Sujet Précédent Sujet Suivant

Win 32 avec avast

ciellou83 Messages postés 10 Statut Membre -  
anthony5151 Messages postés 10927 Statut Contributeur sécurité -
Bonjour, à vous , voilà comme le dis le titre de mon message j'ai un problème avec avast suite surement à un jeu téléchargé icône avast disparue je l'ai désinstallé et réinstallé plusieurs fois mais toujours le même message quand je clique sur l'icône:: C:Program Files\Alwil Software\Avast4\ashAvast.exe n'est pas une application Win32 valide. depuis je n'ai plus de son et impossible aussi d'ouvrir spybot donc si je pouvais avoir de l'aide merci à vous. je reposte mon message ici je l'avais poster dans window désolée !!
A voir également:

9 réponses

Réponse 1 / 9
anthony5151 Messages postés 10927 Statut Contributeur sécurité 790
 
Bonjour,

Ce message est très certainement dû à une infection Bagle...

Cette infection s'attrape par le téléchargement de cracks (ou par la simple visite d'un site de cracks). C'est un important vecteur d'infection : https://forum.malekal.com/viewtopic.php?f=33&t=893
Supprime tous tes cracks et keygens pourris, sinon inutile de continuer la désinfection, ils réinfecteront ton ordinateur sans arrêt !

Bagle se propage ensuite par disques amovibles (clés USB, disques durs externes, lecteurs mp3) ==> isole ton PC

Télécharge FindyKill (de Chiquitine29)

Fais un clic droit sur le lien --> enregistrer sous --> bureau
---> FindyKill

--> Lance l'installation avec les paramètres par défaut

--> Double clique sur le raccourci FindyKill sur ton bureau

--> Au menu principal, choisis l'option 1 (Recherche)

--> Poste le rapport C:/FindyKill.txt (il est sauvegardé à la racine du disque dur)

0
Réponse 2 / 9
ciellou83 Messages postés 10 Statut Membre
 
voilà il cherche merci à toi je te poste le rapport dés que je l'ai
0
Réponse 3 / 9
ciellou83 Messages postés 10 Statut Membre
 
le voilà

----------------- FindyKill V4.705 ------------------

* User : Administrateur - 7075328540E5438
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 21:38:08 le 17/11/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\styler\Styler.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\1205260542\ee\AOLSoftware.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AOL 9.0a\aoltray.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\drivers\downld\209453.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe

--------------- [ Processus infectieux stoppés ] ----------------

"C:\WINDOWS\system32\drivers\downld\209453.exe" (3544)

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [17/11/2008 20:46] - C:\WINDOWS\system32\mdelk.exe
Found ! [17/11/2008 20:46] - C:\WINDOWS\system32\wintems.exe
Found ! [17/11/2008 20:48] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [17/11/2008 20:44] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [17/11/2008 20:44] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [19/01/2006 07:10] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [17/11/2008 20:49] - "C:\WINDOWS\system32\drivers\downld"
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\103328.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\105093.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\109000.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\109687.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\111437.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\112750.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\113468.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\119875.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\121359.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\123343.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\137921.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\138656.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\140375.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\147812.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\151078.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\160093.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\161578.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\166968.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\168125.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\169484.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\174765.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\175000.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\175921.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\178218.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\180359.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\180375.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\181968.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\183421.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\184093.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\185421.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\187843.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\188890.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\189953.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\190046.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\190375.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\191656.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\196234.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\196359.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\198203.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\200093.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\202765.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\204421.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\205578.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\205906.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\209312.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\209453.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\216718.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\218453.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\219187.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\227546.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\228015.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\233296.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\238203.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\244093.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\245296.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\246531.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\253968.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\257750.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\262312.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\272234.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\286671.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\295953.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\299859.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\307484.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\317234.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\342406.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\349062.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\353937.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\357000.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\361656.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\366140.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\366234.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\373062.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\382421.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\399453.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\399625.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\431062.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\456046.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\479937.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\64406.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\72000.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\74078.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\75109.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\78796.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\79500.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\81375.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\92640.exe
Found ! [17/11/2008 20:49] C:\WINDOWS\system32\drivers\downld\94515.exe

»»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Application Data

Found ! [17/11/2008 20:46] - "C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe"
Found ! [17/11/2008 20:47] - "C:\Documents and Settings\Administrateur\Application Data\m\list.oct"
Found ! [17/11/2008 20:47] - "C:\Documents and Settings\Administrateur\Application Data\m\data.oct"
Found ! [17/11/2008 20:47] - "C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct"
Found ! [17/11/2008 20:49] - "C:\Documents and Settings\Administrateur\Application Data\m\shared"
Found ! [17/11/2008 18:26] - "C:\Documents and Settings\Administrateur\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

Found ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\meerkatPatch41704.zip
Found ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Patcher
Found ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Patcher\Patcher3148
Found ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Patcher\Patcher3148\PBSLocalizedStrings

»»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5

--------------- [ Registre / Startup ] ----------------

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
UberIcon REG_SZ "C:\Program Files\UberIcon\UberIcon Manager.exe"
VisualTaskTips REG_SZ C:\Windows\System32\VisualTaskTips.exe
Vistadrv REG_SZ C:\WINDOWS\system32\Vistadrive\vsdrv.exe
Styler REG_SZ C:\Program Files\styler\Styler.exe
Windows Defender REG_SZ "C:\Program Files\Windows Defender\MSASCui.exe" -hide
ATICCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
SoundMan REG_SZ SOUNDMAN.EXE
Acrobat Assistant 8.0 REG_SZ "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
<SANS NOM> REG_SZ
UnlockerAssistant REG_SZ "C:\Program Files\Unlocker\UnlockerAssistant.exe"
AOLSAV REG_SZ C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
AOLDialer REG_SZ C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
HostManager REG_SZ C:\Program Files\Fichiers communs\AOL\1205260542\ee\AOLSoftware.exe
NeroFilterCheck REG_SZ C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
CanonSolutionMenu REG_SZ C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
CanonMyPrinter REG_SZ C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
SSBkgdUpdate REG_SZ "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
OpwareSE4 REG_SZ "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
Logitech Hardware Abstraction Layer REG_SZ KHALMNPR.EXE
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QT Lite\qttask.exe" -atboottime
CamserviceDP REG_SZ C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
UberIcon REG_SZ "C:\Program Files\UberIcon\UberIcon Manager.exe"
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

wscsvc - Type de démarrage = 2

/!\ WinDefend - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------
0
Réponse 4 / 9
anthony5151 Messages postés 10927 Statut Contributeur sécurité 790
 
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) sans les ouvrir pour les désinfecter ==> c'est important !

--> Relance FindyKill

--> Cette fois, choisis l'option 2 (Suppression) au menu principal

Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" !

--> Ensuite poste le rapport C:/FindyKill.txt (il est sauvegardé à la racine du disque dur)

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
ciellou83 Messages postés 10 Statut Membre
 
je n'ai pas de disque dur externe ni de clé usb ou autres donc voilà le rapport:

----------------- FindyKill V4.705 ------------------

* User : Administrateur - 7075328540E5438
* executed from : C:\Program Files\FindyKill
* Update on 17/11/08 par Chiquitine29
* Start at 22:41:48 the 17/11/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\103328.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\105093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\109000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\109687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\111437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\112750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\113468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\119875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\121359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\123343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\137921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\138656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\147812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\151078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\160093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\161578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\168125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\169484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\174765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\175000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\175921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\178218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\180359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\180375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\181968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\183421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\184093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\185421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\188890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\189953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\190046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\190375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\191656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\196234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\196359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\198203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\200093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\202765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\204421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\205578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\205906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\209312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\209453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\216718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\218453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\219187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\227546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\228015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\233296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\238203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\244093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\245296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\246531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\253968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\257750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\262312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\272234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\286671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\295953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\299859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\307484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\317234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\342406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\349062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\353937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\357000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\361656.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\366140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\366234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\373062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\382421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\399453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\399625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\431062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\456046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\479937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\64406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\72000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\74078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\75109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\78796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\79500.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\81375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\92640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\94515.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\Administrateur\Application Data

Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\ABC_Amber_PowerPoint_Converter_1.05_[KeyGen].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Able2Doc_-_PDF_to_Word_Conversion_3.0_(Key).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Aircraft_Dynamics_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\AJC Active Backup 1.5.4.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\AlgoLab_Raster_to_Vector_Conversion_SDK_2.55.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\All_Editor_2.4.2.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Amadis Video Splitter SE 1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\American Idol Underground 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\AMPHIOTIK ENHANCER LT [Winamp] 2.01.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Aplus DVD to MP3 Ripper 8.79.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Aros_Magic_Go-Moku_1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\AtFinger_2_build_100.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Auto-Bus 1.3.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\AutoSpell Typing Helper 6.2.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\BarCode_.NET_Control_for_.NET_2.0_1.5_KeyGen.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\BHODemon 2.0.0.23.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Bone_Out_From_Boneville_1.51.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\BT Media Library 1.1.3.48.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Burgerama (Pocket PC) 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Cadena Ser 1.1.20060327.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Calgoo Hub Plugin 1.7.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Capacity_2.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\cIDEE 0.0.8.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\CIDMage 1.4.2.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\ClickFax_Pro_3.2.6.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\CNSearch Pro 1.5.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Confluence_2.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Cool_CD_To_MP3_Ripper.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\CyberMatrix_Timesheets_Enterprise_3.00_build_3.03_Key+Serial.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\D-Weather 2.02.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Dacris Benchmark 5.0 Build 5005.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\DBMACHINE 1.7.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Discipline_Referral_Database_4.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Dolphins Underwater Animated Screensaver 4.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Draftcad_Deluxe_3.1_[Patch].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Dream_Screensaver_Maker_2.6_(Serial).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\e2eSoft VCam 2.0.1.0 Beta [Key].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Easy-Form-Printery 4.5.0.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Easy_Email_Encryption_6.17_Patch.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\eBookCreator 1.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Eggberts_Easter_Wish_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\EMCO_Remote_Deployment_Kit_1.5.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\eTM_1.0_[Key+Serial].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Evidence_Begone_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\FastSeek 2.90 Build 080220.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\File_Flags_Generator_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\FireMail_for_.NET_1.0.1_[With_Crack].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\FlyRec_1.1.43.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Folder Password Expert 2.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\French_Radio_Player_2.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Fun_Factory_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Garden plant identification tool 1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Gastown C# Command Line Parser 1.0.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Grand_Theft_Auto_III_Darkness_Skin.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Greene's_Parrots_Screensaver_1.0_KeyGen.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Half-Life 2 Real Bullet Time mod 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\HEXAGRAM & OCTOGRAM 1.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Hooker 2.55.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Hoyle_Card_Games_2004_1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\HS_Typing_Tutor_2.0_(Crack).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Htpasswd_Generator_2.1_[Serial].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\httpsentry_1.0.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\IconView_Pro_3.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\iGuess_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Image Finder 2.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\ImageSafety_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\INFORMATIK_CODE39_2.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Internet_Macros_Web_Test_Recorder_5.22_[Patch].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Interval_Calculator_1.0.3.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Islam 6.90.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\iTunesRemote for Windows 0.2.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Jazz_Params_1.5_With_Crack.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Kaspersky.Antivirus.†?­†úï‘-î†Y§.V6.0.307.†©~‘-û‡©?„«"„÷ð‘-·%^+Key2007-12-22.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\KoolPlaya 1.3.0.0 Beta.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Lavavo_CD_Ripper_5.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Letterman Spam Control Std 3.5.281.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Linker.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\LS_Photo_Album_1.0_[Cracked].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\LuxRiot_DVR_1.2.22.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Magnesium
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\ManpowerNet 2.28.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Max Payne 2 The Fall of Max Payne Handguns mod.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\MayBells_Job_Pricer_2000_Key.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\MB_Free_AstroNumero_Match_Software_1.0_(Patch).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\MessengerLog_6.26_KeyGen.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Morovia Code 93 Barcode Fontware 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\MS SQL Field Box 1.7.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\NanoTube 1.01.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Nerdom Cert Exams 6.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Orby 1.0.3.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Panda.Titanium.2005.Serial.Crackeado.Hasta.2007.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\PQ_DVD_to_iPhone_Converter_1.0_Build_01.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Process Modeler 0.51a.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Process_Supervisor_2.05_RC3.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Quite_Place_Screensaver_1.0_(With_Crack).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Quran Reciting.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Rank Checker 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\rebuilt.AVG.Anti.Spyware.v7.5.0.47.Multilanguage.Cracked-CRD.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Registry Washer 3.7.5 (With Crack).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Rise_of_Nations_Britain_is_Dying_map.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Rose Screensaver4 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\RPhoto 0.3.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Rules_of_engagement_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Satellite_Antenna_Alignment_2.37.2.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\SideTick_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Slice_3.0.3.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Smart PC Professional Demo 5.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Space Voyage Vol. I 1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\SpeechAnywhere 1.13 [Patch].zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\SqrSoft_Advanced_CrossFading_1.7.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Star_Trek_Starfleet_Command_III_Vampire_mod.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Stupid_Spam_Stopper_1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\termBlaster with Firefox 1.4.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\The_Astrology_Program_1.4.6.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Tic_Tac_Total_2.1_(Key).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Tidybot 1.6.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\TitleWriter_4.5.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\United_States_ZIP_Code_Database_(Gold_Edition)_February_2007_(KeyGen).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\VGCats 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Virtual POS Web Terminal Software 2.71.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\WebFill_1.5.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Webjotter_2.1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Winflick 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\WinWorkBar_1.3.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\wodAppUpdate_1.2.1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\WordSmart Vocabulary Volume F 1.0.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\X360_Tiff_Image_Processing_ActiveX_Control_1.zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\ZipWorx SecureSFX 3.0 (Serial).zip
Deleted ! - C:\Documents and Settings\Administrateur\Application Data\m\shared\Zombie Workstation 1.2.zip
Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\Administrateur\Application Data\m"

»»»» Supression files in C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

Deleted ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\meerkatPatch41704.zip
Deleted ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Patcher
Deleted ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Patcher\Patcher3148
Deleted ! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Patcher\Patcher3148\PBSLocalizedStrings

»»»» Supression files in C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_CURRENT_USER\Software\FFC
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-602162358-764733703-682003330-500\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

+- deleting files :

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Administrateur\Mes documents\Downloads\SlySoft\CloneDVD mobile 1.1.6.1\keygen.exe
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Crack
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Keygen.exe
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Bookworm Deluxe\Crack
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Bookworm Deluxe\Crack\Bookworm.exe
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Crack\CRD-AVAG_Patcher.zip

---------------- ! End of report ! ------------------
0
Réponse 6 / 9
ciellou83 Messages postés 10 Statut Membre
 
en tout les cas je ne sais pas si tout remarche et si je peux retelecharger avast mais le son de mon PC et revenue donc déjà merci à toi pour ça
0
Réponse 7 / 9
anthony5151 Messages postés 10927 Statut Contributeur sécurité 790
 
Ce n'est pas terminé...

La source de l'infection est là (voir premier message), supprime TOUS tes cracks et keygens, sinon tu vas réinfecter ton ordinateur :
C:\Documents and Settings\Administrateur\Mes documents\Downloads\SlySoft\CloneDVD mobile 1.1.6.1\keygen.exe
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Crack
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Keygen.exe
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Bookworm Deluxe\Crack
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Bookworm Deluxe\Crack\Bookworm.exe
C:\Documents and Settings\Administrateur\Mes documents\logiciels\Crack\CRD-AVAG_Patcher.zip

Utilise ensuite Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts... Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation : en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

Tuto ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :
double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp
0
Réponse 8 / 9
ciellou83 Messages postés 10 Statut Membre
 
salut anthony alors je n'ai pas passé combo.exe parce que faire toute ses manips toute seule je le sens pas trop , par contre j'ai retelechargé avast fait plusieurs scan qui effectivement ont fait ressortir bagle que j'ai vacciné et supprimé enfin j'espere !! et j'ai telechargé sur le site le kit de desinfection pour symantec je ne sais pas si j'ai bien fait et si j'ai reussi en tous cas toute seule ça me parraissait plus prudent en attendant si besoin est quelqu'un de plus compétant qui me fera toutes les manip que tu m'a conseillé j'ai repassé findykill pour voir et je te poste le rapport si tu a le temps d'y jeter un coup d'oeil merci d'avance

----------------- FindyKill V4.705 ------------------

* User : Administrateur - 7075328540E5438
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 18:02:03 le 18/11/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\styler\Styler.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\1205260542\ee\AOLSoftware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AOL 9.0a\aoltray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

»»»» Presence des fichiers dans C:\WINDOWS\system32

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

»»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Application Data

»»»» Presence des fichiers dans C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

»»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5

--------------- [ Registre / Startup ] ----------------

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
UberIcon REG_SZ "C:\Program Files\UberIcon\UberIcon Manager.exe"
VisualTaskTips REG_SZ C:\Windows\System32\VisualTaskTips.exe
Vistadrv REG_SZ C:\WINDOWS\system32\Vistadrive\vsdrv.exe
Styler REG_SZ C:\Program Files\styler\Styler.exe
Windows Defender REG_SZ "C:\Program Files\Windows Defender\MSASCui.exe" -hide
ATICCC REG_SZ "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
SoundMan REG_SZ SOUNDMAN.EXE
Acrobat Assistant 8.0 REG_SZ "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
<SANS NOM> REG_SZ
UnlockerAssistant REG_SZ "C:\Program Files\Unlocker\UnlockerAssistant.exe"
AOLSAV REG_SZ C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
AOLDialer REG_SZ C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
HostManager REG_SZ C:\Program Files\Fichiers communs\AOL\1205260542\ee\AOLSoftware.exe
NeroFilterCheck REG_SZ C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
CanonSolutionMenu REG_SZ C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
CanonMyPrinter REG_SZ C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
SSBkgdUpdate REG_SZ "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
OpwareSE4 REG_SZ "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
Logitech Hardware Abstraction Layer REG_SZ KHALMNPR.EXE
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
QuickTime Task REG_SZ "C:\Program Files\QT Lite\qttask.exe" -atboottime
CamserviceDP REG_SZ C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
UberIcon REG_SZ "C:\Program Files\UberIcon\UberIcon Manager.exe"
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater

--------------- [ Registre / Clés infectieuses ] ----------------

--------------- [ Etat / Services ] ----------------

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

Ip6Fw - Type de démarrage = 2

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2

WinDefend - Type de démarrage = 2

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------
0
Réponse 9 / 9
anthony5151 Messages postés 10927 Statut Contributeur sécurité 790
 
Désolé pour ma réponse tardive.

Je me répète :

- Il faut supprimer tous les cracks et keygens que je t'ai indiqués

- Si tu ne passes pas Combofix comme indiqué, tu n'arriveras jamais à désinfecter complètement ton ordinateur : aucun antivirus classique ne peut le faire (encore moins Avast qui est tout juste bon à t'avertir qu'il a laissé ton ordinateur se faire infecter...)
Si tu as des questions pour Combofix, n'hésite pas, l'important est de bien désactiver tes logiciels de protection avant le scan.

0

Discussions similaires

Phishing faux mail d'avast
Colette34 -
Gerper -

2 réponses
Arnaque installation Avast Premium security
Eldanield -
bazfile -

9 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses
arnaque de avast prelevement sans autorisation
petit -
Petittoune -

15 réponses