SOS TROJ_BAGLE.AO,POSSIBLE_DLDER,MAL-MLWR1

Question

Bonjour,

J ai un probleme de virus TROJ_BAGLE.AO,POSSIBLE_DLDER,MAL-MLWR1 mon antivirus Trend micro internet secirity pro 2009 ne marche plus si je click sur l icone il apparait 1 sec et disparait pareil pour ccleaner j ai lancer Malwarebytes et je n arrive pas en m en debarrasser j ai le raport si vous le souhaiter;Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1936
Windows 5.1.2600 Service Pack 3

03/04/2009 14:15:05
mbam-log-2009-04-03 (14-14-52).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 123371
Temps écoulé: 46 minute(s), 59 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 134

Processus mémoire infecté(s):
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe (Trojan.Agent) -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sk9ou0s (Rootkit.Bagle) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sk9ou0s (Rootkit.Bagle) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Trojan.Spammer) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\m (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\drivers\srosa2.sys (Rootkit.Bagle) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\data.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\list.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\-.Re.Usuario.Y.ContraseÃ±a.Para.Activar.Panda.Platinum.Internet.Security11.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\.!.[Keygen].Norton.AntiVirus.2007.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\A.I. Solver Studio 0.9.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Active Sound Editor 1.0.1.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Agree MP3 to M4A AAC Converter 4.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Air Commandos Screensaver.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Airscanner_Mobile_AntiVirus_Pro_2.9.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\AJC Diff 1.9.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\AJT MidiMod Rev 7.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\All-In-One Keylogger Pro 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Anarchist Bible 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Andrew's Vector Plugins Volume 10 'SymbolToolbox' 10.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\axColorPicker 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Barcode Professional for Windows Forms 4.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Bassett Hounds TB 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\BIpro LITE 1.5.1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\BMW M3 CSL Screensaver.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\BoostXP 2.0.1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Charts Icon Collection 1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\claviscom SHREDDER 7.04.12.4.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Compare Spreadsheets for Excel 1.1.5.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Curve Sketching 1.10.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\CyD Postman 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DangleDate 1.0.4.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Digital Calendar 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DIPP 1.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DoLit CHM2LIT 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DrWeb.v4.33.WinAll-TWK.[18.10.2005].zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DVD to iPod PSP 3GP H264 MP4 Converter SE 1.5.5.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\EasyDVDCopy 1.01.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\F-Prot.Antivirus.315.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\File-O-Scope 1.9.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FlexiMIS 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FoxPro DBF Packer 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Free XP Style Icons 0.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\fsum 2.52.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FTPCMD 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Gens32 Surreal 1.72.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\GiftWisdom 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\GlassToasts 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\GlowClock 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\glu_pasapalabra_nokia_n73_es_v1_3_0_full.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\GSearch 1.42.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\HardEncrypt 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\HLA Completion 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Home of the Brave Visualization 1.0.0.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\HOSTSed 1.51.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Hummingbird Screensaver 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ImageWolf 1.04.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Intel USB System Check 3.01.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\JavaScript Code Improver 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Kanji Clock 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Karen's LAN Monitor 1.3.4.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Kaspersky.Internet.Security.6.0.0.303.PL+Klucz.16.07.2007.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\kaspersky.pro.4.06.+.key.2007.+.servipack.5.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Kinderfield.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Label Printer 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\LabelWidget 1.1.4.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Least Squares Fit Routine 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Macromedia style menu for Dreamweaver 3.0.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MailGuard 1.13.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MakeImg 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mark's Adding Machine 1.30.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Max Secure Spyware Detector 19.0.0.068.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mcafee.Internet.Security.Suite.2006.Italiano+crack.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MegaMID 0.24.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Microsoft Location Finder 2.0.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MS Access Split Fields 7.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MSDict Concise Oxford English Dictionary 3.10.15.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared
2uSmartClient 1.0.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\NanoClock 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Noojee Click 0.5.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\NotesRobot 3.0.0.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\NTI Ninja 2.0.5.19R2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\NumExt - Numbered Tabs 0.3.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\oneBookmarks 1.3.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Opera Password Recovery 4.1.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\OperaCacheView 1.11.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Othello 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Panda.Titanium.2006.Antivirus.+.Antispyware.(EspaÃ±ol-Spanish).Crackeado.By.MenMac.Software.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PDF417 CGI 1.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Phobias 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PhotoToFilm 2.9.0.71.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pinnacle Studio 10.6 Patch.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PIPL 2.50 D.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Plato Video To Pocket PC Converter 5.98.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Portable Flash Wiper 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Portable JkDefrag 3.36.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pregnancy Countdown Widget 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ProStream Browser 1.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Release Your Inner Cupid Screensaver.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\sharedichfeedbutton 0.0.21.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Ruler Opera Widget 1.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Sales Tax Generator 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Scanmetender Standard 3.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Schedules4Team 3.01.0459.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Site Position 3.4.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\SMS Ticker 3.2.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\SMSCountry SMS Mail Box 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\SnapURLs 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\SpeechToolsCenter 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Spyware 3000 1.6.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Srego CE ToolPack ActiveX Control 1.0.0.57.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Starfish Family Mail 1.51.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Stash 1.0.7.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Store 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Students MCQ Manager 1.2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Switch Sound File Converter 1.42.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\The Keys Program 3.1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Time Navigator ScreenSaver 2.3.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tiny Dragon screen saver 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\TOxygenDirectorySpy Component for Borland Delphi 1.6.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Toye Fun 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\TS Tenpin 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\TSOL 2.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\UD Meter 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\UltraCatalog Professional Edition 3.08.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\UNITcalc 1.00.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Wondershare MP4 Video Converter 3.2.54.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\WordReport 2.4.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Xtra Windows Stability 1.1.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Xtreme Blog Hunter 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\YASA AVI WMV MOV VOB to MP3 Converter 2.6 build 048.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ZIPCodeWorld United States Basic Edition November 2006.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Zune Device Diagnostic Tool 1.0.zip (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\drivers\wfsintwq.sys (Rootkit.Bagle) -> No action taken.

Utilisateur anonyme · Answer

Bonjour, relances un scan malwarebytes, complet et quand il aura finit, redémarres le pc et vides la quarantaine
et les nuisibles sont des les dossiers cachés

gen-hackman · Answer

bonjour supprime Malwarebytes de ton ordinnateur

ensuite :

*****************************************************
************** Option 1  (Recherche) **************
*****************************************************


Télécharge FindyKill ( de Chiquitine29) sur ton bureau : 



! Déconnecte toi et ferme toutes applications en cours ! 

* Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut . 

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

* Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
 
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] . 

* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée] 

Laisse travailler l'outil et ne touche à rien ... 

--> Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt ) 
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. 

Aides en images ( Installation ) 
Aides en images ( Recherche )

gen-hackman · Answer

bagle a pu infecter mbam vu que rien na ete supprime je prefere rester sur mes garde quant à la qualite du moment de mbam quitte a le faire retelecharger apres l'execution de FindyTchiki

:)

naiceman · Answer

Voila le rapport

############################## [ FindyKill V4.722 ] 

# User : Administrateur (Administrateurs) # NATHAN
# Update on 03/04/09 by Chiquitine29
# Start at: 15:44:17 | 03/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) XP 2500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Trend Micro Internet Security Pro 17.0.1367 [ Enabled | Updated ]
# FW : Pare-feu personnel Trend Micro[ Enabled ]5.5

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 48,83 Go (6,51 Go free) # NTFS
# D:\ # Disque fixe local # 62,95 Go (16,4 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
 
############################## [ Processus actifs ] 
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Taskix\Taskix32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
C:\WINDOWS\system32\wintems.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
################## [ Processus infectieux stoppés ]  

"C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe"  (1604)
"C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe"  (1616)
"C:\WINDOWS\system32\wintems.exe"  (1744)
 
 
################## [ C:\WINDOWS # C:\WINDOWS\Prefetch ] 
 
Found ! C:\WINDOWS\Prefetch\ 
Found ! C:\WINDOWS\Prefetch\106182671.EXE-2AE64C26.pf 
Found ! C:\WINDOWS\Prefetch\106305140.EXE-377C823B.pf 
Found ! C:\WINDOWS\Prefetch\106486937.EXE-049F04F0.pf 
Found ! C:\WINDOWS\Prefetch\106496796.EXE-0D14938E.pf 
Found ! C:\WINDOWS\Prefetch\106717359.EXE-2A3B56BA.pf 
Found ! C:\WINDOWS\Prefetch\121202625.EXE-2E5F3B59.pf 
Found ! C:\WINDOWS\Prefetch\121323562.EXE-0464A7BE.pf 
Found ! C:\WINDOWS\Prefetch\121429828.EXE-3B87C97F.pf 
Found ! C:\WINDOWS\Prefetch\121438781.EXE-1DD1DB85.pf 
Found ! C:\WINDOWS\Prefetch\121451046.EXE-0A06D5D6.pf 
Found ! C:\WINDOWS\Prefetch\121684609.EXE-1128D2F0.pf 
Found ! C:\WINDOWS\Prefetch\128812.EXE-262EE759.pf 
Found ! C:\WINDOWS\Prefetch\136183484.EXE-3AA2BEA8.pf 
Found ! C:\WINDOWS\Prefetch\136272906.EXE-2FC5C6B6.pf 
Found ! C:\WINDOWS\Prefetch\136382734.EXE-067292AF.pf 
Found ! C:\WINDOWS\Prefetch\136394515.EXE-237B8C71.pf 
Found ! C:\WINDOWS\Prefetch\15306203.EXE-0FF7F0F2.pf 
Found ! C:\WINDOWS\Prefetch\15432921.EXE-38E50AA4.pf 
Found ! C:\WINDOWS\Prefetch\15534187.EXE-0E48F5FD.pf 
Found ! C:\WINDOWS\Prefetch\15549828.EXE-037232BE.pf 
Found ! C:\WINDOWS\Prefetch\15563828.EXE-258F3C78.pf 
Found ! C:\WINDOWS\Prefetch\15793796.EXE-0813E93A.pf 
Found ! C:\WINDOWS\Prefetch\247562.EXE-3B5FC39C.pf 
Found ! C:\WINDOWS\Prefetch\248906.EXE-26B4E940.pf 
Found ! C:\WINDOWS\Prefetch\30263156.EXE-195C5D5C.pf 
Found ! C:\WINDOWS\Prefetch\30384546.EXE-016B3253.pf 
Found ! C:\WINDOWS\Prefetch\30488968.EXE-0C8C40B9.pf 
Found ! C:\WINDOWS\Prefetch\30497203.EXE-1C2AD3F6.pf 
Found ! C:\WINDOWS\Prefetch\30504875.EXE-2028F4A2.pf 
Found ! C:\WINDOWS\Prefetch\30798375.EXE-21954C95.pf 
Found ! C:\WINDOWS\Prefetch\400218.EXE-2C4F2EE0.pf 
Found ! C:\WINDOWS\Prefetch\416703.EXE-16A08910.pf 
Found ! C:\WINDOWS\Prefetch\418953.EXE-191F44C1.pf 
Found ! C:\WINDOWS\Prefetch\427687.EXE-143FC92D.pf 
Found ! C:\WINDOWS\Prefetch\45305000.EXE-1EEE1EB3.pf 
Found ! C:\WINDOWS\Prefetch\45428734.EXE-1D136431.pf 
Found ! C:\WINDOWS\Prefetch\45535203.EXE-306562A3.pf 
Found ! C:\WINDOWS\Prefetch\45547859.EXE-1C502459.pf 
Found ! C:\WINDOWS\Prefetch\45557765.EXE-13992036.pf 
Found ! C:\WINDOWS\Prefetch\45822171.EXE-3A231A30.pf 
Found ! C:\WINDOWS\Prefetch\60414390.EXE-1D17229E.pf 
Found ! C:\WINDOWS\Prefetch\60540328.EXE-10015127.pf 
Found ! C:\WINDOWS\Prefetch\60696781.EXE-1953519C.pf 
Found ! C:\WINDOWS\Prefetch\60724109.EXE-25D35BD9.pf 
Found ! C:\WINDOWS\Prefetch\60746593.EXE-0E6026FB.pf 
Found ! C:\WINDOWS\Prefetch\61105781.EXE-2D60EAC8.pf 
Found ! C:\WINDOWS\Prefetch\75655984.EXE-06932183.pf 
Found ! C:\WINDOWS\Prefetch\75781281.EXE-128C9ACF.pf 
Found ! C:\WINDOWS\Prefetch\75990515.EXE-040E00DF.pf 
Found ! C:\WINDOWS\Prefetch\76006890.EXE-0B3AEBEE.pf 
Found ! C:\WINDOWS\Prefetch\76395843.EXE-372352C9.pf 
Found ! C:\WINDOWS\Prefetch\795453.EXE-2122B54B.pf 
Found ! C:\WINDOWS\Prefetch\90998093.EXE-0D215579.pf 
Found ! C:\WINDOWS\Prefetch\91174015.EXE-30E6DC52.pf 
Found ! C:\WINDOWS\Prefetch\91329187.EXE-2337282A.pf 
Found ! C:\WINDOWS\Prefetch\91349265.EXE-065FA188.pf 
Found ! C:\WINDOWS\Prefetch\91357781.EXE-38E3010C.pf 
Found ! C:\WINDOWS\Prefetch\91698546.EXE-1F1A5452.pf 
Found ! C:\WINDOWS\Prefetch\FLEC006.EXE-0695BA6E.pf 
Found ! C:\WINDOWS\Prefetch\IAUPATCH.EXE-0E82CE7C.pf 
Found ! C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf 
Found ! C:\WINDOWS\Prefetch\SERIAL.EXE-2EFE4921.pf 
Found ! C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf 
 
################## [ C:\WINDOWS\System32 # C:\WINDOWS\System32\drivers ] 
 
Found ! C:\WINDOWS\system32\mdelk.exe 
Found ! C:\WINDOWS\system32\wintems.exe 
Found ! C:\WINDOWS\system32\ban_list.txt 
 
################## [ C:\Documents and Settings\Administrateur\Application Data ] 
 
 
################## [ C:\Documents and Settings\Administrateur...\Temp Files... ] 
 
Found !    
Found ! Console - Windows Trust 2.00   
Found ! (c) 2007-2008  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[5].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_2[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_2[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_2[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[5].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[6].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[7].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[8].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_6[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\mxd[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_2[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_3[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_3[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_3[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_3[5].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_6[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_6[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\mxd[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\mxd[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_1[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_2[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_2[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_6[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_6[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\file[1].txt  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\mxd[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\mxd[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[5].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_1[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_1[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_2[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_2[5].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_2[6].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[4].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[5].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[6].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[3].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[6].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\mxd[1].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\mxd[2].jpg  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\servernames[1].htm  
Found ! C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\servernames[2].htm  
Found !    
Found ! Console - Windows Trust 2.00   
Found ! (c) 2007-2008  
 
################## [ Registre / Clés infectieuses ] 
 
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Local AppWizard-Generated Applications\serial  
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Local AppWizard-Generated Applications\winupgro  
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\bisoft  
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\DateTime4  
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\FFC  
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\FirtR  
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\MuleAppData  
Found ! HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial  
Found ! HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S  
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S  
Found ! HKEY_CURRENT_USER\Software\bisoft  
Found ! HKEY_CURRENT_USER\Software\DateTime4  
Found ! HKEY_CURRENT_USER\Software\FirtR  
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"drvsyskit" 
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\"drvsyskit"  
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"german.exe" 
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\"german.exe"  
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"mule_st_key" 
Found ! HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\"mule_st_key"  
 
