Personal.Pro.v5.0.14.(Eng.&.TW).zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\CrypSecure 1.0.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\D'Accord Music Software Toolbar 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Daily Alarm Clock 2.0.0.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Dbings 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\DialogBlocks 4.25.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\DietController 1.14.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Digital Funeral Planner 3.0.5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\drweb-432b-win-en crack_dr.web.4.32b.2007.key check & rebulid 01.04.2005.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\em-store 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Falcons Screensaver 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\FileMyster 1.1.5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\foo openwith 0.4.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Fret Dimensions 1.4.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Fuzzball Muck 6.09.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Google Map 1.3.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\GPS Time and Test 1.5.0.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Grip Control.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Happy Aqua-R Drop-down Menu 1.30.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Heimdal 1.50.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\HP0-281 Practice Exam Testing Engine Software 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\HyperGreen Screen Saver 1.5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Inletex Easy Remote Control (ERC) 3.00.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\InstallEssen 2.51.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\ISMRR 1.01.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\IsoEditor 1.0 build 1001.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Italian-English Database 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\KBase for Outlook 2.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Kernel Memory Space Analyzer 8.1.2930.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\kitchenpolice font 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\KNOCKS Desktop Diary 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Lingvo 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 English - Hungarian 4.1.29.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\LinkDeny 1.1.2.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\LiveProject Professional 3.1.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Los Angeles Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Lunabase 0.92 beta 4.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Magic Forest 3D Screensaver 1.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Magic Math Adventure Tour for ages 9 to 10 2.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Market News Analyzer 1.0.16.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Marx Query DNS 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Mileage Log 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\MP3Info 0.8.5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\MPICH2 1.0.7RC2.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\MyLibrary 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Nero MediaHome 1.3.0.4b.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Net Activity Diagram 2.5.366 SR1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\NetCafe DS 1.3.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Network Chat 1.41.0326.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Nod32.Rus._www.binural.ru.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\PDF4U TSE 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Pepsky Zune Converter 4.3.6.916.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\PiggyBob Premium 3.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Piramide 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\PractiCount Toolbar Professional for MS Office 1.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\PS to PDF SDK One License 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\PTFB Pro 3.5.2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\PureTest 3.3.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Qixite 0.0.15.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Quest 4.04.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\RaimaRadio 2.25.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\ResizeEnable 1.4.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\RGeneratePropertyClass 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\RPS-Manager 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\RunConsoleApp 1.00.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\ServerRadar Server Monitor 5.1.1.3.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Simple Password 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\SimpleCalc 1.3.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Smiley Cursors 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Speed Fan Clock Screensaver 1.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Sports League Management 24.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Star9 Chinese Input Method 3.73.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Subtitles Plugin for RealPlayer 2005.03.21.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Symantec.Mobile.Security.Full.n70.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Symantec.Norton.Ghost.2005.9.0.DEUTSCH_100.porzent.Bootbar_By_Erzincanli.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Symantec.Norton.Ghost.2006.v10.cura.patch.by.Lz0.updated-fixed.10-2006.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\System Security 2009 5.0.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\The Collector 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\TIFFToolKit Library for .NET 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\TMCoPGradient 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Travel Dictionary Swedish PPC 3.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Vax VoIP SDK 2.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\VB & VBA Code Printer 2.1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\View Trace.axd 1.4.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\VitaMem Lite 1.3.0.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Wallpaper Manager 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Web DB Browser 2007 4.0.123.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Web Research Network Add-on 2.5.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\WebPageAutoRunner 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\wendelllibrarytoolbar 0.0.2.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Winpooch 0.6.6.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Wireless Key Generator 1.0.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\WorldCoins 2.1.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\WROR 105.9 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\WumpusOne ID3 Tag Utility 1.0.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\Xbox 360 set.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\XMultimediaDiary 1.2.0.1223.zip
Deleted ! - C:\Documents and Settings\David\Application Data\m\shared\[DOS.Application].Eset.-.NOD32.-.1.663.(Updated.2004-03-12).-.Distribution.Disks.zip
Deleted ! - "C:\Documents and Settings\David\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\David\Application Data\m"
Deleted ! - "C:\Documents and Settings\David\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\David\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\David\Application Data\drivers\winupgro.exe"
Deleted ! - "C:\Documents and Settings\David\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\David\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\David\LOCALS~1\Temp

Deleted ! - C:\DOCUME~1\David\LOCALS~1\Temp\QZTEMP\install_crack.exe

»»»» Supression files in C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\2NTV83ZD\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\mxd[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\98MPN42L\mxd[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\DXMH4CWF\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\DXMH4CWF\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\DXMH4CWF\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\F520B1H2\mxd[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\FM3W370Y\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P0Q5KDUZ\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P0Q5KDUZ\file[1].txt
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P0Q5KDUZ\mxd[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P0Q5KDUZ\mxd[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\PK29XOPO\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\PK29XOPO\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[5].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_2[6].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[5].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[6].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[7].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_3[8].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\b64_5[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\mxd[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\mxd[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\POPBLB9P\mxd[5].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_1[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\b64_3[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U7HWEZLM\mxd[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[5].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[6].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64[7].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_1[4].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\XPBKH67N\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\b64[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\YKJLOAG1\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
Deleted ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\Local AppWizard-Generated Applications\install_crack
Deleted ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\Local AppWizard-Generated Applications\install_patch
Deleted ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro
Deleted ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\FFC
Deleted ! - HKEY_USERS\S-1-5-21-1275210071-2147104785-839522115-1003\Software\MuleAppData

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !


+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

E: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Other Infections ] ----------------


Références de comparaison Bagle MD5 :

113ac36b77630a2f67dd6cb7844406a4 C:\WINDOWS\system32\mdelk.exe
113ac36b77630a2f67dd6cb7844406a4 C:\WINDOWS\system32\wintems.exe
2c4f10fd730e73c97378262fa326e0f9 C:\Documents and Settings\David\Application Data\drivers\winupgro.exe
5d641d5e744ad9aca087e8dae68e7822 C:\Avenger\wintems.exe

Suspect ! - 2c4f10fd730e73c97378262fa326e0f9 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\David\Mes documents\T‚l‚chargements\Logiciels\Nero 7\nerokeygen.exe


---------------- ! End of report ! ------------------
0
Réponse 18 / 22
David
14 janv. 2009 à 15:31
Je peu réinstaller un antivirus maintenant? Lequel est le meilleur dans les gratuit? Merci
0
Réponse 19 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 15:50
tu va me refaire un rapport avec hijackthis là ça devrait marcher.
0
Réponse 20 / 22
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
14 janv. 2009 à 15:52
ensuite faire un scan en ligne pour vérifier qu'il ne reste pas des applications infectées.

* Allez sur le site du scan en ligne Kaspersky https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (Avec Internet Explorer).
* En bas à droite, cliquez sur Démarrer Online-scanner.
* Dans la nouvelle fenêtre qui s'affiche, cliquez sur J'accepte.
* Acceptez les Contrôles ActiveX.
* Choisissez Poste de travail pour le scan.
* Celui-ci terminé, sauvegardez (Choisissez fichier texte) le rapport sur votre Bureau.



Utilisation du scan en ligne :
https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId291566

Note : Si vous recevez le message La licence de Kaspersky On-line Scanner est périmée, allez dans Ajout/Suppression de programmes puis désinstallez On-Line Scanner, reconnectez-vous sur le site de Kaspersky pour retenter le scan en ligne.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses