virus wfsintwq aidez moi Résolu/Fermé

Question

Bonjour,
j'ai découvert que j'avait un virus wfsintwq 
pouvez m'aidez a le faire disparaitre 
j ai executer FindyKil et voici le raport 

############################## | FindyKill V5.037 | 

# User : Administrateur (Administrateurs) # HP19152189591 
# Update on 18/02/2010 by El Desaparecido 
# Start at: 14:02:06 | 01/03/2010 
# Website : http://pagesperso-orange.fr/NosTools/index.html 
# Contact : FindyKill.Contact@gmail.com 

# AMD Athlon(tm) Dual Core Processor 5400B 
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 
# Internet Explorer 8.0.6001.18702 
# Windows Firewall Status : Enabled 
# AV : Total Protection 4.9.0.340 [ Enabled | Updated ] 

# C:\ # Disque fixe local # 232,88 Go (98,1 Go free) # NTFS 
# D:\ # Disque CD-ROM # 4,34 Go (0 Mo free) [Sims2DoubleDeluxe] # UDF 
# E:\ # Disque amovible 
# I:\ # Disque amovible 

############################## | Processus actifs | 

C:\WINDOWS\System32\smss.exe 
C:\WINDOWS\system32\csrss.exe 
C:\WINDOWS\system32\winlogon.exe 
C:\WINDOWS\system32\services.exe 
C:\WINDOWS\system32\lsass.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\System32\svchost.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\system32\spoolsv.exe 
C:\WINDOWS\Explorer.EXE 
C:\Program Files\SiteAdvisor\6173\SiteAdv.exe 
C:\WINDOWS\system32\RUNDLL32.EXE 
C:\WINDOWS\system32\ctfmon.exe 
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\system32
vsvc32.exe 
C:\Program Files\PDF Complete\pdfsvc.exe 
C:\Program Files\SiteAdvisor\6173\SAService.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\wintems.exe 
C:\Program Files\Microsoft Office\Office\WINWORD.EXE 
C:\Program Files\Internet Explorer\IEXPLORE.EXE 
C:\Program Files\Internet Explorer\IEXPLORE.EXE 
D:\Autorun.exe 
C:\WINDOWS\system32\wbem\wmiprvse.exe 

############################## | Processus infectieux stoppés | 

"C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe" (1972) 
"C:\WINDOWS\wintems.exe" (3448) 

################## | C: | 

D:\autorun.inf 

################## | C:\WINDOWS | 

C:\WINDOWS\ban_list.txt 
C:\WINDOWS\mdelk.exe 
C:\WINDOWS\wintems.exe 

################## | C:\WINDOWS\Prefetch | 

C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf 
C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf 

################## | C:\WINDOWS\system32 | 

C:\WINDOWS\system32\srosa2.sys 
C:\WINDOWS\system32\wfsintwq.sys 

################## | C:\WINDOWS\system32\drivers | 


################## | C:\Documents and Settings\Administrateur\Application Data | 

C:\Documents and Settings\Administrateur\Application Data\drivers 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\100203.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\100750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\101218.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\101687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\101796.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\101921.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102093.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102265.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102375.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102500.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102562.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102671.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102765.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\102875.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\104765.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\106062.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\106453.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\106843.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\107109.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\107343.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\107687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\108593.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\108734.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\108875.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\109531.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\110093.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\110359.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\110640.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\112234.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\114593.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\114906.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\115265.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\115328.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\115406.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\115812.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\116218.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\116328.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\116437.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\116578.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\116750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\116906.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\117046.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\117187.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\117375.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\117500.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\41562.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\41828.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\42093.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\44703.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\45062.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\45687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\49734.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\50015.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\50453.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\50562.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\50671.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\50781.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\50906.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\51046.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\51312.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\51828.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\52359.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\52515.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\52656.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\53390.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\54234.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\54828.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\55406.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\55546.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\55703.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\55796.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\55937.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\56812.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\57640.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\57796.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\57984.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\58093.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\58203.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\58625.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\59125.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\59218.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\59359.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\59515.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\59718.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\61203.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\62546.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\62718.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\62890.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\63343.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\63687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\64203.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\64750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\64968.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\65187.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\65296.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\65421.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\65687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\65984.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\66750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\67562.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\70343.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\70453.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\70625.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\70812.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\70921.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\71046.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\71265.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\71390.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\71687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\72062.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\72375.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\72687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\74750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\76062.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\76828.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\77593.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\77734.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\77890.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78031.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78218.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78359.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78453.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78578.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\78875.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\79031.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\79203.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\82390.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\82671.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\82984.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\83406.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\83843.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\84390.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\84921.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\85453.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86015.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86125.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86265.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86390.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86546.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86750.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\86968.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\87281.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\87640.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\88406.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\89203.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\89281.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\89406.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\89531.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\89671.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\90468.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\91265.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\91453.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\91687.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\91843.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\92031.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\92171.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\92343.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\92796.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\94265.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\95062.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\95625.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\95734.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\95875.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\96015.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\96125.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\97312.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\98421.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\99015.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\downld\99671.exe 
C:\Documents and Settings\Administrateur\Application Data\drivers\winupgro.exe 

################## | Temporary Internet Files | 


################## | Registre | 

[HKLM\SYSTEM\CurrentControlSet\Services\srosa] 
[HKLM\SYSTEM\ControlSet001\Services\srosa] 
[HKLM\SYSTEM\ControlSet002\Services\srosa] 
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA] 
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA] 
[HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA] 
[HKCU\Software\bisoft] 
[HKCU\Software\DateTime4] 
[HKCU\Software\WS4001] 
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit" 
[HKU\S-1-5-21-1353277950-2612609428-1979475589-500\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit" 
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe" 
[HKU\S-1-5-21-1353277950-2612609428-1979475589-500\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe" 
[HKU\S-1-5-21-1353277950-2612609428-1979475589-500\Software\bisoft] 
[HKU\S-1-5-21-1353277950-2612609428-1979475589-500\Software\DateTime4] 
[HKCU\Software\Local AppWizard-Generated Applications\key_gen] 
[HKCU\Software\Local AppWizard-Generated Applications\winupgro] 
[HKU\S-1-5-21-1353277950-2612609428-1979475589-500\Software\Local AppWizard-Generated Applications\key_gen] 
[HKU\S-1-5-21-1353277950-2612609428-1979475589-500\Software\Local AppWizard-Generated Applications\winupgro] 

################## | Etat | 

# Affichage des fichiers cachés : OK 

Clé manquante : HKLM\...\SafeBoot | Mode sans echec non fonctionnel ! 

# (!) Ndisuio -> Start = 4 ( Good = 3 | Bad = 4 ) 
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 ) 
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 ) 
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 ) 
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 ) 
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 ) 

################## | ! Fin du rapport # FindyKill V5.037 ! | 

merci je suprime sé sa?????,

micka24000 · Answer

Oui suprime le, parcontre moi je te conseille vivement de telegarger avast cest le meilleur antivirus et il est plus sinple. cest un conseille apre a toi de voire.

Virus wfsintwq aidez moi

1 réponse

Discussions similaires