Trojan "application win32 non valide"

cmalcangdu38 Messages postés 5 Statut Membre -  
totobetourne Messages postés 5677 Statut Membre -
Bonjour,

Je viens en aide à l'ordinateur de mon père qui est infecté par un virus que j'ai déja fréquenté plusieurs fois mais que je n'ai jamais réussi à contrer.

Il me semble qu'il s'agit d'un trojan, sachant qu'il a contourné mon antivirus Avira antivir et qu'il est maintenant impossible de le redémarrer, laissant apparaitre cette erreur : "application win32 non valide".

Le même message se produit avec Hijackthis, je suis assez perdu. J'aurai besoin de votre aide précieuse pour savoir si ce virus est encore détectable et supprimable. Merci beaucoup.

11 réponses

Réponse 1 / 11
totobetourne Messages postés 5677 Statut Membre 65
 
tu as surement telecharger un crack il y a pas longtemps ou l on t a envoye un fichier verole.

on va regarder cela. merci.

Télécharges FindyKill de Chiquitine29

Fais un clique droit sur le lien et choisis "enregistrer la cible sous ...." , destination le bureau .

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe


Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

--> Entre dans le dossier " FindyKill "

Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

->choisis l'option 1 . Puis laisses travailler ...

Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )
1
Réponse 2 / 11
buginformatik Messages postés 2210 Statut Contributeur 54
 
Bonjour !

Des fichiers venant de peer to peer sont présents sur le PC, ou cracks ?
0
Réponse 3 / 11
cmalcangdu38 Messages postés 5 Statut Membre
 
Je crois que mon père utilise le P2P oui ...
0
Réponse 4 / 11
cmalcangdu38 Messages postés 5 Statut Membre
 
Merci, voila le rapport :

----------------- FindyKill V4.705 ------------------

* User : dino - PC-DE-DINO
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 13:07:44 le 20/11/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hamachi\hamachi.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [20/11/2008 12:17] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\113968.EXE-2D9FDC97.pf
Found ! - C:\WINDOWS\prefetch\117203.EXE-04F54AF9.pf
Found ! - C:\WINDOWS\prefetch\14907093.EXE-2BBFBE15.pf
Found ! - C:\WINDOWS\prefetch\14914703.EXE-26251000.pf
Found ! - C:\WINDOWS\prefetch\15371171.EXE-382CD574.pf
Found ! - C:\WINDOWS\prefetch\15442687.EXE-1F6D9FA0.pf
Found ! - C:\WINDOWS\prefetch\15546578.EXE-38357A0D.pf
Found ! - C:\WINDOWS\prefetch\204687.EXE-10EAD61B.pf
Found ! - C:\WINDOWS\prefetch\237828.EXE-2DA5218A.pf
Found ! - C:\WINDOWS\prefetch\245156.EXE-0D70B5EF.pf
Found ! - C:\WINDOWS\prefetch\252437.EXE-1CF7BE8E.pf
Found ! - C:\WINDOWS\prefetch\268203.EXE-277B6661.pf
Found ! - C:\WINDOWS\prefetch\275703.EXE-07E4CEE7.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-23FFE2FB.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\INSTALL_PATCH.EXE-3AF59D84.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [18/11/2008 20:15] - C:\WINDOWS\system32\mdelk.exe
Found ! [18/11/2008 20:15] - C:\WINDOWS\system32\wintems.exe
Found ! [20/11/2008 12:30] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [20/11/2008 11:28] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [20/11/2008 11:28] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [09/04/2006 06:03] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [20/11/2008 11:32] - "C:\WINDOWS\system32\drivers\downld"
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\1039187.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\1144343.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\117203.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\117609.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\121703.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\136578.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\137765.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\140593.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\141046.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\142375.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14776218.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14814265.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14816578.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14839218.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14857609.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14865250.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14888796.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14903093.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14914703.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\14967109.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15023203.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15040796.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\151437.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15238890.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15259390.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15371171.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15442687.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15483640.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15604687.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\15844312.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\16060593.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\16174062.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\164343.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\166234.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\166937.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\170984.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\171265.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\173546.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\176312.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\182203.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\185218.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\187765.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\191109.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\193406.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\195203.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\196156.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\196781.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\197406.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\198468.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\198718.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\201296.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\203296.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\204687.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\208093.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\208640.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\210015.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\210031.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\211796.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\216312.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\219187.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\221531.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\221921.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\221984.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\225406.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\227812.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\229484.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\230109.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\232375.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\232390.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\232781.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\234281.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\235031.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\237828.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\238875.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\239781.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\245156.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\252437.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\253812.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\257562.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\268265.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\275140.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\275703.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\276406.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\281265.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\285187.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\285937.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\286406.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29477359.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29548625.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29550218.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29625750.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29640953.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\296437.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29661390.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29686343.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29742046.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\297859.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\29905421.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30016734.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30111453.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30748890.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30770593.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30772671.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30796187.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30803781.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30816390.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30880406.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30917625.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\30930078.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\314281.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\326875.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\332843.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\336453.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\337250.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\343765.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\345625.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\346968.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\349125.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\352234.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\356546.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\357218.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\363281.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\382062.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\405093.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\429546.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\439593.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\451906.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45350593.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45396890.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45400078.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45421390.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45433515.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45445687.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45498734.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45547625.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\45567468.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\468437.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\477390.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\493000.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\544734.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\569250.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\596171.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\626046.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\687562.exe
Found ! [20/11/2008 11:32] - C:\WINDOWS\system32\drivers\downld\796703.exe

»»»» Presence des fichiers dans C:\Documents and Settings\dino\Application Data

Found ! [20/11/2008 11:30] - "C:\Documents and Settings\dino\Application Data\m\flec006.exe"
Found ! [20/11/2008 11:32] - "C:\Documents and Settings\dino\Application Data\m\shared"
Found ! [20/11/2008 12:16] - "C:\Documents and Settings\dino\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\dino\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5

Found ! [16/11/2008 20:12] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\13R1EHM1\b64_3[1].jpg
Found ! [16/11/2008 20:12] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64[1].jpg
Found ! [17/11/2008 00:21] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_1[1].jpg
Found ! [17/11/2008 04:40] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_1[2].jpg
Found ! [17/11/2008 04:41] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_2[1].jpg
Found ! [17/11/2008 00:25] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_3[2].jpg
Found ! [16/11/2008 20:10] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_1[2].jpg
Found ! [17/11/2008 08:44] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_1[3].jpg
Found ! [17/11/2008 00:16] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_2[1].jpg
Found ! [17/11/2008 00:27] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_2[2].jpg
Found ! [17/11/2008 04:40] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_2[3].jpg
Found ! [17/11/2008 04:41] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_3[1].jpg
Found ! [17/11/2008 00:25] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64[1].jpg
Found ! [16/11/2008 20:09] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_2[1].jpg
Found ! [16/11/2008 20:12] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_2[2].jpg
Found ! [17/11/2008 08:43] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_2[3].jpg
Found ! [16/11/2008 20:12] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_3[1].jpg
Found ! [17/11/2008 08:45] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_3[2].jpg
Found ! [16/11/2008 20:12] - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\mxd[1].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
Azureus Ultra Accelerator="C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe" -tray
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
totobetourne Messages postés 5677 Statut Membre 65
 
Réouvre FindyKill , choisi cette fois ci l option 2 (Suppression)

/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage terminé"

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
Réponse 6 / 11
cmalcangdu38 Messages postés 5 Statut Membre
 
Voila, j'ai bien l'impression que ça vient des cracks pour les logiciels graphiques. :'

----------------- FindyKill V4.705 ------------------

* User : dino - PC-DE-DINO
* executed from : C:\Program Files\FindyKill
* Update on 17/11/08 par Chiquitine29
* Start at 13:34:03 the 20/11/2008
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\113968.EXE-2D9FDC97.pf
Deleted ! - C:\WINDOWS\prefetch\117203.EXE-04F54AF9.pf
Deleted ! - C:\WINDOWS\prefetch\14907093.EXE-2BBFBE15.pf
Deleted ! - C:\WINDOWS\prefetch\14914703.EXE-26251000.pf
Deleted ! - C:\WINDOWS\prefetch\15371171.EXE-382CD574.pf
Deleted ! - C:\WINDOWS\prefetch\15442687.EXE-1F6D9FA0.pf
Deleted ! - C:\WINDOWS\prefetch\15546578.EXE-38357A0D.pf
Deleted ! - C:\WINDOWS\prefetch\204687.EXE-10EAD61B.pf
Deleted ! - C:\WINDOWS\prefetch\237828.EXE-2DA5218A.pf
Deleted ! - C:\WINDOWS\prefetch\245156.EXE-0D70B5EF.pf
Deleted ! - C:\WINDOWS\prefetch\252437.EXE-1CF7BE8E.pf
Deleted ! - C:\WINDOWS\prefetch\268203.EXE-277B6661.pf
Deleted ! - C:\WINDOWS\prefetch\275703.EXE-07E4CEE7.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-23FFE2FB.pf
Deleted ! - C:\WINDOWS\prefetch\INSTALL_PATCH.EXE-3AF59D84.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1039187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\1144343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\117609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\121703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\136578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\137765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\140593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\141046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\142375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14776218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14814265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14816578.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14839218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14857609.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14865250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14888796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14903093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14914703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\14967109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15023203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15040796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\151437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15238890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15259390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15371171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15442687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15483640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15604687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\15844312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\16060593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\16174062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\164343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\166937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\170984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\171265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\173546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\176312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\182203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\185218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\187765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\191109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\193406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\195203.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\196156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\196781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\197406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\198468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\198718.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\201296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\203296.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\204687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\208093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\208640.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\210015.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\210031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\211796.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\216312.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\219187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\221531.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\221921.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\221984.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\225406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\227812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\229484.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\230109.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\232375.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\232390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\232781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\234281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\235031.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\237828.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\238875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\239781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\245156.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\252437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\253812.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\257562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\268265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\275140.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\275703.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\276406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\281265.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\285187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\285937.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\286406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29477359.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29548625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29550218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29625750.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29640953.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\296437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29661390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29686343.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29742046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\297859.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\29905421.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30016734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30111453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30748890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30770593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30772671.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30796187.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30803781.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30816390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30880406.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30917625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\30930078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\314281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\326875.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\332843.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\336453.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\337250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\343765.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\345625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\346968.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\349125.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\352234.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\356546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\357218.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\363281.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\382062.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\405093.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\429546.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\439593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\451906.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45350593.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45396890.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45400078.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45421390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45433515.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45445687.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45498734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45547625.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\45567468.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\468437.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\477390.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\493000.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\544734.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\569250.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\596171.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\626046.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\687562.exe
Deleted ! - C:\WINDOWS\system32\drivers\downld\796703.exe
Deleted ! - "C:\WINDOWS\system32\drivers\downld"

»»»» Supression files in C:\Documents and Settings\dino\Application Data

Deleted ! - "C:\Documents and Settings\dino\Application Data\m\flec006.exe"
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\1D0-437 Downloadable Exam Simulator 2.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Abomination_2.7.0_patch.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Active RTF 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Active_Media_Eclipse_Personal_Edition_3.0_With_Crack.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Acuherb TreatSoft 2.5 build 0508.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\AdesClrPicker_2.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Adobe_Soundbooth_CS3_Beta_3.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Advanced Encryption Plug-In for Windows Explorer 4.0.2 [Key+Serial].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Akeni_Secure_Messaging_Server-Expert_Edition_2.2.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Alban's_Diff_Tool_0.3.0_Build_190.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\AlbumWrap_Extractor_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\AutoCAD_Update_Tool_2.0.6_[KeyGen].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\AX-ZIP_Finder_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\BackMaster_4.01.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Baseball Mogul 2006 demo.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Batch_Audio_Converter_1.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\BK Colour Coder 2.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Blackie_Strollin_1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\CashWorks_3.1.4.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Chemical_Management_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Cindy.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Circle_Feeds_Icons_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Clicktionary_English-Italian_3.2.2_[Patch].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Composition_Pilot_1.50_(KeyGen).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Comrom_Chart_1.6.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\CZ-Xls2Pdf COM 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Dangerous_Mines_1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Desktop Rain Screensaver 01.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Dharma.sk_clock_en 1.08.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\DigiGenius_DVD_to_Zune_Converter_3.6.6.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Disk_Write_Copy_Professional_Edition_1.0.0.1258.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\DJ-Christopher BR Radio 2.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Dream_Flashsee_1.3.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\DriveEncryption.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\EasySleep_3.0.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Easy_Resume_Creator_Pro_4.15.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Email_Marketing_Pro_1.0_(Key).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\EVEREST_Home_Edition_2.20.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Excel Import Multiple Access Tables Software 7.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\EZ ASF iPod Converter 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\EZ Backup Opera Premium 5.2.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\FileSplit 2.34.424.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Find_and_Run_Robot_2.00.76_Alpha.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\FlashInsight_Data_Export_Utilty_1.0_Key.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\FlashMute_2.08.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Genbox 3.6.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Glooton_1.5.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Google_Base_Want_Ads_Lister_1.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Great_Artist_Van_Gogh_1.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Groovy_backgrounds_14.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Hash Calc 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Heartbreak Picture Viewer 1.0 Key+Serial.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\i.Xchange_Mobile_Partner_for_Motorola_2.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\iCartoonPC 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\IconoMaker 3.07.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\IE_HTTP_Analyzer_2.2.2.115_Serial.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Internet_Satellite_TV_Player_1.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\ITIC_Dialer_2.4_build_30805.1100_(Cracked).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\KaraokeKanta_5.0_[Crack].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Kaspersky Internet Security 2006 6.0.0.300 RUS Final Cracked.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Katie Holmes Sexy Screensaver 1.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\KeyLogger Mask 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\KonClock_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Launcher 2.5.6.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Less_MSI‚rables_1.0.1988.32288.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\LingvoSoft Talking Dictionary 2007 German - Czech 4.0.22.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2007 Russian - Latvian 1.1.18.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Loan_Calculator_4.0.95.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Magic_Math_Adventure_Tour_for_ages_9_to_10_2.1_(Cracked).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Metal Detector - Treasure Hunter Pro 7.0 [Crack].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Moulin_Rouge_'Diamonds_are_a_Girl's_Best_Friend'_Screensaver_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\MS SQL Server Find and Replace Software 7.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\MSN Avatars Creator 1.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\MyPhoto Calendars 4.0.8.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\N.A.G. (Network_Auralization_for_Gnutella)_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Network Interface Statistics Monitor 0.9.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Oven Fresh Rollover Maker 3.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\OverSeer 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\PanoModules Pro 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\PassPic_2.02_[Serial].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Patient Information Management 3.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Ponger2005_5.0.0.43_(With_Crack).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Pornillo 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\PowerPointPipe 2.8.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\PractiCount and Invoice Business Edition 3.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Pregnancy Calculator Widget 1.5.3.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Privacy Solution 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Quick Macros 2.2.0.5 Beta.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\QuickTime_MOV_Converter_2.0_(Serial).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\RadioNet 1.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Real_Estate_Manager_1.1_[Patch].zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Remove (Delete, Strip) Metadata In Multiple Files Software 7.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Restauration_2.5.14.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\SERanker_Pro_2.65_(Serial).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\ShadowServer_2.5_Serial.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Skype Toolbar for Mozilla Firefox 2.3.0.31.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\SmartTranslator 1.41.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Spring Fantasy Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\SSCP Free Test Exam Questions 10.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Student_Management_System_1.01.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\SubAdd 2007 1.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Super_DVD_to_iPod_Converter_+_Video_to_iPod_PowerPack_build_2006_5.0.1_(KeyGen).zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Swiftpage_for_Microsoft_SQL_and_MySQL_1.0.8.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\SyncBackSE 4.4.14.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Tab_Mix_Plus_0.3.0.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Tarkovsky Lights Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Teleport_Pro_1.39.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\The Little Calorie Deluxe 5.5.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\The_Elder_Scrolls_III_Morrowind_-_Venymora's_Red_Leather_Outfit_mod.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Thumbs Firefox Add-on 0.6.3.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\TinyWebGallery_1.4.2.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Tom_Clancy's_Ghost_Recon_Advanced_Warfighter_demo.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\tunebounce 1.0.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Turkish Travel Free Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\uCertify_C1D0-510_7.0.05.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Underwear_(Female)_Screensaver_1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Unreal_Tournament_2003_-_Idol_Worship_2_deathmatch_map.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Vista Federal Credit Union Mortgage Rates 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Wapicode_Photo_Manager_2.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\WebTester 5.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Web_Protector_2.1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\WordMetry_1.55.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Wsfarm_1.05.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\XenoFlow 1.20 beta.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Yamaha 9000 Drumkit for Kontakt and Battery 1.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Z Planner Agenda 1.0.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\zenFolders 1.0.0.6.zip
Deleted ! - C:\Documents and Settings\dino\Application Data\m\shared\Zeus_for_Windows_3.96i.zip
Deleted ! - "C:\Documents and Settings\dino\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\dino\Application Data\m"

»»»» Supression files in C:\DOCUME~1\dino\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\13R1EHM1\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\9RWO17IQ\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\DRMEJRZL\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\dino\Local Settings\Temporary Internet Files\Content.IE5\EBC33S31\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\Local AppWizard-Generated Applications\install_patch
Deleted ! - HKEY_USERS\S-1-5-21-789336058-413027322-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !


+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\dino\Application Data\Azureus\torrents\=[SUMOTorrent.com]=_PhotoShop_CS3_Extended_Keygen_ST1145041.torrent
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\file_id.diz
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\INSTALL NOTES.txt
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\KEYGEN.exe
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\ssg.nfo
C:\Documents and Settings\dino\Recent\crackme.def.lnk


---------------- ! End of report ! ------------------
0
Réponse 7 / 11
totobetourne Messages postés 5677 Statut Membre 65
 
enleve tous cela.

C:\Documents and Settings\dino\Application Data\Azureus\torrents\=[SUMOTorrent.com]=_PhotoShop_CS3_Extended_Keygen_ST1145041.torrent
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\file_id.diz
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\INSTALL NOTES.txt
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\KEYGEN.exe
C:\Documents and Settings\dino\Mes documents\photoshop\KEYGEN\ssg.nfo
C:\Documents and Settings\dino\Recent\crackme.def.lnk


ensuite on va voir si il te reste autre chose.
telecharge cela:util pour voir ce que peut etre l infection et agir ensuite.

http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

installe le normallement comme tout autre programme dans c/programme/...............
clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
parfois alerte comme quoi, sans la fonction administrateur le rapport ne peut pas etre complet .
a ce moment relance hijack avec un clique droit sur le raccourci et executer en tant qu administrateur.
0
Réponse 8 / 11
nirvana95 Messages postés 323 Statut Membre 9
 
Télécharge la version d'éssai de kaspersky, pour moi a chaque foi que je me suis choppé un virus a cause du p2p j'ai fais ca et il a tout viré ^^
0
Réponse 9 / 11
totobetourne Messages postés 5677 Statut Membre 65
 
nirvana ce que l on propose ici et la dans ce cas est tres specifique de cette infection.

enleve bien les fichiers generateurs de bagle si tu ne les retire pas et que tu relances le programme il t arrivera la meme chose.
je te conseillerai de desinstaller photoshop et de le reinstaller.
0
Réponse 10 / 11
cmalcangdu38 Messages postés 5 Statut Membre
 
Merci tout remarche pour le mieux.

Tous les fichiers photoshop sont désinstallés;

Merci encore.
0
Réponse 11 / 11
totobetourne Messages postés 5677 Statut Membre 65
 
attend c est pas fini.

il n y a pas que cela a faire , il faut voir si tu n as pas d autres infections et ensuite se serait bien de te pencher sur ta securite un petit peu histoire de ne pas revenir tres vite.
ici il y en a plein qui ouvrent des discussions avec le titre :encore infecte par........, donc si on desinfecte et on ne fait pas le necessaire derriere c est un peu inutil.

telecharge cela:util pour voir ce que peut etre l infection et agir ensuite.

http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

installe le normallement comme tout autre programme dans c/programme/...............
clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
parfois alerte comme quoi, sans la fonction administrateur le rapport ne peut pas etre complet .
a ce moment relance hijack avec un clique droit sur le raccourci et executer en tant qu administrateur.
0

Discussions similaires

problème reconnaissance url liste iptv avec smartiptv
jo56jo -
Farid43 -

8 réponses
Pb Windows 7, .EXE n'est pas app win32 valide
Witeric -
Lio -

15 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses