Avast n'est pas une application Win 32 valide [Résolu]

Réponse 1 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 01:18

Salut,

Tu as gagné le virus Bagle, BRAVO !

---> Supprime tes cracks et keygens sinon l'infection se relancera.

--> Télécharge FindyKill (par Chiquitine29) sur ton Bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l'installation avec les paramètres par défaut.

--> Double-clique sur le raccourci FindyKill sur ton Bureau.

--> Au menu principal, choisis l'option 1 (Recherche).

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 01:28

----------------- FindyKill V4.709 ------------------

* User : Martial L - SN301294240005
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 10/12/08 par Chiquitine29
* Recherche effectuée à 1:25:12 le 17/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\Prefetch\KEYGEN.EXE-0C32114B.pf
Found ! - C:\WINDOWS\Prefetch\KEYGEN.EXE-0C32114B.pf
Found ! - C:\WINDOWS\Prefetch\MEDIAMONKEY.EXE-0382EE81.pf
Found ! - C:\WINDOWS\Prefetch\MEDIAMONKEY_3.0.6.1190.EXE-3897FEA8.pf
Found ! - C:\WINDOWS\Prefetch\MEDIAMONKEY_3.0.6.1190.TMP-00602839.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [17/12/2008 00:32] - C:\WINDOWS\system32\mdelk.exe
Found ! [17/12/2008 00:32] - C:\WINDOWS\system32\wintems.exe

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

»»»» Presence des fichiers dans C:\Documents and Settings\Martial L\Application Data

Found ! [17/12/2008 00:33] - "C:\Documents and Settings\Martial L\Application Data\m\flec006.exe"
Found ! [17/12/2008 00:33] - "C:\Documents and Settings\Martial L\Application Data\m\list.oct"
Found ! [17/12/2008 00:34] - "C:\Documents and Settings\Martial L\Application Data\m\data.oct"
Found ! [17/12/2008 00:34] - "C:\Documents and Settings\Martial L\Application Data\m\srvlist.oct"
Found ! [17/12/2008 00:34] - "C:\Documents and Settings\Martial L\Application Data\m\shared"
Found ! [16/12/2008 23:36] - "C:\Documents and Settings\Martial L\Application Data\m"
Found ! [16/12/2008 23:28] - "C:\Documents and Settings\Martial L\Application Data\drivers"
Found ! [17/12/2008 00:32] - "C:\Documents and Settings\Martial L\Application Data\drivers\srosa.sys"
Found ! [17/12/2008 00:32] - "C:\Documents and Settings\Martial L\Application Data\drivers\srosa2.sys"
Found ! [06/01/2004 04:09] - "C:\Documents and Settings\Martial L\Application Data\drivers\winupgro.exe"
Found ! [17/12/2008 01:15] - "C:\Documents and Settings\Martial L\Application Data\drivers\downld"
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\110921.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\112046.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\112468.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\122375.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\122437.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123265.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123640.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123750.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123937.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\141296.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\165546.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\166421.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\167203.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\177046.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\177656.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\178031.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\212265.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\213171.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\225625.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\226265.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\226484.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\240671.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\241890.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\242843.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\243734.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\244328.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\244703.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\259875.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\260296.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\260750.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\268312.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\316468.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\321421.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\322562.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\323078.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\335953.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\336828.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\336906.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\351093.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\351609.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\351687.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\354437.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\355125.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\355453.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\366609.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\368046.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\368734.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\369812.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\370734.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\371328.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\37937.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\38515.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\38609.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\387468.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\388109.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\388562.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\42390.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\444093.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\457093.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\458921.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\459234.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\480078.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\48562.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\492265.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\493171.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\493640.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\49687.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\49734.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\49796.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\53734.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\54250.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\54265.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\58265.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\67531.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\69046.exe
Found ! [17/12/2008 01:15] - C:\Documents and Settings\Martial L\Application Data\drivers\downld\69546.exe

»»»» Presence des fichiers dans C:\DOCUME~1\MARTIA~1\LOCALS~1\Temp

»»»» Presence des fichiers dans C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5

Found ! [16/12/2008 23:39] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\0O9HF6ZF\b64_1[1].jpg
Found ! [17/12/2008 00:32] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\0O9HF6ZF\b64_3[1].jpg
Found ! [17/12/2008 00:33] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\2HHT9VHF\b64[1].jpg
Found ! [17/12/2008 00:32] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\2HHT9VHF\mxd[1].jpg
Found ! [17/12/2008 00:34] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\2HHT9VHF\mxd[2].jpg
Found ! [16/12/2008 23:39] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C1GTKU2C\b64_2[1].jpg
Found ! [16/12/2008 23:32] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C1GTKU2C\b64_3[1].jpg
Found ! [16/12/2008 23:36] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64[1].jpg
Found ! [17/12/2008 00:36] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64_1[1].jpg
Found ! [17/12/2008 00:37] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64_2[1].jpg
Found ! [16/12/2008 23:28] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64_3[1].jpg
Found ! [16/12/2008 23:36] - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\mxd[1].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
PWRISOVM.EXE=C:\Program Files\PowerISO\PWRISOVM.EXE
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\software\local appwizard-generated applications\crac]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

C'est grave docteur. Merci du coup de main

Réponse 2 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 01:31

--> Double-clique sur le raccourci FindyKill sur ton Bureau.

--> Au menu principal, choisis l'option 2 (Suppression).

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

--> Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Réponse 3 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 01:42

----------------- FindyKill V4.709 ------------------

* User : Martial L - SN301294240005
* executed from : C:\Program Files\FindyKill
* Update on 10/12/08 par Chiquitine29
* Start at 1:35:22 the 17/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\KEYGEN.EXE-0C32114B.pf
Deleted ! - C:\WINDOWS\prefetch\MEDIAMONKEY.EXE-0382EE81.pf
Deleted ! - C:\WINDOWS\prefetch\MEDIAMONKEY_3.0.6.1190.EXE-3897FEA8.pf
Deleted ! - C:\WINDOWS\prefetch\MEDIAMONKEY_3.0.6.1190.TMP-00602839.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming

»»»» Supression files in C:\WINDOWS\system32\drivers

Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys

»»»» Supression files in C:\Documents and Settings\Martial L\Application Data

Deleted ! - "C:\Documents and Settings\Martial L\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\4 Yeo In Font 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\670 7650 3660 3650 Symbian Java - Mobiloads Group(1).zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\AceHTMLReports Plus 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\AD Three Bears - Animated Desktop Wallpaper 5.07.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Aimersoft DVD to Mobile Devices Converter 2.0.1.12.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Ali Landry 12 Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\ALO RM MP3 Cutter 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\An Arc Clock 2.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\AnswerMyPhone 2.91.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\ARELIS 4.4.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\ARkeeper PRO 1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\atEcho 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\AutoClose 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Bandwidth Reporter & Monitor 1.0.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\BBC News 1.00.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\BetMarket Trader 1.01.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\BitWise Chat 1.7.3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\BlackMoon FTP Server 3.1.2.1731.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Bookmark Wizard 2.01.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\BPSNMPMon 1.0.0.7.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Browser Extension Manager 1.0.3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Butterfly Jungle 3D Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Bytepointer Home Accounting 1.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Calc It Calculator 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Chronice 2.6 b17.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\CineGobs Keyer 2.2.0.109.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Clients 1.3.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Crossword Power 9.01.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Desktop Forest 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Desktop Guitarist 2.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Dict.CN Dictionary 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\DigiPan 2.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\DiskImagery64 0.7.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Dive Assistant Desktop Edition 2008 8.1.3121.28810.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Edsid ImageManipulator 1.02.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\EMIPLIB 0.14.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Employees of the Company 2.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\ExAlert for Windows Messenger 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\ExpressSync 2.2.118.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\eXTree 4.0.0.4.8076.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\FatB DeskMate 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\FileList 2.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\FindDuplicates 0.81.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Fraunhofer MP3 Surround 2.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Free PS Convert Driver 8.15.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Gameloft.Might.And.Magic.II.v1.0.2.Nokia.N6230i.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\GISEYE Value Converter 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Gold Calculator Gold Edition 3.21.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\GoodOK AVI ASF WMV MPEG MOV MP4 FLV Converter 6.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Google PageRank for Delphi 1.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Greensboro Traffic Cameras 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Home icons V2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\HP0-094 Practice Exam Testing Engine Software 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\HP0-815 - Advanced SAN Architecture Practice Exam Questions 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Icons for Mobile.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Impress Password Recovery 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Internet Radio 3.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\iSpeed 3.55.215.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Jason DVD to H264 Converter 5.00.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Journal 1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Khmer Dictionary 3.0.3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\KwikLaunch 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\LogPA 2.1.183.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Macadrs 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\MF Autokeys 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\MHTML Converter 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Microsoft 70-227 Exam.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\MoSs Bitrate Calculator 0.2 Beta.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Moyea DVD to Zune Converter 1.6.1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\MYSTIC PROPHET 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\News Media 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\NOD32.v2.51.26.+.Fix.[EspaÇñol-Spanish].by.Zeyckler.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\NTFS data recovery software 3.0.1.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\NVT Rogue Software and Fake.Alert Remover 1.0.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Open Ports Scanner 1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Panda.Internet.Security.2006.Multi-BS.by.GEAR.for.www.goldesel.to.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\pdDesktopTV 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\PDF Conversion Series - PDF2Htm 2.0 Build 0915.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Perspector 4.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Professional Template Pack - English 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\PurchAce 1.6.3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Quick Image Transfer 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\QuickMask 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\radares_espa¤a(fijos-moviles-semaforos)para_tomtom_mobile updated-fixed 06-2006.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Rajna.(2002).-.Gasne.Plamak.-.Kompl.Mp3-Album.192Kbps.-.Incl.Cover.&.Label.-.By.Panda.1960.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\RCL Music Ministry 6.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Remove Clipboard Formatting 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\SC Audio Converter 7.2.0.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Seattle Drinks Reader 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Siemens Sports Gadget 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\SkullyDoo 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Snowfall3D Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\SoftPepper MOV Converter 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Softwin.Bitdefender.Standard.9.serial.keygen.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Soundwax Editor 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\SpamFilter for Eudora 1.4.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\SSForge Standard 1.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Stellar Phoenix Novel NWFS 3.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Stereoplacer 2.3.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Sun & Moon on Screen 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Swiftpage for Access 1.7.3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Tao.Tao-Les.histoires.de.Pandi-Panda(Vol7.da.fr-Ç¸pisode.1.Çÿ.5).dvd.rip.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Taskwise Lite 2.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\TeraCopy Portable 2.0 Beta 3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\The Panorama Factory 5.2.2748.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Thumbnailer 1.5.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Tile Builder Art Pack 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Topcooler Calculator 01A 9.199.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\TopSpyAdware Remover.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Total CAD Printer 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Trillian 3.1.9.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Twitter FriendAdder 2.1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\U-Broadcast 1.55.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Usenet Junkie 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\VB 001 Joiner 1.0.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\VideoScreenSaver 1.3.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Virtual Desk 1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Vista Vertical Flyout Menu 1.0.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\VST Player 1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Vueling EN toolbar for Firefox 1.0.1.30.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Water Screensaver 1.02.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Window Minimizer 1.2.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Xceed Input Validator for .NET 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\XDenSer NetMPTree 1.1.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\XVCD Bitrate Calculator 1.11.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\Zip Code Genie 1.0.zip
Deleted ! - C:\Documents and Settings\Martial L\Application Data\m\shared\[Symantec.AntiVirus.Corporate.v10.1.‡©?„«"„÷ð‘-Î‡%^].SAV10.1CN.zip
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\m\shared"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\m"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\110921.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\112046.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\112468.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\122375.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\122437.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123265.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123640.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123750.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\123937.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\141296.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\165546.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\166421.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\167203.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\177046.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\177656.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\178031.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\212265.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\213171.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\225625.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\226265.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\226484.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\240671.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\241890.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\242843.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\243734.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\244328.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\244703.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\259875.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\260296.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\260750.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\268312.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\316468.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\321421.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\322562.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\323078.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\335953.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\336828.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\336906.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\351093.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\351609.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\351687.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\354437.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\355125.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\355453.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\366609.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\368046.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\368734.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\369812.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\370734.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\371328.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\37937.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\38515.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\38609.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\387468.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\388109.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\388562.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\42390.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\444093.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\457093.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\458921.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\459234.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\480078.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\48562.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\492265.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\493171.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\493640.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\49687.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\49734.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\49796.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\53734.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\54250.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\54265.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\58265.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\67531.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\69046.exe
Deleted ! - C:\Documents and Settings\Martial L\Application Data\drivers\downld\69546.exe
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Martial L\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\MARTIA~1\LOCALS~1\Temp

»»»» Supression files in C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\0O9HF6ZF\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\0O9HF6ZF\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\2HHT9VHF\b64[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\2HHT9VHF\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\2HHT9VHF\mxd[2].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C1GTKU2C\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C1GTKU2C\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Martial L\Local Settings\Temporary Internet Files\Content.IE5\C4LLPQ45\mxd[1].jpg

--------------- [ Other deleting ] ----------------

Infected ! - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> Deleted !

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\Local AppWizard-Generated Applications\MsnMsgr
Deleted ! - HKEY_USERS\S-1-5-21-420477836-1676426551-3034942098-1005\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

+- deleting files :

--------------- [ Registry / Mountpoint2 ] ----------------

-> Not found !

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Martial L\Mes documents\Downloads\Portrait Professional Max 6.3.5+Crack-HeartBug
C:\Documents and Settings\Martial L\Mes documents\Downloads\MediaMonkey.Gold.v3.0.6.1190.Multilingual.Incl.Keymaker-CORE\MediaMonkey.Gold.v3.0.6.1190.Multilingual.Incl.Keymaker-CORE\keygen.exe
C:\Documents and Settings\Martial L\Mes documents\Downloads\Portrait Professional Max 6.3.5+Crack-HeartBug\Cracked
C:\Documents and Settings\Martial L\Mes documents\Downloads\Portrait Professional Max 6.3.5+Crack-HeartBug\Declaration of Use!!!.txt
C:\Documents and Settings\Martial L\Mes documents\Downloads\Portrait Professional Max 6.3.5+Crack-HeartBug\How to Install!!!.txt
C:\Documents and Settings\Martial L\Mes documents\Downloads\Portrait Professional Max 6.3.5+Crack-HeartBug\PortraitProfessionalMaxSetup.exe
C:\Documents and Settings\Martial L\Mes documents\Downloads\Portrait Professional Max 6.3.5+Crack-HeartBug\Cracked\PortraitProfessional.exe
C:\Documents and Settings\Martial L\Recent\Portrait Professional Max 6.3.5+Crack-HeartBug.lnk

---------------- ! End of report ! ------------------

En revanche j ai eu une fenetre "Windows - Pas de disque" qui est apparu plusieurs fois avec ecrit dedans :
Exception Processing Message c0000013 Parameters 75afbfc 4 75afbf7c 75afbfc

Réponse 4 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 01:48

a chaque fois mon message est modéré, je peux pas poser mon rapport ?? comment faire ?

Réponse 5 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 01:52

---> Uploader un fichier sur Mediafire :
● Rends-toi sur ce lien : https://www.mediafire.com/
● Clique en haut sur Upload files To Media fire. Choisis ensuite I want to upload without an account.
● Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur ouvrir.
● Clique ensuite sur Upload.
● A droite de l'écran, choisis : upload to a new folder. Laisse le nom par défaut (= la date).
● Valide et laisse l'upload se faire.
● Clique sur View uploaded file et copie-moi l'url (= le lien) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

Réponse 6 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 01:58

et voila:

https://www.mediafire.com/?sharekey=e572e1475cdfc9a491b20cc0d07ba4d2d3a7cdf60f9770c6

Réponse 7 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 02:01

En revanche durant ce que tu m as fait faire j ai eu quelque fenetre
"Windows - Pas de disque":
Exception Processing Message c0000013 Parameters 75afbfc 4 75afbf7c 75afbfc.

J ai cliqué sur continuer pour pouvoir finir, je sais pas si ca a une importance.

Réponse 8 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 02:01

Un modérateur a débloqué ton rapport.

---> Réinstalle tes logiciels comme Windows Live Messenger, ton antivirus (Je te conseille Antivir à la place d'Avast), etc...

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.

Réponse 9 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 02:23

Logfile of random's system information tool 1.04 (written by random/random)
Run by Martial L at 2008-12-17 02:22:14
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 127 GB (65%) free of 194 GB
Total RAM: 1023 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:22:23, on 17/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Martial L\Mes documents\Mes telechargements\RSIT.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\Martial L.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

Réponse 10 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 02:23

info.txt logfile of random's system information tool 1.04 2008-12-17 02:22:27

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001}
-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01958032-9877-4118-B87F-9EFA74B3F15F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0DAEA5-826C-4A76-B176-56959B99D3F0}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-000000000001}
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Ant Renamer-->"C:\Program Files\Ant Renamer\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Aureon 5.1 Fun ControlPanel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17A87ED9-129A-4516-A3BF-5E513D23C3BB}\Setup.exe" -l0x9
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON Scan-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0131B2-CF18-40D9-A331-60A3746C1204}\SETUP.EXE" -l0x40c UNINSTALL
ffdshow [rev 2060] [2008-08-01]-->"C:\Program Files\ffdshow\unins000.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Jeyo Mobile Extender 2.5 pour Outlook-->"C:\Program Files\Jeyo\JME_WM\unins000.exe"
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Last.fm 1.5.2.38918-->"C:\Program Files\Last.fm\unins000.exe"
Ma-Config.com-->MsiExec.exe /X{DD987A54-122B-4CFD-A8C5-5577027A6B78}
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Morgan Stream Switcher-->"C:\Program Files\Morgan\mmswitch\uninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
NeoDivx 2008-->"C:\Program Files\NeoDivX2008\uninstall.exe"
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Portrait Professional Max 6.3-->"C:\Program Files\Portrait Professional Max 6\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\SETUP.EXE" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
S800-->C:\WINDOWS\system32\CNMCP2T.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S800 Installer\Inst\DeIsL1.isu" -pCanon S800-c"C:\BJPrinter\CNMWINDOWS\Canon S800 Installer\Inst\bjinst.dll
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
TuneSleeve-->MsiExec.exe /X{DFEB0187-26A1-4256-B906-6397D7062BB6}
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WorldUnlock Codes Calculator-->"C:\Program Files\WorldUnlock Codes Calculator\uninst.exe"
x264 Revision 305 x264.nl (remove only)-->"C:\Program Files\x264\x264-uninstall.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
xp-AntiSpy 3.96-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

======Security center information======

AV: Avira AntiVir PersonalEdition Classic

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 8, AuthenticAMD
"PROCESSOR_REVISION"=0408
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

Réponse 11 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 02:24

Voila, c est du chinois pour moi tout ca, il faudrait que je m y mette un jour.

Réponse 12 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 02:28

---> Désinstalle FindyKill.

---> Mets à jour Adobe Reader :
https://get2.adobe.com/reader/otherversions/

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Réponse 13 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 02:48

Je lutte enfin le pc lutte un peu pour telecharger Malwarebytes' Anti-Malware (MBAM) , il bloque a 37%, il faut que je reprenne a chaque fois mais ca va le faire. En tout cas merci a toi car pour l instant, tout ce que tu m a fait faire j en aurais etait incapable seul

Réponse 14 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 02:50

J'ai mis MBAM ici :
http://sd-1.archive-host.com/membres/up/3288717712384394/mbam-setup.exe

Réponse 15 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 02:54

Merci, meme pas 10 seconde avec ton lien, j attends la mise a jour et je fais ce que tu m as dis.

Réponse 16 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 02:57

Le serveur MBAM est lent en ce moment, c'est pour ça que je te l'ai uploadé sur un hébergeur.

Réponse 17 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 03:08

Et voila :

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1510
Windows 5.1.2600 Service Pack 3

17/12/2008 03:08:16
mbam-log-2008-12-17 (03-08-16).txt

Type de recherche: Examen rapide
Eléments examinés: 52900
Temps écoulé: 3 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Réponse 18 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 03:09

- Fais un scan en ligne ici https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (Avec Internet Explorer).

- En bas à droite, clique sur Démarrer Online-scanner.

- Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

- Accepte les Contrôles ActiveX.

- Choisis Poste de travail pour le scan.

- Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

- Pour t'aider à utiliser le scan en ligne :
https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId291566

NOTE : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

- Lis ceci en cas de problème d'installation du Contrôle ActiveX :
http://cybersecurite.xooit.com/t123-Les-controles-ActiveX.htm

Réponse 19 / 41

wkm Messages postés 504 Date d'inscription mercredi 20 juin 2007 Statut Membre Dernière intervention 10 avril 2010 105
17 déc. 2008 à 03:14

la il devrait y en avoir pour un certain moment, ca se compte peut etre en heure ?? non ??

Réponse 20 / 41

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
17 déc. 2008 à 03:14

Tu le fais quand tu as le temps mais donne-moi des nouvelles.

Avast n'est pas une application Win 32 valide

41 réponses

Discussions similaires

Newsletters