Sujet Précédent Sujet Suivant

A l'aide infection virus pb grave

Fermé
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011 - 19 nov. 2008 à 16:19
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011 - 20 nov. 2008 à 13:34
Bonjour,
hier j'ai installer un logiciel r-studio et depuis g plin de problem d'abord l'ecran est devenue bleu et un message d'ereur est ki me demandé redémarer en sans echcec et quand j 'ai redémarer en sans echec le meme message derreur est apparu et meme apré plusieur tentative en sans echec toujours le meme message d'erreur alor g démaré normalement et kaspersky ne voulais plus fontioner il me disent c po une aplication win 32 valide et aujordhui quand je l'ai allumé les ports usb ne voullais plus fonctioner ma souris et mon clavier du coup ne marche plu j'ai du branché mon ancien souris j'ai meme essayer plusieur fois de restaurer mon systeme sa ne marche pas.quesque vous me conseillé de faire.merci
A voir également:

8 réponses

Réponse 1 / 8
varfendell Messages postés 3256 Date d'inscription jeudi 27 décembre 2007 Statut Membre Dernière intervention 8 février 2020 704
19 nov. 2008 à 16:57
Bonjour,

télécharge malware sur cette page=>le tutoriel à été fait par VIRUS_KILLER
A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. >>> clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur ok
Laisse les Mises à jour se télécharger
*** Referme le programme ***
redémarrer en mode sans échecs (regarder ici si vous ne savez pas comment faire)
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Exécuter un examen complet >>> Rechercher
Sélectionne ton disque dur >>> clic sur Lancer l'examen (scan complet)
Suppression des éléments détectés >>>> clique sur Supprimer la sélection
Colle le rapport de malwarebytes dans ta réponse
S'il t'es demandé de redémarrer >>> clique sur "Yes"

puis

télécharge ccleaner (tutoriel ici par VIRUS_KILLER ou en voici un autre)
passe un bon coup de balais sur ton ordi:
configure le comme suit:
dans "options" puis "avancé" coche uniquement la case "cacher les messages d'avertissement"
dans "options" "propriété" coche TOUTE les cases
dans outils démarage, selectionne toute les lignes qui ne te disent rien et desactivent les (cela enleve le démarage automatique de programmes inutiles, donc ne pas desinstaller ton antivirus, le cas echéant msn, ...)
dans registre faire une recherche des erreurs et supprimer toutes les erreurs trouvé, recommencer jusqu'a ce qu'il n'y en ai plus
dans nettoyeur cocher toutes les cases (windows et application) et lancer une analyse, puis nettoyer. recommencer jusqu'a ce que l'analyse trouve moins de 1Mo


0
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011
20 nov. 2008 à 12:31
ccleaner ne marche pas je l'ai installer et quand je click dessus il n'y a rien qui vient .
0
Réponse 2 / 8
dark-adidas Messages postés 73 Date d'inscription jeudi 18 septembre 2008 Statut Membre Dernière intervention 21 décembre 2008 3
19 nov. 2008 à 17:01
a je connée se truc ses un turcojan ...
attend j'essaie de me rapeller comment lenlever (je les dega u aussi)
0
Réponse 3 / 8
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011
19 nov. 2008 à 18:58
voici le rapport
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1412
Windows 5.1.2600 Service Pack 2

19/11/2008 18:45:09
mbam-log-2008-11-19 (18-45-09).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 148365
Temps écoulé: 49 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 136

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9aae1ab-9688-42c5-86f5-c12f6b9015ad} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live_TV Toolbar (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> Files: 863 -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Program Files\Save\ACM.dll (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLive.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\INSTALL.LOG (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\toolbar.cfg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\UNWISE.EXE (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Save\ffext.mod (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\save.htm (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\Save\store.db (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15090156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15091656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15101609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15121687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15132406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15140187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15258093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\15272859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\171468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\175296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\176031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\178734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\179359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\181062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\188968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\194890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\214734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\252796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\255171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\269828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\272296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\277796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\280031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\285593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29701703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29703171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29728484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29735875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29743296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29759187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29870546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29884703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\300140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\309656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\328609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\331187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\344828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\346906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\350125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\388015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\412906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\457468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\460625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\472203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\501875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\503640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\552296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\571421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\611593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\651062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\660937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\662609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\701718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\709562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\729984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\734531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\873984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\898828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\update.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\ge&saslc=0&floc=1&sabfmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___tinyurl_com_2u3tzj.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1256613422_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1611650343_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1616510062_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256574750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256594985_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1477248454_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633211004690737500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304820925000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304996393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305088425000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305474518750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633341279781868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633403616553356250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633463264160275000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_735535110_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_999644891_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_Email-04orange_gif-Colorized-633323306911237500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_PopUpBlocker-21_gif-comic02-633323306370612500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_bankimages_commandcomps_block_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_BankImages_CommandComps_highlighter_dis_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_BankImages_CommandComps_highlighter_icon_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_ClientImages_radio_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16green_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16red_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss03x16blue_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_images_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_news_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_site_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_weather_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\famille\Local Settings\Application Data\Live_TV\rss\slc=0&floc=1&sabfmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\pc\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\pc\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
0
Réponse 4 / 8
varfendell Messages postés 3256 Date d'inscription jeudi 27 décembre 2007 Statut Membre Dernière intervention 8 février 2020 704
19 nov. 2008 à 21:17
ok...

jamais vu un ordinateur autant infecté O_o

Télécharge sur le bureau hijackthis : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

-une fois installé sur le bureau, le renommer scan.exe (pour une eventuelle infection vundo)
-Double-clic dessus
- Clic sur "Do a system scan and save the log"
- copier le rapport, le coller dans la réponse
Démo : (Merci a Balltrap34 pour ces réalisations)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
0
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011
20 nov. 2008 à 12:29
ils ne veut pas marcher ils me disent que ce n'est pas une application win 32 valide meme apré avoir changé son nom
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
20 nov. 2008 à 12:33
bonjour

juste de passage, tu as une infection bagle si tu as des cracks vire les.malwarebyte en reconnait une partie mais pas tout a priori.

fais cela.
Télécharges FindyKill de Chiquitine29

Fais un clique droit sur le lien et choisis "enregistrer la cible sous ...." , destination le bureau .

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe


Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

--> Entre dans le dossier " FindyKill "

Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

->choisis l'option 1 . Puis laisses travailler ...

Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )
0
Réponse 6 / 8
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011
20 nov. 2008 à 13:06
----------------- FindyKill V4.705 ------------------

* User : pc - SNC-A7C17733635
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 13:03:40 le 20/11/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Cyb2k.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\14978796.EXE-04A81C9E.pf
Found ! - C:\WINDOWS\prefetch\15080906.EXE-2C497001.pf
Found ! - C:\WINDOWS\prefetch\15099718.EXE-05F33B44.pf
Found ! - C:\WINDOWS\prefetch\15101609.EXE-1A43E1AE.pf
Found ! - C:\WINDOWS\prefetch\15113609.EXE-16DB8B8C.pf
Found ! - C:\WINDOWS\prefetch\15121687.EXE-136A3E93.pf
Found ! - C:\WINDOWS\prefetch\15133375.EXE-1DE21482.pf
Found ! - C:\WINDOWS\prefetch\169671.EXE-045BBF18.pf
Found ! - C:\WINDOWS\prefetch\174687.EXE-01D721D5.pf
Found ! - C:\WINDOWS\prefetch\176031.EXE-08AB7D6F.pf
Found ! - C:\WINDOWS\prefetch\188968.EXE-23369F0B.pf
Found ! - C:\WINDOWS\prefetch\194890.EXE-0396A257.pf
Found ! - C:\WINDOWS\prefetch\244015.EXE-0491265D.pf
Found ! - C:\WINDOWS\prefetch\252796.EXE-2260DADF.pf
Found ! - C:\WINDOWS\prefetch\287500.EXE-38707E50.pf
Found ! - C:\WINDOWS\prefetch\29728484.EXE-209F66AA.pf
Found ! - C:\WINDOWS\prefetch\298328.EXE-01741C57.pf
Found ! - C:\WINDOWS\prefetch\29890546.EXE-2C3534F7.pf
Found ! - C:\WINDOWS\prefetch\29900546.EXE-23146432.pf
Found ! - C:\WINDOWS\prefetch\29916828.EXE-14A11738.pf
Found ! - C:\WINDOWS\prefetch\330578.EXE-141C3AEB.pf
Found ! - C:\WINDOWS\prefetch\331187.EXE-09A090AF.pf
Found ! - C:\WINDOWS\prefetch\346906.EXE-1931C12F.pf
Found ! - C:\WINDOWS\prefetch\350125.EXE-24A712E3.pf
Found ! - C:\WINDOWS\prefetch\357359.EXE-0F9F5326.pf
Found ! - C:\WINDOWS\prefetch\376828.EXE-0816FD0D.pf
Found ! - C:\WINDOWS\prefetch\377125.EXE-20BB2424.pf
Found ! - C:\WINDOWS\prefetch\377687.EXE-1F649CFA.pf
Found ! - C:\WINDOWS\prefetch\410406.EXE-0D4D2FBE.pf
Found ! - C:\WINDOWS\prefetch\44478125.EXE-39AE58DA.pf
Found ! - C:\WINDOWS\prefetch\44505312.EXE-232F3734.pf
Found ! - C:\WINDOWS\prefetch\44536046.EXE-1650369C.pf
Found ! - C:\WINDOWS\prefetch\44567375.EXE-191FD79C.pf
Found ! - C:\WINDOWS\prefetch\641250.EXE-23C55D63.pf
Found ! - C:\WINDOWS\prefetch\651062.EXE-04A4CFA7.pf
Found ! - C:\WINDOWS\prefetch\701718.EXE-320797BB.pf
Found ! - C:\WINDOWS\prefetch\709562.EXE-1EADB150.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0F52C29B.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [20/11/2008 12:57] - C:\WINDOWS\system32\mdelk.exe
Found ! [20/11/2008 12:57] - C:\WINDOWS\system32\wintems.exe
Found ! [20/11/2008 12:57] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [20/11/2008 12:51] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [20/11/2008 12:51] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [04/07/2004 05:06] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [20/11/2008 13:01] - "C:\WINDOWS\system32\drivers\downld"
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\14978796.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15065125.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15071093.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15080906.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15099718.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15113609.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15157093.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15302828.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\15321156.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\166953.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\169671.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\181203.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\182515.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\183984.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\186812.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\205640.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\238546.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\241500.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\244015.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\279546.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\296968.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\29752031.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\298531.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\29869234.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\29870781.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\29890546.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\29900546.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\29926390.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\30038593.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\30053390.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\302578.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\305187.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\330578.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\357359.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\376828.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44493265.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44495312.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44505312.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44536046.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44580468.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44730734.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\44759750.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\456562.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\465687.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\474343.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\498265.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\505875.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\587390.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\589062.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\612875.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\613265.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\647156.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\656156.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\682312.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\808203.exe
Found ! [20/11/2008 13:01] - C:\WINDOWS\system32\drivers\downld\854328.exe

»»»» Presence des fichiers dans C:\Documents and Settings\pc\Application Data

Found ! [20/11/2008 12:58] - "C:\Documents and Settings\pc\Application Data\m\flec006.exe"
Found ! [20/11/2008 12:58] - "C:\Documents and Settings\pc\Application Data\m\list.oct"
Found ! [20/11/2008 12:59] - "C:\Documents and Settings\pc\Application Data\m\data.oct"
Found ! [20/11/2008 12:59] - "C:\Documents and Settings\pc\Application Data\m\srvlist.oct"
Found ! [20/11/2008 12:59] - "C:\Documents and Settings\pc\Application Data\m\shared"
Found ! [19/11/2008 19:12] - "C:\Documents and Settings\pc\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\pc\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5

Found ! [31/08/2007 16:40] - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\7B5560BB781B40259A06350E9B643B6E_more.jpg
Found ! [23/07/2008 20:33] - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\D3987B641C134048B815DB578D607F42_more.jpg
Found ! [19/11/2008 12:44] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64[1].jpg
Found ! [19/11/2008 15:59] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64[2].jpg
Found ! [19/11/2008 19:10] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64[3].jpg
Found ! [19/11/2008 23:35] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64[4].jpg
Found ! [20/11/2008 12:23] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64[5].jpg
Found ! [19/11/2008 13:11] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64_1[1].jpg
Found ! [20/11/2008 12:23] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64_2[1].jpg
Found ! [18/11/2008 21:26] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64_3[1].jpg
Found ! [19/11/2008 01:34] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64_3[2].jpg
Found ! [19/11/2008 12:44] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64_3[3].jpg
Found ! [19/11/2008 19:28] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\1JNW0NOR\b64_3[4].jpg
Found ! [18/11/2008 21:27] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64[1].jpg
Found ! [19/11/2008 18:50] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64[2].jpg
Found ! [20/11/2008 03:42] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64[3].jpg
Found ! [20/11/2008 07:46] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64[4].jpg
Found ! [19/11/2008 15:57] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_1[1].jpg
Found ! [19/11/2008 19:09] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_1[2].jpg
Found ! [20/11/2008 03:41] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_1[3].jpg
Found ! [19/11/2008 13:13] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_2[1].jpg
Found ! [19/11/2008 19:11] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_2[2].jpg
Found ! [19/11/2008 01:34] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_3[1].jpg
Found ! [19/11/2008 13:12] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_3[2].jpg
Found ! [20/11/2008 03:42] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_3[3].jpg
Found ! [20/11/2008 12:57] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\N5EAEEBT\b64_3[4].jpg
Found ! [19/11/2008 17:50] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64[1].jpg
Found ! [20/11/2008 12:58] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64[2].jpg
Found ! [18/11/2008 21:09] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_1[1].jpg
Found ! [19/11/2008 23:34] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_1[2].jpg
Found ! [19/11/2008 15:56] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_2[1].jpg
Found ! [19/11/2008 17:51] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_2[2].jpg
Found ! [19/11/2008 23:36] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_2[3].jpg
Found ! [20/11/2008 07:45] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_2[4].jpg
Found ! [18/11/2008 21:26] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_3[1].jpg
Found ! [19/11/2008 13:12] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_3[2].jpg
Found ! [19/11/2008 19:09] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_3[3].jpg
Found ! [19/11/2008 23:35] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\OFL6KXH5\b64_3[4].jpg
Found ! [08/11/2008 18:32] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\7D47E622E82D3304EFDB64F3EB042[1].jpg
Found ! [20/11/2008 12:57] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_1[1].jpg
Found ! [18/11/2008 21:27] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_2[1].jpg
Found ! [19/11/2008 12:43] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_2[2].jpg
Found ! [19/11/2008 16:00] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_2[3].jpg
Found ! [19/11/2008 19:28] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_2[4].jpg
Found ! [20/11/2008 03:42] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_2[5].jpg
Found ! [20/11/2008 07:46] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_2[6].jpg
Found ! [19/11/2008 05:37] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_3[1].jpg
Found ! [19/11/2008 17:49] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_3[2].jpg
Found ! [19/11/2008 18:49] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_3[3].jpg
Found ! [19/11/2008 19:10] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_3[4].jpg
Found ! [19/11/2008 23:35] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_3[5].jpg
Found ! [20/11/2008 12:23] - C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\ZQGMT7CZ\b64_3[6].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
kava=C:\WINDOWS\system32\kavo.exe
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
LiveSticker="C:\Program Files\Nosibay\Livesticker\launcher.exe"
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
L08FXLRD_7147890="E:\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

C2K=C:\WINDOWS\Cyb2k.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
Babylon Client=C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
APC=C:\Program Files\Advanced Parental Control\BackProcessAPC.exe
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
WhenUSearchWHSE="C:\Program Files\DAEMON Tools SearchBar\whse.exe"
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
<NO NAME>=

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-1844237615-1644491937-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-1844237615-1644491937-725345543-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1844237615-1644491937-725345543-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1844237615-1644491937-725345543-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1844237615-1644491937-725345543-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1844237615-1644491937-725345543-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

F: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 7 / 8
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 65
20 nov. 2008 à 13:23
Réouvre FindyKill , choisi cette fois ci l option 2 (Suppression)

/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage terminé"

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
Réponse 8 / 8
aminou92 Messages postés 137 Date d'inscription lundi 24 mars 2008 Statut Membre Dernière intervention 2 avril 2011
20 nov. 2008 à 13:34
sa ne marche po dés qu'il redémare il y'a un message d'erreur qui apparait et l'ecran devient bleu .
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
ou est l'accent grave sur le u
Diogène -
fauconleader -

8 réponses