Sujet Précédent Sujet Suivant

Ashavast.exe n'est pas une application win32

Résolu/Fermé
askemi - 20 avril 2010 à 08:34
 askemi - 24 avril 2010 à 23:51
bonjour à tous

en allumant mon ordi ce mation voila le message qu il m indiquait:
Ashavast.exe n'est pas une application win32 valide

Pourriez vous m'aider svp
Il ne veut meme plus lancer msn messenger

34 réponses

  • 1
  • 2
Réponse 1 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 avril 2010 à 19:46
tres jolie infection bagle

tu peux immédiatement supprimer le crack qui t'a fait ca et les autres

le rapport n'est pas complet car trop long surement

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport C:\FindyKill.txt

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message


si soucis avec ci joint. fr => utiliser https://www.cjoint.com/
1
Réponse 2 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 avril 2010 à 09:07
bonjour

* Téléchargez FindyKill sur le Bureau.

http://pagesperso-orange.fr/NosTools/Chiquitine29/Setup.exe

Mirroir :

http://findykill.changelog.fr/Setup.exe

* Double-cliquez sur FindyKill présent sur le Bureau.

* Choisissez l'option 1 (Recherche).

* Laissez travailler l'outil.

* Ensuite postez le rapport FindyKill.txt qui apparaîtra (si vous avez créé un sujet sur un forum pour vous faire aider).

* Note : Le rapport FindyKill.txt est sauvegardé à la racine du disque (C:\FindyKill.txt).

(CTRL+A pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

* Tuto : http://pagesperso-orange.fr/NosTools/index.html


0
Réponse 3 / 34
askemi
20 avril 2010 à 19:26
############################## | FindyKill V5.038 |

# User : JEROME (Administrateurs) # MODINO-FD3E76B5
# Update on 15/03/2010 by El Desaparecido
# Start at: 18:40:08 | 20/04/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1368 [VPS 100419-0] 4.8.1368 [ (!) Disabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 465,75 Go (338,76 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

############################## | Processus infectieux stoppés |

"C:\Documents and Settings\JEROME\Application Data\drivers\winupgro.exe" (516)
"C:\Documents and Settings\JEROME\Application Data\m\flec006.exe" (3744)
"C:\WINDOWS\wintems.exe" (3780)
"C:\Documents and Settings\JEROME\Application Data\hidires\flec003.exe" -run (580)

