Votre question

avast ne fonctionne plus

Tags :
  • Avast
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Décembre 2008 10:42:30

quand j'allume l'ordi le symbole avast n'est pas là
et quand je veus le mettre en route il est écris que avast exe n'est pas une application win 32 valide
j'ai peur d'avoir eus un virus
merci de m'aider

Autres pages sur : avast fonctionne

6 Décembre 2008 11:36:12

:hello:  Bonjour,

Je vais t'aider à résoudre ton problème. Merci de suivre à la lettre mes instructions et de ne pas prendre d'initiatives personnelles. Si tu as la moindre question, je suis à ton écoute.

Merci de prendre en compte que je suis bénévole et que j'ai une vie privée : je passe au moins une fois par jour.

Si tu penses avoir été oublié, envoie-moi un MP pour me le signaler.

Télécharge FindyKill ([#ff0000]Chiquitine29[/#ff]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de FindyKill.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré dans ta prochaine réponse.

    NB : La barre des tâches et les icônes vont disparaître pendant la recherche.

    ;) 
    6 Décembre 2008 11:58:44

    voici le rapport


    ----------------- FindyKill V4.706 ------------------

    * User : Sophie - ORDI-51C93CF87A
    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 27/11/08 par Chiquitine29
    * Recherche effectuée à 10:52:16 le 06/12/2008
    * Windows XP - Internet Explorer 7.0.5730.13

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))


    --------------- [ Processus actifs ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    --------------- [ Fichiers/Dossiers infectieux ] ----------------


    »»»» Presence des fichiers dans C:


    »»»» Presence des fichiers dans C:\WINDOWS


    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

    Found ! - C:\WINDOWS\prefetch\101109.EXE-22DFBB00.pf
    Found ! - C:\WINDOWS\prefetch\102765.EXE-0CBF6F40.pf
    Found ! - C:\WINDOWS\prefetch\110562.EXE-3B44ED1F.pf
    Found ! - C:\WINDOWS\prefetch\114968.EXE-3319C921.pf
    Found ! - C:\WINDOWS\prefetch\124281.EXE-02C04714.pf
    Found ! - C:\WINDOWS\prefetch\144375.EXE-3440CA2D.pf
    Found ! - C:\WINDOWS\prefetch\147718.EXE-121EED7A.pf
    Found ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
    Found ! - C:\WINDOWS\prefetch\70234.EXE-0033D584.pf
    Found ! - C:\WINDOWS\prefetch\73234.EXE-2B368647.pf
    Found ! - C:\WINDOWS\prefetch\81953.EXE-25F80793.pf
    Found ! - C:\WINDOWS\prefetch\96515.EXE-169F212B.pf
    Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-31FA43E9.pf
    Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
    Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
    Found ! - C:\WINDOWS\Prefetch\SERIAL.EXE-1A8C9070.pf

    »»»» Presence des fichiers dans C:\WINDOWS\system32

    Found ! [06/12/2008 10:33] - C:\WINDOWS\system32\mdelk.exe
    Found ! [06/12/2008 10:33] - C:\WINDOWS\system32\wintems.exe
    Found ! [06/12/2008 10:33] - C:\WINDOWS\system32\ban_list.txt

    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

    Found ! [06/12/2008 10:32] - C:\WINDOWS\system32\drivers\srosa.sys
    Found ! [06/12/2008 10:32] - C:\WINDOWS\system32\drivers\srosa2.sys
    Found ! [26/08/2006 06:06] - C:\WINDOWS\system32\drivers\winfilse.exe
    Found ! [06/12/2008 10:35] - "C:\WINDOWS\system32\drivers\downld"
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\101109.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\101500.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\101640.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\102765.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\102796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\103296.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\105484.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\105875.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\106156.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\110562.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\111312.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\111765.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\114968.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\116203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\117093.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\117531.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\117828.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\121531.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\122125.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\124281.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\125187.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\125250.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\126906.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\131656.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\131859.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\132187.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\132421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\132437.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\133484.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\135640.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\135937.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\138421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\138468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139140.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139437.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\139968.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\140312.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\142625.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\142890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\142984.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\144375.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\144531.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\146750.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\147343.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\147718.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\149343.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\150406.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\151203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\153203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\153765.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\154453.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\157250.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\157796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\158109.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\159375.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\161062.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\162343.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\162765.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\164171.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\164937.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170031.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170671.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\170968.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\173203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\173234.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\177562.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\178109.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\178312.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\178437.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\180906.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\181281.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\182046.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\182890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\183203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\183796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\185265.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\185390.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\186687.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\186796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\187312.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\187421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\188109.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\188468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\189375.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\189968.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\191609.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193187.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193703.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193843.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\193937.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\194781.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\197171.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\197718.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\198656.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\198906.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\199171.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\199468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\202187.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\203000.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\203093.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\204140.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\205718.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\206203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\207984.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\209484.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\209500.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\210359.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\210468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\213843.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\213875.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\214093.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\218593.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\218906.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\220265.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\222140.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\223218.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\223890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\224796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\225171.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\225203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\225750.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\226390.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\226421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\229062.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\230031.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\231812.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\232171.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\232218.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\233734.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\235015.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\235890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\236890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\237562.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\237640.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\240625.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\242687.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\242703.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\245812.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\246500.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\246703.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\246953.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\247921.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\249687.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\251468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\252421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\252890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\254640.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\256375.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\257640.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\258203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\258531.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\259187.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\259984.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\260156.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\260468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\262625.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\263031.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\263921.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\264671.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\264890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\265937.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\268343.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\269359.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\271671.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\272812.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\274156.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\282312.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\294468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\294640.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\295625.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\303515.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\309234.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\314109.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\322250.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\324750.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\327078.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\328265.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\328734.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\330093.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\339140.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\353562.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\375656.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\381796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\401234.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\56546.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\56765.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\57796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\58046.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\58203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\58437.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\59390.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\60484.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\60843.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\61781.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\62343.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\62609.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\62718.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\64421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\64546.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\65281.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\66703.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\68812.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\69578.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\70234.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71062.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71156.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71234.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\71859.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\72687.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\72921.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73125.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73171.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73234.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73265.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73421.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\73937.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\74046.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\74468.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\74843.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\75281.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\75734.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\76203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\78125.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\79875.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\80343.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\81953.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\82796.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\83656.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\83718.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\85203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\86359.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\88203.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\89453.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\90546.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\91093.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\91656.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\92890.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\96046.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\96515.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\97437.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\98453.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\98703.exe
    Found ! [06/12/2008 10:35] - C:\WINDOWS\system32\drivers\downld\99468.exe

    »»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Application Data

    Found ! [05/12/2008 17:24] - "C:\Documents and Settings\Sophie\Application Data\m\flec006.exe"
    Found ! [06/12/2008 10:32] - "C:\Documents and Settings\Sophie\Application Data\m\list.oct"
    Found ! [06/12/2008 10:32] - "C:\Documents and Settings\Sophie\Application Data\m\data.oct"
    Found ! [06/12/2008 10:33] - "C:\Documents and Settings\Sophie\Application Data\m\srvlist.oct"
    Found ! [06/12/2008 10:33] - "C:\Documents and Settings\Sophie\Application Data\m\shared"
    Found ! [02/12/2008 21:53] - "C:\Documents and Settings\Sophie\Application Data\m"

    »»»» Presence des fichiers dans C:\DOCUME~1\Sophie\LOCALS~1\Temp

    Found ! - C:\DOCUME~1\Sophie\LOCALS~1\Temp\PatchByFile.tmp

    »»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

    Found ! [04/12/2008 12:20] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64[1].jpg
    Found ! [03/12/2008 21:40] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64_3[1].jpg
    Found ! [13/11/2008 11:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\D36439BF6AFB645FD2B2F5627D57B[1].jpg
    Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\465B17821B64D17F71B71A14C5C76[1].jpg
    Found ! [02/12/2008 21:51] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[1].jpg
    Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[2].jpg
    Found ! [03/12/2008 09:36] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_1[1].jpg
    Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_3[1].jpg
    Found ! [05/12/2008 11:11] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\mxd[1].jpg
    Found ! [04/12/2008 21:25] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_1[1].jpg
    Found ! [02/12/2008 22:02] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_2[1].jpg
    Found ! [03/12/2008 09:48] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[1].jpg
    Found ! [03/12/2008 12:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[2].jpg
    Found ! [05/12/2008 16:28] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\mxd[1].jpg
    Found ! [02/12/2008 15:59] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\23B4DAB643DDCCC6976EA3177DC13[1].jpg
    Found ! [03/12/2008 21:40] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64[1].jpg
    Found ! [03/12/2008 10:13] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64_2[1].jpg
    Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\AGZ52X8N\b64[1].jpg
    Found ! [03/12/2008 10:57] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_2[1].jpg
    Found ! [04/12/2008 18:53] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[1].jpg
    Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[2].jpg
    Found ! [04/12/2008 21:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[1].jpg
    Found ! [03/12/2008 09:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64[1].jpg
    Found ! [02/12/2008 22:01] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64_3[1].jpg
    Found ! [03/12/2008 21:41] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64[1].jpg
    Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_1[1].jpg
    Found ! [05/12/2008 16:27] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_2[1].jpg
    Found ! [06/12/2008 10:33] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_3[1].jpg
    Found ! [03/12/2008 10:59] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[1].jpg
    Found ! [03/12/2008 12:50] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[2].jpg
    Found ! [04/12/2008 18:54] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[3].jpg
    Found ! [04/12/2008 21:27] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64[1].jpg
    Found ! [03/12/2008 12:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64_1[1].jpg
    Found ! [04/12/2008 12:20] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\mxd[1].jpg
    Found ! [02/12/2008 22:01] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_1[1].jpg
    Found ! [02/12/2008 21:51] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_3[1].jpg
    Found ! [03/12/2008 10:59] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[1].jpg
    Found ! [05/12/2008 17:04] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[2].jpg
    Found ! [04/12/2008 17:19] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64_2[1].jpg
    Found ! [02/12/2008 22:01] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64[1].jpg
    Found ! [03/12/2008 10:12] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_1[1].jpg
    Found ! [05/12/2008 17:03] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_2[1].jpg
    Found ! [05/12/2008 17:23] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_3[1].jpg
    Found ! [03/12/2008 09:38] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[1].jpg
    Found ! [05/12/2008 11:10] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[2].jpg
    Found ! [05/12/2008 11:11] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64[1].jpg
    Found ! [04/12/2008 21:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_2[1].jpg
    Found ! [04/12/2008 17:17] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_3[1].jpg
    Found ! [03/12/2008 21:40] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\mxd[1].jpg
    Found ! [05/12/2008 16:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64[1].jpg
    Found ! [04/12/2008 18:53] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[1].jpg
    Found ! [05/12/2008 17:23] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[2].jpg
    Found ! [05/12/2008 16:26] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_3[1].jpg
    Found ! [03/12/2008 09:37] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\mxd[1].jpg
    Found ! [03/12/2008 09:38] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[1].jpg
    Found ! [03/12/2008 09:48] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[2].jpg
    Found ! [03/12/2008 12:49] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[3].jpg
    Found ! [04/12/2008 12:19] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64_2[1].jpg
    Found ! [03/12/2008 09:48] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\b64_3[1].jpg
    Found ! [05/12/2008 17:04] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\mxd[1].jpg
    Found ! [02/12/2008 22:00] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\X86FQDVJ\b64_2[1].jpg
    Found ! [14/11/2008 11:04] - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\YWARJ6V5\WMPe2e22d50-88db-4979-92c5-78049b9b64bc[1]..jpg

    --------------- [ Registre / Startup ] ----------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

    SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
    ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

    NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    nwiz=nwiz.exe /install
    NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    NVMixerTray="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
    NoChange=1
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
    Installed=1
    <NO NAME>=

    [HKEY_CURRENT_USER\software\local appwizard-generated applications\serial]
    [HKEY_CURRENT_USER\software\local appwizard-generated applications\SuperCopier2]
    [HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]

    --------------- [ Registre / Clés infectieuses ] ----------------


    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\serial
    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse
    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\bisoft
    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\DateTime4
    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\FFC
    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\FirtR
    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\MuleAppData
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_CURRENT_USER\Software\bisoft
    Found ! - HKEY_CURRENT_USER\Software\DateTime4
    Found ! - HKEY_CURRENT_USER\Software\FirtR
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

    --------------- [ Etat / Services ] ----------------

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

    - sans echec non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

    - sans echec non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

    - sans echec non fonctionnel !!



    +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

    /!\ Ndisuio - Type de démarrage = 4

    EapHost - Type de démarrage = 3

    /!\ Ip6Fw - Type de démarrage = 4

    /!\ SharedAccess - Type de démarrage = 4

    /!\ wuauserv - Type de démarrage = 4

    /!\ wscsvc - Type de démarrage = 4



    --------------- [ Recherche dans supports amovibles] ----------------


    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe


    +- presence des fichiers :



    --------------- [ Registre / Mountpoint2 ] ----------------


    -> Not found !


    ------------------- ! Fin du rapport ! --------------------

    Contenus similaires
    6 Décembre 2008 12:23:41

    Re,

    Relance FindyKill en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    ! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.

    NB : Un redémarrage est parfois nécessaire, FindyKill vous enverra un message si cela est nécessaire.

    Puis :

    1) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    2) ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    3) Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    [#008040]Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


  • Comment va le PC ? Toujours des problèmes ?

    ;) 
    6 Décembre 2008 12:40:45



    ----------------- FindyKill V4.706 ------------------

    * User : Sophie - ORDI-51C93CF87A
    * executed from : C:\Program Files\FindyKill
    * Update on 27/11/08 par Chiquitine29
    * Start at 12:33:52 the 06/12/2008
    * Windows XP - Internet Explorer 7.0.5730.13


    ((((((((((((((( *** deleting *** ))))))))))))))))))


    --------------- [ Active Processes ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\userinit.exe

    --------------- [ Infected files / folders ] ----------------


    »»»» Supression files in C:


    »»»» Supression files in C:\WINDOWS


    »»»» Supression files in C:\WINDOWS\Prefetch

    Deleted ! - C:\WINDOWS\prefetch\101109.EXE-22DFBB00.pf
    Deleted ! - C:\WINDOWS\prefetch\102765.EXE-0CBF6F40.pf
    Deleted ! - C:\WINDOWS\prefetch\110562.EXE-3B44ED1F.pf
    Deleted ! - C:\WINDOWS\prefetch\114968.EXE-3319C921.pf
    Deleted ! - C:\WINDOWS\prefetch\124281.EXE-02C04714.pf
    Deleted ! - C:\WINDOWS\prefetch\144375.EXE-3440CA2D.pf
    Deleted ! - C:\WINDOWS\prefetch\147718.EXE-121EED7A.pf
    Deleted ! - C:\WINDOWS\prefetch\157796.EXE-1B18C72E.pf
    Deleted ! - C:\WINDOWS\prefetch\70234.EXE-0033D584.pf
    Deleted ! - C:\WINDOWS\prefetch\73234.EXE-2B368647.pf
    Deleted ! - C:\WINDOWS\prefetch\81953.EXE-25F80793.pf
    Deleted ! - C:\WINDOWS\prefetch\96515.EXE-169F212B.pf
    Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-31FA43E9.pf
    Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
    Deleted ! - C:\WINDOWS\prefetch\SERIAL.EXE-1A8C9070.pf
    Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

    »»»» Supression files in C:\WINDOWS\system32

    Deleted ! - C:\WINDOWS\system32\mdelk.exe
    Deleted ! - C:\WINDOWS\system32\wintems.exe
    Deleted ! - C:\WINDOWS\system32\ban_list.txt

    »»»» Supression files in C:\WINDOWS\system32\drivers

    Deleted ! - C:\WINDOWS\system32\drivers\srosa.sys
    Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys
    Deleted ! - C:\WINDOWS\system32\drivers\winfilse.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\101000.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\101109.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\101500.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\101640.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\102765.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\102796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\103296.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\105484.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\105875.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\106156.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\108656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\110562.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\111312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\111765.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\114968.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\116203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\117093.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\117531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\117828.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\121531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\122125.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\124281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\125187.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\125250.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\126906.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\131656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\131859.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\132187.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\132421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\132437.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\133484.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\135640.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\135937.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\136187.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\138421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\138468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\139140.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\139437.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\139468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\139968.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\140312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\142625.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\142890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\142984.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\144375.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\144531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\146750.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\147343.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\147718.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\149343.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\150406.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\151203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\153171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\153203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\153765.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\154453.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\154687.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\157250.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\157796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\158109.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\158250.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\159375.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\161062.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\162343.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\162765.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\164171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\164937.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\170031.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\170468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\170671.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\170968.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\173203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\173234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\177562.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\178109.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\178312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\178437.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\180906.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\181281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\182046.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\182890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\183203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\183796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\185265.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\185390.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\186687.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\186796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\187312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\187421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\188109.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\188468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\189375.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\189968.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\191609.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\192265.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\193187.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\193703.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\193843.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\193937.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\194781.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\197171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\197718.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\198656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\198906.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\199171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\199468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\202187.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\202781.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\203000.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\203093.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\204140.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\205718.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\206203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\207984.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\209484.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\209500.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\210359.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\210468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\213843.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\213875.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\214093.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\217500.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\218593.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\218906.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\220265.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\222140.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\223218.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\223890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\224796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\225171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\225203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\225750.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\226390.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\226421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\229062.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\230031.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\231812.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\232171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\232218.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\233734.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\235015.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\235890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\236890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\237562.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\237640.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\240625.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\242687.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\242703.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\245812.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\246500.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\246703.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\246953.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\247921.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\249687.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\251468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\252421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\252890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\254640.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\256375.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\257640.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\258203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\258531.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\259187.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\259984.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\260156.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\260468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\262625.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\263031.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\263921.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\264671.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\264890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\265937.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\268343.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\269359.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\274156.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\282312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\294468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\294640.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\295625.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\303515.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\309234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\314109.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\322250.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\324750.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\327078.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\328265.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\328734.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\330093.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\339140.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\353562.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\375656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\381796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\401234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\56546.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\56765.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\57796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\58046.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\58203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\58437.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\59390.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\60484.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\60843.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\61781.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\62343.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\62609.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\62718.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\64421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\64546.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\65281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\65578.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\66703.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\68812.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\69578.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\70234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\71062.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\71156.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\71234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\71468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\71859.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\72687.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\72921.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\73125.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\73171.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\73234.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\73265.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\73421.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\73937.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\74046.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\74468.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\74828.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\74843.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\75281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\75734.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\76203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\76281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\78125.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\79875.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\80343.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\81953.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\82796.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\83656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\83718.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\85203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\85312.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\86359.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\88203.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\89453.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\90546.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\91093.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\91656.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\92890.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\93281.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\96046.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\96515.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\97437.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\98453.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\98703.exe
    Deleted ! - C:\WINDOWS\system32\drivers\downld\99468.exe
    Deleted ! - "C:\WINDOWS\system32\drivers\downld"

    »»»» Supression files in C:\Documents and Settings\Sophie\Application Data

    Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\flec006.exe"
    Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\list.oct"
    Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\data.oct"
    Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\srvlist.oct"
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\1337player Build 27.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\1964 0.9.9.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\2_Symantec.NORTON.ANTISPAM.2005.keygen.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\3DProducer_2.2.1_(Patch).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\4Musics_WAV_to_WMA_Converter_4.0_[With_Crack].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\7art Happy Halloween Screensaver 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Advanced_StartUp_Manager_1.41.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Aiglon Process Killer 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\AlphaScript_2.00.0006.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\American_Flags_in_NY_Screensaver_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\AnimatedAlien_ScreenMate_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Audio_Recorder_Pro_3.20.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\AWPunk 1.0.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Battlefield_1942_Desert_Combat_Extended_Mod.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BBC_World_Service_Player_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BCWipe_3.10.5.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Bernard_and_Hank_1.2.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BitSlice 4.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BitWise Chat 1.7.3.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BL-Monitor_2.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\BlueIM_1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Breeze Standard Edition 5.5.4.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Buensoft German 2004.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Bytescout Watermarking 1.11.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\CD-DA to WAV 3.21 (KeyGen).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Cell_Racing_1.0_(KeyGen).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Champions League BetWidget 1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Chilkat Charset .NET.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Clickie_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ClipBird 2.1.1 Build 1019.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Commenter_1.07.02.98.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Computer-Expert_Supervisors_Pack_1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ConceptDraw_VI_Standard_6.2_(With_Crack).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Convert_to_Ringtone_Wizard_1.4.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Cool-Dog_Volume_Control_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Courier_3.0_[Cracked].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Daniusoft_DVD_to_3GP_Converter_1.1.10.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DBScripter for Oracle 1.13.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DiceMan_2.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Djuggler 1.1.4.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\dsFSR 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DupeX 3.2.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Dupe_Destroyer_5.2_[KeyGen].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\DVD Bitrate Calculator 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Easy_Label_Designer_Plus_1.9.11.22.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Excel Merge (Combine) Cells, Columns, Rows & Data Software 7.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\EZMem Optimizer 2.0.26.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Fanfiction Downloader 3.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\FantasySword_RPG_II_Final.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Folder_Organizer_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\FreeSNMP_1.3.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\FreeUndelete_2.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Fresh_System_2.1.4_Patch.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\full_antivirus(Kaspersky_avast_antivir_norman_avwinsfx_f-prot.updated-fixed.06-2006.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\galaxySpy v1.1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\GdViewer OCX 4.1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\GeoClock 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\GymLogger 1.01.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Hardware_Sensors_Monitor_4.3.1.2.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Hyper_Start_1.0.8.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ImageWell_2.1_build_227.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Imagistik_Image_Driver_Lite_1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ImgViewer32 2.60.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Indian_Radio_Tooly_4.5.147.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\iView 3.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\I_AM_Screensaver_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\JavaScript_Library_Archive_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Jump Style Player Widget 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Kernel_Palm_PDB_4.03.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Knowbody Stamp It 4.0.6.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Landscapes_Screensaver_3.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Launch Pivot 1.6.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Linera_Uninstall_Manager_Lite_1.2_(With_Crack).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Luxurious_1.02.000_KeyGen.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Magic Audio CD Burner VCL 1.00.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Maillist_Express_Pro_6.20_Patch.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\MapObjects_LT_2.0a_(Serial).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Mindjet_MindManager_Mac_6.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\MSSQL2MySQL_PRO_1.4.3.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\MySQL Migration Toolkit 2.3.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\NetSend 1.00.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\NKTWAB 2.1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\P.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Paessler_Netflow_Tester_1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\PanoGraph_1.07_Serial.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\PDF2Text_Batch_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Permanent Erase.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Photo Collage Screensaver 1.2.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Photo_DVD_Maker_7.71_Key.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Pocket_DivX_Player_0.8.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Port Mapper 1.0.5.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Portable Celtx 0.9.9.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Protogem_1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\QuickLines Command for AutoCAD 1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\QuickPersonnel 1.7.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Radio Uniton 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\RemindMe_1.0.49.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Remove_Office_98_Utility_1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\SceneSaver 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\SecureBit_LoginXpress_1.0.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Service_Query_1.0_Patch.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Shop'NCook_Reader_3.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\SmartPlugin Professional 2.2.05-rc1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Stained Glass Hearts 1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\StarMail_Home_2.0.01.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Symantec.AntiVirus.Corporate.v10.1.4.4000.GERMAN-TBE.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Tark (Temporary Bookmarks) 0.28.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\TealInfo_4.32.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\TerminalServiceAgent_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\The_Cleaner_Pro_4.2_build_4319_[Key+Serial].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\the_faster_toolbar_for_Firefox_1.5.0.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\The_StarMessage_Diary_2.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ToDo_1.3.8.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\TrafficBooster_1.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\URLy Warning 2.02.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\UsefulRest (former Protector of Health) 2.7a Build 122.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Video DeNoise for VirtualDub 2.0.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Video Edit Converter Pro 2.5.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\VLPropertyList_2.0_[Crack].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Voiced_Keyboard_3.0_[Patch].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WinJanitor_1.1.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WinMPG_iPod_Converter_2.0_[Key].zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WinMX Turbo Booster 4.7.5 (Crack).zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\WiseDesktop 1.5.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\Wondershare DVD to Flash Converter 2.4.31.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\World Time System Tray 1.3.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\XMedia Backup 4.1.1 Serial.zip
    Deleted ! - C:\Documents and Settings\Sophie\Application Data\m\shared\ZylGSM 1.00.zip
    Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m\shared"
    Deleted ! - "C:\Documents and Settings\Sophie\Application Data\m"

    »»»» Supression files in C:\DOCUME~1\Sophie\LOCALS~1\Temp

    Deleted ! - C:\DOCUME~1\Sophie\LOCALS~1\Temp\PatchByFile.tmp

    »»»» Supression files in C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{B643238D-38BC-4236-AFDE-0551FB315BD9}.jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\D36439BF6AFB645FD2B2F5627D57B[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\465B17821B64D17F71B71A14C5C76[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[3].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\23B4DAB643DDCCC6976EA3177DC13[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\AGZ52X8N\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[3].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[4].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\X86FQDVJ\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\YWARJ6V5\WMPe2e22d50-88db-4979-92c5-78049b9b64bc[1]..jpg

    --------------- [ Registry / Infected keys ] ----------------

    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Deleted ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\serial
    Deleted ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse

    --------------- [ States / Restarting of services ] ----------------

    +- Safe boot mode restored !


    +- Services : [ Auto=2 / Request=3 / Disable=4 ]

    Ndisuio - Type of startup = 3

    EapHost - Type of startup = 2

    Ip6Fw - Type of startup = 2

    SharedAccess - Type of startup = 2

    wuauserv - Type of startup = 2

    wscsvc - Type of startup = 2


    --------------- [ Cleaning removable drives ] ----------------

    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe


    +- deleting files :


    --------------- [ Registry / Mountpoint2 ] ----------------


    -> Not found !


    --------------- [ Searching Cracks / Keygen ] ----------------



    ---------------- ! End of report ! ------------------


    6 Décembre 2008 14:11:30

    on me demande un code d'accé quand je commence l'installation de malwareyte's Anti-Malware sur mon Bureau.
    6 Décembre 2008 17:32:09

    j'ai réussit voici le rapport
    Malwarebytes' Anti-Malware 1.31
    Version de la base de données: 1466
    Windows 5.1.2600 Service Pack 3

    06/12/2008 17:20:47
    mbam-log-2008-12-06 (17-20-42).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 89669
    Temps écoulé: 58 minute(s), 36 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 15
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 3
    Fichier(s) infecté(s): 43

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\TypeLib\{e0731ad0-39cf-4605-b00e-116fd54ed29a} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{84bb6d9a-127b-465b-82cb-15a4b83fe98c} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{925c57ae-2bb0-41c3-ba2b-ba2908ba434f} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{e67d5bc7-7129-493e-9281-f47bdaface4f} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{07ca483f-30bc-425d-823d-48620a3bd13f} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07ca483f-30bc-425d-823d-48620a3bd13f} (Adware.DosPopToolbar) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07ca483f-30bc-425d-823d-48620a3bd13f} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{57cadc46-58ff-4105-b733-5a9f3fc9783c} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{fa34ee7e-55eb-41db-9718-1ae6ea1cf9a5} (Adware.DosPopToolbar) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\IEToolbar (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator (Adware.DosPopToolbar) -> No action taken.
    C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.

    Fichier(s) infecté(s):
    C:\Program Files\IEToolbar\Share Accelerator\tbhelper.dll (Trojan.BHO) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007526.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007558.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007570.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007725.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP56\A0007735.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP58\A0007790.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP58\A0007846.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP58\A0007862.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0007965.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0007979.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008070.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008089.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008118.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008133.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008150.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008165.sys (Worm.Bagel) -> No action taken.
    C:\System Volume Information\_restore{568915B5-06F8-4E7D-8F1F-3158FDC93333}\RP59\A0008194.sys (Worm.Bagel) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\basis.xml (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\basis.xml.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\icons.bmp (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\icons.bmp.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_16.bmp (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_16.bmp.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_24.bmp (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\icons.bmp_24.bmp.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\info.txt (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\info.txt.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\LOGO.BMP (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\LOGO.BMP.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.crc (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.crc.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.dll (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\ShareAcceleratorToolbar12_11_08.dll.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\tbhelper.dll.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\uninstall.exe (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\uninstall.exe.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\update.exe (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\update.exe.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\version.txt (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\version.txt.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\your_logo.png (Adware.DosPopToolbar) -> No action taken.
    C:\Program Files\IEToolbar\Share Accelerator\your_logo.png.virtual.lnk (Adware.DosPopToolbar) -> No action taken.
    6 Décembre 2008 18:09:01

    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Sophie ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:30 Go (Free:20 Go)
    D:\ (Local Disk) - NTFS - Total:156 Go (Free:110 Go)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 06/12/2008|18:06 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/10/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [12/11/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
    [23/10/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [02/12/2008|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
    [06/12/2008|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [22/11/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [22/11/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [23/10/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [06/12/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [23/10/2008|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [03/12/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [23/10/2008|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [22/11/2008|15:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [23/10/2008|20:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Adobe
    [23/10/2008|22:22] C:\DOCUME~1\Sophie\APPLIC~1\Ahead
    [03/11/2008|20:13] C:\DOCUME~1\Sophie\APPLIC~1\CyberLink
    [03/12/2008|14:38] C:\DOCUME~1\Sophie\APPLIC~1\Help
    [23/10/2008|20:07] C:\DOCUME~1\Sophie\APPLIC~1\Identities
    [03/11/2008|19:20] C:\DOCUME~1\Sophie\APPLIC~1\LimeWire
    [25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Macromedia
    [06/12/2008|14:24] C:\DOCUME~1\Sophie\APPLIC~1\Malwarebytes
    [03/12/2008|14:06] C:\DOCUME~1\Sophie\APPLIC~1\Microsoft
    [25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Mozilla
    [03/11/2008|18:28] C:\DOCUME~1\Sophie\APPLIC~1\Sun
    [23/10/2008|20:36] C:\DOCUME~1\Sophie\APPLIC~1\Talkback
    [25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Thunderbird
    [02/12/2008|20:08] C:\DOCUME~1\Sophie\APPLIC~1\uTorrent
    [30/10/2008|13:45] C:\DOCUME~1\Sophie\APPLIC~1\WinRAR

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [06/12/2008 17:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/11/2008|18:02] C:\Program Files\Adobe
    [27/11/2008|13:04] C:\Program Files\Alice SSID
    [23/10/2008|20:28] C:\Program Files\Alwil Software
    [23/10/2008|20:00] C:\Program Files\ComPlus Applications
    [02/12/2008|16:04] C:\Program Files\Conduit
    [23/10/2008|20:59] C:\Program Files\CyberLink
    [23/10/2008|20:56] C:\Program Files\DivX
    [23/10/2008|21:03] C:\Program Files\DivX Total Pack
    [23/10/2008|20:26] C:\Program Files\D-Link
    [30/10/2008|14:00] C:\Program Files\Eltima Software
    [23/10/2008|21:51] C:\Program Files\Fichiers communs
    [06/12/2008|12:36] C:\Program Files\FindyKill
    [27/11/2008|13:02] C:\Program Files\InstallShield Installation Information
    [23/10/2008|22:12] C:\Program Files\Internet Explorer
    [06/12/2008|18:02] C:\Program Files\Java
    [23/10/2008|20:57] C:\Program Files\K-Lite Codec Pack
    [03/11/2008|19:21] C:\Program Files\LimeWire
    [02/12/2008|21:27] C:\Program Files\MAGIX
    [06/12/2008|14:24] C:\Program Files\Malwarebytes' Anti-Malware
    [23/10/2008|21:57] C:\Program Files\Messenger
    [23/10/2008|20:40] C:\Program Files\Messenger Plus! Live
    [23/10/2008|21:41] C:\Program Files\Microsoft AutoRoute
    [23/10/2008|20:03] C:\Program Files\microsoft frontpage
    [23/10/2008|21:51] C:\Program Files\Microsoft Office
    [23/10/2008|21:51] C:\Program Files\Microsoft Visual Studio
    [23/10/2008|21:51] C:\Program Files\Microsoft Works
    [23/10/2008|21:49] C:\Program Files\Microsoft.NET
    [02/12/2008|16:04] C:\Program Files\Mininova
    [23/10/2008|20:52] C:\Program Files\Movie Maker
    [29/10/2008|09:49] C:\Program Files\Mozilla Firefox
    [06/12/2008|17:57] C:\Program Files\Mozilla Thunderbird
    [23/10/2008|19:59] C:\Program Files\MSN
    [23/10/2008|19:59] C:\Program Files\MSN Gaming Zone
    [23/10/2008|22:14] C:\Program Files\MSN Messenger
    [23/10/2008|21:32] C:\Program Files\Nero
    [23/10/2008|20:49] C:\Program Files\NetMeeting
    [23/10/2008|20:19] C:\Program Files\NVIDIA Corporation
    [23/10/2008|19:59] C:\Program Files\Online Services
    [23/10/2008|20:49] C:\Program Files\Outlook Express
    [23/10/2008|20:50] C:\Program Files\Radio Fr Solo
    [06/12/2008|12:49] C:\Program Files\Registry Mechanic
    [13/11/2008|20:42] C:\Program Files\Secured IE
    [12/11/2008|14:21] C:\Program Files\securedie
    [23/10/2008|20:01] C:\Program Files\Services en ligne
    [03/11/2008|18:30] C:\Program Files\Sun
    [23/10/2008|20:36] C:\Program Files\SuperCopier2
    [23/10/2008|20:07] C:\Program Files\Uninstall Information
    [08/11/2008|01:08] C:\Program Files\uTorrent
    [23/10/2008|20:57] C:\Program Files\VideoLAN
    [23/10/2008|20:57] C:\Program Files\Webteh
    [23/10/2008|20:40] C:\Program Files\Windows Live
    [23/10/2008|21:04] C:\Program Files\Windows Media Connect 2
    [04/12/2008|21:24] C:\Program Files\Windows Media Player
    [23/10/2008|20:49] C:\Program Files\Windows NT
    [23/10/2008|20:01] C:\Program Files\WindowsUpdate
    [23/10/2008|20:53] C:\Program Files\WinRAR
    [23/10/2008|20:03] C:\Program Files\xerox
    [03/12/2008|14:31] C:\Program Files\Yahoo!
    [12/11/2008|14:47] C:\Program Files\Zapu
    [03/12/2008|10:42] C:\Program Files\Zone Labs

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [23/10/2008|20:38] C:\Program Files\Fichiers communs\Adobe
    [23/10/2008|21:33] C:\Program Files\Fichiers communs\Ahead
    [23/10/2008|21:51] C:\Program Files\Fichiers communs\DESIGNER
    [23/10/2008|20:19] C:\Program Files\Fichiers communs\InstallShield
    [12/11/2008|14:28] C:\Program Files\Fichiers communs\Microsoft Shared
    [23/10/2008|20:00] C:\Program Files\Fichiers communs\MSSoap
    [23/10/2008|20:19] C:\Program Files\Fichiers communs\NVIDIA Shared
    [23/10/2008|21:51] C:\Program Files\Fichiers communs\ODBC
    [23/10/2008|20:01] C:\Program Files\Fichiers communs\Services
    [23/10/2008|21:51] C:\Program Files\Fichiers communs\SpeechEngines
    [23/10/2008|21:50] C:\Program Files\Fichiers communs\System

    --------------------\\ Process

    ( 37 Processes )

    IEXPLORE.EXE ~ [PID:2352]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Sophie\LOCALS~1\Temp\nsi2.tmp
    C:\DOCUME~1\Sophie\LOCALS~1\Temp\nspE.tmp
    C:\DOCUME~1\Sophie\LOCALS~1\Temp\nsr10.tmp
    C:\DOCUME~1\Sophie\Cookies\sophie@advertstream[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@adultfriendfinder[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@advertising[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@adin.bigpoint[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@bigpoint[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@adopt.euroclick[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@pacificpoker[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@partypoker[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@fr1.seafight[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@seafight[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@seafight[3].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@www.seafight[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-06 18:07:06
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    C:\WINDOWS\system32\drivers\downld
    ==> BAGLE <==
    6 Décembre 2008 20:24:24

    Re,

    Tu as mal lu la procédure :
    C:\Documents and Settings\All Users\Menu Démarrer\Security Troubleshooting.url (Rogue.Link) -> No action taken.


  • Une fois le scan terminé, clique sur "Afficher les résultats" et enregistre le rapport sur ton Bureau.
  • Clique enfin sur "Supprimer la sélection".

    Recommence stp.

    ;) 
    6 Décembre 2008 22:53:24

    je vais recommencer la procédure merci
    6 Décembre 2008 22:54:51



    ----------------- FindyKill V4.706 ------------------

    * User : Sophie - ORDI-51C93CF87A
    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 27/11/08 par Chiquitine29
    * Recherche effectuée à 22:51:24 le 06/12/2008
    * Windows XP - Internet Explorer 7.0.5730.13

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))


    --------------- [ Processus actifs ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Registry Mechanic\RegMech.exe
    C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Sophie\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    --------------- [ Fichiers/Dossiers infectieux ] ----------------


    »»»» Presence des fichiers dans C:


    »»»» Presence des fichiers dans C:\WINDOWS


    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch


    »»»» Presence des fichiers dans C:\WINDOWS\system32


    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

    Found ! [06/12/2008 17:56] - "C:\WINDOWS\system32\drivers\downld"

    »»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Application Data


    »»»» Presence des fichiers dans C:\DOCUME~1\Sophie\LOCALS~1\Temp


    »»»» Presence des fichiers dans C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5


    --------------- [ Registre / Startup ] ----------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

    SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
    ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background
    RegistryMechanic=C:\Program Files\Registry Mechanic\RegMech.exe /H

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

    NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    nwiz=nwiz.exe /install
    NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    NVMixerTray="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
    NoChange=1
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
    Installed=1
    <NO NAME>=

    [HKEY_CURRENT_USER\software\local appwizard-generated applications\SuperCopier2]

    --------------- [ Registre / Clés infectieuses ] ----------------


    Found ! - HKEY_USERS\S-1-5-21-2025429265-1614895754-725345543-1004\Software\bisoft
    Found ! - HKEY_CURRENT_USER\Software\bisoft

    --------------- [ Etat / Services ] ----------------



    +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

    Ndisuio - Type de démarrage = 3

    EapHost - Type de démarrage = 2

    Ip6Fw - Type de démarrage = 2

    SharedAccess - Type de démarrage = 2

    wuauserv - Type de démarrage = 2

    wscsvc - Type de démarrage = 2



    --------------- [ Recherche dans supports amovibles] ----------------


    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe


    +- presence des fichiers :



    --------------- [ Registre / Mountpoint2 ] ----------------


    -> Not found !


    ------------------- ! Fin du rapport ! --------------------

    6 Décembre 2008 23:02:14



    ----------------- FindyKill V4.706 ------------------

    * User : Sophie - ORDI-51C93CF87A
    * executed from : C:\Program Files\FindyKill
    * Update on 27/11/08 par Chiquitine29
    * Start at 22:58:18 the 06/12/2008
    * Windows XP - Internet Explorer 7.0.5730.13


    ((((((((((((((( *** deleting *** ))))))))))))))))))


    --------------- [ Active Processes ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\system32\spoolsv.exe

    --------------- [ Infected files / folders ] ----------------


    »»»» Supression files in C:


    »»»» Supression files in C:\WINDOWS


    »»»» Supression files in C:\WINDOWS\Prefetch


    »»»» Supression files in C:\WINDOWS\system32


    »»»» Supression files in C:\WINDOWS\system32\drivers

    Deleted ! - "C:\WINDOWS\system32\drivers\downld"

    »»»» Supression files in C:\Documents and Settings\Sophie\Application Data


    »»»» Supression files in C:\DOCUME~1\Sophie\LOCALS~1\Temp


    »»»» Supression files in C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5

    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{B643238D-38BC-4236-AFDE-0551FB315BD9}.jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\03ZRA082\D36439BF6AFB645FD2B2F5627D57B[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\465B17821B64D17F71B71A14C5C76[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\2OO8XJUG\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\3TGPLD5W\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\b64_3[3].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\6N8KF858\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\23B4DAB643DDCCC6976EA3177DC13[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\9WYPWGJ0\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\AGZ52X8N\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\b64_3[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B4F5T8S0\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\B9AYDG5V\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\C435YPB3\mxd[3].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ME4FJLU0\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\O4AD8BUX\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\ODQJT4PB\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\QLNPXZBA\mxd[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RGY052MP\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\RW8E12JL\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_1[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\V0R0OWTH\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[2].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[3].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64[4].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\VBC61BGB\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\b64_3[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\W2CAYMC6\mxd[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\X86FQDVJ\b64_2[1].jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Temporary Internet Files\Content.IE5\YWARJ6V5\WMPe2e22d50-88db-4979-92c5-78049b9b64bc[1]..jpg
    Deleted ! - C:\Documents and Settings\Sophie\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{B643238D-38BC-4236-AFDE-0551FB315BD9}.jpg

    --------------- [ Registry / Infected keys ] ----------------


    --------------- [ States / Restarting of services ] ----------------



    +- Services : [ Auto=2 / Request=3 / Disable=4 ]

    Ndisuio - Type of startup = 3

    EapHost - Type of startup = 2

    Ip6Fw - Type of startup = 2

    SharedAccess - Type of startup = 2

    wuauserv - Type of startup = 2

    wscsvc - Type of startup = 2


    --------------- [ Cleaning removable drives ] ----------------

    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe


    +- deleting files :


    --------------- [ Registry / Mountpoint2 ] ----------------


    -> Not found !


    --------------- [ Searching Cracks / Keygen ] ----------------



    ---------------- ! End of report ! ------------------


    7 Décembre 2008 00:02:32

    Re,

    C'est la procédure avec MBAM que j'aurais aimé que tu recommences.

    ;) 
    7 Décembre 2008 00:18:03

    Malwarebytes' Anti-Malware 1.31
    Version de la base de données: 1467
    Windows 5.1.2600 Service Pack 3

    07/12/2008 00:14:14
    mbam-log-2008-12-07 (00-14-14).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 89837
    Temps écoulé: 59 minute(s), 25 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    7 Décembre 2008 11:24:46

    Re,

    Essaye Kaspersky online ici :

    Supprime Kaspersky online via ajout/suppression de programmes du panneau de configuration.

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

    ;) 

    7 Décembre 2008 12:19:10

    Sunday, December 7, 2008
    Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Sunday, December 07, 2008 03:56:00
    Records in database: 1441542


    Scan settings
    Scan using the following database extended
    Scan archives yes
    Scan mail databases yes

    Scan area My Computer
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\

    Scan statistics
    Files scanned 43950
    Threat name 2
    Infected objects 2
    Suspicious objects 0
    Duration of the scan 01:05:05

    File name Threat name Threats count
    C:\Program Files\FindyKill\Tools\Kill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1

    C:\Program Files\SuperCopier2\SuperCopier2.exe Infected: Trojan-Downloader.Win32.Bagle.agx 1

    The selected area was scanned.
    7 Décembre 2008 12:25:29


    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Sophie ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:30 Go (Free:20 Go)
    D:\ (Local Disk) - NTFS - Total:156 Go (Free:110 Go)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 07/12/2008|12:21 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [23/10/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [12/11/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
    [23/10/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [02/12/2008|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
    [06/12/2008|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [22/11/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [22/11/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [23/10/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [07/12/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [23/10/2008|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [03/12/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [23/10/2008|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [22/11/2008|15:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [23/10/2008|20:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Adobe
    [23/10/2008|22:22] C:\DOCUME~1\Sophie\APPLIC~1\Ahead
    [03/11/2008|20:13] C:\DOCUME~1\Sophie\APPLIC~1\CyberLink
    [03/12/2008|14:38] C:\DOCUME~1\Sophie\APPLIC~1\Help
    [23/10/2008|20:07] C:\DOCUME~1\Sophie\APPLIC~1\Identities
    [03/11/2008|19:20] C:\DOCUME~1\Sophie\APPLIC~1\LimeWire
    [25/10/2008|12:59] C:\DOCUME~1\Sophie\APPLIC~1\Macromedia
    [06/12/2008|14:24] C:\DOCUME~1\Sophie\APPLIC~1\Malwarebytes
    [03/12/2008|14:06] C:\DOCUME~1\Sophie\APPLIC~1\Microsoft
    [25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Mozilla
    [03/11/2008|18:28] C:\DOCUME~1\Sophie\APPLIC~1\Sun
    [23/10/2008|20:36] C:\DOCUME~1\Sophie\APPLIC~1\Talkback
    [25/10/2008|12:39] C:\DOCUME~1\Sophie\APPLIC~1\Thunderbird
    [02/12/2008|20:08] C:\DOCUME~1\Sophie\APPLIC~1\uTorrent
    [30/10/2008|13:45] C:\DOCUME~1\Sophie\APPLIC~1\WinRAR

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [07/12/2008 00:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/11/2008|18:02] C:\Program Files\Adobe
    [27/11/2008|13:04] C:\Program Files\Alice SSID
    [23/10/2008|20:28] C:\Program Files\Alwil Software
    [23/10/2008|20:00] C:\Program Files\ComPlus Applications
    [02/12/2008|16:04] C:\Program Files\Conduit
    [23/10/2008|20:59] C:\Program Files\CyberLink
    [23/10/2008|20:56] C:\Program Files\DivX
    [23/10/2008|21:03] C:\Program Files\DivX Total Pack
    [23/10/2008|20:26] C:\Program Files\D-Link
    [30/10/2008|14:00] C:\Program Files\Eltima Software
    [23/10/2008|21:51] C:\Program Files\Fichiers communs
    [06/12/2008|23:00] C:\Program Files\FindyKill
    [27/11/2008|13:02] C:\Program Files\InstallShield Installation Information
    [23/10/2008|22:12] C:\Program Files\Internet Explorer
    [06/12/2008|18:02] C:\Program Files\Java
    [23/10/2008|20:57] C:\Program Files\K-Lite Codec Pack
    [03/11/2008|19:21] C:\Program Files\LimeWire
    [02/12/2008|21:27] C:\Program Files\MAGIX
    [06/12/2008|14:24] C:\Program Files\Malwarebytes' Anti-Malware
    [23/10/2008|21:57] C:\Program Files\Messenger
    [23/10/2008|20:40] C:\Program Files\Messenger Plus! Live
    [23/10/2008|21:41] C:\Program Files\Microsoft AutoRoute
    [23/10/2008|20:03] C:\Program Files\microsoft frontpage
    [23/10/2008|21:51] C:\Program Files\Microsoft Office
    [23/10/2008|21:51] C:\Program Files\Microsoft Visual Studio
    [23/10/2008|21:51] C:\Program Files\Microsoft Works
    [23/10/2008|21:49] C:\Program Files\Microsoft.NET
    [02/12/2008|16:04] C:\Program Files\Mininova
    [23/10/2008|20:52] C:\Program Files\Movie Maker
    [29/10/2008|09:49] C:\Program Files\Mozilla Firefox
    [07/12/2008|10:51] C:\Program Files\Mozilla Thunderbird
    [23/10/2008|19:59] C:\Program Files\MSN
    [23/10/2008|19:59] C:\Program Files\MSN Gaming Zone
    [23/10/2008|22:14] C:\Program Files\MSN Messenger
    [23/10/2008|21:32] C:\Program Files\Nero
    [23/10/2008|20:49] C:\Program Files\NetMeeting
    [23/10/2008|20:19] C:\Program Files\NVIDIA Corporation
    [23/10/2008|19:59] C:\Program Files\Online Services
    [23/10/2008|20:49] C:\Program Files\Outlook Express
    [23/10/2008|20:50] C:\Program Files\Radio Fr Solo
    [06/12/2008|12:49] C:\Program Files\Registry Mechanic
    [13/11/2008|20:42] C:\Program Files\Secured IE
    [12/11/2008|14:21] C:\Program Files\securedie
    [23/10/2008|20:01] C:\Program Files\Services en ligne
    [03/11/2008|18:30] C:\Program Files\Sun
    [23/10/2008|20:36] C:\Program Files\SuperCopier2
    [23/10/2008|20:07] C:\Program Files\Uninstall Information
    [08/11/2008|01:08] C:\Program Files\uTorrent
    [23/10/2008|20:57] C:\Program Files\VideoLAN
    [23/10/2008|20:57] C:\Program Files\Webteh
    [23/10/2008|20:40] C:\Program Files\Windows Live
    [23/10/2008|21:04] C:\Program Files\Windows Media Connect 2
    [04/12/2008|21:24] C:\Program Files\Windows Media Player
    [23/10/2008|20:49] C:\Program Files\Windows NT
    [23/10/2008|20:01] C:\Program Files\WindowsUpdate
    [23/10/2008|20:53] C:\Program Files\WinRAR
    [23/10/2008|20:03] C:\Program Files\xerox
    [03/12/2008|14:31] C:\Program Files\Yahoo!
    [12/11/2008|14:47] C:\Program Files\Zapu
    [03/12/2008|10:42] C:\Program Files\Zone Labs

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [23/10/2008|20:38] C:\Program Files\Fichiers communs\Adobe
    [23/10/2008|21:33] C:\Program Files\Fichiers communs\Ahead
    [23/10/2008|21:51] C:\Program Files\Fichiers communs\DESIGNER
    [23/10/2008|20:19] C:\Program Files\Fichiers communs\InstallShield
    [12/11/2008|14:28] C:\Program Files\Fichiers communs\Microsoft Shared
    [23/10/2008|20:00] C:\Program Files\Fichiers communs\MSSoap
    [23/10/2008|20:19] C:\Program Files\Fichiers communs\NVIDIA Shared
    [23/10/2008|21:51] C:\Program Files\Fichiers communs\ODBC
    [23/10/2008|20:01] C:\Program Files\Fichiers communs\Services
    [23/10/2008|21:51] C:\Program Files\Fichiers communs\SpeechEngines
    [23/10/2008|21:50] C:\Program Files\Fichiers communs\System

    --------------------\\ Process

    ( 37 Processes )

    IEXPLORE.EXE ~ [PID:3052]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Sophie\Cookies\sophie@advertstream[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@adultfriendfinder[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@advertising[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@adin.bigpoint[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@bigpoint[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@adopt.euroclick[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@pacificpoker[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@partypoker[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@fr1.seafight[2].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@seafight[1].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@seafight[3].txt
    C:\DOCUME~1\Sophie\Cookies\sophie@www.seafight[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-07 12:22:45
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    C:\WINDOWS\system32\drivers\downld
    ==> BAGLE <==


    Aucune autre infection trouvée !

    [F:918][D:14]-> C:\DOCUME~1\Sophie\LOCALS~1\Temp
    [F:596][D:0]-> C:\DOCUME~1\Sophie\Cookies
    [F:462][D:5]-> C:\DOCUME~1\Sophie\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|18:07 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/12/2008|12:23 - Option : [1]

    --------------------\\ Fin du rapport a 12:23:27
    7 Décembre 2008 12:29:28

    Re,

    Ok j'ai trouvé la source de la réinfection :) 

    Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

  • Télécharge ComboFix (sUBs[/#f]) sur ton Bureau.
  • Renomme-le avant téléchargement en suivant cette procédure : pcastuces.com

    Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )

    File::
    C:\Program Files\SuperCopier2\SuperCopier2.exe


    => Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

    - Colles y le texte (CTRL + V)
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : [#f0000e]CFScript

  • - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer
    - Quitte le Bloc Notes

    Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
  • S'il te demande d'installer la console de récupération, accepte.
  • Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
    Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
  • Poste un nouveau rapport hijackthis.


  • ;) 
    7 Décembre 2008 18:48:36

    nouveau rapport hijackthis.
    ComboFix 08-12-06.06 - Sophie 2008-12-07 18:45:28.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.272 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Sophie\Bureau\Combo-Fix.exe.exe
    Commutateurs utilisés :: c:\documents and settings\Sophie\Bureau\CFScript.txt
    * Un nouveau point de restauration a été créé

    FILE ::
    c:\program files\SuperCopier2\SuperCopier2.exe 8
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-07 au 2008-12-07 ))))))))))))))))))))))))))))))))))))
    .

    2008-12-07 17:48 . 2008-12-07 18:32 <REP> d-------- C:\ComboFix
    2008-12-07 12:30 . 2008-12-07 12:30 <REP> d-------- c:\windows\system32\Kaspersky Lab
    2008-12-07 12:30 . 2008-12-07 12:30 <REP> d-------- c:\windows\LastGood
    2008-12-06 18:05 . 2008-12-07 12:23 <REP> d-------- C:\Lop SD
    2008-12-06 18:02 . 2008-12-06 18:02 <REP> d-------- c:\program files\Java
    2008-12-06 18:02 . 2008-12-06 18:02 73,728 --a------ c:\windows\system32\javacpl.cpl
    2008-12-06 14:24 . 2008-12-06 14:24 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2008-12-06 14:24 . 2008-12-06 14:24 <REP> d-------- c:\documents and settings\Sophie\Application Data\Malwarebytes
    2008-12-06 14:24 . 2008-12-06 14:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
    2008-12-06 14:24 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2008-12-06 14:24 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
    2008-12-06 10:51 . 2008-12-06 23:00 <REP> d-------- c:\program files\FindyKill
    2008-12-04 21:24 . 2008-12-04 21:24 23,392 --a------ c:\windows\system32\nscompat.tlb
    2008-12-04 21:24 . 2008-12-04 21:24 16,832 --a------ c:\windows\system32\amcompat.tlb
    2008-12-03 14:35 . 2008-12-03 14:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
    2008-12-03 14:31 . 2008-12-03 14:31 <REP> d-------- c:\program files\Yahoo!
    2008-12-03 10:42 . 2008-12-03 10:42 <REP> d-------- c:\windows\system32\ZoneLabs
    2008-12-03 10:42 . 2008-12-03 10:42 <REP> d-------- c:\program files\Zone Labs
    2008-12-03 10:42 . 2008-07-09 09:05 1,086,952 --a------ c:\windows\system32\zpeng24.dll
    2008-12-03 10:42 . 2008-12-03 10:42 352,624 --a------ c:\windows\system32\vsconfig.xml
    2008-12-03 10:40 . 2008-12-03 10:42 <REP> d-------- c:\windows\Internet Logs
    2008-12-02 21:28 . 2008-12-02 21:28 <REP> d-------- c:\documents and settings\All Users\Application Data\MAGIX
    2008-12-02 21:27 . 2008-12-02 21:27 <REP> d-------- c:\program files\MAGIX
    2008-12-02 21:27 . 2002-09-21 00:33 1,089,536 --a------ c:\windows\system32\ROBOEX32.DLL
    2008-12-02 21:27 . 1998-10-15 17:28 85,504 --a------ c:\windows\system32\HtmlWH.dll
    2008-12-02 21:27 . 1999-01-28 14:44 49,152 --a------ c:\windows\system32\INETWH32.dll
    2008-12-02 21:26 . 2008-12-02 21:26 <REP> d-------- c:\windows\system32\MAGIX
    2008-12-02 21:26 . 2007-03-19 12:53 663,552 --a------ c:\windows\system32\mgxoschk.dll
    2008-12-02 21:26 . 2008-12-02 21:26 6,768 --a------ c:\windows\mgxoschk.ini
    2008-12-02 16:04 . 2008-12-02 16:04 <REP> d-------- c:\program files\Mininova
    2008-12-02 16:04 . 2008-12-02 16:04 <REP> d-------- c:\program files\Conduit
    2008-11-27 13:04 . 2008-11-27 13:04 <REP> d-------- c:\program files\Alice SSID
    2008-11-27 13:02 . 2006-11-02 17:12 348,416 --a------ c:\windows\system32\drivers\rt73.sys
    2008-11-27 13:02 . 2003-10-14 06:30 94,208 --a------ c:\windows\system32\GTW32N50.dll
    2008-11-27 13:02 . 2003-09-26 14:28 31,930 --a------ c:\windows\system32\GTNDIS3.VXD
    2008-11-27 13:02 . 2003-09-26 13:15 15,872 --a------ c:\windows\system32\GTNDIS5.sys
    2008-11-15 19:57 . 2008-11-15 19:57 <REP> d-------- C:\Poker
    2008-11-12 14:31 . 2008-11-12 14:31 1,904 --a------ c:\windows\system32\drivers\ndisrd.sys.virtual.lnk
    2008-11-12 14:31 . 2008-11-12 14:31 1,789 --a------ c:\windows\system32\Msvcrtd.dll.virtual.lnk
    2008-11-12 14:31 . 2008-11-12 14:31 1,789 --a------ c:\windows\system32\msiexec.exe.virtual.lnk
    2008-11-12 14:28 . 2008-11-12 14:47 <REP> d-------- c:\program files\Zapu
    2008-11-12 14:28 . 2004-02-17 00:00 434,252 --a------ c:\windows\system32\Msvcrtd.dll
    2008-11-12 14:22 . 2008-11-12 14:22 <REP> d-------- C:\Virtual
    2008-11-12 14:21 . 2008-11-12 14:21 <REP> d-------- c:\windows\E4153266612C460FAB94C9DB6802459A.TMP
    2008-11-12 14:21 . 2008-11-12 14:21 <REP> d-------- c:\program files\securedie
    2008-11-12 14:21 . 2008-11-12 14:35 <REP> d-------- c:\documents and settings\All Users\Application Data\BufferZone
    2008-11-12 14:20 . 2008-11-13 20:42 <REP> d-------- c:\program files\Secured IE
    2008-11-12 13:21 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
    2008-11-12 13:21 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
    2008-11-08 01:08 . 2008-11-08 01:08 <REP> d-------- c:\program files\uTorrent
    2008-11-08 01:08 . 2008-12-07 18:44 <REP> d-------- c:\documents and settings\Sophie\Application Data\uTorrent

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-12-07 17:40 --------- d-----w c:\program files\Mozilla Thunderbird
    2008-12-07 17:33 --------- d-----w c:\program files\SuperCopier2
    2008-12-06 23:16 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2008-12-06 17:02 410,984 ----a-w c:\windows\system32\deploytk.dll
    2008-11-27 12:02 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-11-22 13:44 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
    2008-11-03 19:13 --------- d-----w c:\documents and settings\Sophie\Application Data\CyberLink
    2008-11-03 18:21 --------- d-----w c:\program files\LimeWire
    2008-11-03 18:20 --------- d-----w c:\documents and settings\Sophie\Application Data\LimeWire
    2008-11-03 17:30 --------- d-----w c:\program files\Sun
    2008-10-30 13:00 --------- d-----w c:\program files\Eltima Software
    2008-10-25 11:39 --------- d-----w c:\documents and settings\Sophie\Application Data\Thunderbird
    2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
    2008-10-23 21:22 --------- d-----w c:\documents and settings\Sophie\Application Data\Ahead
    2008-10-23 21:14 --------- d-----w c:\program files\MSN Messenger
    2008-10-23 20:51 --------- d-----w c:\program files\Microsoft Works
    2008-10-23 20:49 --------- d-----w c:\program files\Microsoft.NET
    2008-10-23 20:41 --------- d-----w c:\program files\Microsoft AutoRoute
    2008-10-23 20:33 --------- d-----w c:\program files\Fichiers communs\Ahead
    2008-10-23 20:32 --------- d-----w c:\program files\Nero
    2008-10-23 20:32 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
    2008-10-23 20:04 --------- d-----w c:\program files\Windows Media Connect 2
    2008-10-23 20:03 --------- d-----w c:\program files\DivX Total Pack
    2008-10-23 19:59 --------- d-----w c:\program files\CyberLink
    2008-10-23 19:59 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
    2008-10-23 19:57 --------- d-----w c:\program files\Webteh
    2008-10-23 19:57 --------- d-----w c:\program files\VideoLAN
    2008-10-23 19:57 --------- d-----w c:\program files\K-Lite Codec Pack
    2008-10-23 19:56 --------- d-----w c:\program files\DivX
    2008-10-23 19:50 --------- d-----w c:\program files\Radio Fr Solo
    2008-10-23 19:40 --------- d-----w c:\program files\Windows Live
    2008-10-23 19:40 --------- d-----w c:\program files\Messenger Plus! Live
    2008-10-23 19:38 --------- d-----w c:\program files\Fichiers communs\Adobe
    2008-10-23 19:36 --------- d-----w c:\documents and settings\Sophie\Application Data\Talkback
    2008-10-23 19:28 --------- d-----w c:\program files\Alwil Software
    2008-10-23 19:26 --------- d-----w c:\program files\D-Link
    2008-10-23 19:19 --------- d-----w c:\program files\NVIDIA Corporation
    2008-10-23 19:19 --------- d-----w c:\program files\Fichiers communs\NVIDIA Shared
    2008-10-23 19:19 --------- d-----w c:\program files\Fichiers communs\InstallShield
    2008-10-23 19:03 --------- d-----w c:\program files\microsoft frontpage
    2008-10-23 19:01 --------- d-----w c:\program files\Services en ligne
    2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
    2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
    2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
    2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
    2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
    2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
    2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
    2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
    2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
    2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
    2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
    2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{cd36797a-70f3-4acd-8825-623d3b896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]
    "{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2008-11-23 1784856]

    [HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

    [HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd36797a-70f3-4acd-8825-623d3b896881}]
    2007-09-06 12:28 1453080 --a------ c:\program files\securedie\tbsecu.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f592709f-ff4a-4862-b659-4afabda56312}]
    2008-11-23 23:03 1784856 --a------ c:\program files\Mininova\tbMini.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{cd36797a-70f3-4acd-8825-623d3b896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]
    "{f592709f-ff4a-4862-b659-4afabda56312}"= "c:\program files\Mininova\tbMini.dll" [2008-11-23 1784856]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{CD36797A-70F3-4ACD-8825-623D3B896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]
    "{F592709F-FF4A-4862-B659-4AFABDA56312}"= "c:\program files\Mininova\tbMini.dll" [2008-11-23 1784856]

    [HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

    [HKEY_CLASSES_ROOT\clsid\{f592709f-ff4a-4862-b659-4afabda56312}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
    "RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2008-07-08 2828184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
    "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
    "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
    "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-12-06 81000]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-06 136600]
    "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

    c:\documents and settings\Sophie\Menu D‚marrer\Programmes\D‚marrage\
    Outil de notification Live Search.lnk - c:\documents and settings\Sophie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-11-28 143360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.I420"= i263_32.drv
    "vidc.XVID"= xvid.dll
    "vidc.3iv2"= 3ivxVfWCodec.dll
    "msacm.divxa32"= DivXa32.acm
    "VIDC.HFYU"= huffyuv.dll
    "VIDC.i263"= i263_32.drv
    "msacm.imc"= imc32.acm
    "VIDC.VP31"= vp31vfw.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    "d:\\eMule\\eMule\\emule.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Zapu\\Zapu\\wDivi.exe"=

    S1 aswSP;avast! Self Protection; []
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys []
    S3 eltima_usb_stub;ELTIMA Usb Stub;c:\windows\system32\DRIVERS\usbstub.sys [2008-10-30 11392]
    S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [2008-10-30 66432]

    *Newly Created Service* - CATCHME
    *Newly Created Service* - PROCEXP90
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.msn.fr/
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    FireFox -: Profile - c:\documents and settings\Sophie\Application Data\Mozilla\Firefox\Profiles\ki3ft5q7.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.fr
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.msn.fr/
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-07 18:46:22
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-12-07 18:47:07
    ComboFix-quarantined-files.txt 2008-12-07 17:46:45
    ComboFix2.txt 2008-12-07 17:34:25

    Avant-CF: 22 161 707 008 octets libres
    Après-CF: 22,157,541,376 octets libres

    209 --- E O F --- 2008-12-06 12:40:22
    7 Décembre 2008 20:48:53

    Re,

    Désinstalle Avast! et réinstalle-le : il remarche ?

    Poste un nouveau rapport DDS.txt, et poste-moi le fichier attach.txt que je t'avais demandé de mettre de côté. Ensuite :

    1) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    2) ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    3) Télécharge Toolbar-S&D ([#006dff]Team IDN
  • ) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    7 Décembre 2008 21:47:21

    merci beaucoup mon pc va bien et avast refonctionne
    7 Décembre 2008 21:59:38

    Fais ce que je t'ai demandé.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS