Sujet Précédent Sujet Suivant

Problème de virus - Analyse Combofix

Fermé
Absaigon - 11 déc. 2008 à 15:22
 Le Sid - 13 déc. 2008 à 03:22
Bonjour,

Ayant eu plusieurs problèmes sérieux de virus (redémarrages intempestifs, blocage des programmes dont les antivirus classiques >>> message du type "n'est pas une application win32"), j'ai lancé combofix et obtenu le rapport ci-dessous. Quelqu'un peut il m'aider pour l'analyser et m'indiquer la marche à suivre. Merci d'avance

RAPPORT :


ComboFix 08-12-09.03 - Jérémy 2008-12-11 18:05:03.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.402 [GMT 7:00]
Lancé depuis: c:\documents and settings\Jérémy\Bureau\LastChance.exe
Commutateurs utilisés :: c:\documents and settings\Jérémy\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\[u]0/u8dgu.com
C:\[u]0/uu.cmd
C:\[u]0/uw.com
C:\1rfw8hjr.com
C:\1t6yxlxx.cmd
C:\1u0o8bnq.cmd
C:\2.cmd
C:\2h60k.cmd
C:\3rl3lqbq.bat
C:\6.bat
C:\68.exe
C:\9.cmd
C:\9yqusig.bat
C:\a1.bat
C:\abk.bat
C:\autorun.inf
C:\b.cmd
C:\b.exe
C:\b0j6j16.bat
C:\b3b9u.com
C:\bo1dhu.bat
C:\ceqfqp.bat
C:\d.bat
c:\documents and settings\Jérémy\Application Data\m\data.oct
c:\documents and settings\Jérémy\Application Data\m\list.oct
c:\documents and settings\Jérémy\Application Data\m\shared
c:\documents and settings\Jérémy\Application Data\m\shared\-.[KEYGEN].-.McAfee.Virus.Scan.Crack.-.Serial.Number.zip
c:\documents and settings\Jérémy\Application Data\m\shared\].zip
c:\documents and settings\Jérémy\Application Data\m\shared\3D Rotate Light 3.0.3.zip
c:\documents and settings\Jérémy\Application Data\m\shared\ABCDrawHTML 2.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\ActionRecorder 2.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Add-in Express for .NET 2007.3.5.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Adobe CS4 Icon Pack.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Adobe CS5 ICONS.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Advanced Image To PDF Converter 1.5.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Alnaseeha 1.01.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Alphabet Flash Cards 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\AlphaMask Brush 1.7.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Antivirus.Kaspersky.Personal.Pro.v4.5.0.58.Spanish.key.hasta.2007.Anti-hackers.by.Paula.zip
c:\documents and settings\Jérémy\Application Data\m\shared\AUAU MPEG MOV AVI to iPod Converter 4.3.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Avast.4.7.Professional.Keygen.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Avast.Antivirus.PRO.4.5.+.key.gen.zip
c:\documents and settings\Jérémy\Application Data\m\shared\AVS Video to BlackBerry 2.1.1.102.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Battery Monitor Widget 1.3.zip
c:\documents and settings\Jérémy\Application Data\m\shared\BG.-.Biljana.(2006).-.Omagiosan.svjat.(by.Panda_1960).zip
c:\documents and settings\Jérémy\Application Data\m\shared\BG.-.Silvia.(2006).-.Da.me.zhelaesh.(by.Panda_1960).zip
c:\documents and settings\Jérémy\Application Data\m\shared\Bird Drawings Screensaver 1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Blobber 3.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Bookie 0.9.zip
c:\documents and settings\Jérémy\Application Data\m\shared\ByteBreak 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Code Practice 2.22c.zip
c:\documents and settings\Jérémy\Application Data\m\shared\CompactBuilder 2.05.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Cracklock 3.9.44.zip
c:\documents and settings\Jérémy\Application Data\m\shared\CursorUS 1.9.zip
c:\documents and settings\Jérémy\Application Data\m\shared\CX Nav Bar 2.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Desktop Puddle Screensaver 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\dfg AtomicTimeSync XP 3.10.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Distance Formula 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\DLLfunctions 1.01.zip
c:\documents and settings\Jérémy\Application Data\m\shared\e-Wall 3.4.2005.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Ejector.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Evolution 1.5.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Extra Photo to Video Converter Free 6.04.zip
c:\documents and settings\Jérémy\Application Data\m\shared\EZNamespaceExtensions.Net 2008 Build 581904.zip
c:\documents and settings\Jérémy\Application Data\m\shared\FALCON_MOBiLE_RALLY_EVOLUTiON_128x160_J2me_3D.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Fantastic Feline 3D 1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Find Target 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Folder Guard 7.6.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Folder Password Expert 2.1.0.3.zip
c:\documents and settings\Jérémy\Application Data\m\shared\FracThunder 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Free 3D Aquarium Screensaver.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Freebking BMW Screensaver 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\FreeCD 1.91.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Funny face 2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\FXBear Free MOV Converter 1.0.2897.31567.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Grisoft.AVG.Antivrus.Professional.Single.Edition.v7.1.375.Trial.+.Crack.(trial.to.full).zip
c:\documents and settings\Jérémy\Application Data\m\shared\Helix_Mobile_Producer_11.0.1_With_Crack.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Honeysuckle Creek Tracking Station 1.0.0.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Image Smith 1.0.3.zip
c:\documents and settings\Jérémy\Application Data\m\shared\iPodPhotoCopy 1.7.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Javasign 1.2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\jDictionary.Mobile.Advanced.English.Dictionary.v4.0.S60.Java.Cracked-BiNPDA.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Jing 1.6.8128.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Kaspersky.Anti.Virus.Personal.5.0.388.WinAll-TWK.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Kaspersky.Internet.Security.v6.0.0.300.WinAll-TWK.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Kate Moss Screensaver2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\KDX Client 1.600.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Keynesis Portable Sweeper 1.5.zip
c:\documents and settings\Jérémy\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 English Chinese Simplified 4.1.29.zip
c:\documents and settings\Jérémy\Application Data\m\shared\m9P News Feeder 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Markin 3.1.2.9.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Markov Chainer 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\MB Free Destiny Number 1.25.zip
c:\documents and settings\Jérémy\Application Data\m\shared\McAfee.ePolicy.Orchestrator.v3.6.1.166.(Multilingual).zip
c:\documents and settings\Jérémy\Application Data\m\shared\McAfee.MemoKit.v3.1.[with.VIETATO].zip
c:\documents and settings\Jérémy\Application Data\m\shared\MHX Homework Helper 1.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Microsoft Office Suite 2007 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\mini SportsTicker 1.2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Motorcycle Superstore 1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\MouSing 2.6.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Mp3 Music Explorer 1.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Multi frontend 0.98 beta.zip
c:\documents and settings\Jérémy\Application Data\m\shared\MyBrute 0.2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Nod32_2.000.6_Win98_exe_cracked_GryfX.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Nuva Language 2008.7.21.851.zip
c:\documents and settings\Jérémy\Application Data\m\shared\OdbcPlus 4.0.0.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Online Grammar Checker 2.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Outlook Express Hider 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Panda.TruPrevent.Personal.2006.v3.00.00.MULTILANGUAGE.PACK.1.AND.2.WinALL.RETAIL-ARN.zip
c:\documents and settings\Jérémy\Application Data\m\shared\PeekaMe Player 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Phone dialer 1.5.zip
c:\documents and settings\Jérémy\Application Data\m\shared\PictureMoreZ 1.2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\PopWatcher 1.0.0.40.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Portable ivTools 1.52.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Power Video Converter 2.0.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Programma Nokia S60 con piu di 1000 barzellette.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Queue To SMS for Microsoft CRM 3.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Quexal 1.8.2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Resume Manager Enterprise Edition 2.02.zip
c:\documents and settings\Jérémy\Application Data\m\shared\RS MMedia 1.00.0.0001.zip
c:\documents and settings\Jérémy\Application Data\m\shared\RuleForge 1.0.5 Beta.zip
c:\documents and settings\Jérémy\Application Data\m\shared\RW Flashcards 3.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\ScreenCaster 1.00.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Search URL 4.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Secret's Assistant 1.18.zip
c:\documents and settings\Jérémy\Application Data\m\shared\SemantiFind 0.1.284.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Sentry Pro 2.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\SmartVBA 2.0.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\SQL Source Control 2003.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Sum Quick Launcher 2.2.1.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Sun clock Opera Widget 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\SunRav TestOfficePro 5.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\SuperHeat 6.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Symantec.Enterprise.Security.Manager.Suite.v6.5.KeyMaker.crack.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Symantec.Norton.Ghost.2006.v10.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Tamper Data 10.1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Tax Lien Investment Calculator 2.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Tia Carrere 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Trigger Happy Screensaver 1.0.zip
c:\documents and settings\Jérémy\Application Data\m\shared\UNO Challenge 240x320 Symbian J2me.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Vintage Strings MkII 1.01.zip
c:\documents and settings\Jérémy\Application Data\m\shared\VP6 6.1.0.2.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Web Form Builder 9.0.21022.8.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Web TimeSheet 7.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\WelMos 1.0b.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Wind 12.zip
c:\documents and settings\Jérémy\Application Data\m\shared\WinDVD Creator Gold 3.0B001.214C00.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Worms 2003 Nokia 6280 - 320x240 Adapted.zip
c:\documents and settings\Jérémy\Application Data\m\shared\WUUP 4.1.8.4.zip
c:\documents and settings\Jérémy\Application Data\m\shared\YUV File Player 1.1.zip
c:\documents and settings\Jérémy\Application Data\m\shared\Zend Extension 0.4.0 Beta.zip
c:\documents and settings\Jérémy\Application Data\m\shared\ZIPCodeWorld Desktop 1.11.zip
c:\documents and settings\Jérémy\Application Data\m\srvlist.oct
c:\documents and settings\Jérémy\Application Data\MBSMacOSXPlugin1635.dll
C:\dynrn6e.cmd
C:\e.cmd
C:\e.exe
C:\ev60a2.cmd
C:\ewatr.cmd
C:\f.bat
C:\f.exe
C:\fphj6j31.bat
C:\hupxj.bat
C:\i.bat
C:\ij.bat
C:\itsduel.exe
C:\iw.bat
C:\kk3.bat
C:\kn6jhgc.cmd
C:\l1.cmd
C:\lky.exe
C:\m2nl.bat
C:\m9as2c.cmd
C:\n.com
C:\n6t1h.cmd
C:\ncyrf.bat
C:\nfdmg.com
C:\nq0cq.cmd
C:\otyh.cmd
C:\ov.cmd
C:\p.cmd
C:\pnt.com
c:\program files\180search assistant
c:\program files\180search assistant\180SA\saap.log
c:\program files\Bkav2006
c:\program files\Bkav2006\Backup\BootC.dat
c:\program files\Bkav2006\Backup\BootD.dat
c:\program files\Bkav2006\Backup\BootE.dat
c:\program files\Bkav2006\Backup\BootG.dat
c:\program files\Bkav2006\Backup\BootK.dat
c:\program files\Bkav2006\Bkav2006.exe
c:\program files\Bkav2006\ContextMenu.dll
c:\program files\Bkav2006\Help\bkav.css
c:\program files\Bkav2006\Help\chitiet.htm
c:\program files\Bkav2006\Help\chitiete.htm
c:\program files\Bkav2006\Help\HelpBanquyen.htm
c:\program files\Bkav2006\Help\Helpbtg.htm
c:\program files\Bkav2006\Help\Helpdiet.htm
c:\program files\Bkav2006\Help\HelpGth.htm
c:\program files\Bkav2006\Help\HelpLiqu.htm
c:\program files\Bkav2006\Help\HelpLiveUpdate.htm
c:\program files\Bkav2006\Help\Helpnhki.htm
c:\program files\Bkav2006\Help\Helpnhl.htm
c:\program files\Bkav2006\Help\HelpOpt.htm
c:\program files\Bkav2006\Help\HelpVrls.htm
c:\program files\Bkav2006\Help\images\arrow.gif
c:\program files\Bkav2006\Help\images\DangKy.gif
C:\r1y1.bat
C:\rcukd.cmd
c:\recycled\Recycled
C:\svdioajm.cmd
C:\t1ypkh.exe
C:\tyktjfww.exe
C:\u.exe
C:\u6k.cmd
C:\u9dyi.exe
C:\uxkktr.cmd
C:\vva0hc0p.cmd
C:\vxl.exe
c:\windows\Fonts\Vn.Fon
c:\windows\kdcoms.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_003056_.tmp.dll
c:\windows\system32\_003057_.tmp.dll
c:\windows\system32\_003058_.tmp.dll
c:\windows\system32\_003059_.tmp.dll
c:\windows\system32\_003066_.tmp.dll
c:\windows\system32\_003067_.tmp.dll
c:\windows\system32\_003068_.tmp.dll
c:\windows\system32\_003069_.tmp.dll
c:\windows\system32\_003071_.tmp.dll
c:\windows\system32\_003072_.tmp.dll
c:\windows\system32\_003075_.tmp.dll
c:\windows\system32\_003076_.tmp.dll
c:\windows\system32\_003078_.tmp.dll
c:\windows\system32\_003079_.tmp.dll
c:\windows\system32\_003080_.tmp.dll
c:\windows\system32\_003082_.tmp.dll
c:\windows\system32\_003085_.tmp.dll
c:\windows\system32\_003086_.tmp.dll
c:\windows\system32\_003090_.tmp.dll
c:\windows\system32\_003091_.tmp.dll
c:\windows\system32\_003093_.tmp.dll
c:\windows\system32\_003096_.tmp.dll
c:\windows\system32\_003098_.tmp.dll
c:\windows\system32\_003099_.tmp.dll
c:\windows\system32\_003100_.tmp.dll
c:\windows\system32\_003101_.tmp.dll
c:\windows\system32\_003102_.tmp.dll
c:\windows\system32\_003105_.tmp.dll
c:\windows\system32\_003106_.tmp.dll
c:\windows\system32\_003107_.tmp.dll
c:\windows\system32\_003108_.tmp.dll
c:\windows\system32\_003109_.tmp.dll
c:\windows\system32\_003114_.tmp.dll
c:\windows\system32\ban_list.txt
c:\windows\system32\Bitkv0.dll
c:\windows\system32\Bitkv1.dll
c:\windows\system32\BkavAuto.vxd
c:\windows\system32\ckvo.exe
c:\windows\system32\ckvo0.dll
c:\windows\system32\ckvo1.dll
c:\windows\system32\ckvo2.dll
c:\windows\system32\drivers\BkavAuto.sys
c:\windows\system32\drivers\SysLib.sys
c:\windows\system32\gasretyw0.dll
c:\windows\system32\gasretyw1.dll
c:\windows\system32\gasretyw2.dll
c:\windows\system32\kamsoft.exe
c:\windows\system32\kavo.exe
c:\windows\system32\kavo0.dll
c:\windows\system32\kavo1.dll
c:\windows\system32\kavo2.dll
c:\windows\system32\mdelk.exe
c:\windows\system32\tavo.exe
c:\windows\system32\tavo0.dll
c:\windows\system32\tavo1.dll
c:\windows\system32\wintems.exe
C:\xih9.cmd
C:\xk2n.bat
C:\yannh.cmd
C:\yew.bat
C:\ypjq1.cmd
D:\[u]0/u8dgu.com
D:\[u]0/uu.cmd
D:\[u]0/uw.com
D:\1rfw8hjr.com
D:\1t6yxlxx.cmd
D:\1u0o8bnq.cmd
D:\2.cmd
D:\2h60k.cmd
D:\3rl3lqbq.bat
D:\6.bat
D:\68.exe
D:\9.cmd
D:\9yqusig.bat
D:\a1.bat
D:\abk.bat
D:\Autorun.inf
D:\b.cmd
D:\b.exe
D:\b0j6j16.bat
D:\b3b9u.com
D:\bo1dhu.bat
D:\ceqfqp.bat
D:\d.bat
D:\dynrn6e.cmd
D:\e.cmd
D:\ev60a2.cmd
D:\ewatr.cmd
D:\f.bat
D:\f.exe
D:\fphj6j31.bat
D:\hupxj.bat
D:\i.bat
D:\ij.bat
D:\itsduel.exe
D:\iw.bat
D:\kk3.bat
D:\kn6jhgc.cmd
D:\l1.cmd
D:\lky.exe
D:\m2nl.bat
D:\m9as2c.cmd
D:\n.com
D:\n6t1h.cmd
D:\ncyrf.bat
D:\nfdmg.com
D:\nq0cq.cmd
D:\otyh.cmd
D:\ov.cmd
D:\p.cmd
D:\pnt.com
D:\r1y1.bat
D:\rcukd.cmd
D:\svdioajm.cmd
D:\t1ypkh.exe
D:\tyktjfww.exe
D:\u.exe
D:\u6k.cmd
D:\u9dyi.exe
D:\uxkktr.cmd
D:\vva0hc0p.cmd
D:\vxl.exe
D:\xih9.cmd
D:\xk2n.bat
D:\yannh.cmd
D:\yew.bat
D:\ypjq1.cmd
c:\documents and settings\Jérémy\Application Data\m . . . . impossible à supprimer

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BKAVAUTO
-------\Legacy_SROSA
-------\Legacy_SYSLIB


((((((((((((((((((((((((((((( Fichiers créés du 2008-11-11 au 2008-12-11 ))))))))))))))))))))))))))))))))))))
.

2008-12-11 16:48 . 2008-12-11 16:48 <REP> d-------- c:\program files\CCleaner
2008-12-11 12:48 . 2008-12-11 12:48 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-11 12:48 . 2008-12-11 12:48 1,409 --a------ c:\windows\QTFont.for
2008-12-11 10:15 . 2008-12-11 16:47 <REP> d-------- c:\documents and settings\Jérémy\.housecall6.6
2008-12-11 10:15 . 2008-12-11 16:47 <REP> d-------- c:\documents and settings\Jérémy\.housecall6.6
2008-12-10 19:24 . 2008-12-11 18:14 <REP> d--h----- c:\documents and settings\Jérémy\Application Data\m
2008-12-10 19:07 . 2008-12-10 19:20 <REP> d--h----- c:\documents and settings\Jérémy\Application Data\drivers
2008-12-10 17:09 . 2008-12-10 21:44 111,787 -r-hs---- C:\wjlc.exe
2008-12-10 17:08 . 2008-12-08 13:11 104,421 -r-hs---- C:\6fnlpetp.exe
2008-12-09 13:31 . 2008-12-11 18:14 108,137 -r-hs---- c:\windows\system32\vamsoft.exe
2008-12-09 13:31 . 2008-12-11 18:14 85,504 -r-hs---- c:\windows\system32\vbsdfe1.dll
2008-12-09 13:31 . 2008-12-11 18:12 85,504 --------- c:\windows\system32\vbsdfe0.dll
2008-12-05 15:03 . 2008-12-08 13:11 109,916 -r-hs---- C:\fvbk.exe
2008-12-05 15:03 . 2008-12-08 13:11 104,421 -r-hs---- C:\2u.com
2008-12-01 12:36 . 2008-12-04 12:07 109,585 -r-hs---- C:\g8rruyw.exe
2008-11-28 14:03 . 2008-11-29 14:00 111,636 -r-hs---- C:\o1.com
2008-11-14 13:39 . 2008-11-14 13:38 108,834 -r-hs---- C:\snaoc9i.exe
2008-11-14 08:43 . 2008-10-24 18:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-14 08:42 . 2008-09-05 00:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 16:19 . 2008-11-12 16:18 109,245 -r-hs---- C:\bt8vuaw.com

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-11 09:48 --------- d-----w c:\program files\VirtualDJ
2008-12-11 02:43 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-10 12:10 --------- d-----w c:\program files\eMule
2008-11-17 05:58 160,736 ----a-w c:\documents and settings\Jérémy\Application Data\GDIPFONTCACHEV1.DAT
2008-11-16 07:27 --------- d-----w c:\program files\Emperor
2008-11-11 05:00 108,271 --sh--r C:\whi.com
2008-11-09 04:46 110,013 --sh--r C:\sq.com
2008-10-24 14:19 --------- d--h--r c:\documents and settings\Jérémy\Application Data\yahoo!
2008-10-24 14:17 --------- d-----w c:\program files\ALZip
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 00:16 104,123 --sh--r C:\xlk9.com
2008-10-22 05:39 103,973 --sh--r C:\2fiji.com
2008-10-17 05:09 111,590 --sh--r C:\gx.com
2008-10-16 23:04 81,408 --sh--r c:\windows\system32\tavo2.dll
2008-10-16 07:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 07:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 07:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 07:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 07:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 07:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 07:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 07:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 07:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 07:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-05 11:14 119,960 --sh--r C:\o6pq1n8.com
2008-09-25 02:52 119,211 --sh--r C:\qkarc.exe
2008-09-21 04:06 118,322 --sh--r C:\sasyg1y8.com
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-11 03:30 96,047 --sh--r C:\39lpji.com
.

------- Sigcheck -------

2005-03-03 01:20 578048 c34920eb988ce98910bd6b0417f334eb c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 22:50 579072 4d88aaf39adabfe45958ea1384e2c4ff c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
2007-03-08 22:37 578560 753354f594809a9b96f73999b435a533 c:\windows\$NtServicePackUninstall$\user32.dll
2004-08-05 19:00 578048 e46fb493e3b33704f0715020cf52106b c:\windows\$NtUninstallKB890859$\user32.dll
2005-03-03 01:10 578048 0df75fb73f705b011630159a43d7c354 c:\windows\$NtUninstallKB925902$\user32.dll
2008-04-14 09:33 579584 e853f84d3ce2faa2a802e33cf89ac023 c:\windows\ServicePackFiles\i386\user32.dll
2007-03-08 22:37 578560 753354f594809a9b96f73999b435a533 c:\windows\system32\user32.dll

2004-08-14 06:07 506880 1d5b0b4d441f8543b0e899adadb83356 c:\windows\$NtServicePackUninstall$\winlogon.exe
2004-08-05 19:00 506368 d2de785aeab0bb8ca4c14a8a199dbe4e c:\windows\$NtUninstallKB307154$\winlogon.exe
2008-04-14 09:34 512000 dd73d6b9f6b4cb630cf35b438b540174 c:\windows\ServicePackFiles\i386\winlogon.exe
2004-08-14 06:07 506880 1d5b0b4d441f8543b0e899adadb83356 c:\windows\system32\winlogon.exe

2007-06-13 20:22 1037312 d0288319660edcfed07c7e74c4ea38a5 c:\windows\explorer.exe
2007-06-13 20:10 1037312 b795475444d6d57a572c14b9e1a29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 20:22 1037312 d0288319660edcfed07c7e74c4ea38a5 c:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-05 19:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa c:\windows\$NtUninstallKB938828$\explorer.exe
2008-04-14 09:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd c:\windows\ServicePackFiles\i386\explorer.exe

2005-06-11 07:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-11 06:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f c:\windows\$NtServicePackUninstall$\spoolsv.exe
2004-08-05 19:00 57856 b4ef928e4fad79364a80acba6d999934 c:\windows\$NtUninstallKB896423$\spoolsv.exe
2008-04-14 09:34 57856 460e4ce148bd07218da0b6a3d31885a9 c:\windows\ServicePackFiles\i386\spoolsv.exe
2005-06-11 06:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f c:\windows\system32\spoolsv.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2006-01-12 798728]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"UXVoizPhone"="c:\program files\UXVoiz Softphone\UXVoizPhone.exe" [2008-01-18 3273216]
"UniKey"="c:\documents and settings\Jérémy\Mes documents\UniKey\UniKey.exe" [2006-04-19 208896]
"vamsoft"="c:\windows\system32\vamsoft.exe" [2008-12-11 108137]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-09 6746112]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-04-29 45056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-29 114688]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 184320]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"PDService.exe"="c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-29 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-29 77824]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2005-03-04 483328]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-02-12 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2005-06-03 81920]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"BigDogPath"="c:\windows\VM_STI.EXE" [2003-01-21 40960]
"VAIO Update 3"="c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe" [2007-01-25 546936]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2006-01-12 798728]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-12-11 78008]
"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 c:\windows\RTHDCPL.EXE]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 c:\windows\system32\ico.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-08-24 778240]

c:\documents and settings\Lan\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-08-24 778240]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-08-24 778240]

c:\documents and settings\J‚r‚my\Menu D‚marrer\Programmes\D‚marrage\
PowerReg Scheduler.exe [2006-01-07 256000]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2004-10-12 113664]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2005-05-20 22:42 73728 c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= c:\progra~1\FICHIE~1\SONYSH~1\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Netnam\\Softphone\\NetVoiz\\NetVoiz.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\USvoiz\\usvfone.exe"=
"c:\\Program Files\\RingVoiz Dialer\\ring-Voiz.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\UXVoiz Softphone\\UXVoizPhone.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE"=
"c:\\Documents and Settings\\Jérémy\\Application Data\\m\\flec006.exe"=

R1 PrivateDisk;PrivateDisk;c:\windows\system32\Drivers\PrivateDiskM.sys [2004-07-06 45627]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB []
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 118784]
S1 aswSP;avast! Self Protection; []
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys []
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{189e6b30-69d5-11dd-bae7-0013ceaef5b9}]
\Shell\AutoRun\command - G:\l1.cmd
\Shell\explore\Command - G:\l1.cmd
\Shell\open\Command - G:\l1.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b8f6b1e-7554-11da-b542-0013ceaef5b9}]
\Shell\AutoRun\command - K:\Secret.exe
\Shell\explore\Command - K:\Secret.exe
\Shell\open\Command - K:\Secret.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48fd98a3-c683-11db-b78c-0013ceaef5b9}]
\Shell\AutoRun\command - G:\g2pfnid.com
\Shell\explore\Command - G:\g2pfnid.com
\Shell\open\Command - G:\g2pfnid.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60b0f348-98e5-11dd-bb3e-0013ceaef5b9}]
\Shell\AutoRun\command - H:\fvbk.exe
\Shell\explore\Command - H:\fvbk.exe
\Shell\open\Command - H:\fvbk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66f44d48-3db8-11db-b66c-0013ceaef5b9}]
\Shell\AutoRun\command - G:\xih9.cmd
\Shell\explore\Command - G:\xih9.cmd
\Shell\open\Command - G:\xih9.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fe4db9a-0755-11dc-b7f2-0013ceaef5b9}]
\Shell\AutoRun\command - Installer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9154f8e1-1ce0-11dd-ba5b-0013ceaef5b9}]
\Shell\AutoRun\command - G:\j.cmd
\Shell\explore\Command - G:\j.cmd
\Shell\open\Command - G:\j.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95452048-70ba-11db-b6d8-0013ceaef5b9}]
\Shell\Auto\command - G:\sxs.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c62c3774-a5f8-11dc-b94b-0013ceaef5b9}]
\shell\open\Command - shell.exe -s

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccadeb64-c263-11db-b782-0013ceaef5b9}]
\Shell\AutoRun\command - setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d04b45a4-3d49-11db-b66a-0013ceaef5b9}]
\Shell\AutoRun\command - G:\fphj6j31.bat
\Shell\explore\Command - G:\fphj6j31.bat
\Shell\open\Command - G:\fphj6j31.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7c5ec35-34d5-11db-b65a-0013ceaef5b9}]
\Shell\AutoRun\command - G:\Secret.exe
\Shell\explore\Command - G:\Secret.exe
\Shell\open\Command - G:\Secret.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4727110-43f7-11db-b673-0013ceaef5b9}]
\Shell\AutoRun\command - G:\hupxj.bat
\Shell\explore\Command - G:\hupxj.bat
\Shell\open\Command - G:\hupxj.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f12f5cc4-7f1a-11dc-b8ee-0013ceaef5b9}]
\Shell\AutoRun\command - G:\d.bat
\Shell\explore\Command - G:\d.bat
\Shell\open\Command - G:\d.bat

*Newly Created Service* - SROSA
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-MsnMsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
HKCU-Run-Yahoo! Pager - ~c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
Notify-WgaLogon - (no file)


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com.vn/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://fr.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Transfert par Image Converter 2 - c:\program files\Sony\Image Converter 2\menu.htm
Trusted Zone: *.sony-europe.com
Trusted Zone: *.sonystyle-europe.com
Trusted Zone: *.vaio-link.com

c:\windows\Downloaded Program Files\Win32SystemCheck.dll - O16 -: {D84C4D49-A63A-4432-B319-718ECA705773}
hxxps://extranet.gefco.net/policy/download_binary.php/win32/f5syschk.cab#Version=5500,0,50830,1
c:\windows\Downloaded Program Files\f5syschk.inf
FireFox -: Profile - c:\documents and settings\Jérémy\Application Data\Mozilla\Firefox\Profiles\jr6vv0yx.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-11 18:12:31
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

c:\documents and settings\Jérémy\Application Data\m\flec006.exe [3624] 0x86165590

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\documents and settings\Jérémy\Application Data\drivers\downld
c:\documents and settings\Jérémy\Application Data\drivers\downld\1046281.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1047968.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1048937.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1062046.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1062218.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1064031.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1064125.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1065156.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\1065281.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1065375.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1083015.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\1083125.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\1146593.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\1180203.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1183687.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\1184796.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1185625.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1186484.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\1227125.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\786437.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\786703.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\787156.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\789921.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\790093.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\794375.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\796125.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\796312.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\809625.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\809875.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\810140.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\885328.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\886890.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\887000.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\888828.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\888906.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\891296.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\891484.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\891562.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\524281.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\524312.exe 160675 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\525046.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\530109.exe 160675 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\532468.exe 160675 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\534265.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\535484.exe 30998 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\537937.exe 30998 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\538125.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\539062.exe 31225 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\539328.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\540125.exe 159935 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\540468.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\541640.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\541812.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\544515.exe 159935 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\546343.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\546406.exe 159935 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\550281.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\552203.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\552406.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\555046.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\556187.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\558437.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\565484.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\567468.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\568328.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\569687.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\571125.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\572015.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\584093.exe 160011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\588015.exe 160011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\589859.exe 160011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\921031.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\923734.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\925031.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\925281.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\925406.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\926390.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\927765.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\928312.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\928437.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\928921.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\929671.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\929937.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\931890.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\931921.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\933343.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\933750.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\934781.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\935203.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\950156.exe 160548 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\956468.exe 160548 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\958875.exe 160548 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\959140.exe 160758 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\965078.exe 160758 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\965468.exe 160758 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\968156.exe 160758 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\968484.exe 160758 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\971015.exe 160758 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1232640.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1233671.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1234359.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15225703.exe 67678 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\15252250.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15255000.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15256359.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15258156.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15261968.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15263593.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15265421.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15267015.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15268046.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15318921.exe 95027 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\15349750.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15350265.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15350453.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15422218.exe 31028 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15424984.exe 30846 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15426421.exe 30881 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1227687.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\1235171.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15427875.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15727703.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\343453.exe 95027 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\523171.exe 67678 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\601812.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\783406.exe 94996 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\891750.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\601843.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\642515.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\643718.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\644562.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\651843.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\653156.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\653953.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\662015.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\664765.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\665203.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\671062.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\672296.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\673046.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\673328.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\676359.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\679890.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\681265.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\682890.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\684218.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\687156.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\688468.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\719171.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\721140.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\722609.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\739031.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\741718.exe 94996 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\745718.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\754578.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\759187.exe 95027 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\770531.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\774687.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\775656.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\776171.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\778640.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\779203.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\782796.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\355171.exe 94996 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\373984.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\376062.exe 94996 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\377171.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\377562.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\453390.exe 31478 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\456703.exe 31011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\457546.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\458468.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\458515.exe 31478 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\458671.exe 685 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\460187.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\461937.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\462171.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\465515.exe 30798 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\467718.exe 31025 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\468578.exe 31350 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\470140.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\471937.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\472031.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\487359.exe 67678 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\498171.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\500484.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\501781.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\503687.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\505312.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\506421.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\517359.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\520156.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\521000.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\522546.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\523031.exe 67678 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\15428140.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15428265.exe 3252 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15457906.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15460093.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15461156.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15462875.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15464375.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15465515.exe 766 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15482171.exe 160011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15485546.exe 160011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15487531.exe 160011 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15575578.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15576890.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15577812.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15593046.exe 863748 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\15689531.exe 73266 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\15725484.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\15728609.exe 3601 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\197468.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\197750.exe 67678 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\200640.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\201796.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\203656.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\224984.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\228812.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\229687.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\231343.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\242093.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\246140.exe 67678 bytes executable
c:\documents and settings\Jérémy\Application Data\drivers\downld\256765.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\258390.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\260375.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\263062.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\263765.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\272859.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\275406.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\276437.exe 1508 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\278109.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\286875.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\287406.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\288687.exe 13242 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\290968.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\294171.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\294921.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\328312.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\331046.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\downld\332031.exe 5849 bytes
c:\documents and settings\Jérémy\Application Data\drivers\srosa.sys 117836 bytes executable
c:\documents and settings\Jérémy\Application Data\m\flec006.exe 94996 bytes executable
c:\documents and settings\Jérémy\Application Data\m\shared
c:\documents and settings\Jérémy\Application Data\m\shared\123 CD Ripper 2.20.zip 1580669 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\2.Nod32.Key.Generator.All.Version.zip 1764455 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\3D Architecture Animation Creator 1.2.zip 2841653 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\7art Glorious Trees ScreenSaver 1.5.zip 3632761 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\AahaaFM-Tamil FM 1.0.0.0.zip 3448722 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\AbsoluteTools-PassGen 1.0.zip 2356095 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Acala DivX to iPod 3.1.0.zip 3040598 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Adore64 1.0.zip 3251209 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Advanced Disk Catalog 1.51.zip 5404959 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Alive Internet Eraser 1.0.2.8.zip 2461836 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Amigos Spanish Puzzles 2.8.1.zip 3498437 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Attachment Builder 1.0.zip 2087235 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Audio Converter & Mixer 3.1.1.zip 2642508 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 Spanish Russian 4.1.29.zip 2485460 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Look up a word 0.2.zip 1951707 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Magnesium 0 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\MailStore Home 3.0.0.2349.zip 3020043 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Mega Lottery Picker 0.52.zip 2139032 bytes
c:\documents and settings\Jérémy\Application Data\m\shared\Microsoft Save as PDF or XPS 1.0.zip 3399611 bytes
c:\documents and settings\
A voir également:

29 réponses

  • 1
  • 2
Réponse 1 / 29
Utilisateur anonyme
11 déc. 2008 à 15:31
Salut,


Telecharge FindyKill sur ton bureau :

--> Lance l installation avec les parametres par default

--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

4
Absaigon
11 déc. 2008 à 15:34
Bonjour,

J'ai déjà essayé plusieurs softs de ce type mais apparemment il reste encore pas mal de virus à éliminer...

J'essaierai de lancer celui-là également.

Merci
0
Absaigon
11 déc. 2008 à 16:11
Voici le rapport :




----------------- FindyKill V4.709 ------------------

* User : Jérémy - R2D2
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 10/12/08 par Chiquitine29
* Recherche effectuée à 22:05:08 le 11/12/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jérémy\Mes documents\UniKey\UniKey.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Documents and Settings\Jérémy\Application Data\drivers\winupgro.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3135625.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Processus infectieux stoppés ] ----------------


"C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3135625.exe" (3060)
"C:\Documents and Settings\Jérémy\Application Data\drivers\winupgro.exe" (644)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\15225703.EXE-0B5EEAF5.pf
Found ! - C:\WINDOWS\prefetch\15318921.EXE-165298D2.pf
Found ! - C:\WINDOWS\prefetch\15593046.EXE-1808CE74.pf
Found ! - C:\WINDOWS\prefetch\15689531.EXE-1A750B89.pf
Found ! - C:\WINDOWS\prefetch\2.EXE-31651D0F.pf
Found ! - C:\WINDOWS\prefetch\246140.EXE-07A258EC.pf
Found ! - C:\WINDOWS\prefetch\355171.EXE-281D5449.pf
Found ! - C:\WINDOWS\prefetch\673328.EXE-39D152A8.pf
Found ! - C:\WINDOWS\prefetch\739031.EXE-324C1B8E.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-07B1109D.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-0EF461CE.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-001780C0.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [11/12/2008 19:17] - C:\WINDOWS\system32\mdelk.exe
Found ! [11/12/2008 19:17] - C:\WINDOWS\system32\wintems.exe
Found ! [11/12/2008 21:22] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Jérémy\Application Data

Found ! [11/12/2008 19:18] - "C:\Documents and Settings\Jérémy\Application Data\m\flec006.exe"
Found ! [11/12/2008 19:19] - "C:\Documents and Settings\Jérémy\Application Data\m\list.oct"
Found ! [11/12/2008 19:20] - "C:\Documents and Settings\Jérémy\Application Data\m\srvlist.oct"
Found ! [11/12/2008 19:21] - "C:\Documents and Settings\Jérémy\Application Data\m\shared"
Found ! [11/12/2008 21:09] - "C:\Documents and Settings\Jérémy\Application Data\m"
Found ! [10/12/2008 19:20] - "C:\Documents and Settings\Jérémy\Application Data\drivers"
Found ! [11/12/2008 19:17] - "C:\Documents and Settings\Jérémy\Application Data\drivers\srosa.sys"
Found ! [11/12/2008 19:17] - "C:\Documents and Settings\Jérémy\Application Data\drivers\srosa2.sys"
Found ! [12/01/2006 10:05] - "C:\Documents and Settings\Jérémy\Application Data\drivers\winupgro.exe"
Found ! [11/12/2008 19:31] - "C:\Documents and Settings\Jérémy\Application Data\drivers\downld"
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1046281.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1047968.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1048937.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1062046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1062218.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1064031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1064125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1065156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1065281.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1065375.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1083015.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1083125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1146593.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1180203.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1183687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1184796.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1185625.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1186484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1227125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1227687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1232640.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1233671.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1234359.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\1235171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15225703.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15252250.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15255000.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15256359.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15258156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15261968.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15263593.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15265421.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15267015.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15268046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15318921.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15349750.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15350265.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15350453.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15422218.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15424984.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15426421.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15427875.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15428140.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15428265.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15457906.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15460093.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15461156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15462875.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15464375.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15465515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15482171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15485546.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15487531.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15575578.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15576890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15577812.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15593046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15689531.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15725484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15727703.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\15728609.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\163890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\167093.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\168453.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\171656.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\177062.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\178515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\182000.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\185390.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\186281.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\197468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\197750.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\200640.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\201796.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\203656.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\224984.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\228812.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\229687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\231343.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2329390.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2348218.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2350859.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2351953.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2353406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2358421.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2359578.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2360906.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2363437.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2364312.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2410843.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\242093.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\244031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\246140.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2566890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\256765.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2568250.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2568390.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\258390.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\260375.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\263062.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\263765.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\272859.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\275406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\276437.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\278109.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\286875.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\287406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\288687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2899031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2901562.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2902796.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2904406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2905578.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\2906515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\290968.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\294171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\294921.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3032937.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3038859.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3039984.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3135625.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3171640.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3176187.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\3177031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\328312.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\331046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\332031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\343453.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\355171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\373984.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\376062.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\377171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\377562.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\453390.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\456703.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\457546.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\458468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\458515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\458671.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\460187.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\461937.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\462171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\465515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\467718.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\468578.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\470140.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\471937.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\472031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\487359.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\498171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\500484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\501781.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\503687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\505312.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\506421.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\517359.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\520156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\521000.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\522546.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\523031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\523171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\524281.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\524312.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\525046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\530109.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\532468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\534265.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\535484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\537937.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\538125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\539062.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\539328.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\540125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\540468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\541640.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\541812.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\544515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\546343.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\546406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\550281.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\552203.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\552406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\555046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\556187.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\558437.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\565484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\567468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\568328.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\569687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\571125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\572015.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\584093.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\588015.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\589859.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\601812.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\601843.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\642515.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\643718.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\644562.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\651843.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\653156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\653953.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\662015.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\664765.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\665203.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\671062.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\672296.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\673046.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\673328.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\676359.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\679890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\681265.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\682890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\684218.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\687156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\688468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\719171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\721140.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\722609.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\739031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\741718.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\745718.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\754578.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\759187.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\770531.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\774687.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\775656.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\776171.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\778640.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\779203.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\782796.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\783406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\786437.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\786703.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\787156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\789921.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\790093.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\794375.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\796125.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\796312.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\809625.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\809875.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\810140.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\885328.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\886890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\887000.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\888828.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\888906.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\891296.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\891484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\891562.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\891750.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\921031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\923734.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\925031.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\925281.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\925406.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\926390.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\927765.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\928312.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\928437.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\928921.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\929671.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\929937.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\931890.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\931921.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\933343.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\933750.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\934781.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\935203.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\950156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\956468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\958875.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\959140.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\965078.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\965468.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\968156.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\968484.exe
Found ! [11/12/2008 19:31] - C:\Documents and Settings\Jérémy\Application Data\drivers\downld\971015.exe

»»»» Presence des fichiers dans C:\DOCUME~1\JRMY~1\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Jérémy\Local Settings\Temporary Internet Files\Content.IE5

Found ! [10/11/2006 09:39] - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\7B5560BB781B40259A06350E9B643B6E_more.jpg
Found ! [17/06/2008 22:00] - C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\D3987B641C134048B815DB578D607F42_more.jpg
Found ! [12/02/2005 22:35] - C:\Documents and Settings\LocalService\Application Data\sony\myclubvaio\sections\links\images\4f6a894c-6246-4c25-86f3-b6455b8f1d4d.jpg
Found ! [12/02/2005 22:35] - C:\Program Files\Sony\MyClubVAIO\sections\links\images\4f6a894c-6246-4c25-86f3-b6455b8f1d4d.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
updateMgr=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
UniKey=C:\Documents and Settings\Jérémy\Mes documents\UniKey\UniKey.exe
Yahoo! Pager="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Apoint=C:\Program Files\Apoint\Apoint.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
AzMixerSel=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Mouse Suite 98 Daemon=ICO.EXE
Persistence=C:\WINDOWS\system32\igfxpers.exe
SonyPowerCfg=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
ISBMgr.exe=C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PDService.exe=C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
Acrobat Assistant 7.0="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
SsAAD.exe=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
BigDogPath=C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
VAIO Update 3="C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
SweetIM=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\software\local appwizard-generated applications\crac]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\msnmsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\PhLeAutoRun]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RemoteCapture]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\SweetIM]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Viewer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-1029571771-483895709-492924000-1006\Software\Local AppWizard-Generated Applications\msnmsgr
Found ! - HKEY_USERS\S-1-5-21-1029571771-483895709-492924000-1006\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1029571771-483895709-492924000-1006\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1029571771-483895709-492924000-1006\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1029571771-483895709-492924000-1006\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1029571771-483895709-492924000-1006\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\msnmsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 2 / 29
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
11 déc. 2008 à 15:32
ha la vache!!!!!!!!
1
Absaigon
11 déc. 2008 à 15:40
Est ce que c'est grave docteur ? :-(
0
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60 > Absaigon
11 déc. 2008 à 15:41
tracasse,
fais ce que dit chiquitine
0
Réponse 3 / 29
Utilisateur anonyme
11 déc. 2008 à 16:17
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir


--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 2 (Suppression)


/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
1
Absaigon
11 déc. 2008 à 16:22
C'est parti !

Je poste ça dès que j'ai le rapport.

Merci beaucoup pour ce duo d'aide !
0
Absaigon
11 déc. 2008 à 16:44
Je n'arrive pas à poster le second rapport. Il n'apparait pas dans la discussion du forum !

Please help !
0
Réponse 4 / 29
Utilisateur anonyme
11 déc. 2008 à 19:28
Il faut cliquer sur supprimer la selection
1
Absaigon
11 déc. 2008 à 19:31
Pardon, encore un copier coller qui est mal passé...

On peut s'arrêter là pour aujourd'hui ?



[ Rapport ToolsCleaner version 2.2.7 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Jérémy\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Jérémy\Bureau\HJTInstall.exe: trouvé !
C:\Program Files\Ad-remover\TOOLS\NIRCMD.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Jérémy\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Jérémy\Bureau\HJTInstall.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\Ad-remover\TOOLS\NIRCMD.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
11 déc. 2008 à 15:34
Chiquitine29 est content au vue du rapport ^^
0
Réponse 6 / 29
Absaigon
11 déc. 2008 à 15:47
PS : l'ordi a 4 ans et il les a passé au Vietnam où je travaille. Depuis un peu plus d'un an il est utilisé par différentes personnes car j'utilise un autre ordi. Apparemment le Vietnam est un pays plein de virus et j'ai l'habitude d'en supprimer quelques dizaines tous les mois en scanant les disques durs mais cette fois rien n'y fait...

Anyone can help ?

Merci
0
Réponse 7 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
11 déc. 2008 à 15:48
http://www.commentcamarche.net/forum/affich 9854500 probleme de virus analyse combofix?#1
0
Absaigon
11 déc. 2008 à 16:16
Mission Findykill accomplie...

Apparemment malgré les dizaines de virus déjà supprimés il m'en reste encore une belle collection :-(

Que faire ?
0
Réponse 8 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
11 déc. 2008 à 16:17
Chiquitine POWER !
0
Réponse 9 / 29
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
11 déc. 2008 à 16:26
Chiquitine POWER ! a la 1664!!!!
0
Absaigon
11 déc. 2008 à 16:31
En parlant de ça la 1664 a été lancée l'année dernière au Vietnam ! Très appréciable !
0
Réponse 10 / 29
Utilisateur anonyme
11 déc. 2008 à 16:47
ATTEND DESTRIO va allez a la peche ......
0
Réponse 11 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
11 déc. 2008 à 16:48
La pêche ???
0
Réponse 12 / 29
Utilisateur anonyme
11 déc. 2008 à 16:50
au rapport c possible ??
0
Réponse 13 / 29
Utilisateur anonyme
11 déc. 2008 à 16:51
EN ATTENdant fais ceci :


Telecharge UsbFix sur ton bureau

--> Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci UsbFix sur ton bureau

-->choisi l option 1 (nettoyage)

--> Le pc va redémarer

-->Apres redémarrage post le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

0
Réponse 14 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
11 déc. 2008 à 16:52
Le rapport s'est enfuie.
0
Réponse 15 / 29
Utilisateur anonyme
11 déc. 2008 à 16:55
ok

absaigon fais ceci :


http://www.commentcamarche.net/forum/affich 9854500 probleme de virus analyse combofix?#22
0
Absaigon
11 déc. 2008 à 17:06
USBFixest en cours,

Par contre au redémarrage de windows j'ai une fenêtre angoissante qui apparait a plusieurs reprises :

Windows - Pas de disque

Exception Processing Message c00000013 Parameters 75afbf9c 4 75afbf9c 75afbf9c
0
Réponse 16 / 29
Utilisateur anonyme
11 déc. 2008 à 17:08
clic sur continuer
0
Absaigon
11 déc. 2008 à 17:20
Ok merci, voici le rapport USBfix, en espérant qu'il passe :




-------------- UsbFix V2.413.3 ---------------

* User : J‚r‚my - R2D2
* Outils mis a jours le 06/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 23:02:23 le 11/12/2008
* Windows Xp - Internet Explorer 7.0.5730.11


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\DOCUME~1\JRMY~1\LOCALS~1\Temp\1.tmp\b2e.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Apoint\Apntex.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

G: - Lecteur amovible

H: - Lecteur amovible


+- Contenu de l'autorun : H:\autorun.inf

;LSLr9o35Ado8ropkHkk5DdwO3ZlAid3lAwswoiapd0rjDald0n3Dlja1Kw3iD2k1DKKjeL20kwAeawqwaslkia4q
[AutoRun]
;so34fsAs55A04O744LwaLKdL12qaoAwsDaK4ek
open=xih9.cmd
;i831AA5XorkjDoipwfKSCkaa04qAlZ083eiwoKwDe3SAaDikF1rlIkafJLD79JKJed3ida3ka1jw3cwscw45rl4
shell\open\Command=xih9.cmd
;eLC8aw4cIaSwkiei1ww7sXdwq2sqnLJfojAf4kdd220dSLAiis0q0r4lkOa
shell\open\Default=1
;dKaAlsw2awoCDke5l2DaLeko9Z57drlwk3Kjs09li1jLeki1Lfla7sj
shell\explore\Command=xih9.cmd
;


--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe


+- Listing des fichiers présents :

[13/07/2005 17:04][--a------] C:\AUTOEXEC.BAT
[05/08/2004 19:00][-rahs----] C:\NTDETECT.COM
[05/08/2004 19:00][-rahs----] C:\sasyg1y8.com
[05/08/2004 19:00][-rahs----] C:\sq.com
[05/08/2004 19:00][-rahs----] C:\whi.com
[05/08/2004 19:00][-rahs----] C:\xlk9.com
[05/08/2004 19:00][-rahs----] C:\xqf.com
[25/09/2008 09:52][-r-hs----] C:\qkarc.exe
[25/09/2008 09:52][-r-hs----] C:\snaoc9i.exe
[25/09/2008 09:52][-r-hs----] C:\wjlc.exe
[11/12/2008 18:01][-rahs----] C:\boot.ini
[05/02/2001 15:14][--a------] C:\grgarevn.inf
[05/02/2001 15:14][--a------] C:\microsvn.inf
[05/02/2001 15:14][--a------] C:\refsanvn.inf
[11/12/2008 18:22][--a------] C:\ComboFix.txt
[11/12/2008 18:22][--a------] C:\FindyKill.txt
[11/12/2008 18:22][--a------] C:\UsbFix.txt
[11/12/2008 18:22][--a------] C:\vkcustom.txt
[11/12/2008 18:22][--a------] C:\YServer.txt
[13/07/2005 17:04][--a------] C:\CONFIG.SYS
[13/07/2005 17:04][--a------] C:\hiberfil.sys
[13/07/2005 17:04][--a------] C:\IO.SYS
[13/07/2005 17:04][--a------] C:\MSDOS.SYS
[13/07/2005 17:04][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe


+- Listing des fichiers présents :

[05/08/2008 09:59][-r-hs----] D:\1rexh.com
[05/08/2008 09:59][-r-hs----] D:\2fiji.com
[05/08/2008 09:59][-r-hs----] D:\2u.com
[05/08/2008 09:59][-r-hs----] D:\39lpji.com
[05/08/2008 09:59][-r-hs----] D:\83fgj.com
[05/08/2008 09:59][-r-hs----] D:\bt8vuaw.com
[05/08/2008 09:59][-r-hs----] D:\e.com
[05/08/2008 09:59][-r-hs----] D:\g2pfnid.com
[05/08/2008 09:59][-r-hs----] D:\gx.com
[05/08/2008 09:59][-r-hs----] D:\iwjj.com
[05/08/2008 09:59][-r-hs----] D:\mnl6on3.com
[05/08/2008 09:59][-r-hs----] D:\o1.com
[05/08/2008 09:59][-r-hs----] D:\o6pq1n8.com
[05/08/2008 09:59][-r-hs----] D:\ph.com
[05/08/2008 09:59][-r-hs----] D:\sasyg1y8.com
[05/08/2008 09:59][-r-hs----] D:\sq.com
[05/08/2008 09:59][-r-hs----] D:\whi.com
[05/08/2008 09:59][-r-hs----] D:\xlk9.com
[05/08/2008 09:59][-r-hs----] D:\xqf.com
[08/12/2008 13:11][-r-hs----] D:\6fnlpetp.exe
[08/12/2008 13:11][-r-hs----] D:\dpu1.exe
[08/12/2008 13:11][-r-hs----] D:\e.exe
[08/12/2008 13:11][-r-hs----] D:\fvbk.exe
[08/12/2008 13:11][-r-hs----] D:\g8rruyw.exe
[08/12/2008 13:11][-r-hs----] D:\jv.exe
[08/12/2008 13:11][-r-hs----] D:\ktnquo.exe
[08/12/2008 13:11][-r-hs----] D:\lcmqm.exe
[08/12/2008 13:11][-r-hs----] D:\okhr.exe
[08/12/2008 13:11][-r-hs----] D:\qkarc.exe
[08/12/2008 13:11][-r-hs----] D:\snaoc9i.exe
[08/12/2008 13:11][-r-hs----] D:\wjlc.exe

--------------- [ Lecteur G ] ----------------

G: - Lecteur amovible


+- Listing des fichiers présents :

[11/12/2008 09:29][-r-hs----] G:\d.bat
[08/12/2008 13:11][-r-hs----] G:\2u.com
[08/12/2008 13:11][-r-hs----] G:\6fnlpetp.exe

--------------- [ Lecteur H ] ----------------

H: - Lecteur amovible


+- Listing des fichiers présents :

[27/10/2008 14:39][-r-hs----] H:\b.cmd
[27/10/2008 14:39][-r-hs----] H:\xih9.cmd
[31/10/2008 21:23][-r-hs----] H:\autorun.inf
[23/10/2008 18:17][--a------] H:\Emule.txt

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
updateMgr=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
UniKey=C:\Documents and Settings\Jérémy\Mes documents\UniKey\UniKey.exe
Yahoo! Pager="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Apoint=C:\Program Files\Apoint\Apoint.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
AzMixerSel=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Mouse Suite 98 Daemon=ICO.EXE
Persistence=C:\WINDOWS\system32\igfxpers.exe
SonyPowerCfg=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
ISBMgr.exe=C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PDService.exe=C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
Acrobat Assistant 7.0="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
SsAAD.exe=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
BigDogPath=C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
VAIO Update 3="C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
SweetIM=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{189e6b30-69d5-11dd-bae7-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{189e6b30-69d5-11dd-bae7-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{189e6b30-69d5-11dd-bae7-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b8f6b1e-7554-11da-b542-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b8f6b1e-7554-11da-b542-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b8f6b1e-7554-11da-b542-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48fd98a3-c683-11db-b78c-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48fd98a3-c683-11db-b78c-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48fd98a3-c683-11db-b78c-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66f44d48-3db8-11db-b66c-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66f44d48-3db8-11db-b66c-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66f44d48-3db8-11db-b66c-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6fe4db9a-0755-11dc-b7f2-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9154f8e1-1ce0-11dd-ba5b-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9154f8e1-1ce0-11dd-ba5b-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9154f8e1-1ce0-11dd-ba5b-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95452048-70ba-11db-b6d8-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c62c3774-a5f8-11dc-b94b-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccadeb64-c263-11db-b782-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d04b45a4-3d49-11db-b66a-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d04b45a4-3d49-11db-b66a-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d04b45a4-3d49-11db-b66a-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c5ec35-34d5-11db-b65a-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c5ec35-34d5-11db-b65a-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7c5ec35-34d5-11db-b65a-0013ceaef5b9}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4727110-43f7-11db-b673-0013ceaef5b9}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4727110-43f7-11db-b673-0013ceaef5b9}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4727110-43f7-11db-b673-0013ceaef5b9}\Shell\open\Command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [17/10/2008 06:04][-r-hs----] C:\WINDOWS\system32\tavo2.dll
Supprimé ! - [11/12/2008 18:36][-r-hs----] C:\WINDOWS\system32\vamsoft.exe
Supprimé ! - [11/12/2008 18:39][-r-hs----] C:\WINDOWS\system32\vbsdfe0.dll
Supprimé ! - [11/12/2008 18:36][-r-hs----] C:\WINDOWS\system32\vbsdfe1.dll
Supprimé ! - [25/09/2008 09:52][-r-hs----] C:\qkarc.exe
Supprimé ! - [21/09/2008 11:06][-r-hs----] C:\sasyg1y8.com
Supprimé ! - [09/11/2008 11:46][-r-hs----] C:\sq.com
Supprimé ! - [11/11/2008 12:00][-r-hs----] C:\whi.com
Supprimé ! - [23/10/2008 07:16][-r-hs----] C:\xlk9.com
Supprimé ! - [05/08/2008 09:59][-r-hs----] C:\xqf.com
Supprimé ! - [05/08/2008 09:59][-r-hs----] D:\1rexh.com
Supprimé ! - [22/10/2008 12:39][-r-hs----] D:\2fiji.com
Supprimé ! - [08/12/2008 13:11][-r-hs----] D:\2u.com
Supprimé ! - [11/09/2008 10:30][-r-hs----] D:\39lpji.com
Supprimé ! - [21/08/2008 18:24][-r-hs----] D:\83fgj.com
Supprimé ! - [27/08/2008 09:36][-r-hs----] D:\dpu1.exe
Supprimé ! - [25/07/2008 11:54][-r-hs----] D:\g2pfnid.com
Supprimé ! - [17/10/2008 12:09][-r-hs----] D:\gx.com
Supprimé ! - [10/09/2008 09:05][-r-hs----] D:\iwjj.com
Supprimé ! - [20/08/2008 11:38][-r-hs----] D:\jv.exe
Supprimé ! - [06/09/2008 14:59][-r-hs----] D:\ktnquo.exe
Supprimé ! - [24/08/2008 11:51][-r-hs----] D:\mnl6on3.com
Supprimé ! - [05/10/2008 18:14][-r-hs----] D:\o6pq1n8.com
Supprimé ! - [03/09/2008 11:43][-r-hs----] D:\okhr.exe
Supprimé ! - [29/08/2008 12:54][-r-hs----] D:\ph.com
Supprimé ! - [25/09/2008 09:52][-r-hs----] D:\qkarc.exe
Supprimé ! - [21/09/2008 11:06][-r-hs----] D:\sasyg1y8.com
Supprimé ! - [09/11/2008 11:46][-r-hs----] D:\sq.com
Supprimé ! - [11/11/2008 12:00][-r-hs----] D:\whi.com
Supprimé ! - [23/10/2008 07:16][-r-hs----] D:\xlk9.com
Supprimé ! - [05/08/2008 09:59][-r-hs----] D:\xqf.com
Supprimé ! - [01/08/2008 15:41][-r-hs----] D:\e.com
Supprimé ! - [12/10/2008 09:19][-r-hs----] D:\e.exe
Supprimé ! - [08/12/2008 13:11][-r-hs----] G:\2u.com
Supprimé ! - [11/12/2008 09:29][-r-hs----] G:\d.bat

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[13/07/2005 17:04][--a------] C:\AUTOEXEC.BAT
[05/08/2004 19:00][-rahs----] C:\NTDETECT.COM
[14/11/2008 13:38][-r-hs----] C:\snaoc9i.exe
[14/11/2008 13:38][-r-hs----] C:\wjlc.exe
[11/12/2008 18:01][-rahs----] C:\boot.ini
[05/02/2001 15:14][--a------] C:\grgarevn.inf
[05/02/2001 15:14][--a------] C:\microsvn.inf
[05/02/2001 15:14][--a------] C:\refsanvn.inf
[12/11/2008 16:18][-r-hs----] D:\bt8vuaw.com
[12/11/2008 16:18][-r-hs----] D:\o1.com
[08/12/2008 13:11][-r-hs----] D:\6fnlpetp.exe
[08/12/2008 13:11][-r-hs----] D:\fvbk.exe
[08/12/2008 13:11][-r-hs----] D:\g8rruyw.exe
[08/12/2008 13:11][-r-hs----] D:\lcmqm.exe
[08/12/2008 13:11][-r-hs----] D:\snaoc9i.exe
[08/12/2008 13:11][-r-hs----] D:\wjlc.exe
[08/12/2008 13:11][-r-hs----] G:\6fnlpetp.exe

--------------- ! Fin du rapport ! ----------------
0
Réponse 17 / 29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
11 déc. 2008 à 17:24
Je sens qu'il va y avoir une grosse mise à jour d'UsbFix.
0
Réponse 18 / 29
Utilisateur anonyme
11 déc. 2008 à 17:26
branche ta clé G


---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\snaoc9i.exe
C:\wjlc.exe
C:\grgarevn.inf
C:\microsvn.inf
C:\refsanvn.inf
D:\bt8vuaw.com
D:\o1.com
D:\6fnlpetp.exe
D:\fvbk.exe
D:\g8rruyw.exe
D:\lcmqm.exe
D:\snaoc9i.exe
D:\wjlc.exe
G:\6fnlpetp.exe
C:\autorun.inf
D:\autorun.inf
G:\autorun.inf

:commands
[emptytemp]
[start explorer]
[reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Absaigon
11 déc. 2008 à 17:36
voilà :


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\snaoc9i.exe moved successfully.
C:\wjlc.exe moved successfully.
C:\grgarevn.inf moved successfully.
C:\microsvn.inf moved successfully.
C:\refsanvn.inf moved successfully.
D:\bt8vuaw.com moved successfully.
D:\o1.com moved successfully.
D:\6fnlpetp.exe moved successfully.
D:\fvbk.exe moved successfully.
D:\g8rruyw.exe moved successfully.
D:\lcmqm.exe moved successfully.
D:\snaoc9i.exe moved successfully.
D:\wjlc.exe moved successfully.
G:\6fnlpetp.exe moved successfully.
File/Folder C:\autorun.inf not found.
File/Folder D:\autorun.inf not found.
File/Folder G:\autorun.inf not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\JRMY~1\LOCALS~1\Temp\1.tmp\b2e.exe scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\JETD6B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2c8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12112008_233002
0
Réponse 19 / 29
Utilisateur anonyme
11 déc. 2008 à 17:38
relance usbfix avec toutes tes clé branché et fais la vaccination


ensuite :

Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


ensuite :



Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

! Déconnecte toi et ferme toutes applications en cours !

* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.





0
Absaigon
11 déc. 2008 à 17:55
[ Rapport ToolsCleaner version 2.2.7 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\Jérémy\Bureau\Combofix.txt: trouvé !
C:\Documents and Settings\Jérémy\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Jérémy\Bureau\UsbFix.lnk: trouvé !
C:\Documents and Settings\Jérémy\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Jérémy\Menu Démarrer\Programmes\UsbFix: trouvé !
C:\Documents and Settings\Jérémy\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Documents and Settings\Jérémy\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: trouvé !
C:\Documents and Settings\Jérémy\Recent\UsbFix.lnk: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\UsbFix\UsbFix.exe: trouvé !
C:\Program Files\UsbFix\Tools\NIRCMD.exe: trouvé !
C:\WINDOWS\NIRCMD.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Combofix.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Jérémy\Bureau\Combofix.txt: supprimé !
C:\Documents and Settings\Jérémy\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Jérémy\Bureau\UsbFix.lnk: supprimé !
C:\Documents and Settings\Jérémy\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\Jérémy\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: supprimé !
C:\Documents and Settings\Jérémy\Recent\UsbFix.lnk: supprimé !
C:\Program Files\UsbFix\UsbFix.exe: supprimé !
C:\Program Files\UsbFix\Tools\NIRCMD.exe: supprimé !
C:\WINDOWS\NIRCMD.exe: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\Jérémy\Menu Démarrer\Programmes\UsbFix: supprimé !
C:\Documents and Settings\Jérémy\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\UsbFix: supprimé !
C:\Program Files\FindyKill: supprimé !
0
Absaigon
11 déc. 2008 à 18:00
--------- Logfile of AD-Remover 1.0.7.4 by C_XX ---------

# START at: 23:58:52 | Jeu 11/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal

# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: R2D2 | USER: J‚r‚my ( Current user is an administrator)

# DRIVE(S): C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11

--------- [ RUNNING PROCESSES: 49 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------


+-----------------------| Boonty/Boonty Games Elements found :

.

+-----------------------| Eorezo Elements found :

.

+-----------------------| Everest Poker Elements found :

.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.

+-----------------------| Messenger Skinner Elements found :

.

+-----------------------| Sweetim Elements found :

"HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
"HKEY_CURRENT_USER\SOFTWARE\SWEETIE"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Macrogaming"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
.
[04/02/2008 10:32|d--------] C:\Program Files\Macrogaming
[11/12/2008 18:13|--a------] C:\WINDOWS\Prefetch\SWEETIM.EXE-162DDC78.pf

+-----------------------| ADDED SCAN :



+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\jr6vv0yx.default\prefs.js :

~~~~ Mozilla FireFox version [Unable to get version] ~~~~


+----------+


+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\..\Run]

updateMgr REG_SZ C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
UniKey REG_SZ C:\Documents and Settings\Jérémy\Mes documents\UniKey\UniKey.exe
Yahoo! Pager REG_SZ "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

Apoint REG_SZ C:\Program Files\Apoint\Apoint.exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
AzMixerSel REG_SZ C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Mouse Suite 98 Daemon REG_SZ ICO.EXE
Persistence REG_SZ C:\WINDOWS\system32\igfxpers.exe
SonyPowerCfg REG_SZ C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
ISBMgr.exe REG_SZ C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PDService.exe REG_SZ C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
IgfxTray REG_SZ C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\WINDOWS\system32\hkcmd.exe
Acrobat Assistant 7.0 REG_SZ "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
SsAAD.exe REG_SZ C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
ISUSScheduler REG_SZ "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
BigDogPath REG_SZ C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
VAIO Update 3 REG_SZ "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
SweetIM REG_SZ C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

+--[HKEY_USERS\.DEFAULT\..\Run]

CTFMON.EXE REG_SZ C:\WINDOWS\system32\CTFMON.EXE

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

- "C:\AD-report-11.12.2008.log" (10832 octets)

[ END at: 23:59:05 | 11/12/2008 ] - [ Time elapsed: 13.0 seconds ]

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 154 lines ]
+---------------------------------------------------------------------------+
0
Réponse 20 / 29
Utilisateur anonyme
11 déc. 2008 à 18:03
Nettoyage AD-Remover :

! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !

* Relance "Ad-remover" : au menu principal choisis l'option "B" .

* A l'écran de sélection ( écran ) :

> choisis le(s) chiffre(s) suivant pour nettoyer les traces de :

6 - "Sweetim" puis [entrée]


Une fois la sélection faite, tape S puis [entrée] pour lancer la suppression .

--> le programme va travailler , ne touche à rien ...


* Poste le rapport qui apparait à la fin

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide ) /!\
0
Absaigon
11 déc. 2008 à 18:10
--------- Logfile of AD-Remover 1.0.7.4 by C_XX ---------

*** Limited to ***

Sweetim

******************

# START at: 0:07:05 | Ven 12/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal

# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: R2D2 | USER: J‚r‚my ( Current user is an administrator)

# DRIVE(S): C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11

--------- [ RUNNING PROCESSES: 49 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------

(!) ---- IE start pages reset

+-----------------------| Sweetim Elements Deleted :

"HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
"HKEY_CURRENT_USER\SOFTWARE\SWEETIE"
0
Absaigon
11 déc. 2008 à 18:17
Autant pour moi, un copier - coller mal maitrisé, je fatigue (ca fait plus de 12 heures que je suis dessus et il est passé minuit au Vietnam...)


--------- Logfile of AD-Remover 1.0.7.4 by C_XX ---------

*** Limited to ***

Sweetim

******************

# START at: 0:07:05 | Ven 12/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal

# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: R2D2 | USER: J‚r‚my ( Current user is an administrator)

# DRIVE(S): C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.11

--------- [ RUNNING PROCESSES: 49 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------

(!) ---- IE start pages reset

+-----------------------| Sweetim Elements Deleted :

"HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
"HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
"HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
"HKEY_CURRENT_USER\SOFTWARE\SWEETIE"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Macrogaming"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
.
[04/02/2008 10:32|d--------] C:\Program Files\Macrogaming
/!\ NOT DELETED - [11/12/2008 18:13|--a------] C:\WINDOWS\Prefetch\SWEETIM.EXE-162DDC78.pf

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


************* /!\ File(s)/Folder(s) Not Deleted /!\ *************

"C:\WINDOWS\Prefetch\SWEETIM.EXE-162DDC78.pf"

Second run ...

"C:\WINDOWS\Prefetch\SWEETIM.EXE-162DDC78.pf" - RESIST !


+-----------------------| ADDED SCAN :



+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\jr6vv0yx.default\prefs.js :

~~~~ Mozilla FireFox version [Unable to get version] ~~~~


+----------+

+--[HKEY_CURRENT_USER\..\Run]

updateMgr REG_SZ C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
UniKey REG_SZ C:\Documents and Settings\Jérémy\Mes documents\UniKey\UniKey.exe
Yahoo! Pager REG_SZ "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

Apoint REG_SZ C:\Program Files\Apoint\Apoint.exe
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
AzMixerSel REG_SZ C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Mouse Suite 98 Daemon REG_SZ ICO.EXE
Persistence REG_SZ C:\WINDOWS\system32\igfxpers.exe
SonyPowerCfg REG_SZ C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
ISBMgr.exe REG_SZ C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PDService.exe REG_SZ C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
IgfxTray REG_SZ C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\WINDOWS\system32\hkcmd.exe
Acrobat Assistant 7.0 REG_SZ "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
SsAAD.exe REG_SZ C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
ISUSScheduler REG_SZ "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
BigDogPath REG_SZ C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
VAIO Update 3 REG_SZ "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

+--[HKEY_USERS\.DEFAULT\..\Run]

CTFMON.EXE REG_SZ C:\WINDOWS\system32\CTFMON.EXE

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

- "C:\AD-report-12.12.2008.log" (10706 octets)

[ END at: 0:08:04 | 12/12/2008 ] - [ Time elapsed: 59.1 seconds ]

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 152 lines ]
+---------------------------------------------------------------------------+
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses
Echec analyse antivirus lors de téléchargement
mathelp_3935 -
Malekal_morte- -

19 réponses