################## | Eléments infectieux |

C:\WINDOWS\ban_list.txt
C:\WINDOWS\mdelk.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\system32\srosa2.sys
C:\WINDOWS\system32\wfsintwq.sys
C:\Documents and Settings\JEROME\Application Data\drivers
C:\Documents and Settings\JEROME\Application Data\drivers\downld
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15140156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15140437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15140796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15140984.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15141234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15141562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15144484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15148296.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15149343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15149734.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15150406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15150921.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15151125.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15151328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15151546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15151750.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15152593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15153218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15165843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15166968.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15167609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15168437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15169062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15169312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15169531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15169656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15169843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15171156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15172031.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15172203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15172437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15172640.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15172843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15173531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15173984.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15174187.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15174390.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15174546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15174765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15176312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15177578.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15177812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15178281.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15178812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15179218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15180125.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15180812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15181156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15181453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15181796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15182000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15184000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15184453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15185859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15186828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15186953.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15187140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15187437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15187703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15188968.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15189171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15189421.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15189625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15190375.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15190812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15191875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15192296.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15194859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15195781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15196140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15196562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15196859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15197109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15197296.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15197531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15197796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15197984.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15200203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15200390.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15200671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15200890.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15201156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15201343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15201718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15202109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15202468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15202859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15203562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15246703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15246875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15247062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15247421.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15247859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15248171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15248500.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15249093.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15249765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15250734.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15251703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15251812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15252000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15252140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15252359.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15253593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15254562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15255093.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15255703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15256468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15256718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15257078.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15263031.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15263859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15264343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15265359.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15266062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15266453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15266875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15267015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15267203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15268656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15270046.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15271359.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15273109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15273781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15274468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15275671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15282968.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15283140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15283343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15283546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15283781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15284000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15284218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15284312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15284484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15284625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15284828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15286265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15287671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15288109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15288593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15288843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15289140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15289484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15294453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15294640.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15294843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15295640.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15296406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15296765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15297125.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15297515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15297937.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15298546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15298984.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15299078.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15299234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15299703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15300390.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15300578.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15300765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15301328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15301765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15303609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15305437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15305609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15305859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\15305984.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\164578.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\164781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\165000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\165328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\165609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\166312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\167062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29706203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29706468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29706828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29707015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29707265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29707625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29709875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29717421.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29717906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29718343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29720468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29720906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29721109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29721328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29721515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29721718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29722687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29723343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29728859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29730015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29730656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29731328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29731953.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29732156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29732375.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29732500.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29732687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29733718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29734656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29734828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29735062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29735312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29735484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29736046.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29736500.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29736703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29737609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29737765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29738000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29739812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29741187.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29741453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29741703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29742343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29742796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29743437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29744437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29744703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29745000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29745203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29745531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29746140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29746609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29747796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29748781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29748906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29749140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29749343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29749593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29749812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29750046.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29750328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29750562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29750921.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29751828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29752218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29752671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29753015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29753281.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29753640.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29754062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29754250.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29754484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29754656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29754906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29755140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29755343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29755562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29755765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29756062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29756296.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29756406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29756593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29757093.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29757484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29757828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29758203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29759250.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29802546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29802718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29802906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29803265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29803671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29804015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29804375.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29804750.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29805187.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29806171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29807140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29807265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29807437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29807593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29807796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29808734.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29809703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29810234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29810843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29811140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29812109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29812515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29818234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29818703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29819312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29820546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29821203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29821609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29822015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29822171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29822390.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29823968.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29825453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29826140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29826906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29827593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29828312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29829546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29834625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29834812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29838015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29838218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29838453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29838656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29838859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29838953.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29839125.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29839265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29839468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29841765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29843171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29843703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29844156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29845312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29846656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29847140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29852140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29852328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29852546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29853593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29854406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29854796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29855171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29855734.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29857562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29858171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29858625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29858718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29858875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29859343.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29859843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29860031.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29860218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29860718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29861156.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29861375.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29861640.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29861812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29862062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\29862218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\555125.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\555765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\556406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\557218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\557812.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\558015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\558218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\558406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\558593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\559671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\561000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\561218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\561453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\561609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\561843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\562687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\563109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\563281.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\563484.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\564828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\565046.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\566656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\568031.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\568265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\568500.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\569000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\569406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\570265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\570937.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\571250.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\571546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\571750.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\571953.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\572625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\573031.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\574687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\575656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\575828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\576015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\576468.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\576703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\576953.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\577140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\577375.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\577578.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\578125.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\578515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\578890.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\579296.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\579593.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\579875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\580109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\580328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\580546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\580781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\581171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\581406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\581671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\581859.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\582062.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\582250.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\582453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\582687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\582875.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\583046.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\583406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\583828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\584281.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\584625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\585500.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\628843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\629078.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\629265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\629421.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\629625.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\630000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\630328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\630828.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\631234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\632187.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\633140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\633328.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\633500.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\633703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\633890.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\635093.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\636078.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\636406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\636703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\636937.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\637187.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\637437.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\642906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\643531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\644000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\645015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\645718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\645906.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\688234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\689750.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\691203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\701765.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\70703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\712234.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\713312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\714000.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\715656.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\717015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\71718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\717203.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\717406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\717703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\717921.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\718140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\718781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\718953.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\719109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\719312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\719515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\72078.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\722250.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\72312.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\723671.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\724265.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\724750.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\725078.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\725359.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\72609.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\726171.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\731140.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\731515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\731718.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\732781.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\73296.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\733546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\734031.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\734406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\735109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\735531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\736109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\736546.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\736687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\736843.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\73703.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\737515.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\738015.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\738218.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\738406.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\738687.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\738921.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\739109.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\739390.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\739562.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\739796.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\739937.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\74750.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\75531.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\75937.exe
C:\Documents and Settings\JEROME\Application Data\drivers\downld\76453.exe
C:\Documents and Settings\JEROME\Application Data\drivers\winupgro.exe
C:\Documents and Settings\JEROME\Application Data\hidires
C:\Documents and Settings\JEROME\Application Data\hidires\config
C:\Documents and Settings\JEROME\Application Data\hidires\config\AC_BootstrapIPs.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\AC_SearchStrings.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\AC_ServerMetURLs.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\cancelled.met
C:\Documents and Settings\JEROME\Application Data\hidires\config\clients.met
C:\Documents and Settings\JEROME\Application Data\hidires\config\clients.met.bak
C:\Documents and Settings\JEROME\Application Data\hidires\config\cryptkey.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\emfriends.met
C:\Documents and Settings\JEROME\Application Data\hidires\config\key_index.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\known.met
C:\Documents and Settings\JEROME\Application Data\hidires\config\known2_64.met
C:\Documents and Settings\JEROME\Application Data\hidires\config\load_index.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\nodes.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\preferences.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\preferences.ini
C:\Documents and Settings\JEROME\Application Data\hidires\config\preferencesKad.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\server.met
C:\Documents and Settings\JEROME\Application Data\hidires\config\server_met.old
C:\Documents and Settings\JEROME\Application Data\hidires\config\shareddir.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\src_index.dat
C:\Documents and Settings\JEROME\Application Data\hidires\config\statistics.ini
C:\Documents and Settings\JEROME\Application Data\hidires\config\StoredSearches.met
C:\Documents and Settings\JEROME\Application Data\hidires\downloads.bak
C:\Documents and Settings\JEROME\Application Data\hidires\downloads.txt
C:\Documents and Settings\JEROME\Application Data\hidires\file.exe
C:\Documents and Settings\JEROME\Application Data\hidires\flec003.exe
C:\Documents and Settings\JEROME\Application Data\hidires\Incoming
C:\Documents and Settings\JEROME\Application Data\hidires\lang
C:\Documents and Settings\JEROME\Application Data\hidires\names.txt
C:\Documents and Settings\JEROME\Application Data\hidires\server.txt
C:\Documents and Settings\JEROME\Application Data\hidires\skins
C:\Documents and Settings\JEROME\Application Data\hidires\Temp
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\1CLICK DVD COPY PRO 3.1.7.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\3herosoft DVD to PS3 Converter 3.2.0 Build 0521.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\A-one DVD Tools 6.9.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Aardvark 2.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\AardWord Plus 1.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ABC eStore 3.7.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\About this site 1.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Ace Utilities 3.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Acid Library 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ACS Capture 2.1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ActivePresenter 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\AIV Wallpaper Changer 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\All To AVI VCD SVCD DVD MPEG Converter 5.6 [Key+Serial].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Analyse-it for Microsoft Excel 1.62.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Arabic Keyboard Layout Support 5.1 Key+Serial.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Arm Map Explorer 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\AttendView 4.1 (Crack).zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\AutoIt 3.1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Avg.Anti-Virus.Professional.7.5.423a810.Incl.Keygen-Ssg.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\BAC Calendar 1.0.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Battery Status 1.01 Patch.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Battlefield 1942 Battle of Kingman Reef map.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Be Rich!! News Online Technic! 1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Bestel Video to DVD Creator 1.1.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\BetterCalc 1.0.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Bluefox Zune Video Converter 2.11.09.0512.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Brass 0.21 [Crack].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Calculator X 1.2 repack [Patch].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\California Real Estate Exam 2006 6.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\CD Mage 1.2.1 Beta 5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Chronogps 3.20a.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Clouds 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ClǸ.Enregistrement.Kaspersky.5.Key.Valide.Jusque.Fin.2007.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Colorator 1.05.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Command & Conquer Renegade - Tropics map.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ConnectEasy 2.0.7.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Credit-Aid 3.0.2 (With Crack).zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Cucusoft DVD to PSP Converter 5.31.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\DBConvert for SQLite & MySQL 1.0.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Desktop Color Finder.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Digital ObjectRescue Professional 4.5.1 Build 172.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\DIPP 1.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\DoneEx INI-File Manager ActiveX 1.3.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Dr Glitter 1.46.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Easy Movie Splitter 2.5.18 [Key].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\EasyMap VCL 2.3.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Econ NetVert 2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Embird Alphabet 8 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Emerge Desktop 4.1.3.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ErotiCars Vol.2 Screensaver 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Exe Icon Changer 5.X.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Family Keylogger 3.02.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\FLIP Flash Photo Album Deluxe 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Flurry Screensaver 2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Forest Waterfalls 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Galacticaa 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Gater 1.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\GolfWolf 1.01.007.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Handy Free Audio Editor 2.6.0.0709.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Heartbeat 1.0.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Herbivore Distributed Anti Spam Filter 5.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Honeymoon Island 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\HP0-417 Practice Exam Testing Engine Software 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\IE Snapshot 1.03.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Invoice Organizer Deluxe 2.9.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\iReasoning MIB Browser 3.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\JUTree 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Kea Coloring Book 3.6.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\KeyRecover 1.5.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\League Scoring 03.1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\LingvoSoft Dictionary 2007 Spanish - Chinese Traditional 4.1.29.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Links Organizer 2.1.157.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\LPRngInfo 1.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Makkah screensaver 0.4.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Meditation Moonlight Screen Saver 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Mortgage Calculator for Your Web Site 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Movie Player Pro ActiveX OCX SDK 6.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\MP3 WaveBuilder 3.41 [Crack].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\MP3Boy 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Multiple HTML File Maker 2.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\My Agenda 1.0.3.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\My Pi 6.282.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\My Vista Computer.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\myDesktop Online 1.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\NEWT Freeware 2.5 Build 116.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Nod.32.antivirus.+.crack.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\NotesRipper 2.00.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Novelty 0.7.13 Alpha.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\NX10 Icons.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Ole Seattle Screensaver.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\P2P Doctor 2.1.0 Crack.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Page Title Eraser 0.7.6.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Pageville shopping cart plugin for EasyWebEditor 1.5.170.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Parche.para.el.Nod32.2.50.39.espanol.updated-fixed.05-2006.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\PC Security Explorer 2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\PDF Page Numberer 1.04.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Philipp Winterberg's Screensaver Player 1.00.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Photo Copy 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\PIRCH98 1.0.1.1190.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\QuickFormz 1.0.5.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Rainbow 5.07.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Remote Desktop Launcher 1.0.2.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Rich Text Icon Collection 1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\S3xy Mariah Carey 1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Safedisc 2 Cleaner 1.2.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\sBOOKs - The Bronte Sisters 107.007.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\ScratchCalc 2.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Screenlr 1.5.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Sir AdGuard 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Sophos.Anti-Rootkit.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Sothink Video Encoder for Adobe Flash 2.5 Build 81126.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Sound Capture 1.6.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Spam Guard 1.0.4.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\SqlAnswersMail 3.1.5004.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\SuperPinger 2.02 [Patch].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\SymplisIT SureIT Server 1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Unreal Tournament 2004 DM Snow Valley Map.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Voxynth 2.0.2 Key.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\WinFortress 2.3 [Key+Serial].zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Winter Reflections Screensaver 1.0.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\XP Disk Cleaner 2.05.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Yoga For General Desktop Application 1.1.1.zip
C:\Documents and Settings\JEROME\Application Data\hidires\WDIR\Zero Media Convertor Studio Pack 1.02.zip
C:\Documents and Settings\JEROME\Application Data\hidires\webserver
C:\Documents and Settings\JEROME\Application Data\m
C:\Documents and Settings\JEROME\Application Data\m\data.oct
C:\Documents and Settings\JEROME\Application Data\m\flec006.exe
C:\Documents and Settings\JEROME\Application Data\m\list.oct
C:\Documents and Settings\JEROME\Application Data\m\srvlist.oct
C:\Documents and Settings\JEROME\Application Data\m\shared
C:\Documents and Settings\JEROME\Application Data\m\shared\3D Matrix Screensaver.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\AAA PDF to HTML Converter v2.xx by PER.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Acronis TrueImage Server 8.0 build 774 German.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Action Process Automator 4.4.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Add-Remove 4Good v2.0 Keygen by TCA.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\AddXP 1.0.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Adobe Photoshop 7.01.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced Batch Converter v4.0.18 by TSRh.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced Encode Decode Tools 1.065.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced MP3 Converter 1.82 (Serial).zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced PDF Password Recovery Pro v2.10.21 by tfihs.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced Security Level v6.4 Only by BRD.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced Serial Port Monitor v3.0.2 build 9.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Advanced Windows Care 2 Pro v2.6.0.943 by CiM.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Aimersoft DVD to Mobile Devices Converter 2.2.0.27.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Amor Video Converter v2.1.2 WinALL Incl Keygen by BRD.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Ansyr Primer for Pocket PC.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\AntispamSniper for Outlook Express 3.2.2.1.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\AnyDVD 6.1.1.4 Patch by ICU.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\APISOFT Huit Paye v4.00 R1 French by RESET.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\App Launcher 5.0 (Serial).zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Arboretum Systems RayGun Plugin 1.3.4.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Artist 1.00.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Ashampoo AntiSpyWare v1.02 Multilingual WinALL Incl Keygen by ViRiLiTY.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Auto Master v7.73 German.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Auto-Inserts 1.33 (Serial).zip
C:\Documents and Settings\JEROME\Application Data\m\shared\avast! 3.0.448.4.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\avast! Professional Edition v4.5.549 German Incl Keymaker by ACME.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\AVMISDNIBTX 3.0.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Aya Audio to MP3-WMA-AAC-MP2-WAV-OGG-M4A-AMR Audio Converter v1.1.11.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\B-Jigsaw v7.5 by Desperate.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Basic Auto Expense Log v1.2.32.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Battlefield 2 STAT RETRIEVER v1.1.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\BB FlashBack v1.5.3.151 by BRD.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Belkasoft IE History Extractor 2.01.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Belltech CaptureXT v2.0 by iND.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Big Business (1990) (Magic Bytes) FULL!.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Black Buccaneer v1.0 +4 TRAINER.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Boilsoft Video Joiner v5.16 by SND.zip
C:\Documents and Settings\JEROME\Application Data\m\shared\Book Organizer 3.5s.zi
0
Réponse 4 / 34
askemi
20 avril 2010 à 21:14
merci
voici le lien comme demandé
j'avais deja supprimé le crack de suite