# (!) HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
 
################## [ Recherche dans supports amovibles] 
 
# Recherche fichiers connus : 

Found ! C:\Avenger 
 
################## [ Registre / Mountpoint2 ] 
 
# -> Not found !  
 
################## [ ! Fin du rapport # FindyKill V4.722 ! ]

naiceman · Answer

Voici le rapport ;

############################## [ FindyKill V4.722 ] 

# User : Administrateur (Administrateurs) # NATHAN
# Update on 03/04/09 by Chiquitine29
# Start at: 15:50:14 | 03/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) XP 2500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Trend Micro Internet Security Pro 17.0.1367 [ Enabled | Updated ]
# FW : Pare-feu personnel Trend Micro[ Enabled ]5.5

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 48,83 Go (6,51 Go free) # NTFS
# D:\ # Disque fixe local # 62,95 Go (16,4 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
 
############################## [ Processus actifs ] 
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Taskix\Taskix32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
################## [ Processus infectieux stoppés ]

gen-hackman · Answer

possible de l avoir entier ?

naiceman · Answer

j ai ete dans c/ findykill.txt ya rien d autre il ny a pas de suite

gen-hackman · Answer

fais comme ceci :

Ctrl + A ,pour tout selectionner

Ctr + C pour copier

Ctrl + V pour coller

naiceman · Answer

############################## [ FindyKill V4.722 ] 

# User : Administrateur (Administrateurs) # NATHAN
# Update on 03/04/09 by Chiquitine29
# Start at: 15:50:14 | 03/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) XP 2500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Trend Micro Internet Security Pro 17.0.1367 [ Enabled | Updated ]
# FW : Pare-feu personnel Trend Micro[ Enabled ]5.5

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 48,83 Go (6,51 Go free) # NTFS
# D:\ # Disque fixe local # 62,95 Go (16,4 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
 
############################## [ Processus actifs ] 
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Taskix\Taskix32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
################## [ Processus infectieux stoppés ]  

 j ai fais comme tu me la demande

naiceman · Answer

j ai rien d autre que dois je faire svp ?

gen-hackman · Answer

ok essaie de le relancer en mode sans echec stp

naiceman · Answer

Oulaaaaa en mode sans echec l ecran devien bleu avec une notification un probleme et survenue si c la premiere fois redemarer a nouveau sinon merci de supprimer les virus et faire une verif systeme apres je trouve;

Information technique 

*** STOP:0x0000007B(0XF7A86528,C0000034,0X00000000,0X00000000)

par contre en mode normal j ai reussi a redemarer puisque je te repond encore

gen-hackman · Answer

ok reessaie avec Malwarebytes mais de cette maniere en suivant bien les indications toutes les indications (surtout celles en caractère gras )


Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.



Télécharges :
Malwarebytes  ou  :
Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :


( cela dis, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

naiceman · Answer

et voila monsieur merci pour ta patience je te laisse voir le rapport

Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1937
Windows 5.1.2600 Service Pack 3

03/04/2009 17:40:40
mbam-log-2009-04-03 (17-40-40).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 123578
Temps écoulé: 30 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa (Rootkit.Bagle) -> Delete on reboot.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Rootkit.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Rootkit.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Rootkit.Bagle) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\drivers\srosa2.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Administrateur\Application Data\drivers\wfsintwq.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.

gen-hackman · Answer

magnifique relance findykill option 2 et essaie de nous avoir un rapport stp complet il se nommera findykill(2 ou 3).txt

naiceman · Answer

oups j avais oublier le fichier COMCTL32.OCX

j ai repris tes indication a la lettre et ressorti le nouveau rapport 

Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1937
Windows 5.1.2600 Service Pack 3

03/04/2009 18:29:28
mbam-log-2009-04-03 (18-29-28).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 123812
Temps écoulé: 31 minute(s), 38 second(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 133

Processus mémoire infecté(s):
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa (Rootkit.Bagle) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Trojan.Spammer) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Application Data\drivers\srosa2.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\2_[PC.-.ITA].CRACK.registrazione.di.30.anni.di.Norton.Antivirus.2004.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\AbleHide 3.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ActiveTcl 8.5.2.0.284846.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Analyse-it for Microsoft Excel 1.62.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Andrew Vector Plugins Volume 12 ShapeFX1 For Illustrator PC 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\anti-virus.McaFee.8.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\AntiSpam 2.36.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Anywhere Media Player 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Ap PDF Stamp 3.1 2007.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Bad Future 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Barium (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Baseball Mafia 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Bayside Sniper II 3.05.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Beautiful Earth 6.4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\BeeMouse (f) 0.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Blueorganizer 3.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Calculatorium 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Christmas Time 3D Screensaver 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\CoLT 2.4.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\CPU Moniter Plus 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Crack.Avg.Anti-virus.7.1.362.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Data Center Audit 2.6.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Database Applet 1.4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Desktop Maintainer 1.00.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Document Repository System 0.10.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DotFix NiceProtect 3.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Drive Scan Space 1.0 Build 200612271940.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Dronebox 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\DrWeb.4.33.PL.i.EN.+key.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ECOLOTOFOOT 3.78.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\eDrum MIDI Mapper 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Eltima SWF Decompiler 2.9.9.360.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Employee Project Clock 6.04.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\EMS DB Extract for SQL Server 2.2.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\eXMLGrid 4.0.0.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\F-Prot.Antivirus.para.Windows.3.14a.espaÃ±ol.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\File ArchiveRescue Professional 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FilterExplorer 1.7.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FireGPG 0.6.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Floral Designs 3 Screensaver.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FontSaver 1.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Fox FM Radio 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\FTP Password Recovery Wizard 1.1.0.45.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\GBookmarks via Right Click 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Gibe.C Remover 3.5.1.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Halloween Night Clock Screen Saver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\HighLightURLs 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\History Search Sorted 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Home Movie Library Database 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Intel Application Accelerator 2.30.2164 Final.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ISTool 5.16.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\jQueryMenu 1.3.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\JSIM-51 4.05.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Jupiter 8V 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Leet Translator 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Lotto Pyramid 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Magic Photo Editor 4.81.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Math Games Multiplication 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MB4-211 Practice Exam Testing Software 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mcafee.Internet.Security.Suite.9.-.8.In.1.-.2007.Full.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MCS Uninstaller 2008 1.39.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Meta Tag Generator 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Midi2Wav Recorder 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MITCalc - Beam 1.15.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mobile Suit Z Gundam - Hot Scramble (J.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\MX Photo Downloader 1.0.477.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\My Revocable Days 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Netpas Estimator 2005 build 0163.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Nicera Screen Capture 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Nod32.v2.50.32.Italiano.Crack.updated-fixed.Release.12-2006.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Nokia Motorola Siemens 128x128 128x160.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Numera 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Outlook Cleaner 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Panda.Titanium.Antivirus.2005.v4.00.00.Multilingual.Retail.WinALL-F4CG.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\pdated-fixed.11-2006.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PDFTK Builder 3.5.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pengsdata File Sorter & Filter Personal Edition 3.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PES2008 Nokia E65 Nokia N95.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PhotoMix Collage 5.3.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\phpMySQLAutoBackup 0.3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pope John Paul II Tribute 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PopUpCop 2.6.0.21.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Portable EF Duplicate Files Manager 5.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Power Play 1.0.6.2634.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\PrintOnImage 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Quick HTML Color Picker 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\rebuilt.Nod32.Antivirus.-.EspaÃ±ol.Cracks.Con.Actualizacion.Infinita-2000-Xp.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ReconServer 1.14.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Remote Assistance Helper 2.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Resource Grabber Opera Widget 1.61.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Rich-N-R 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\RingTone Widget 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Samurai 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Schedule Equipment to Batch Jobs 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Scuttlebutt 1.12.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Seamless Texture Creator 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\seesmic sidebar 0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Shane's X10 Controller 0.95b Beta.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\SignGen 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Sippax 2.3.6.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\SmartDeNoiser 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Smiley Xtra 5.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ThreatFire (formerly Cyberhawk) 4.0.0.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tiger JMail 1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tomtom Mobile 2007 6600.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\TR Clock Screensaver 2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tried Tool Antivirus Protection 3.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tweak Revisited 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ViArt Shop Free Shopping Cart 3.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\VideoTyrant 0.5.3.7.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ViewSourcey 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Visual Basic 2005 XML comment checker 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\W32.Mydoom.A Cleaning Utility 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Weather Underground 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\WebbyFiles (Java Edition) 1.0f.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Welcome Message 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Wikipedia Image of the Day 1.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Xaml View 1.0.0.0 Alpha.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\XMLStomper 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\xp style icons Free.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\ZoooS Office 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\Zune Video Converter 6.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\[HGame_XP][AVG][jpn_jpn][æ„›ã®ãƒã‚«ãƒ©].zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\[PROGRAMMA].AVG.Internet.Security.v7.5.432a867.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\drivers\wfsintwq.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.

gen-hackman · Answer

Arrête de t'enflammer à faire n'importe quoi et lis stp

naiceman · Answer

ok desole voici le rapport

############################## [ FindyKill V4.722 ] 

# User : Administrateur (Administrateurs) # NATHAN
# Update on 03/04/09 by Chiquitine29
# Start at: 18:54:45 | 03/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) XP 2500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Trend Micro Internet Security Pro 17.0.1367 [ Enabled | Updated ]
# FW : Pare-feu personnel Trend Micro[ Enabled ]5.5

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 48,83 Go (6,08 Go free) # NTFS
# D:\ # Disque fixe local # 62,95 Go (16,4 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
 
############################## [ Processus actifs ] 
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Taskix\Taskix32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
################## [ Processus infectieux stoppés ]  

"C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe"  (1792)
"C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe"  (2848)
"C:\WINDOWS\system32\wintems.exe"  (2088)
 
je tien a pressise qu au moment ou il redemare je vois uniquement l image fond d ecran et plus aucun icone sur le bureau ni barre ni plus rien et a ce moment je suis obliger de redemarer pour revoir les icone normalement et pouvoir a nouveau te repondre en te joignant ce rapport

gen-hackman · Answer

je comprends que les rapports soient incomplets si tu ne laisses pas travaimller les outils jusqu'au bout !!!

t'es préssé ? t 'as un train a prendre ?

Télécharge Superantispyware (SAS) 

Choisis "enregistrer" et enregistre-le sur ton bureau. 

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions. 

Créé une icône sur le bureau. 

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer. 

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes. 
- Sous Configuration and Preferences, clique sur le bouton "Preferences" 
- Clique sur l'onglet "Scanning Control " 
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée : 

Close browsers before scanning 
Scan for tracking cookies 
Terminate memory threats before quarantining 
- Laisse les autres lignes décochées. 

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle. 

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer". 

Dans la colonne de gauche, coche C:\Fixed Drive. 

Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan" 

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan. 

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK. 

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next". 

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes. 

Pour recopier les informations sur le forum, fais ceci : 

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS. 
- Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ". 
- Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log. 

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut. 

- Copie son contenu dans ta réponse. 


Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.

Utilisateur anonyme · Answer

Salut , 

Je passe rapido ,

722 a été retiré .... le mieux et de désinstaller fyk et de telecharger 721 ...

gen-hackman · Answer

ok merci Tchiki

naiceman · Answer

encore desole ...

Bon

j ai fait comme tu ma dis j ai telecharger le lien pour superantispyware il charge l icone apparait sur mon bureau mais au moment ou je click dessus il me dis n est pas une application win32 valide.

je suis a la lettre ce que tu dit

gen-hackman · Answer

ok alors petit rattrappage de derniere minute :

desinstalle Findykill et retétécharge-le puis repasses l'option 1 stp

la derniere version a un petit bug et une version de remplacement vient d'etre mise dispo  

Merci pour Chiquitine29

naiceman · Answer

bien voici monsieur

############################## [ FindyKill V4.721 ] 

# User : Administrateur (Administrateurs) # NATHAN
# Update on 29/03/09 by Chiquitine29
# Start at: 19:40:02 | 03/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) XP 2500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Trend Micro Internet Security Pro 17.0.1367 [ Enabled | Updated ]
# FW : Pare-feu personnel Trend Micro[ Enabled ]5.5

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 48,83 Go (6,1 Go free) # NTFS
# D:\ # Disque fixe local # 62,95 Go (16,4 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque CD-ROM
 
############################## [ Processus actifs ] 
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Taskix\Taskix32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
################## [ Processus infectieux stoppés ]  
 
"C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe"  (1516)
"C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe"  (2680)
"C:\WINDOWS\system32\wintems.exe"  (2020)
 
################## [ Fichiers / Dossiers infectieux C:\ ] 
 
Found ! - "C:\Avenger" 
 
################## [ C:\WINDOWS & C:\WINDOWS\Prefetch ] 
 
Found ! - C:\WINDOWS\prefetch\  
Found ! - C:\WINDOWS\prefetch\Console - Windows Trust 2.00  
Found ! - C:\WINDOWS\prefetch\(c) 2007-2008 
Found ! - C:\WINDOWS\prefetch\106182671.EXE-2AE64C26.pf 
Found ! - C:\WINDOWS\prefetch\106305140.EXE-377C823B.pf 
Found ! - C:\WINDOWS\prefetch\106486937.EXE-049F04F0.pf 
Found ! - C:\WINDOWS\prefetch\106496796.EXE-0D14938E.pf 
Found ! - C:\WINDOWS\prefetch\106717359.EXE-2A3B56BA.pf 
Found ! - C:\WINDOWS\prefetch\121202625.EXE-2E5F3B59.pf 
Found ! - C:\WINDOWS\prefetch\121323562.EXE-0464A7BE.pf 
Found ! - C:\WINDOWS\prefetch\121429828.EXE-3B87C97F.pf 
Found ! - C:\WINDOWS\prefetch\121438781.EXE-1DD1DB85.pf 
Found ! - C:\WINDOWS\prefetch\121451046.EXE-0A06D5D6.pf 
Found ! - C:\WINDOWS\prefetch\121684609.EXE-1128D2F0.pf 
Found ! - C:\WINDOWS\prefetch\128812.EXE-262EE759.pf 
Found ! - C:\WINDOWS\prefetch\136183484.EXE-3AA2BEA8.pf 
Found ! - C:\WINDOWS\prefetch\136272906.EXE-2FC5C6B6.pf 
Found ! - C:\WINDOWS\prefetch\136382734.EXE-067292AF.pf 
Found ! - C:\WINDOWS\prefetch\136394515.EXE-237B8C71.pf 
Found ! - C:\WINDOWS\prefetch\15306203.EXE-0FF7F0F2.pf 
Found ! - C:\WINDOWS\prefetch\15432921.EXE-38E50AA4.pf 
Found ! - C:\WINDOWS\prefetch\15534187.EXE-0E48F5FD.pf 
Found ! - C:\WINDOWS\prefetch\15549828.EXE-037232BE.pf 
Found ! - C:\WINDOWS\prefetch\15563828.EXE-258F3C78.pf 
Found ! - C:\WINDOWS\prefetch\15793796.EXE-0813E93A.pf 
Found ! - C:\WINDOWS\prefetch\247562.EXE-3B5FC39C.pf 
Found ! - C:\WINDOWS\prefetch\248906.EXE-26B4E940.pf 
Found ! - C:\WINDOWS\prefetch\30263156.EXE-195C5D5C.pf 
Found ! - C:\WINDOWS\prefetch\30384546.EXE-016B3253.pf 
Found ! - C:\WINDOWS\prefetch\30488968.EXE-0C8C40B9.pf 
Found ! - C:\WINDOWS\prefetch\30497203.EXE-1C2AD3F6.pf 
Found ! - C:\WINDOWS\prefetch\30504875.EXE-2028F4A2.pf 
Found ! - C:\WINDOWS\prefetch\30798375.EXE-21954C95.pf 
Found ! - C:\WINDOWS\prefetch\400218.EXE-2C4F2EE0.pf 
Found ! - C:\WINDOWS\prefetch\416703.EXE-16A08910.pf 
Found ! - C:\WINDOWS\prefetch\418953.EXE-191F44C1.pf 
Found ! - C:\WINDOWS\prefetch\427687.EXE-143FC92D.pf 
Found ! - C:\WINDOWS\prefetch\45305000.EXE-1EEE1EB3.pf 
Found ! - C:\WINDOWS\prefetch\45428734.EXE-1D136431.pf 
Found ! - C:\WINDOWS\prefetch\45535203.EXE-306562A3.pf 
Found ! - C:\WINDOWS\prefetch\45547859.EXE-1C502459.pf 
Found ! - C:\WINDOWS\prefetch\45557765.EXE-13992036.pf 
Found ! - C:\WINDOWS\prefetch\45822171.EXE-3A231A30.pf 
Found ! - C:\WINDOWS\prefetch\60414390.EXE-1D17229E.pf 
Found ! - C:\WINDOWS\prefetch\60540328.EXE-10015127.pf 
Found ! - C:\WINDOWS\prefetch\60696781.EXE-1953519C.pf 
Found ! - C:\WINDOWS\prefetch\60724109.EXE-25D35BD9.pf 
Found ! - C:\WINDOWS\prefetch\60746593.EXE-0E6026FB.pf 
Found ! - C:\WINDOWS\prefetch\61105781.EXE-2D60EAC8.pf 
Found ! - C:\WINDOWS\prefetch\75655984.EXE-06932183.pf 
Found ! - C:\WINDOWS\prefetch\75781281.EXE-128C9ACF.pf 
Found ! - C:\WINDOWS\prefetch\75990515.EXE-040E00DF.pf 
Found ! - C:\WINDOWS\prefetch\76006890.EXE-0B3AEBEE.pf 
Found ! - C:\WINDOWS\prefetch\76395843.EXE-372352C9.pf 
Found ! - C:\WINDOWS\prefetch\795453.EXE-2122B54B.pf 
Found ! - C:\WINDOWS\prefetch\90998093.EXE-0D215579.pf 
Found ! - C:\WINDOWS\prefetch\91174015.EXE-30E6DC52.pf 
Found ! - C:\WINDOWS\prefetch\91329187.EXE-2337282A.pf 
Found ! - C:\WINDOWS\prefetch\91349265.EXE-065FA188.pf 
Found ! - C:\WINDOWS\prefetch\91357781.EXE-38E3010C.pf 
Found ! - C:\WINDOWS\prefetch\91698546.EXE-1F1A5452.pf 
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0695BA6E.pf 
Found ! - C:\WINDOWS\prefetch\IAUPATCH.EXE-0E82CE7C.pf 
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf 
Found ! - C:\WINDOWS\prefetch\SERIAL.EXE-2EFE4921.pf 
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf 
 
################## [ C:\WINDOWS\system32 ] 
 
Found ! - C:\WINDOWS\system32\mdelk.exe 
Found ! - C:\WINDOWS\system32\wintems.exe 
Found ! - C:\WINDOWS\system32\ban_list.txt 
 
################## [ C:\WINDOWS\system32\drivers ] 
 
 
################## [ C:\.. Application Data ... ] 
 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\m\list.oct" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\m\data.oct" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\m\shared" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\m" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\drivers" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\drivers\srosa2.sys" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\drivers\wfsintwq.sys" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe" 
Found ! - "C:\Documents and Settings\Administrateur\Application Data\drivers\downld" 
 
################## [ C:\Users...\Temp Files... ] 
 
Found ! -    
Found ! - Console - Windows Trust 2.00   
Found ! - (c) 2007-2008  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64[4].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_1[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_2[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_2[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[5].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[7].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_3[8].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_6[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_6[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\b64_6[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\13ZWA7W2\servernames[1].htm  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_3[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_3[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_6[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_6[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\b64_6[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\file[1].txt  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\mxd[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\2GS3ZODZ\mxd[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_2[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_2[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_2[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[5].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_3[6].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_6[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\b64_6[4].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\mxd[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\mxd[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FWAGC44L\mxd[4].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[4].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64[5].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_1[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_2[1].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_2[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_2[6].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[5].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_3[7].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[3].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\b64_6[6].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\mxd[2].jpg  
Found ! - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\PM9R0IVB\servernames[1].htm  
Found ! -    
Found ! - Console - Windows Trust 2.00   
Found ! - (c) 2007-2008  
 
################## [ Registre / Clés infectieuses ] 
 
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Local AppWizard-Generated Applications\serial  
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Local AppWizard-Generated Applications\winupgro  
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\bisoft  
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\DateTime4  
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\FFC  
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\FirtR  
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\MuleAppData  
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial  
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S  
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S  
Found ! - HKEY_CURRENT_USER\Software\bisoft  
Found ! - HKEY_CURRENT_USER\Software\DateTime4  
Found ! - HKEY_CURRENT_USER\Software\FirtR  
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"drvsyskit" 
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\"drvsyskit" 
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"german.exe" 
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\"german.exe" 
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"mule_st_key" 
Found ! - HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\"mule_st_key" 
 
# HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
 
################## [ Recherche dans supports amovibles] 
 
# Présence des fichiers : 

 
################## [ Registre / Mountpoint2 ] 
 
# -> Not found !  
 
################## [ ! Fin du rapport # FindyKill V4.721 ! ]

gen-hackman · Answer

ok j'ai vu impec :

maintenant l'option 2 sans oublier de tout brancher (mp3 , mp4 , appareil photo , disk dur externe , clé usb , frigo , cuisiniere , je décone ;))

naiceman · Answer

bon apparament il y as un bug je laisse ton outil travailler longtemp mais rien ne se passe et quand au bout de 20 mins j appui sur ok le programe se lance redemare le pc et me connecte sur l image de fond sans les icones du bureau j ai fais donc control alt sup puis lancer explorer pour venir te glisser ce message mais j ai pas redemarer a nouveau peut tu me dire ce que je dois faire ou alors s il faut patienter plus de 20 mins quand la fenetre demande de clicker sur ok ou apres le redemarage? je pete un plomb la desole pourtant je reste patient

gen-hackman · Answer

Ok ca vient pas que de là  ....bien infecté en plus (GRRR!!!  les cracks)!!!


Télécharge SDFix sur ton bureau : 
ici :SDFix 
ou ici SDFix 
ou ici SDFix 

--> Double-clique sur SDFix.exe et choisis "Install" . 

Tuto 

Puis une fois l'installe faite , 

Impératif : Démarrer en mode sans echec . 

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\ 

Comment aller en Mode sans échec : 
1) Redémarre ton ordi . 
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" . 
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage . 
4) Choisis la première option : Sans Échec , et valide en tapant sur [Entrée] . 
5) Choisis ton compte habituel ( et pas Administrateur ). 
attention : pas de connexion possible en mode sans échec , donc copie ou imprime bien la manipe pour éviter les erreurs ... 


Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer l'outil . 
-->Tapes Y pour lancer le script ... 
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc : 
presses une touche pour redémarrer quand il te le sera demandé . 

Le PC va mettre du temps avant de démarrer ( c'est normal ), après le chargement du Bureau presses une touche lorsque "Finished" s'affiche . 

Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier 
C:\SDFix sous le nom "Report.txt". 

Poste ce dernier dans ta prochaine réponse

Si SDfix ne se lance pas (ça arrive!) 

* Démarrer->Exécuter 

* Copie/colle ceci : 

%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe 

* Clique sur ok, et valide. 

* Redémarre et essaye de nouveau de lancer SDfix.

naiceman · Answer

le mode sans echec ne fonctionne pas il m indique la meme erreur technique ***STOP 0X0000007B...

gen-hackman · Answer

Télécharge SafeBoot_SP3


enregistre sur ton bureau.

clic droit/Extraire ici,
double-clique sur la clé de registre 
acceptes en confirmant l'integration des donnes dans le registre

supprime SafeBoot_XP_SP3.zip et SafeBoot_XP_SP3.reg

ensuite :redémarres et dans la foulée retente SDFix en mode sans echec sans la foulée

naiceman · Answer

comment faire pour acceptes en confirmant l'integration des donnes dans le registre ?

parce que j ai double clicker sur la cle de registre et ca m ouvre un bloc not avec plein d info dessus

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Networkdpcdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Networkdpdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Networkdpwd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Networkdsessmgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network	dpipe.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network	dtcp.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network	ermservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Net"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="NetClient"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="NetService"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
@="NetTrans"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

gen-hackman · Answer

ok autant pour moi 

en haut a gauche du bloc note > onglet fichier

enregistrer sous ....."SP3.reg" sur le bureau

cela va creer une clé de registre

double clic dessus et acceptes

Edit 21.18 : je viens de retester et ca marche !!

naiceman · Answer

donc la manip c ete inscrire ... il ma bien confirmer que ca c est enregistrer dans le registre mais apres un redemarage f8 rien ne change ecran bleu et meme erreur JE PETE UN PLOMB LA!

gen-hackman · Answer

donc il va falloir trouver une solution en mode normal quoi !ca laisse plus à reflchir !

naiceman · Answer

je me demande si c pas un conflit logiciel je vais chercher de mon coter et je te tien au courrant aussi Merci pour ta patience merci beaucoup

gen-hackman · Answer

un conflit logiciel qui empeche le sans echec !!! ...

naiceman · Answer

Bonjour,
revenon a nos mouton j ai des mises a jours microsoft critique qui ne se metes pas a jours

gen-hackman · Answer

hello :


Télécharge DAFT ! :

    * Sauvegarde-le sur ton Bureau.
    * Dézippe le dossier le contenant (clic droit , extraire ici)
    * Double-clique sur l'icône de DAFT se trouvant dans son dossier dézippé, présent sur ton bureau.
    * Clique sur le bouton Scan.
    * Sélectionne tout ce qui apparaît.
    * Clique sur le bouton Fix.
    * Ensuite relance DAFT. Si tout est OK, un message du type "All associations are OK" devrait apparaître.
    * Ferme DAFT.

ensuite :

Dial-a-fix

coche tout et GO et laisse travailler

SOS TROJ_BAGLE.AO,POSSIBLE_DLDER,MAL-MLWR1

37 réponses

Discussions similaires

Newsletters