Virus

Qu'est ce que Finddykill et UAC s'il vous plait que dois je faire pour l'intaller ??
Merci de toute vos réponses si rapide

merci j'ai bien télercharger mais quand je l'execute je met install mais ensuite l'installation sarrete est me crée un raccourcit sur le bureau !!!! Quand je lance ce raccourci voila ce qui apparait : C:\program files\trend micro\hijackthis\hijackthis.exe n'est pas une application Win32 valide.
Que faire ???

D'accord j'attend donc .
Merci !!!

voila tout est la merci beaucoup !!!

----------------- FindyKill V4.706 ------------------

* User : Maxime - PC-DE-MAXIME
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 27/11/08 par Chiquitine29
* Recherche effectuée à 14:23:11 le 28/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\Windows


»»»» Presence des fichiers dans C:\Windows\Prefetch

Found ! - C:\Windows\Prefetch\CS16PATCH_FULL_V21_2.EXE-EC7506F0.pf

»»»» Presence des fichiers dans C:\Windows\system32

Found ! [28/11/2008 14:02] - C:\Windows\system32\mdelk.exe
Found ! [28/11/2008 14:02] - C:\Windows\system32\wintems.exe
Found ! [28/11/2008 14:02] - C:\Windows\system32\ban_list.txt

»»»» Presence des fichiers dans C:\Windows\system32\drivers

Found ! [28/11/2008 14:00] - C:\Windows\system32\drivers\srosa.sys
Found ! [28/11/2008 14:00] - C:\Windows\system32\drivers\srosa2.sys
Found ! [16/03/2004 08:05] - C:\Windows\system32\drivers\winfilse.exe
Found ! [28/11/2008 14:05] - "C:\Windows\system32\drivers\downld"
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\109419.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\13400563.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\13407131.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\13408098.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\140915.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\142865.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\176827.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\218104.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\223034.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\269866.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\313234.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\318788.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\356275.exe
Found ! [28/11/2008 14:05] - C:\Windows\system32\drivers\downld\372327.exe

»»»» Presence des fichiers dans C:\Users\Maxime\AppData\Roaming

Found ! [28/11/2008 14:04] - "C:\Users\Maxime\AppData\Roaming\m\flec006.exe"
Found ! [28/11/2008 14:04] - "C:\Users\Maxime\AppData\Roaming\m\list.oct"
Found ! [28/11/2008 14:04] - "C:\Users\Maxime\AppData\Roaming\m\data.oct"
Found ! [28/11/2008 14:04] - "C:\Users\Maxime\AppData\Roaming\m\srvlist.oct"
Found ! [28/11/2008 14:07] - "C:\Users\Maxime\AppData\Roaming\m\shared"
Found ! [28/11/2008 14:04] - "C:\Users\Maxime\AppData\Roaming\m"

»»»» Presence des fichiers dans C:\Users\Maxime\AppData\Local\Temp


»»»» Presence des fichiers dans C:\Users\Maxime\Local Settings\Temporary Internet Files\Content.IE5

Found ! [28/11/2008 14:04] - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\642MP5MO\b64[1].jpg
Found ! [28/11/2008 14:03] - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FUVYR7BP\b64_1[1].jpg
Found ! [28/11/2008 14:02] - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHM6YUVL\b64_3[1].jpg
Found ! [27/11/2008 22:03] - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNSYN2ZV\b64_1[1].jpg
Found ! [28/11/2008 14:01] - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNSYN2ZV\b64_1[2].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

LightScribe Control Panel=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
IgfxTray=C:\Windows\system32\igfxtray.exe
HotKeysCmds=C:\Windows\system32\hkcmd.exe
Persistence=C:\Windows\system32\igfxpers.exe
UCam_Menu="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
QPService="C:\Program Files\HP\QuickPlay\QPService.exe"
Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
QlbCtrl.exe=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HP Health Check Scheduler=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HP Software Update=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
hpWirelessAssistant=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

[HKEY_CURRENT_USER\software\local appwizard-generated applications\run]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-321713164-1654322960-1453326474-1000\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-321713164-1654322960-1453326474-1000\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-321713164-1654322960-1453326474-1000\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-321713164-1654322960-1453326474-1000\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-321713164-1654322960-1453326474-1000\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\FFC
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

Wlansvc - Type de démarrage = 2

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

/!\ WinDefend - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe
D: - Lecteur fixe

+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------

Merci encore

----------------- FindyKill V4.706 ------------------

* User : Maxime - PC-DE-MAXIME
* executed from : C:\Program Files\FindyKill
* Update on 27/11/08 par Chiquitine29
* Start at 14:36:51 the 28/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\Windows


»»»» Supression files in C:\Windows\Prefetch

Deleted ! - C:\Windows\prefetch\CS16PATCH_FULL_V21_2.EXE-EC7506F0.pf

»»»» Supression files in C:\Windows\system32

Deleted ! - C:\Windows\system32\mdelk.exe
Deleted ! - C:\Windows\system32\wintems.exe
Deleted ! - C:\Windows\system32\ban_list.txt

»»»» Supression files in C:\Windows\system32\drivers

Deleted ! - C:\Windows\system32\drivers\srosa.sys
Deleted ! - C:\Windows\system32\drivers\srosa2.sys
Deleted ! - C:\Windows\system32\drivers\winfilse.exe
Deleted ! - C:\Windows\system32\drivers\downld\109419.exe
Deleted ! - C:\Windows\system32\drivers\downld\13400563.exe
Deleted ! - C:\Windows\system32\drivers\downld\13407131.exe
Deleted ! - C:\Windows\system32\drivers\downld\13408098.exe
Deleted ! - C:\Windows\system32\drivers\downld\140915.exe
Deleted ! - C:\Windows\system32\drivers\downld\142865.exe
Deleted ! - C:\Windows\system32\drivers\downld\176827.exe
Deleted ! - C:\Windows\system32\drivers\downld\218104.exe
Deleted ! - C:\Windows\system32\drivers\downld\223034.exe
Deleted ! - C:\Windows\system32\drivers\downld\269866.exe
Deleted ! - C:\Windows\system32\drivers\downld\313234.exe
Deleted ! - C:\Windows\system32\drivers\downld\318788.exe
Deleted ! - C:\Windows\system32\drivers\downld\356275.exe
Deleted ! - C:\Windows\system32\drivers\downld\372327.exe
Deleted ! - "C:\Windows\system32\drivers\downld"

»»»» Supression files in C:\Users\Maxime\AppData\Roaming

Deleted ! - "C:\Users\Maxime\AppData\Roaming\m\flec006.exe"
Deleted ! - "C:\Users\Maxime\AppData\Roaming\m\list.oct"
Deleted ! - "C:\Users\Maxime\AppData\Roaming\m\data.oct"
Deleted ! - "C:\Users\Maxime\AppData\Roaming\m\srvlist.oct"
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\1st_NTFS_Recovery_2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Ability_Server_2.32.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Add-in_Express_.NET_2.7_Key.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Admin_Http_Time_Sync_1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Adriana Lima 24 Screensaver 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\AFNConvert 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Aid_System_Restorer_2.5.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Alien Registry Viewer 1.0.186 [With Crack].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Amethyst CIPHER 1.05.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Angling_Manager_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Antivir.Personal.Edition.Premium.Incluso.Key(English).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\APS Accounting & Stock Control 3.0.1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\APT Golf 1.23 [Patch].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\AquadotRed_1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ArSol Promoter 1.06.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ASWSystems_Toolbars_Pack_-_Europe_Flags_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Audio_Mp3_Editor_1.25_(Key+Serial).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Baby Gender Calculator 0.23.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\BG.-.Boni.(2005).-.2006.(by.PANDA_1960).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Blazing Fireworks Screen Saver 5.0.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Breeze_Standard_Edition_5.3.9_Cracked.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Butterfly_Icons_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Camping_Memories_Screen_Saver_Collection_2.0_[KeyGen].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\CIW_Foundations_practice_tests_2.7.1_[Crack].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ClientIPForwarder 1.3.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\CodeFusion_3.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\CoverMe! 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\CPUInfo NT 1.102.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\CuteMenus-Crystal SVG 1.9.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Date and Time Picker 1.1.2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\DBScribe_for_MySQL_1.1.75.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\DEKSI Network Inventory 7.2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Desktop Dozen 5.00.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Desktop_Dozen_4.01_(Key+Serial).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Desktop_Mechanic_2.0.0.268.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\DirectISO 1.60 (Cracked).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Easy-to-Use_PDF_to_RTF_Converter_1.0_[Serial].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\EasyEclipse_Server_Java_1.2.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\EasySMS NetShell 2.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Eat Me 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\EkinSis Hide Folder 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\eMule MorphXT 9.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Envy_Trailer.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\EzWagez Payroll System 2.0.0.6.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Flickr Image Downloader 1.0.0 Build 28.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\FLVDownload_1.0_(KeyGen).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Focus CD Cover Maker 1.9.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\FolderView_2.1_With_Crack.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Font_Pilot_2.1.2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\FullCD 1.02 Build 1.02.0br.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Fun SoundPlayer Maker 2.2.0.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Glassbox_2.02.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\GraphMath_2.5_Patch.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Gravitorium Pro 1.2.0 [Patch].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Ho100pc_2.0.09_[Cracked].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\HVAC_Tools_Psychrometer_+_Duct_Calculator_1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Hyper Start 1.0.8.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ICQ_Password_1.0.292.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\IECitater_1.04.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Improve_Yourself_for_Your_First_Date_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ISO_Maker_1.8_[Serial].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\JavaScript_Reporter_1.0_[Serial].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\KillPro_1.5.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\LingvoSoft Dictionary 2007 English - Japanese Kana Romaji 4.0.22.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\LoadingMate 2.0.75.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Lunascape 4.1.3.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Mailsmith 2.1.5.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Mastery Pro 1.4.6.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Master_Uneraser_1.00_KeyGen.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\medi@maze_2.05_[With_Crack].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Microsoft Photo Info 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\MP3StickMan_1.3.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Mp3_Recorder_Splitter&Joiner_1.13.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\My Favorite Recipes 5.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\My_Privacy_Multi-User_3.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\NASA_Research_Aircraft_Screensaver_1.0_(Patch).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\NOD32.-.Antivirus.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\NOD32_2.51.26+NOD32.Trial.PATCH+NOD32-2.50(MUI.RUS) +_MS_Exchange_Server_(XMON).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Outlook Express Backup Genie 2.0 (Crack).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Paessler Netflow Tester 1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\PDF_Page_Number_1.02_(Key).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Podfeeder_1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\PPT2DVD_3.11.0.5.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Princeton_Toolbar_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Protected Photo Album 1.2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\RecoverSoft_Data_Rescue_PC_1.5.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Redeye Autoremover 1.5.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Saga_CD_Ripper_1.04.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ScreenSwish 2.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Search Synchronizer 1.3.0.3.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SE_WebBOM_for_SE_BOM_Extractor_3.1.17_Crack.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Simple Notes Organizer 1.1.8.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Simple Startup Manager 1.16.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Skinny_2.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SmartBuster_0.97.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Smart_Protector_Pro_6.2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SoniClear SalesVoice 5.1.46 (With Crack).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Sorta CD Ripper 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Source Code Spell Checker 3.01.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SpaceExplorer_1.0_Serial.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Spaces - 3D Desktop for Windows 1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SplashClock_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SS Water Lily - Animated 3D Screensaver 3.11 (Serial).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Sun_Certified_Programmer_for_JAVA_2_Platform_[310-025]_6.10.05_(Key).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\SuperWin_1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\TagSmart_1.2.39_Serial.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\The_Elder_Scrolls_III_Morrowind_G._I._A._N._T._S._Dragons_mod.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Thinc_Time_3.2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Tik's_Texas_Holdem_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Tkabber 0.9.8.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\ToDo list 2.03.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\TweakSEC 1.01.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Unreal_Tournament_2003_-_Multitude_Arena_deathmatch_map.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\USB@nywhere 3.1 (With Crack).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\vbGORE 0.1.1.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\VersaSRS Help Desk 3.3.0 [With Crack].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Viking_DVDPlayer_1.25_With_Crack.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WatchDog_II_[With_Crack].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WiHi_Shus_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WinDrivers_File_Folder_Access_Control_1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WinGroove_0.A4_Beta-2.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WinLPR_3.07_(With_Crack).zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WinPopup_Gold_5.14.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WinXMedia CD Extractor 1.0.91.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WinXp_Style_Menu_1.0_[Patch].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\WISH 8 News 1.0.zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\X360 Video Capture ActiveX OCX 2.0 [Cracked].zip
Deleted ! - C:\Users\Maxime\AppData\Roaming\m\shared\Zonex World Clock 1.05.zip
Deleted ! - "C:\Users\Maxime\AppData\Roaming\m\shared"
Deleted ! - "C:\Users\Maxime\AppData\Roaming\m"

»»»» Supression files in C:\Users\Maxime\AppData\Local\Temp


»»»» Supression files in C:\Users\Maxime\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\642MP5MO\b64[1].jpg
Deleted ! - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FUVYR7BP\b64_1[1].jpg
Deleted ! - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHM6YUVL\b64_3[1].jpg
Deleted ! - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNSYN2ZV\b64_1[1].jpg
Deleted ! - C:\Users\Maxime\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNSYN2ZV\b64_1[2].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-321713164-1654322960-1453326474-1000\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Wlansvc - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe
D: - Lecteur fixe

+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------



---------------- ! End of report ! ------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:50:27, on 28/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Je suis de retour je croyaiis que c'était finit !! Mon Pc et un compaq faut t'il que je télécharge usbfix ( je n'ai ni clé usb ni disque dur externe) ????

Merci Je suis de retour je croyaiis que c'était finit !! Mon Pc est un compaq faut t'il que je télécharge usbfix ( je n'ai ni clé usb ni disque dur externe) ????

Bonjour
je me permets de m'incruster parmi vous et je vous prie de m'en excuser. j'ai un souci avec un truc qui ressemble à un anti virus mais qui je crois n'en ai pas un. est ce que l'un d'entre vous peut jetter un oeil sur la discussion et sur le dernier log hijackthis :
http://www.commentcamarche.net/forum/affich 9613966 desinstaller ca etrust itm agent v8 0 403?#23

Quelqu'un avait commencé à m'aider et a disparu...je suis donc planté comme une con.. car suis une bille en informatique. help please....

vous passer quoi ???

donc je télercharge usbfix meme si je n'ai pas de clé usb et de disque dur interne ??