http://www.cijoint.fr/cjlink.php?file=cj201004/cijqMWwtTq.txt
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
21 avril 2010 à 04:00
tu as déjà passé l'option 2 ?

qu'importe...


! Déconnecte toi et ferme toutes application en cours (navigateur compris ) .

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...

* Double clique sur setup.exe présent sur ton bureau pour lancer l'outil.

* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

* Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

* Le pc va redémarrer automatiquement ...

? le programme va travailler, ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

? Poste le rapport qui apparaît à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt)

Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide


0
Réponse 6 / 34
askemi
21 avril 2010 à 18:45
bonjour, désolé de répondre, mais je bossais.
du coup jai fait ce que tu m as dit et l ai laissé travailler la journée mais , je viens de rentrer , et il a bloqué a 40%
jai donc refait la premiere manip pour avoir un rapport ( recherche )
voici le rapport.

############################## | FindyKill V5.038 |

# User : JEROME (Administrateurs) # MODINO-FD3E76B5
# Update on 15/03/2010 by El Desaparecido
# Start at: 18:41:54 | 21/04/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1368 [VPS 100419-0] 4.8.1368 [ (!) Disabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 465,75 Go (338,7 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

################## | Eléments infectieux |


################## | Registre |

[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
[HKCU\Software\bisoft]
[HKCU\Software\DateTime4]
[HKCU\Software\MuleAppData]
[HKCU\Software\WS4001]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "flec003.exe"
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "flec003.exe"
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\bisoft]
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\DateTime4]
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\MuleAppData]
[HKCU\Software\Local AppWizard-Generated Applications\winupgro]
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Local AppWizard-Generated Applications\winupgro]

################## | Etat |

# Affichage des fichiers cachés : OK

Clé manquante : HKLM\...\SafeBoot | Mode sans echec non fonctionnel !

# (!) Ndisuio -> Start = 4 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )

################## | ! Fin du rapport # FindyKill V5.038 ! |
0
Réponse 7 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
21 avril 2010 à 18:56
le mode sans echec est hs pour l'instant

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

Télécharge et installe List&Kill'em et enregistre le sur ton bureau

http://sd-1.archive-host.com/...



double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

coche la case "creer une icone sur le bureau"

une fois terminée , clic sur "terminer" et le programme se lancer seul

choisis la langue puis choisis l'option SEARCH

laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

tu peux supprimer le rapport catchme.log de ton bureau maintenant.



0
Réponse 8 / 34
askemi
21 avril 2010 à 21:53
voici le rapport



List'em by g3n-h@ckm@n 1.7.2.0

User : JEROME (Administrateurs)
Update on 21/04/2010 by g3n-h@ckm@n ::::: 03.50
Start at: 19:05:18 | 21/04/2010

AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1368 [VPS 100419-0] 4.8.1368 [ (!) Disabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 465,75 Go (338,67 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM

Boot: Normal

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\pv.exe

======================
Keys "Run"
======================

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
drvsyskit REG_SZ C:\Documents and Settings\JEROME\Application Data\drivers\winupgro.exe
mule_st_key REG_SZ C:\Documents and Settings\JEROME\Application Data\m\flec006.exe
flec003.exe REG_SZ C:\Documents and Settings\JEROME\Application Data\hidires\flec003.exe
german.exe REG_SZ C:\WINDOWS\wintems.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
NeroFilterCheck REG_SZ C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HPDJ Taskbar Utility REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
PinnacleDriverCheck REG_SZ C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
LogitechCommunicationsManager REG_SZ "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
LogitechQuickCamRibbon REG_SZ "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
RTHDCPL REG_SZ RTHDCPL.EXE
Alcmtr REG_SZ ALCMTR.EXE

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
EnableLUA REG_DWORD 0 (0x0)

===============

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

===============

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)

===============

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ MODINO-FD3E76B5
DefaultUserName REG_SZ JEROME
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 1 (0x1)
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 0 (0x0)
AltDefaultUserName REG_SZ JEROME
AltDefaultDomainName REG_SZ MODINO-FD3E76B5
ChangePasswordUseKerberos REG_DWORD 1 (0x1)

===============

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

===============

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe REG_SZ C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD
E:\CDS\Nero\Installation\SetupX.exe REG_SZ E:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Pinnacle\Studio 10\programs\RM.exe REG_SZ C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager
C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe REG_SZ C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio
C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe REG_SZ C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile
C:\Program Files\Pinnacle\Studio 10\programs\umi.exe REG_SZ C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

===============
ActivX controls
===============

[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{0CCA191D-13A6-4E29-B746-314DEE697D83}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{17492023-C23A-453E-A040-C7C580BBF700}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8100D56A-5661-482C-BEE8-AFECE305D968}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E77F23EB-E7AB-4502-8F37-247DBAF1A147}]

===============
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]

==============
BHO :
======

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

===
DNS
===

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D9D67BAE-CD92-4886-A96D-7610F9AA7DF1}: NameServer=80.10.246.2,80.10.246.129
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D9D67BAE-CD92-4886-A96D-7610F9AA7DF1}: NameServer=80.10.246.2,80.10.246.129
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D9D67BAE-CD92-4886-A96D-7610F9AA7DF1}: NameServer=80.10.246.2,80.10.246.129

================
Internet Explorer :
================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Default_Search_URL REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Search Page REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.fr/?gws_rd=ssl
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

========
Services
========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x4 ( OK = 3 )
EapHost : 0x3 ( OK = 2 )
SharedAccess : 0x2 ( OK = 2 )
wuauserv : 0x4 ( OK = 2 )

========
Safemode
========


=========
Atapi.sys
=========

C:\WINDOWS\$NtServicePackUninstall$\atapi.sys :
MD5 :: [cdfe4411a69c224bd1d11b2da92dac51]
SHA256 :: [0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d]

C:\WINDOWS\ServicePackFiles\i386\atapi.sys :
MD5 :: [9f3a2f5aa6875c72bf062c712cfa2674]
SHA256 :: [b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9]

C:\WINDOWS\system32\drivers\atapi.sys :
MD5 :: [9f3a2f5aa6875c72bf062c712cfa2674]
SHA256 :: [b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9]

C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys :
MD5 :: [cdfe4411a69c224bd1d11b2da92dac51]
SHA256 :: [0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d]

C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys :
MD5 :: [cdfe4411a69c224bd1d11b2da92dac51]
SHA256 :: [0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d]

Référence :
==========

Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
Windows 7_32b_Ultimate : 338c86357871c167a96ab976519bf59e

=======
Drive :
=======

D'fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
466 Go total, 339 Go libre (72%), 3% fragment' (fragmentation du fichier 6%)

Il ne vous est pas n'cessaire de d'fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Present !! : C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
Present !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadD500.exe
Present !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadX800.exe
Present !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadZ510.exe
Present !! : C:\WINDOWS\002962_.tmp
Present !! : C:\WINDOWS\SET25.tmp
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET8.tmp
Present !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Present !! : C:\WINDOWS\System32\SET*.tmp
Present !! : C:\Documents and Settings\JEROME\LOCAL Settings\Temp\bpuninstall.exe

¤¤¤¤¤¤¤¤¤¤ Keys :

Present !! : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\drvsyskit
Present !! : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\flec003.exe
Present !! : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\german.exe
Present !! : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\mule_st_key
Present !! : HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\drvsyskit
Present !! : HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\flec003.exe
Present !! : HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\german.exe
Present !! : HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\mule_st_key
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : "HKCU\Software\Local AppWizard-Generated Applications\winupgro"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : HKCU\Software\bisoft
Present !! : HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Present !! : HKLM\SYSTEM\ControlSet001\Services\USBAAPL
Present !! : HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Present !! : HKLM\SYSTEM\ControlSet003\Services\USBAAPL
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\USBAAPL

============

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-21 20:47:26
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

? [26000]

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled REG_DWORD 1 (0x1)
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 0 (0x0)
FirewallOverride REG_DWORD 0 (0x0)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

End of scan : 20:52:58,45
0
Réponse 9 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
21 avril 2010 à 22:13
1)

Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :

choisis l'option CLEAN
ton PC va redemarrer,

laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

colle le contenu dans ta reponse
...........................

2)

refais l'option 2 de findykill stp

0
Réponse 10 / 34
askemi
22 avril 2010 à 18:47
VOICI LE RAPPORT DE LE L ETAPE 1

Kill'em by g3n-h@ckm@n 1.7.2.0

User : JEROME (Administrateurs)
Update on 21/04/2010 by g3n-h@ckm@n ::::: 03.50
Start at: 07:15:58 | 22/04/2010

AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1368 [VPS 100419-0] 4.8.1368 [ (!) Disabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 465,75 Go (339,33 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\ERUNT.EXE
C:\Program Files\List_Kill'em\pv.exe

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
Quarantined & Deleted !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadD500.exe
Quarantined & Deleted !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadX800.exe
Quarantined & Deleted !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadZ510.exe
Quarantined & Deleted !! : C:\WINDOWS\002962_.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET25.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET3.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET4.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET8.tmp

Quarantined & Deleted !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Quarantined & Deleted !! : C:\WINDOWS\System32\SET47.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SET53.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SET9D.tmp
Quarantined & Deleted !! : C:\Documents and Settings\JEROME\LOCAL Settings\Temp\bpuninstall.exe
Deleted !! : C:\RECYCLER\S-1-5-21-1614895754-436374069-839522115-1004\Dc1.zip

==============
host file OK !
==============

========
Registry
========

Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\drvsyskit
Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\flec003.exe
Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\german.exe
Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\mule_st_key
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Deleted : "HKCU\Software\Local AppWizard-Generated Applications\winupgro"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Deleted : HKCU\Software\bisoft
Deleted : HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted : HKLM\SYSTEM\ControlSet001\Services\USBAAPL
Deleted : HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Deleted : HKLM\SYSTEM\ControlSet003\Services\USBAAPL
=================
Internet Explorer
=================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Default_Search_URL REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Search Page REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.com/?gws_rd=ssl
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

===============
Security Center
===============

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled REG_DWORD 1 (0x1)
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 1 (0x1)
FirewallOverride REG_DWORD 1 (0x1)

========
Services
=========

Ndisuio : Start = 3
EapHost : Start = 2
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2

============
Disk Cleaned
anti-ver blaster : OK
Prefetch cleaned
================



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 11 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 avril 2010 à 18:51
vu

=> findykill option 2
0
Réponse 12 / 34
askemi
22 avril 2010 à 20:19
findykill option 2 çà a buggué a 40% SUR UN FICHIER ZIP, cest resté bloqué

qu est ce que je dois faire
0
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 avril 2010 à 20:23
sais tu ce qu'il y a dedans et est il gros ?
0
askemi
22 avril 2010 à 20:25
c un fichier zip de mon imprimante hp deskjet 3325
j ai juste lu le fichier surlekel çà a buggué
0
Réponse 13 / 34
askemi
22 avril 2010 à 20:26
je ne sais plus quoi faire.....lol.
0
Réponse 14 / 34
askemi
22 avril 2010 à 20:28
jai refait findykill option1 voici le rapport



############################## | FindyKill V5.038 |

# User : JEROME (Administrateurs) # MODINO-FD3E76B5
# Update on 15/03/2010 by El Desaparecido
# Start at: 20:27:02 | 22/04/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1368 [VPS 100419-0] 4.8.1368 [ (!) Disabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 465,75 Go (339,64 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

################## | Eléments infectieux |


################## | Registre |

[HKCU\Software\DateTime4]
[HKCU\Software\MuleAppData]
[HKCU\Software\WS4001]
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\DateTime4]
[HKU\S-1-5-21-1614895754-436374069-839522115-1004\Software\MuleAppData]

################## | Etat |

# Affichage des fichiers cachés : OK

Clé manquante : HKLM\...\SafeBoot | Mode sans echec non fonctionnel !

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | ! Fin du rapport # FindyKill V5.038 ! |
0
Réponse 15 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 avril 2010 à 20:29
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin pour vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message


si soucis avec ci joint. fr => utiliser https://www.cjoint.com/
0
Réponse 16 / 34
askemi
22 avril 2010 à 20:35
http://www.cijoint.fr/cjlink.php?file=cj201004/cijjdmSzIW.txt
0
Réponse 17 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
22 avril 2010 à 20:40
le reste du pc est plutôt pas mal

on va passer MBAM mais je doute qu'il regle de problème du zip...et il serait bien de finir l'option de findykill

1)

Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

..................

2)

findykill option 2


0
Réponse 18 / 34
askemi
22 avril 2010 à 21:40
voila le rapport du 1er

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 4023

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

22/04/2010 21:39:46
mbam-log-2010-04-22 (21-39-46).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 174265
Temps écoulé: 21 minute(s), 51 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\WS4001 (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\FyK\Quarantine\C\Documents and Settings\JEROME\Application Data\drivers\winupgro.exe.FindyKill (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\FyK\Quarantine\C\Documents and Settings\JEROME\Application Data\drivers\downld\15141562.exe.FindyKill (Worm.Bagle) -> Quarantined and deleted successfully.
C:\FyK\Quarantine\C\Documents and Settings\JEROME\Application Data\drivers\downld\29707625.exe.FindyKill (Worm.Bagle) -> Quarantined and deleted successfully.
C:\FyK\Quarantine\C\Documents and Settings\JEROME\Application Data\hidires\file.exe.FindyKill (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\FyK\Quarantine\C\Documents and Settings\JEROME\Application Data\m\data.oct.FindyKill (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\FyK\Quarantine\C\Documents and Settings\JEROME\Application Data\m\flec006.exe.FindyKill (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{813002E6-5E5D-4A5A-83FF-4A6BD7A4BB5D}\RP422\A0060168.rbf (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{813002E6-5E5D-4A5A-83FF-4A6BD7A4BB5D}\RP423\A0060383.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{813002E6-5E5D-4A5A-83FF-4A6BD7A4BB5D}\RP423\A0060406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{813002E6-5E5D-4A5A-83FF-4A6BD7A4BB5D}\RP423\A0060581.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{813002E6-5E5D-4A5A-83FF-4A6BD7A4BB5D}\RP423\A0060907.exe (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{813002E6-5E5D-4A5A-83FF-4A6BD7A4BB5D}\RP423\A0060909.exe (Worm.Bagle) -> Quarantined and deleted successfully.
0
Réponse 19 / 34
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
23 avril 2010 à 03:25
vu

= > findikill 2 s'il veut bien
0
Réponse 20 / 34
askemi
23 avril 2010 à 18:41
bloque encore a 40% sur un fichier .cette fois ci quick time
0

Discussions similaires

"Aucune application permettant d'ouvrir cette URL"
sidojaice -
JIP -

24 réponses
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Installer une application non vérifiée Microsoft Store
Camtajoie -
Kori-Kori -

11 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses