Sujet Précédent Sujet Suivant

Virus qui désactive toute les sécurités

teddy -  
totobetourne Messages postés 5677 Statut Membre -
Bonjour,bonjour a tous
j'utilise windows vista, et depuis un moment mon anti virus a été désactivé et tt autres forme de sécurité aussi , il m'est impossible de démarrer avast ( win32 invalide) ainsi que tout anti spyware et logiciels ndu genre ccleaner, aussi je pense que cela vient du meme virus windows live messenger et ma wifi ne fonctionne plus sur mon ordi ...voila aprés avoir tt essayé ce que j'était capable de faire j'ai vraiment besoins d'aide merci d'avance
A voir également:

7 réponses

Réponse 1 / 7
totobetourne Messages postés 5677 Statut Membre 65
 
bonjour(fais dans l ordre)

1)pour vista si infection.

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html

2)surement infection bagle , si tu as telecharge un crack ou un keygen alors vire le.

3)passe cet outil
Télécharges FindyKill de Chiquitine29

Fais un clique droit sur le lien et choisis "enregistrer la cible sous ...." , destination le bureau .

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

--> Entre dans le dossier " FindyKill "

Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

->choisis l'option 1 . Puis laisses travailler ...

Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )
0
Réponse 2 / 7
teddy
 
je te remercie je fais ça et je fais suivre le rapport a plus tard et merci encore
0
Réponse 3 / 7
teddy
 
----------------- FindyKill V4.709 ------------------

* User : Dany - PC-DE-DANY
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 10/12/08 par Chiquitine29
* Recherche effectuée à 22:42:32 le 19/12/2008
* Windows Vista - Internet Explorer 7.0.6001.18000

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Users\Dany\AppData\Roaming\drivers\winupgro.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Users\Dany\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Dany\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe

--------------- [ Processus infectieux stoppés ] ----------------

"C:\Users\Dany\AppData\Roaming\drivers\winupgro.exe" (3064)

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

»»»» Presence des fichiers dans C:\Windows

»»»» Presence des fichiers dans C:\Windows\Prefetch

Found ! - C:\Windows\prefetch\WINUPGRO.EXE-285E4F7B.pf
Found ! - C:\Windows\Prefetch\INSTALL_CRACK.EXE-35ACF192.pf
Found ! - C:\Windows\Prefetch\INSTALL_CRACK.EXE-35ACF192.pf

»»»» Presence des fichiers dans C:\Windows\system32

Found ! [19/12/2008 22:40] - C:\Windows\system32\mdelk.exe
Found ! [19/12/2008 22:40] - C:\Windows\system32\wintems.exe
Found ! [19/12/2008 22:41] - C:\Windows\system32\ban_list.txt

»»»» Presence des fichiers dans C:\Windows\system32\config\systemprofile\AppData\Roaming

»»»» Presence des fichiers dans C:\Windows\system32\drivers

»»»» Presence des fichiers dans C:\Users\Dany\AppData\Roaming

Found ! [19/12/2008 22:10] - "C:\Users\Dany\AppData\Roaming\m\flec006.exe"
Found ! [19/12/2008 22:10] - "C:\Users\Dany\AppData\Roaming\m\list.oct"
Found ! [19/12/2008 22:10] - "C:\Users\Dany\AppData\Roaming\m\data.oct"
Found ! [19/12/2008 22:10] - "C:\Users\Dany\AppData\Roaming\m\srvlist.oct"
Found ! [19/12/2008 22:41] - "C:\Users\Dany\AppData\Roaming\m\shared"
Found ! [19/12/2008 20:24] - "C:\Users\Dany\AppData\Roaming\m"
Found ! [19/12/2008 20:20] - "C:\Users\Dany\AppData\Roaming\drivers"
Found ! [19/12/2008 22:40] - "C:\Users\Dany\AppData\Roaming\drivers\srosa.sys"
Found ! [19/12/2008 22:40] - "C:\Users\Dany\AppData\Roaming\drivers\srosa2.sys"
Found ! [04/02/2004 06:02] - "C:\Users\Dany\AppData\Roaming\drivers\winupgro.exe"
Found ! [19/12/2008 22:42] - "C:\Users\Dany\AppData\Roaming\drivers\downld"
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\105160.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\106392.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\108420.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\116891.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\117671.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\121212.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\122179.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\122195.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\122226.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\127967.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\140478.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\141726.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\141929.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\142382.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\150681.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\151289.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\151492.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\151820.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\154955.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\154971.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\161944.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\161975.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\163551.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\164534.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\171569.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\172646.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\173067.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\179931.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\180898.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\181007.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\181163.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\182193.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\182599.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\191460.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\192661.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\193160.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\193971.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\194907.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\195765.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\199946.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2118571.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2121332.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2126621.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2134717.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\213534.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2135903.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2136262.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\214314.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2144280.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2144920.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2145232.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\214641.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2161971.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2182282.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2183171.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2183421.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2196478.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2197320.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2197336.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\219805.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\220897.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2209020.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2210081.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2210518.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2211282.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\221147.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2211922.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2212359.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2234402.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2234979.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2235291.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2249331.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2255634.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2257537.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2257911.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2275165.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2284712.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2285118.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\2285196.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\230678.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\234999.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\235467.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\235499.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\247214.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\248493.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\248977.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\249773.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\250475.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\251068.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\268118.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\270006.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\270271.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\270770.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\272346.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\272783.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\285341.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\289413.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\289428.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\289693.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\303905.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\307119.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\307727.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\308585.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\309958.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\316292.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\320566.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\322220.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\322703.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\336150.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\337461.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\338522.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\342234.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\353669.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\354559.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\354839.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\459376.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\523757.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\536159.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\537485.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\556923.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\569996.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\571712.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\572086.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\77142.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\84022.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\84037.exe
Found ! [19/12/2008 22:42] - C:\Users\Dany\AppData\Roaming\drivers\downld\88000.exe

»»»» Presence des fichiers dans C:\Users\Dany\AppData\Local\Temp

»»»» Presence des fichiers dans C:\Users\Dany\Local Settings\Temporary Internet Files\Content.IE5

Found ! [19/12/2008 20:54] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28P7SGJZ\b64[1].jpg
Found ! [19/12/2008 20:56] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28P7SGJZ\b64_1[1].jpg
Found ! [19/12/2008 19:52] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28P7SGJZ\b64_3[1].jpg
Found ! [19/12/2008 20:21] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28P7SGJZ\b64_3[2].jpg
Found ! [19/12/2008 20:22] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZPXM6YQ\b64[1].jpg
Found ! [19/12/2008 20:27] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZPXM6YQ\b64_1[1].jpg
Found ! [19/12/2008 22:10] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XELQTP2O\b64[1].jpg
Found ! [19/12/2008 20:28] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XELQTP2O\b64_2[1].jpg
Found ! [19/12/2008 22:12] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XELQTP2O\b64_2[2].jpg
Found ! [19/12/2008 20:54] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XELQTP2O\b64_3[1].jpg
Found ! [19/12/2008 22:40] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XELQTP2O\b64_3[2].jpg
Found ! [19/12/2008 20:26] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZCJ7I62O\b64_1[1].jpg
Found ! [19/12/2008 22:12] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZCJ7I62O\b64_1[2].jpg
Found ! [19/12/2008 20:56] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZCJ7I62O\b64_2[1].jpg
Found ! [19/12/2008 22:09] - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZCJ7I62O\b64_3[1].jpg
Found ! [28/10/2008 19:54] - C:\Users\Dany\Music\un peu de tout\AlbumArt_{C68FEB55-1E5A-47E1-B649-A3F9CEEDBCA0}_Large.jpg
Found ! [28/10/2008 19:54] - C:\Users\Dany\Music\un peu de tout\AlbumArt_{C68FEB55-1E5A-47E1-B649-A3F9CEEDBCA0}_Small.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
ehTray.exe=C:\Windows\ehome\ehTray.exe
toscdspd=TOSCDSPD.EXE
swasc="c:\users\dany\appdata\local\swasc.exe" swasc

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
RtHDVCpl=RtHDVCpl.exe
TPwrMain=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
00TCrdMain=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
KeNotify=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
HWSetup=\HWSetup.exe hwSetUP
NDSTray.exe=NDSTray.exe
StartCCC=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
OlStatusMon="C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\InstallerApp]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\install_crack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\msnmsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\SkyTel]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\Local AppWizard-Generated Applications\install_crack
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\Local AppWizard-Generated Applications\msnmsgr
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_crack
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\msnmsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\FFC
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

Wlansvc - Type de démarrage = 2

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

/!\ WinDefend - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe
E: - Lecteur fixe
F: - Lecteur de CD-ROM

+- Contenu de l'autorun : F:\autorun.inf

[autorun]
open=Autorun.exe
Icon=Sims2.ico
Name=The Sims 2

[Special]
Disk=1
ProductGuiID={6E7DD182-9FC6-4651-0095-2E666CC6AF35}

+- presence des fichiers :

Found ! [26/02/2005 22:41][-r-------] - F:\autorun.inf

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

voila le rapport j'attend les prochaine instruction merci!!
0
Réponse 4 / 7
totobetourne Messages postés 5677 Statut Membre 65
 
1)Réouvre FindyKill , choisi cette fois ci l option 2 (Suppression)

/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage terminé"

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

2)telecharge cela:util pour voir ce que peut etre l infection et agir ensuite.

http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

installe le normallement comme tout autre programme dans c/programme/...............
clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
0
teddy
 
----------------- FindyKill V4.709 ------------------

* User : Dany - PC-DE-DANY
* executed from : C:\Program Files\FindyKill
* Update on 10/12/08 par Chiquitine29
* Start at 23:05:10 the 19/12/2008
* Windows Vista - Internet Explorer 7.0.6001.18000


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\Windows


»»»» Supression files in C:\Windows\Prefetch

Deleted ! - C:\Windows\prefetch\INSTALL_CRACK.EXE-35ACF192.pf
Deleted ! - C:\Windows\prefetch\WINUPGRO.EXE-285E4F7B.pf

»»»» Supression files in C:\Windows\system32

Deleted ! - C:\Windows\system32\mdelk.exe
Deleted ! - C:\Windows\system32\wintems.exe
Deleted ! - C:\Windows\system32\ban_list.txt

»»»» Supression files in C:\Windows\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\Windows\system32\drivers

Deleted ! - C:\Windows\system32\drivers\srosa.sys
Deleted ! - C:\Windows\system32\drivers\srosa2.sys

»»»» Supression files in C:\Users\Dany\AppData\Roaming

Deleted ! - "C:\Users\Dany\AppData\Roaming\m\flec006.exe"
Deleted ! - "C:\Users\Dany\AppData\Roaming\m\list.oct"
Deleted ! - "C:\Users\Dany\AppData\Roaming\m\data.oct"
Deleted ! - "C:\Users\Dany\AppData\Roaming\m\srvlist.oct"
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AB-Edit 1.2.1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Acid Burn 2.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ADOT Freeway Cameras 0.0.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AI Picture Utility 8.5.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Ali Landry 37 Screensaver 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ALSEDI Pinger 1.03.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Amond DVD Audio Ripper 3.1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AndreaMosaic 3.30.3.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Animated Beginning Typing 1.20.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Any DVD Converter for iPod 3.6.7.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Armor Piercing.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Ascari KZ1 Screensaver 2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ASWSystems Toolbars Pack - Palettes - 24 colors 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AutoQ3 0.5.10.64.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AutoVer 1.2.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AVG Rescue CD 7.5.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AVG.AntiVirus.Pro.Edition.7.5.432.Incl.Keygen.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\AVI MPEG WMV ASF MOV FLV to MP4 Converter 5.9.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\BestSiteBrowser 2.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Betty Boop Boxing Clock Screensaver 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Bookmark Duplicate Detector 0.7.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Capture My Screen 1.03.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\CC-CAM alarm system 1.4.6.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Chatlog 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ComicRack 0.9.99.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Cool Free All Video to FLV Flash Converter 6.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Desktoplet 1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Die Roll Probability Generator 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\DownShift.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\DVD Photo Slideshow Pro 7.96.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\DVRomantic Seaside Screensaver 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\EncryptMate LE 1.5.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Everest Home Edition 2.20.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ExitWin 2004.07.03.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\File Mirror 2.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\FileSplitter 0.0.18.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Folder Scout 1.1.1 Build 211.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Freesky video to AVI 2.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Glass Block Calculator 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Goods Account 1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Grisoft.Avg.Internet.Security.7.5.Multilingual.Keygen.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\GROOVE 1.4.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\GTD-Free 0.4.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Home accounting (UDF) 1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Home Revision Management System 1.5.2.57.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Hotel Search Vista Gadget 1.7.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\HP0-841 Practice Exam Testing Engine Software 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Incredimail Email Extractor Pro 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\InstallConstruct 7.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Internet Radio Bangla 2.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\iRating 1.3.1.3.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\JewelQuest.J2ME(Nokia N73).v1.0.8.DDJ.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\JOCR 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Kaspersky.Anti-Virus.Personal.Pro.PL.with.2006.02.22.KeyFiles.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Kaspersky.AVP.Platinum.5.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Keygen.do.AVG.7.1.Pro.BR.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Kite 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\MA File Viewer 3.0.0.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\MailBee.NET Security 4.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Material Safety Viewer 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\McAfee_SiteAdvisor_for_Internet_Explorer_1.7.0.53.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Military Collector 1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\MK Dictionary Lookup Final Release.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Moo Man 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\MS Word Import Multiple Text Files Software 7.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\myLauncher 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Neat Icons Core Set 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Nod32.Antivirus.2.12.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\NotesLog 2006.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Octochat 0.3.224.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Office Icons.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\OpenCards 0.11.2 (1.0 RC1).zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Optimize GUITIDY 1.05.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Outlook Express Group Mail 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Pfilter 1.3.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\PingGraph 2.0.1.15.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\PIS Studios SEO Toolkit 2.4.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Point Tweaker 2.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\POP3 Cleaner 1.00 beta.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Portable Durable Copy 3.5.4.136.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Portable Save2FTP 1.9.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\PowerBB 2.2.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\PQ iPhone Movie Video Converter 1.0.10.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Quasar the star-maker 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Quick Guide to English Verbs 1.01.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\quick.heal.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Ranks 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ReadClip 1.2.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Rect 1.2.3.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Remote Folders 1.37.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\RoMac Basic Equalizer 1.0.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Save4Net 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Saxon 8.9.0.4n.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Sci Frame 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Secret Coder 1.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Secret Word Grabber 1.3.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Secure FTP Wrapper 2.5.9.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ShortKeys 2.3b.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\ShutxDown 1.1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\SOC 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Sonic Frame ActiveX Control 2.1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Sonic Skinner Control 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Speed Search 2.8.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\SqlAnswersQuery 1.0.3.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\SSC DiskAccess NFS Client 6.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Sticker Book 4
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Street_Fighter 2 J2ME 240x320 Nokia N92 N93 N73 E61 N71 E50_adapted.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\SVK Protector 1.32.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Teletwitter 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Temple of the Sun 3D Screensaver 1.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Tenox Aclock 1.9.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\The Fourth Day 1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Tiff Splitter Magic 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Translucent Baby Bubbles 1.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\TrayInfo 1.03.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\uCertify PrepKit for test 70-221 6.08.05.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\US Yellow Pages search 1.0.0.0.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\VASAIO 2.1.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Virtual AGC 20060110.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\VRbrochure Professional Suite 1.4.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Winamp Mp3Pro Plugin 1.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\X-Cart Gold 4.1.11.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\XDIR 2.6.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Xml Differ 2.2.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\YASA DVD to MP4 Converter 2.9.44.1262.zip
Deleted ! - C:\Users\Dany\AppData\Roaming\m\shared\Yep 1.1.zip
Deleted ! - "C:\Users\Dany\AppData\Roaming\m\shared"
Deleted ! - "C:\Users\Dany\AppData\Roaming\m"
Deleted ! - "C:\Users\Dany\AppData\Roaming\drivers\srosa.sys"
Deleted ! - "C:\Users\Dany\AppData\Roaming\drivers\srosa2.sys"
Deleted ! - "C:\Users\Dany\AppData\Roaming\drivers\winupgro.exe"
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\105160.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\106392.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\108420.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1136592.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1140585.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1140679.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1146092.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1153705.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1155031.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1155421.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1163673.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1164407.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1164734.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\116891.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\117671.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\121212.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\122179.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\122195.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\122226.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1224857.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1225918.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1226136.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1238164.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1238569.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1238585.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1248632.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1249677.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1250114.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1250769.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1251408.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1251845.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1268693.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1269239.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1269536.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\127967.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1282905.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1287757.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1288989.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1289348.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1304199.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1312904.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1313169.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\1313278.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\140478.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\141726.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\141929.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\142382.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\150681.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\151289.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\151492.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\151820.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\154955.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\154971.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\161944.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\161975.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\163551.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\164534.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\171569.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\172646.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\173067.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\179931.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\180898.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\181007.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\181163.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\182193.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\182599.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\191460.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\192661.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\193160.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\193971.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\194907.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\195765.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\199946.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2118571.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2121332.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2126621.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2134717.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\213534.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2135903.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2136262.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\214314.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2144280.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2144920.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2145232.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\214641.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2161971.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2182282.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2183171.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2183421.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2196478.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2197320.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2197336.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\219805.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\220897.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2209020.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2210081.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2210518.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2211282.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\221147.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2211922.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2212359.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2234402.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2234979.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2235291.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2249331.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2255634.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2257537.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2257911.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2275165.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2284712.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2285118.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\2285196.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\230678.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\234999.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\235467.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\235499.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\247214.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\248493.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\248977.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\249773.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\250475.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\251068.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\268118.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\270006.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\270271.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\270770.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\272346.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\272783.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\285341.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\289413.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\289428.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\289693.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\303905.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\307119.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\307727.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\308585.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\309958.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\316292.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\320566.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\322220.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\322703.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\336150.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\337461.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\338522.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\342234.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\353669.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\354559.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\354839.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\459376.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\523757.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\536159.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\537485.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\556923.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\569996.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\571712.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\572086.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\77142.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\84022.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\84037.exe
Deleted ! - C:\Users\Dany\AppData\Roaming\drivers\downld\88000.exe
Deleted ! - "C:\Users\Dany\AppData\Roaming\drivers\downld"
Deleted ! - "C:\Users\Dany\AppData\Roaming\drivers"

»»»» Supression files in C:\Users\Dany\AppData\Local\Temp


»»»» Supression files in C:\Users\Dany\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PMYEG40\b64_2[1].jpg
Deleted ! - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PMYEG40\b64_3[1].jpg
Deleted ! - C:\Users\Dany\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WB3THX9D\b64_1[1].jpg
Deleted ! - C:\Users\Dany\Music\un peu de tout\AlbumArt_{C68FEB55-1E5A-47E1-B649-A3F9CEEDBCA0}_Large.jpg
Deleted ! - C:\Users\Dany\Music\un peu de tout\AlbumArt_{C68FEB55-1E5A-47E1-B649-A3F9CEEDBCA0}_Small.jpg

--------------- [ Other deleting ] ----------------

Infected ! - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> Deleted !

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\Local AppWizard-Generated Applications\install_crack
Deleted ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\Local AppWizard-Generated Applications\msnmsgr
Deleted ! - HKEY_USERS\S-1-5-21-3136413551-1403066609-196552192-1000\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Wlansvc - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe
E: - Lecteur fixe
F: - Lecteur de CD-ROM

+- deleting files :

Not deleted !! - F:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------



---------------- ! End of report ! ------------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
teddy
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:22, on 19/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Users\Dany\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Users\Dany\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [toscdspd] TOSCDSPD.EXE
O4 - HKCU\..\Run: [swasc] "c:\users\dany\appdata\local\swasc.exe" swasc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Dany\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Olivetti Monitor Service (olMntrService) - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 6 / 7
teddy
 
Mon pc refonctionne a la perfection je te remercie de ton aide A+
0
Réponse 7 / 7
totobetourne Messages postés 5677 Statut Membre 65
 
attend c est pas fini il y a autre chose comme infection apres on verifiera , on peut ameliorer ton ordi au demarrage puis ameliorer tes defences.

tu télécharge navilog1
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Acces à snapchat temporairement désactivé
Anto_1234 -
Lemoche -

92 réponses