Se connecter / S'enregistrer
Votre question

résolu Un virus bloque mon anti virus

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Juin 2010 19:38:35

Suite a différent conseil sur ce forum j'ai fait un scan avec combofix.Je l'ai renommé et suivi les instruction a la lettre.En fait le virus bloque mon antivirus
Voici le rapport, qui peut m'aider svp Merci
ComboFix 10-06-01.01 - Admin 01/06/2010 19:02:08.1.1 - x86 DSREPAIR
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.511.315 [GMT 2:00]
Lancé depuis: c:\documents and settings\Admin\Bureau\bibitte.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Admin\Application Data\drivers\downld
c:\documents and settings\Admin\Application Data\drivers\downld\340140.exe
c:\documents and settings\Admin\Application Data\drivers\downld\340781.exe
c:\documents and settings\Admin\Application Data\drivers\downld\341156.exe
c:\documents and settings\Admin\Application Data\drivers\downld\341437.exe
c:\documents and settings\Admin\Application Data\drivers\downld\341718.exe
c:\documents and settings\Admin\Application Data\drivers\downld\344656.exe
c:\documents and settings\Admin\Application Data\drivers\downld\345546.exe
c:\documents and settings\Admin\Application Data\drivers\downld\347828.exe
c:\documents and settings\Admin\Application Data\drivers\downld\348062.exe
c:\documents and settings\Admin\Application Data\drivers\downld\348296.exe
c:\documents and settings\Admin\Application Data\drivers\downld\348531.exe
c:\documents and settings\Admin\Application Data\drivers\downld\348781.exe
c:\documents and settings\Admin\Application Data\drivers\downld\349093.exe
c:\documents and settings\Admin\Application Data\drivers\downld\349375.exe
c:\documents and settings\Admin\Application Data\drivers\downld\350281.exe
c:\documents and settings\Admin\Application Data\drivers\downld\350921.exe
c:\documents and settings\Admin\Application Data\drivers\downld\351500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\360968.exe
c:\documents and settings\Admin\Application Data\drivers\downld\361609.exe
c:\documents and settings\Admin\Application Data\drivers\downld\362265.exe
c:\documents and settings\Admin\Application Data\drivers\downld\362890.exe
c:\documents and settings\Admin\Application Data\drivers\downld\363640.exe
c:\documents and settings\Admin\Application Data\drivers\downld\364109.exe
c:\documents and settings\Admin\Application Data\drivers\downld\364640.exe
c:\documents and settings\Admin\Application Data\drivers\downld\365093.exe
c:\documents and settings\Admin\Application Data\drivers\downld\365578.exe
c:\documents and settings\Admin\Application Data\drivers\downld\366750.exe
c:\documents and settings\Admin\Application Data\drivers\downld\367703.exe
c:\documents and settings\Admin\Application Data\drivers\downld\368046.exe
c:\documents and settings\Admin\Application Data\drivers\downld\368328.exe
c:\documents and settings\Admin\Application Data\drivers\downld\368796.exe
c:\documents and settings\Admin\Application Data\drivers\downld\369296.exe
c:\documents and settings\Admin\Application Data\drivers\downld\369843.exe
c:\documents and settings\Admin\Application Data\drivers\downld\370265.exe
c:\documents and settings\Admin\Application Data\drivers\downld\370546.exe
c:\documents and settings\Admin\Application Data\drivers\downld\370812.exe
c:\documents and settings\Admin\Application Data\drivers\downld\371109.exe
c:\documents and settings\Admin\Application Data\drivers\downld\371437.exe
c:\documents and settings\Admin\Application Data\drivers\downld\372859.exe
c:\documents and settings\Admin\Application Data\drivers\downld\374343.exe
c:\documents and settings\Admin\Application Data\drivers\downld\374656.exe
c:\documents and settings\Admin\Application Data\drivers\downld\374921.exe
c:\documents and settings\Admin\Application Data\drivers\downld\375406.exe
c:\documents and settings\Admin\Application Data\drivers\downld\375921.exe
c:\documents and settings\Admin\Application Data\drivers\downld\376578.exe
c:\documents and settings\Admin\Application Data\drivers\downld\377203.exe
c:\documents and settings\Admin\Application Data\drivers\downld\377562.exe
c:\documents and settings\Admin\Application Data\drivers\downld\377937.exe
c:\documents and settings\Admin\Application Data\drivers\downld\378203.exe
c:\documents and settings\Admin\Application Data\drivers\downld\378437.exe
c:\documents and settings\Admin\Application Data\drivers\downld\379546.exe
c:\documents and settings\Admin\Application Data\drivers\downld\380390.exe
c:\documents and settings\Admin\Application Data\drivers\downld\381312.exe
c:\documents and settings\Admin\Application Data\drivers\downld\382281.exe
c:\documents and settings\Admin\Application Data\drivers\downld\382500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\382718.exe
c:\documents and settings\Admin\Application Data\drivers\downld\383203.exe
c:\documents and settings\Admin\Application Data\drivers\downld\383500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\383765.exe
c:\documents and settings\Admin\Application Data\drivers\downld\384031.exe
c:\documents and settings\Admin\Application Data\drivers\downld\384281.exe
c:\documents and settings\Admin\Application Data\drivers\downld\384515.exe
c:\documents and settings\Admin\Application Data\drivers\downld\384921.exe
c:\documents and settings\Admin\Application Data\drivers\downld\385312.exe
c:\documents and settings\Admin\Application Data\drivers\downld\385718.exe
c:\documents and settings\Admin\Application Data\drivers\downld\386140.exe
c:\documents and settings\Admin\Application Data\drivers\downld\387140.exe
c:\documents and settings\Admin\Application Data\drivers\downld\472671.exe
c:\documents and settings\Admin\Application Data\drivers\downld\472968.exe
c:\documents and settings\Admin\Application Data\drivers\downld\473265.exe
c:\documents and settings\Admin\Application Data\drivers\downld\473515.exe
c:\documents and settings\Admin\Application Data\drivers\downld\473718.exe
c:\documents and settings\Admin\Application Data\drivers\downld\474000.exe
c:\documents and settings\Admin\Application Data\drivers\downld\474218.exe
c:\documents and settings\Admin\Application Data\drivers\downld\474531.exe
c:\documents and settings\Admin\Application Data\drivers\downld\474937.exe
c:\documents and settings\Admin\Application Data\drivers\downld\475171.exe
c:\documents and settings\Admin\Application Data\drivers\downld\475375.exe
c:\documents and settings\Admin\Application Data\drivers\downld\475906.exe
c:\documents and settings\Admin\Application Data\drivers\downld\476390.exe
c:\documents and settings\Admin\Application Data\drivers\downld\477109.exe
c:\documents and settings\Admin\Application Data\drivers\downld\477500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\478156.exe
c:\documents and settings\Admin\Application Data\drivers\downld\521015.exe
c:\documents and settings\Admin\Application Data\drivers\downld\521312.exe
c:\documents and settings\Admin\Application Data\drivers\downld\521953.exe
c:\documents and settings\Admin\Application Data\drivers\downld\522171.exe
c:\documents and settings\Admin\Application Data\drivers\downld\522437.exe
c:\documents and settings\Admin\Application Data\drivers\downld\522859.exe
c:\documents and settings\Admin\Application Data\drivers\downld\523328.exe
c:\documents and settings\Admin\Application Data\drivers\downld\523828.exe
c:\documents and settings\Admin\Application Data\drivers\downld\524484.exe
c:\documents and settings\Admin\Application Data\drivers\downld\525421.exe
c:\documents and settings\Admin\Application Data\drivers\downld\526359.exe
c:\documents and settings\Admin\Application Data\drivers\downld\526609.exe
c:\documents and settings\Admin\Application Data\drivers\downld\526828.exe
c:\documents and settings\Admin\Application Data\drivers\downld\527171.exe
c:\documents and settings\Admin\Application Data\drivers\downld\533265.exe
c:\documents and settings\Admin\Application Data\drivers\downld\533640.exe
c:\documents and settings\Admin\Application Data\drivers\downld\534031.exe
c:\documents and settings\Admin\Application Data\drivers\downld\534359.exe
c:\documents and settings\Admin\Application Data\drivers\downld\534671.exe
c:\documents and settings\Admin\Application Data\drivers\downld\534953.exe
c:\documents and settings\Admin\Application Data\drivers\downld\540578.exe
c:\documents and settings\Admin\Application Data\drivers\downld\541593.exe
c:\documents and settings\Admin\Application Data\drivers\downld\542109.exe
c:\documents and settings\Admin\Application Data\drivers\downld\543906.exe
c:\documents and settings\Admin\Application Data\drivers\downld\545250.exe
c:\documents and settings\Admin\Application Data\drivers\downld\546500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\546828.exe
c:\documents and settings\Admin\Application Data\drivers\downld\547156.exe
c:\documents and settings\Admin\Application Data\drivers\downld\547406.exe
c:\documents and settings\Admin\Application Data\drivers\downld\549406.exe
c:\documents and settings\Admin\Application Data\drivers\downld\551078.exe
c:\documents and settings\Admin\Application Data\drivers\downld\556031.exe
c:\documents and settings\Admin\Application Data\drivers\downld\558968.exe
c:\documents and settings\Admin\Application Data\drivers\downld\563171.exe
c:\documents and settings\Admin\Application Data\drivers\downld\564281.exe
c:\documents and settings\Admin\Application Data\drivers\downld\564859.exe
c:\documents and settings\Admin\Application Data\drivers\downld\565500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\565750.exe
c:\documents and settings\Admin\Application Data\drivers\downld\566046.exe
c:\documents and settings\Admin\Application Data\drivers\downld\566312.exe
c:\documents and settings\Admin\Application Data\drivers\downld\566609.exe
c:\documents and settings\Admin\Application Data\drivers\downld\566843.exe
c:\documents and settings\Admin\Application Data\drivers\downld\567093.exe
c:\documents and settings\Admin\Application Data\drivers\downld\567328.exe
c:\documents and settings\Admin\Application Data\drivers\downld\567546.exe
c:\documents and settings\Admin\Application Data\drivers\downld\567796.exe
c:\documents and settings\Admin\Application Data\drivers\downld\568843.exe
c:\documents and settings\Admin\Application Data\drivers\downld\569390.exe
c:\documents and settings\Admin\Application Data\drivers\downld\569906.exe
c:\documents and settings\Admin\Application Data\drivers\downld\570312.exe
c:\documents and settings\Admin\Application Data\drivers\downld\570625.exe
c:\documents and settings\Admin\Application Data\drivers\downld\571109.exe
c:\documents and settings\Admin\Application Data\drivers\downld\571484.exe
c:\documents and settings\Admin\Application Data\drivers\downld\572718.exe
c:\documents and settings\Admin\Application Data\drivers\downld\573968.exe
c:\documents and settings\Admin\Application Data\drivers\downld\574281.exe
c:\documents and settings\Admin\Application Data\drivers\downld\574875.exe
c:\documents and settings\Admin\Application Data\drivers\downld\575390.exe
c:\documents and settings\Admin\Application Data\drivers\downld\575796.exe
c:\documents and settings\Admin\Application Data\drivers\downld\576218.exe
c:\documents and settings\Admin\Application Data\drivers\downld\576640.exe
c:\documents and settings\Admin\Application Data\drivers\downld\577093.exe
c:\documents and settings\Admin\Application Data\drivers\downld\577562.exe
c:\documents and settings\Admin\Application Data\drivers\downld\577765.exe
c:\documents and settings\Admin\Application Data\drivers\downld\577968.exe
c:\documents and settings\Admin\Application Data\drivers\downld\578500.exe
c:\documents and settings\Admin\Application Data\drivers\downld\579015.exe
c:\documents and settings\Admin\Application Data\drivers\downld\579312.exe
c:\documents and settings\Admin\Application Data\drivers\downld\579531.exe
c:\documents and settings\Admin\Application Data\drivers\downld\580015.exe
c:\documents and settings\Admin\Application Data\drivers\downld\580281.exe
c:\documents and settings\Admin\Application Data\drivers\downld\580562.exe
c:\documents and settings\Admin\Application Data\drivers\downld\580875.exe
c:\documents and settings\Admin\Application Data\drivers\downld\581109.exe
c:\documents and settings\Admin\Application Data\drivers\downld\584468.exe
c:\documents and settings\Admin\Application Data\drivers\downld\584671.exe
c:\documents and settings\Admin\Application Data\drivers\winupgro.exe
c:\documents and settings\Admin\Application Data\hidires
c:\documents and settings\Admin\Application Data\hidires\config\AC_BootstrapIPs.dat
c:\documents and settings\Admin\Application Data\hidires\config\AC_SearchStrings.dat
c:\documents and settings\Admin\Application Data\hidires\config\AC_ServerMetURLs.dat
c:\documents and settings\Admin\Application Data\hidires\config\cancelled.met
c:\documents and settings\Admin\Application Data\hidires\config\clients.met
c:\documents and settings\Admin\Application Data\hidires\config\clients.met.bak
c:\documents and settings\Admin\Application Data\hidires\config\cryptkey.dat
c:\documents and settings\Admin\Application Data\hidires\config\emfriends.met
c:\documents and settings\Admin\Application Data\hidires\config\key_index.dat
c:\documents and settings\Admin\Application Data\hidires\config\known.met
c:\documents and settings\Admin\Application Data\hidires\config\known2_64.met
c:\documents and settings\Admin\Application Data\hidires\config\load_index.dat
c:\documents and settings\Admin\Application Data\hidires\config\nodes.dat
c:\documents and settings\Admin\Application Data\hidires\config\preferences.dat
c:\documents and settings\Admin\Application Data\hidires\config\preferences.ini
c:\documents and settings\Admin\Application Data\hidires\config\preferencesKad.dat
c:\documents and settings\Admin\Application Data\hidires\config\server.met
c:\documents and settings\Admin\Application Data\hidires\config\server_met.old
c:\documents and settings\Admin\Application Data\hidires\config\shareddir.dat
c:\documents and settings\Admin\Application Data\hidires\config\src_index.dat
c:\documents and settings\Admin\Application Data\hidires\config\statistics.ini
c:\documents and settings\Admin\Application Data\hidires\config\StoredSearches.met
c:\documents and settings\Admin\Application Data\hidires\downloads.bak
c:\documents and settings\Admin\Application Data\hidires\downloads.txt
c:\documents and settings\Admin\Application Data\hidires\file.exe
c:\documents and settings\Admin\Application Data\hidires\flec003.exe
c:\documents and settings\Admin\Application Data\hidires\flec005.exe
c:\documents and settings\Admin\Application Data\hidires\names.txt
c:\documents and settings\Admin\Application Data\hidires\server.txt
c:\documents and settings\Admin\Application Data\m
c:\documents and settings\Admin\Application Data\m\data.oct
c:\documents and settings\Admin\Application Data\m\flec006.exe
c:\documents and settings\Admin\Application Data\m\list.oct
c:\documents and settings\Admin\Application Data\m\shared\1-Click Answers 2.3.0.609.zip
c:\documents and settings\Admin\Application Data\m\shared\32bit Email Broadcaster v.v9.65.01.zip
c:\documents and settings\Admin\Application Data\m\shared\3D Starfall 1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Abrosoft FantaMorph Professional Edition 2.2 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Absolute Uninstaller Pro v5.0.1.3 by FFF.zip
c:\documents and settings\Admin\Application Data\m\shared\Ace Translator v6.1 by Bidjan.zip
c:\documents and settings\Admin\Application Data\m\shared\Acoustica CD Label Maker v1.05 by Saltine.zip
c:\documents and settings\Admin\Application Data\m\shared\Acronis True Image Server v8.0.774.zip
c:\documents and settings\Admin\Application Data\m\shared\Active Desktop Calendar v5.99a 060309 WinALL Incl Keygen by BRD.zip
c:\documents and settings\Admin\Application Data\m\shared\ActiveFax Server v3.81.191 by LAXiTY.zip
c:\documents and settings\Admin\Application Data\m\shared\Adobe Creative Suite 1.0 CE for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\Advanced Net Monitor For Classroom Pro V1.3.2 by TWK.zip
c:\documents and settings\Admin\Application Data\m\shared\AHSplit v1.0 by RP2K.zip
c:\documents and settings\Admin\Application Data\m\shared\Aimersoft DVD to iPhone Converter v2.2.0.27 by FFF.zip
c:\documents and settings\Admin\Application Data\m\shared\AirMagnet Laptop Analyzer v5.0 Incl Keygen by Lz0.zip
c:\documents and settings\Admin\Application Data\m\shared\All Spam Gone Spam Killer Anti Spam 2.1.13.zip
c:\documents and settings\Admin\Application Data\m\shared\Altdo Video Converter Diamond v1.4.zip
c:\documents and settings\Admin\Application Data\m\shared\American Heritage Dictionary.zip
c:\documents and settings\Admin\Application Data\m\shared\Apollo WMV-ASF-ASX to DVD Burner v3.9.3 by tRUE.zip
c:\documents and settings\Admin\Application Data\m\shared\Apple QuickTime VR Authoring Studio for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\ArGoSoft FTP Server for Windows v1.4.1.2.zip
c:\documents and settings\Admin\Application Data\m\shared\Astronomica 1.50.zip
c:\documents and settings\Admin\Application Data\m\shared\Auction Wizard 2000 v2.3.254 Incl Keygen by HERETiC.zip
c:\documents and settings\Admin\Application Data\m\shared\Axon Virtual PBX Plus v2.0 by AT4RE.zip
c:\documents and settings\Admin\Application Data\m\shared\Baldur's Gate 1.0 French.zip
c:\documents and settings\Admin\Application Data\m\shared\Barrack 1.0 x for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\Best Mail Server v2.0 by ARN.zip
c:\documents and settings\Admin\Application Data\m\shared\BillBalancer 1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Blacksmith 3D Suite v2.2 by Lz0.zip
c:\documents and settings\Admin\Application Data\m\shared\Body Fat Calculator 1.1 for PalmOS.zip
c:\documents and settings\Admin\Application Data\m\shared\Bookends Plus 7.1 for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\Boris RED 1.2.0.32 Retail (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Breakaway Broadcast Processor v0.90.77 and v0.90.77.79 by SND.zip
c:\documents and settings\Admin\Application Data\m\shared\BT Engine 2.0.0601.zip
c:\documents and settings\Admin\Application Data\m\shared\Calorie Companion v1.0.7 Patch by TNT.zip
c:\documents and settings\Admin\Application Data\m\shared\CD-Eject v2.58 by AvAtAr.zip
c:\documents and settings\Admin\Application Data\m\shared\CD Catalog v9.21.7.618.zip
c:\documents and settings\Admin\Application Data\m\shared\CD DVD catalog v2.2.0.0 by EXPLOSiON.zip
c:\documents and settings\Admin\Application Data\m\shared\CD Sync 1.0-key.zip
c:\documents and settings\Admin\Application Data\m\shared\Cedarhouse TW-Bender 2.03.zip
c:\documents and settings\Admin\Application Data\m\shared\ChessKids v1.1 by h2002c.zip
c:\documents and settings\Admin\Application Data\m\shared\Church Secretary 6.1 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\CineMotion SelectiveRGBNoise v1.1.zip
c:\documents and settings\Admin\Application Data\m\shared\Cli-Mate v2.0.2.zip
c:\documents and settings\Admin\Application Data\m\shared\CMailServer v3.30 by EViDENCE.zip
c:\documents and settings\Admin\Application Data\m\shared\CoCSoft Stream Down v6.0 by SnD.zip
c:\documents and settings\Admin\Application Data\m\shared\Color Chains v1.1 by RP2K.zip
c:\documents and settings\Admin\Application Data\m\shared\COM-Port Monitor v2.91 German.zip
c:\documents and settings\Admin\Application Data\m\shared\Convert Doc v1.22.zip
c:\documents and settings\Admin\Application Data\m\shared\Cool MP3 Audio Convertor 1.86.zip
c:\documents and settings\Admin\Application Data\m\shared\Copernic Summarizer v2.0 by Almarakby.zip
c:\documents and settings\Admin\Application Data\m\shared\CoSyDat Mail-Manager 5.1.1.1.zip
c:\documents and settings\Admin\Application Data\m\shared\Countdown (1990) (Access Software Inc) FULL!.zip
c:\documents and settings\Admin\Application Data\m\shared\CPU Cool 6.1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\CutePage CoolButton v1.5 Keygen 1 by FFF.zip
c:\documents and settings\Admin\Application Data\m\shared\DeepAnalysis 1.10.7.zip
c:\documents and settings\Admin\Application Data\m\shared\Disaster Recovery 2.0.zip
c:\documents and settings\Admin\Application Data\m\shared\DLSoft Browser Barcode Aztec v1.11 by ORiON.zip
c:\documents and settings\Admin\Application Data\m\shared\DocuXplorer v2.0 by VARiANCE.zip
c:\documents and settings\Admin\Application Data\m\shared\DogZ 3D Retail JAVA N73 by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\DRevitalize 2.30.zip
c:\documents and settings\Admin\Application Data\m\shared\Drug Wars Underworld 1.3.1080 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Dunking Parrot Chat Server and Client 3.42.zip
c:\documents and settings\Admin\Application Data\m\shared\DV Bibliotheque PRO 2.01 French.zip
c:\documents and settings\Admin\Application Data\m\shared\DVD to iPhone 3.22-key.zip
c:\documents and settings\Admin\Application Data\m\shared\Easy Mail Plus 2.1.14.zip
c:\documents and settings\Admin\Application Data\m\shared\EasyRecovery Professional Standard Edition 6.20.11.zip
c:\documents and settings\Admin\Application Data\m\shared\EIQ Professional Suite 4.0.06.zip
c:\documents and settings\Admin\Application Data\m\shared\emlBridge 3.6.zip
c:\documents and settings\Admin\Application Data\m\shared\ExButton 4.0.0.1.zip
c:\documents and settings\Admin\Application Data\m\shared\Excel Export To Multiple CSV Files Software 7.0.zip
c:\documents and settings\Admin\Application Data\m\shared\eXGrid 4.3.0.1.zip
c:\documents and settings\Admin\Application Data\m\shared\Expert Job Finder 1.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Extra DVD to MPEG Ripper 6.6.zip
c:\documents and settings\Admin\Application Data\m\shared\Eye Candy 4000.4.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Eyecandy 3.03.zip
c:\documents and settings\Admin\Application Data\m\shared\FarStone Virtual Drive Personal Edition 8.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Fate of Hellas v1.0 +6 TRAINER.zip
c:\documents and settings\Admin\Application Data\m\shared\FIFA Street 3 Retail for SymbianOS S60 JAVA by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\Flash Desktop 2003.2.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Fleet Maintenance Pro Enterprise v8.0.0.7 by EViDENCE.zip
c:\documents and settings\Admin\Application Data\m\shared\FLiSoft Capture Studio v1.40 WinALL Keymaker Only by Core.zip
c:\documents and settings\Admin\Application Data\m\shared\FotoMac 3.32 for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\FTGate 2.1.zip
c:\documents and settings\Admin\Application Data\m\shared\GameHouse Cake Mania.zip
c:\documents and settings\Admin\Application Data\m\shared\GameHouse Virtual Villagers The Lost Children v1.01.05 by YPOGEiOS.zip
c:\documents and settings\Admin\Application Data\m\shared\Gemini Unified Datamining System 1.1.6.zip
c:\documents and settings\Admin\Application Data\m\shared\GFI EventsManager v7.0.20061214 Incl Keygen by SSG.zip
c:\documents and settings\Admin\Application Data\m\shared\GoldWave v5.12 by Core.zip
c:\documents and settings\Admin\Application Data\m\shared\Greenstreet Face Dough 1.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Gypsee Pro v1.53 by Eclipse.zip
c:\documents and settings\Admin\Application Data\m\shared\Hangman Pro v1.05 by NiTROUS.zip
c:\documents and settings\Admin\Application Data\m\shared\HardCopy Pro v2.7.5 WinALL by CHiCNCREAM.zip
c:\documents and settings\Admin\Application Data\m\shared\HelpBurger v1.58 build 1.zip
c:\documents and settings\Admin\Application Data\m\shared\HGS Modellbahn 4.1 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\HGS Verein 4.2 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Homework Collector 1.1.zip
c:\documents and settings\Admin\Application Data\m\shared\HTML Page Guardian v3.0.2.zip
c:\documents and settings\Admin\Application Data\m\shared\Icon 3D 2.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\ID AntiPhishing 1.2.zip
c:\documents and settings\Admin\Application Data\m\shared\ImTOO DVD Toolkit Platinum 5.0.50.0403-key.zip
c:\documents and settings\Admin\Application Data\m\shared\Indices Builder v1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\IntelliJ IDEA v4.5.1 by SHOCK.zip
c:\documents and settings\Admin\Application Data\m\shared\Intelliscribe 1.5.zip
c:\documents and settings\Admin\Application Data\m\shared\Internet Marketing Suite 2.zip
c:\documents and settings\Admin\Application Data\m\shared\InterVideo DVD Copy v2.5B009.16C00 Platinum by SSG.zip
c:\documents and settings\Admin\Application Data\m\shared\Invisible Activity Spy 2.1 Serial.zip
c:\documents and settings\Admin\Application Data\m\shared\iOrgsoft Palm Video Converter 3.3.8.zip
c:\documents and settings\Admin\Application Data\m\shared\ISS iProtect SoHo 1.5.zip
c:\documents and settings\Admin\Application Data\m\shared\Jordan Vs Bird One On One (1988) (Electronic Arts Inc) FULL!.zip
c:\documents and settings\Admin\Application Data\m\shared\JProbe Coverage Developer Edition 2.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\kaspersky 6.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Kermit95.2.3.1.zip
c:\documents and settings\Admin\Application Data\m\shared\Keyer 1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Khali v1.5d German by DBZ.zip
c:\documents and settings\Admin\Application Data\m\shared\LandscapePro v2.0 Beta 3 build 2 Retail for SymbianOS S60 Unsigned by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\Launch Pad 1.0 for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\legacy cell 1.0.0.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Lenogo iPod to PC Transfer 4.1.4.zip
c:\documents and settings\Admin\Application Data\m\shared\Longtion AutoRun Pro Enterprise v1.0.0.12 Incl Keygen by TSZ.zip
c:\documents and settings\Admin\Application Data\m\shared\Macro Mania 9.4.5.zip
c:\documents and settings\Admin\Application Data\m\shared\Magic Lace 3.95 keygen.zip
c:\documents and settings\Admin\Application Data\m\shared\Magic Music Workshop Serial by AT4RE.zip
c:\documents and settings\Admin\Application Data\m\shared\Mandatsverwaltung v1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\MediaSanta Mobile 3GP Converter 5.0 Build 90306.zip
c:\documents and settings\Admin\Application Data\m\shared\MegaView v8.0.0.2 WinALL Incl Keymaker by EMBRACE.zip
c:\documents and settings\Admin\Application Data\m\shared\Mr Driller Deluxe Retail JAVA 6151 by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\msn messenger password recovery 1.1.350.2006 cracked exe by REVENGE.zip
c:\documents and settings\Admin\Application Data\m\shared\Net Control 2.4.11.56.zip
c:\documents and settings\Admin\Application Data\m\shared\NetTime Client v1.61d Beta.zip
c:\documents and settings\Admin\Application Data\m\shared\NetWalk 1.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\NFS Underground v1.3 +6 TRAINER.zip
c:\documents and settings\Admin\Application Data\m\shared\Ninja Rabbits (1993) (Micro Value) FULL!.zip
c:\documents and settings\Admin\Application Data\m\shared\OPML Library for .NET 2.0.zip
c:\documents and settings\Admin\Application Data\m\shared\OrangeCD Player 6.3.7.14304.zip
c:\documents and settings\Admin\Application Data\m\shared\Orienteering Organiser v 10.00.05 Multilanguage 2000TH RELEASE by rG.zip
c:\documents and settings\Admin\Application Data\m\shared\PC Kursk 43 v1.0 [ENGLISH] No-CD Patch.zip
c:\documents and settings\Admin\Application Data\m\shared\pcmedik6.2.25.2004 cracked exeserial.zip
c:\documents and settings\Admin\Application Data\m\shared\PE Explorer v1.90 by Sourcer.zip
c:\documents and settings\Admin\Application Data\m\shared\Pentom AgentOrganizer v2.8.48 by NiTROUS.zip
c:\documents and settings\Admin\Application Data\m\shared\Personnel Manager Pro 2.0.1.7.zip
c:\documents and settings\Admin\Application Data\m\shared\Peti 1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Photo Lab Accounting 2.7 CrAcKed.zip
c:\documents and settings\Admin\Application Data\m\shared\Photo Organizer Deluxe v2.2 by CHiCNCREAM.zip
c:\documents and settings\Admin\Application Data\m\shared\Photo2CD 6.00.zip
c:\documents and settings\Admin\Application Data\m\shared\PhotoFrame 2.5 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Picture To Icon v1.92.zip
c:\documents and settings\Admin\Application Data\m\shared\Pintar VirtuaLab Electricity 2.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Platinum Guard v2.0.0 WinALL Keygen ONLY by ARN.zip
c:\documents and settings\Admin\Application Data\m\shared\Plato DVD Ripper v5.58 Incl Keygen by CFF.zip
c:\documents and settings\Admin\Application Data\m\shared\Plato DVD to MP3 Ripper v2.2.8 Incl Keygen by EXPLOSiON.zip
c:\documents and settings\Admin\Application Data\m\shared\Plato Video to 3GP Converter v2.13.zip
c:\documents and settings\Admin\Application Data\m\shared\PM Disk Copy 2.2c.zip
c:\documents and settings\Admin\Application Data\m\shared\Pointwise Gridgen v15.09 R3 HPUX by TBE.zip
c:\documents and settings\Admin\Application Data\m\shared\PopCleaner v1.0 Incl Keymaker by CAFE.zip
c:\documents and settings\Admin\Application Data\m\shared\Popup Ad Zero v5.10 Incl Keygen by UCF.zip
c:\documents and settings\Admin\Application Data\m\shared\PQBrowser 1.5.79 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Preschool Adventure v1.1 Retail for iPhone (3G) iPod Touch by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\Professional League TE v1.40.16 Incl Keymaker by NiTROUS.zip
c:\documents and settings\Admin\Application Data\m\shared\QL Shutdown 3.2.zip
c:\documents and settings\Admin\Application Data\m\shared\RA Hyperballoid The Next Challenge v1.20 PLUS 2 TRAINER by PiZZA.zip
c:\documents and settings\Admin\Application Data\m\shared\Recolored v0.6.0 Beta by TMX.zip
c:\documents and settings\Admin\Application Data\m\shared\ReplyAssistant 1.0.0.zip
c:\documents and settings\Admin\Application Data\m\shared\RF1 Player v1.4.0 Beta by FFF.zip
c:\documents and settings\Admin\Application Data\m\shared\RimArts Becky Internet Mail v2.22.00 by ZWT.zip
c:\documents and settings\Admin\Application Data\m\shared\River Past Talkative v4.6.0.51007 by BRD.zip
c:\documents and settings\Admin\Application Data\m\shared\Roses Screensaver.zip
c:\documents and settings\Admin\Application Data\m\shared\Roxio Toast Titanium 7.01 for Mac (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Rugby 06 v1.0 [ENGLISH] Fixed EXE.zip
c:\documents and settings\Admin\Application Data\m\shared\Sawmill v7.1.1a by ViRiLiTY.zip
c:\documents and settings\Admin\Application Data\m\shared\ScienceWord v3.0.zip
c:\documents and settings\Admin\Application Data\m\shared\ScreenGrabber 2001.zip
c:\documents and settings\Admin\Application Data\m\shared\Scribe for Theophilos 2.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Selteco Flash Designer 1.5 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Set Me Up 3.5h (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\ShyFile v6.31 by F4CG.zip
c:\documents and settings\Admin\Application Data\m\shared\SignGen 1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Sinner Chop 1.3 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\SlySoft CloneDVD Mobile v1.6.1.0 by FFF.zip
c:\documents and settings\Admin\Application Data\m\shared\SmartSMS v2.0 Keygen.zip
c:\documents and settings\Admin\Application Data\m\shared\SMNAPT Port Mapping v1.2 WinALL Cracked by NGEN.zip
c:\documents and settings\Admin\Application Data\m\shared\SpamEater Pro 3.63.332 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Speed Fan Clock Screensaver 1.1.zip
c:\documents and settings\Admin\Application Data\m\shared\SpeedCommander 9.20.940 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Spring Time Screensaver (crack).zip
c:\documents and settings\Admin\Application Data\m\shared\Startup Faster 2004 v2.3.5 Crack by FFF.zip
c:\documents and settings\Admin\Application Data\m\shared\Stronghold Castle Attack + Super Castle Attack v1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Super Win EZ File Transplanter v1.01.06 WinALL RETAIL by ARN.zip
c:\documents and settings\Admin\Application Data\m\shared\Synapse Orion Pro v5.5 by RB.zip
c:\documents and settings\Admin\Application Data\m\shared\Talking E-mail v3.03 Keygen.zip
c:\documents and settings\Admin\Application Data\m\shared\Techno Design Job Time XT 3.4.5 for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\TextViewer v2.2 by Laxity.zip
c:\documents and settings\Admin\Application Data\m\shared\TGetDiskSerial Component 4.0.0 CrAcKed.zip
c:\documents and settings\Admin\Application Data\m\shared\The Cuneiform Dictionary 3.0.zip
c:\documents and settings\Admin\Application Data\m\shared\The J Maker SlideOnDemandBlock v2004.08.10 Applet.zip
c:\documents and settings\Admin\Application Data\m\shared\The Sims Beestenboel (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\TheJMaker SlideInMemoryPush v2004.10.01 Applet by PH.zip
c:\documents and settings\Admin\Application Data\m\shared\Top 10 Bar 2.0 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\TOP MPEG Video Converter 1.1.2.zip
c:\documents and settings\Admin\Application Data\m\shared\Total Video Converter v3.2 by DonGkeY.zip
c:\documents and settings\Admin\Application Data\m\shared\Transcender VB Flash Web v7.0 DateCode 20040617RBS.zip
c:\documents and settings\Admin\Application Data\m\shared\TreeComboBox 2.3.4.zip
c:\documents and settings\Admin\Application Data\m\shared\Typing Accelerator 1.10.zip
c:\documents and settings\Admin\Application Data\m\shared\Understand for Ada v1.4.330 Win9xNT Incl Keygenerator by TMG.zip
c:\documents and settings\Admin\Application Data\m\shared\Understand for Java v1.4.399 HPUX Incl Keygen by Lz0.zip
c:\documents and settings\Admin\Application Data\m\shared\Underwear Girl no serials for Mac.zip
c:\documents and settings\Admin\Application Data\m\shared\unPExeS v1.0.zip
c:\documents and settings\Admin\Application Data\m\shared\Vietcong v1.0 [ENGLISH] No-CD Fixed EXE 2.zip
c:\documents and settings\Admin\Application Data\m\shared\Virtual Piano v3.0 by MP2K.zip
c:\documents and settings\Admin\Application Data\m\shared\Visual Day Planner 7.10.zip
c:\documents and settings\Admin\Application Data\m\shared\VisualEffectSnow v2004.06.23 Incl Keygen Applet by Lz0.zip
c:\documents and settings\Admin\Application Data\m\shared\VMware Workstation 4 x (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\VRbrochure FX Professional 2.3.zip
c:\documents and settings\Admin\Application Data\m\shared\Wave Corrector v3.2 by ORiON.zip
c:\documents and settings\Admin\Application Data\m\shared\Web Site Maestro 2.4 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Winamp v5.3.zip
c:\documents and settings\Admin\Application Data\m\shared\WinCASA PRO v6.0.29092005 German by ACME.zip
c:\documents and settings\Admin\Application Data\m\shared\WinFax Network Server 4.1 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\WinMount v2.0.6 by SnD.zip
c:\documents and settings\Admin\Application Data\m\shared\WinProxy v5.1 R1e SecureSuite.zip
c:\documents and settings\Admin\Application Data\m\shared\Wise Installation System Enterprise 6.01 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Word Snooker Championship 2007 3D Retail JAVA by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\XnView v1.66 by DBZ.zip
c:\documents and settings\Admin\Application Data\m\shared\ZB Retail Russian JAVA 176x208 Nokia MIDP v2.0 by RLYEH.zip
c:\documents and settings\Admin\Application Data\m\shared\Zealot All Video Converter 1.1.19 (Serial).zip
c:\documents and settings\Admin\Application Data\m\shared\Zealot All Video Splitter v2.3 by BRD.zip
c:\documents and settings\Admin\Application Data\m\shared\Zealot Photo to VCD SVCD DVD Converter v2.1 by BRD.zip
c:\documents and settings\Admin\Application Data\m\srvlist.oct
c:\windows\mdelk.exe
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
c:\windows\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s


((((((((((((((((((((((((((((( Fichiers créés du 2010-05-01 au 2010-06-01 ))))))))))))))))))))))))))))))))))))
.

2010-06-01 16:43 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-01 16:43 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-06-01 16:43 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-01 16:43 . 2010-06-01 16:43 -------- d-----w- c:\program files\Alwil Software
2010-06-01 16:43 . 2010-06-01 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-06-01 15:37 . 2004-05-21 00:00 20480 ----a-w- c:\windows\system32\V0080Srv.exe
2010-06-01 15:37 . 2010-06-01 15:37 -------- d-----w- c:\windows\CtDrvInstall
2010-06-01 15:36 . 2005-01-19 09:08 3708 ----a-w- c:\windows\system32\drivers\CamH2111.bin
2010-06-01 15:36 . 2005-01-19 09:08 3708 ----a-w- c:\windows\system32\drivers\CamF2111.bin
2010-05-31 16:44 . 2010-06-01 16:13 -------- d-----w- c:\program files\Realtek AC97
2010-05-20 17:03 . 2010-06-01 17:05 -------- d--h--w- c:\documents and settings\Admin\Application Data\drivers
2010-05-20 10:58 . 2010-05-20 10:58 -------- d-----w- C:\THEBAT!
2010-05-18 13:57 . 2010-05-18 13:57 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-05-11 17:41 . 2010-06-01 16:14 -------- d-----w- c:\program files\eMule
2010-05-11 17:32 . 2010-05-11 17:32 -------- d-----w- c:\documents and settings\Admin\Application Data\AccurateRip
2010-05-11 17:32 . 2009-03-12 18:37 5052280 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-05-11 17:32 . 2010-05-11 17:32 -------- d-----w- c:\program files\Illustrate
2010-05-11 17:29 . 2010-05-11 17:29 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\Help
2010-05-11 17:28 . 2002-11-05 13:16 57344 ----a-w- c:\windows\system32\Wnaspint.dll
2010-05-11 17:26 . 2010-05-11 17:26 -------- d-----w- c:\documents and settings\Admin\Application Data\Canneverbe_Limited
2010-05-11 17:26 . 2010-05-11 17:26 -------- d-----w- c:\program files\CDBurnerXP
2010-05-11 17:09 . 2010-05-11 17:09 -------- d-----w- c:\program files\Driver-Soft

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-01 15:38 . 2009-10-22 18:31 -------- d-----w- c:\documents and settings\Admin\Application Data\vlc
2010-05-20 17:07 . 2009-10-25 10:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-20 17:06 . 2009-11-03 16:24 -------- d-----w- c:\documents and settings\Admin\Application Data\DVD Shrink
2010-05-18 14:00 . 2009-12-14 13:05 -------- d-----w- c:\program files\Windows Live
2010-05-12 09:56 . 2009-10-22 19:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-05-11 17:36 . 2010-05-11 17:36 -------- d-----w- c:\program files\Free Audio Pack
2010-05-07 10:46 . 2009-11-18 17:45 -------- d-----w- c:\documents and settings\Admin\Application Data\dvdcss
2010-04-29 20:18 . 2010-04-29 20:18 -------- d-----w- c:\program files\Duplicate Cleaner
2010-04-29 20:08 . 2004-08-05 12:00 81734 ----a-w- c:\windows\system32\perfc00C.dat
2010-04-29 20:08 . 2004-08-05 12:00 503570 ----a-w- c:\windows\system32\perfh00C.dat
2010-04-29 20:00 . 2009-10-22 19:41 -------- d-----w- c:\program files\CCleaner
2010-04-18 09:39 . 2009-10-22 20:43 1 ----a-w- c:\documents and settings\Admin\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-16 23:28 . 2010-04-16 23:28 307056 ----a-w- c:\windows\WLXPGSS.SCR
2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll
2010-03-20 17:58 . 2009-12-22 19:48 152576 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-03-20 11:02 . 2009-11-25 07:49 79488 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-10 06:16 . 2004-08-05 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-10-22 19:41 . 2009-10-22 19:41 24 --sh--w- c:\windows\SBAEDE85A.tmp
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2010-06-01 1077760]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Christophe\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

c:\documents and settings\Karine\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [22/10/2009 20:52 40560]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [11/02/2010 13:42 172328]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
.
Contenu du dossier 'Tâches planifiées'

2010-06-01 c:\windows\Tasks\User_Feed_Synchronization-{5752FCB5-5BBF-4F95-AEC8-430942E173B1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-flec003.exe - c:\documents and settings\Admin\Application Data\hidires\flec003.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-01 19:08
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1252)
c:\windows\system32\eappprxy.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2010-06-01 19:12:39 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-06-01 17:12

Avant-CF: 38 128 279 552 octets libres
Après-CF: 38 047 920 128 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,4,5
- - End Of File - - 1E6810F554B715F3DEFE6842F25D4866

Autres pages sur : resolu virus bloque anti virus

a c 295 8 Sécurité
1 Juin 2010 19:48:56

Bonjour,

Infection Bagle.

  • Télécharge FindyKill (par El Desaparecido) sur ton Bureau.
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Tape F puis Entrée pour Français.
  • Au menu principal, choisis l'option 1 (Recherche).
  • Poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    1 Juin 2010 19:58:50

    Merci beaucoup mais ton lien ne fonctionne pas......
    Contenus similaires
    1 Juin 2010 20:02:23

    Merci, j'ai réussi a trouvé findykill et voici le rapport:
    ############################## | FindyKill V5.043 |

    # User : Admin (Administrateurs) # KADES-HP
    # Update on 12/05/2010 by El Desaparecido
    # Start at: 20:01:12 | 01/06/2010
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # AMD Athlon(tm) XP 2800+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled

    # A:\ # Lecteur de disquettes 3 ½ pouces
    # C:\ # Disque fixe local # 48,83 Go (35,44 Go free) [SYSTEME] # NTFS
    # D:\ # Disque fixe local # 134,77 Go (134,76 Go free) [KARINE] # NTFS
    # E:\ # Disque fixe local # 134,77 Go (124,98 Go free) [CHRISTOPHE] # NTFS
    # F:\ # Disque fixe local # 134,77 Go (133,63 Go free) [DIVERS] # NTFS
    # G:\ # Disque CD-ROM
    # H:\ # Disque amovible # 3,94 Go (2,41 Go free) # FAT32
    # L:\ # Disque CD-ROM
    # S:\ # Disque fixe local # 12,61 Go (3,02 Go free) [SOURCES] # NTFS

    ################## | Eléments infectieux |

    C:\WINDOWS\ban_list.txt
    C:\Documents and Settings\Admin\Application Data\drivers

    ################## | Registre |

    [HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]
    [HKLM\SYSTEM\ControlSet002\Services\sK9Ou0s]
    [HKLM\SYSTEM\ControlSet001\Services\srosa]
    [HKLM\SYSTEM\ControlSet002\Services\srosa]
    [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
    [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
    [HKCU\Software\WS4001]
    [HKCR\ed2k]
    [HKCU\Software\Classes\ed2k]
    [HKCU\Software\Local AppWizard-Generated Applications\run]
    [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
    [HKU\S-1-5-21-1229272821-706699826-839522115-1003\Software\Local AppWizard-Generated Applications\run]
    [HKU\S-1-5-21-1229272821-706699826-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro]

    ################## | Etat |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # (!) Ndisuio -> Start = 4 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
    # (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | ! Fin du rapport # FindyKill V5.043 ! |

    a c 295 8 Sécurité
    1 Juin 2010 20:06:37

  • Supprime le fichier qui t'a infecté (Crack par exemple).
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Au menu principal, choisis l'option 2 (Suppression).

    /!\ Il y aura un redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

  • Ensuite, poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    1 Juin 2010 20:15:46

    Je pense avoir déjà supprimé l'objet qui m'a infecté.Par contre lors du redémarrage, je reste en mode sans echec ou je repars en mode normal?
    a c 295 8 Sécurité
    1 Juin 2010 20:17:58

    Mode normal.
    1 Juin 2010 21:33:07

    Mon scan est bloqué à 40% depuis plus d'une heure sur le lien suivant:
    ZIP(en rouge): C:\programfiles\openoffice.org\Basis\share\config\images_hicontrast.zip
    il n'avance plus....help
    je précise que 'écris ce message depuis un autre pc
    a c 295 8 Sécurité
    1 Juin 2010 21:39:18

    Je n'en sais pas plus que toi.
    1 Juin 2010 21:44:15

    merci quand même destrio......si quelqu'un d'autre peut m'aider??.........
    a c 295 8 Sécurité
    2 Juin 2010 03:05:20

    Le scan est toujours bloqué ?
    2 Juin 2010 05:34:40

    j'ai été trop impatient, le scan a durer toute la nuit et voici le rapport

    ############################## | FindyKill V5.043 |

    # User : Admin (Administrateurs) # KADES-HP
    # Update on 12/05/2010 by El Desaparecido
    # Start at: 22:01:53 | 01/06/2010
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # AMD Athlon(tm) XP 2800+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled

    # A:\ # Lecteur de disquettes 3 ½ pouces
    # C:\ # Disque fixe local # 48,83 Go (35,44 Go free) [SYSTEME] # NTFS
    # D:\ # Disque fixe local # 134,77 Go (134,76 Go free) [KARINE] # NTFS
    # E:\ # Disque fixe local # 134,77 Go (124,98 Go free) [CHRISTOPHE] # NTFS
    # F:\ # Disque fixe local # 134,77 Go (133,63 Go free) [DIVERS] # NTFS
    # G:\ # Disque CD-ROM
    # L:\ # Disque CD-ROM
    # S:\ # Disque fixe local # 12,61 Go (3,02 Go free) [SOURCES] # NTFS

    ################## | Eléments infectieux |


    ################## | Références de comparaison Bagle MD5 : |

    File : C:\Qoobox\Quarantine\C\Documents and Settings\Admin\Application Data\drivers\winupgro.exe.vir
    -> Crc32 : 0306277a | Md5 : 706f8688d09b5ab32a133828ccb5993c


    ################## | MD5 ... |


    ################## | CRC32 ... |


    ################## | Registre |

    Supprimé ! [HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]
    Supprimé ! [HKLM\SYSTEM\ControlSet002\Services\sK9Ou0s]
    Supprimé ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
    Supprimé ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
    Supprimé ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
    Supprimé ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
    Supprimé ! [HKCU\Software\WS4001]
    Supprimé ! [HKCR\ed2k]
    Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\run]
    Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]

    ################## | Etat |

    # Mode sans echec : OK


    # Affichage des fichiers cachés : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | Fichiers corrompus |

    Corrompu : C:\Program Files\Alwil Software\Avast5\ashQuick.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Alwil Software\Avast5\ashUpd.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe
    [Offset = 000000D4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Alwil Software\Avast5\sched.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Corrompu : C:\Program Files\Spybot - Search & Destroy\blindman.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    [Offset = 000000F4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Spybot - Search & Destroy\Update.exe
    [Offset = 00000104 - Valeur = 0x0001]


    ################## | Upload |

    Veuillez envoyer le fichier : C:\FindyKill_Upload_Me_KADES-HP.zip : http://chiquitine.changelog.fr/Sample/Upload.php
    Merci pour votre contribution .

    ################## | ! Fin du rapport # FindyKill V5.043 ! |

    2 Juin 2010 14:51:38

    Juste 1 précision pour Destrio morsque tu verra mon rapport et ce message.Actuellement mon bureau est vide, juste Findykill qui a terminé et son rapport et......rien d'autres.Plus aucun icone, est ce normal? Quand je vais fermer findykill l'ordi va redemarrer normalement, rassure moi?
    a c 295 8 Sécurité
    2 Juin 2010 17:23:34

    Ferme FindyKill et redémarre si besoin.
    2 Juin 2010 18:17:04

    Merci beaucoup pour ton aide tout à l'air de fonctionner normalement.Je dois juste réinstaller un antivirus et un anti malware.Avant j'avais avast et spybot.Que me conseille tu?
    a c 295 8 Sécurité
    2 Juin 2010 18:38:02

  • Réinstalle Avast.

  • Relance FindyKill et choisis l'option 4 pour le désinstaller.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

    2 Juin 2010 19:04:30

    Voici le rapport de Malwarebytes.Rien n'était infecté.

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4164

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    02/06/2010 18:59:57
    mbam-log-2010-06-02 (18-59-57).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 132971
    Temps écoulé: 6 minute(s), 20 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 295 8 Sécurité
    2 Juin 2010 19:07:27

    Plus de souci ?
    2 Juin 2010 19:11:45

    Tout roule merci infiniment.Juste 1 truc, je peut garder spybot et malwarebytes ensemble? et avast? efficace ou mieux vaut antivir comme beaucoup le conseille sur ce forum.Après c'est promis je te laisse tranquille......
    a c 295 8 Sécurité
    2 Juin 2010 19:18:41

    Citation :
    je peut garder spybot et malwarebytes ensemble?

    --> Oui. Je ne vois pas l'utilité de Spybot à part pour la vaccination à la rigueur.

    Citation :
    et avast? efficace ou mieux vaut antivir comme beaucoup le conseille sur ce forum.

    --> http://forum.malekal.com/comparatif-antivirus-gratuits-...


    1/

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo! Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    2 Juin 2010 19:39:32

    Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\Combofix.txt: trouvé !
    C:\Qoobox: trouvé !
    C:\Qoobox\Quarantine\catchme.log: trouvé !
    C:\WINDOWS\mbr.exe: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Combofix.txt: supprimé !
    C:\Qoobox\Quarantine\catchme.log: supprimé !
    C:\WINDOWS\mbr.exe: supprimé !
    C:\Qoobox: supprimé !

    Un ENORME MERCI pour tout
    a c 295 8 Sécurité
    2 Juin 2010 19:40:03

    Tu peux supprimer ToolsCleaner.
    2 Juin 2010 19:45:11

    voila qui est fait.Je marque mon problème résolu et au risque de me répéter MERCI MERCI :)  :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS