Sujet Précédent Sujet Suivant

Winupgro bagle

Résolu/Fermé
Neoyevon - 6 janv. 2009 à 23:19
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009 - 12 janv. 2009 à 18:53
Bonjour,infecté par par winupgro je cherche désespérément une solution j ai suivi les topics présents sur ce forum et utilisé findykill .

La détection se passe bien malheureusement l étape 2 (désinfection) ne se déroule pas correctement le pc reboot une 1ere fois (Néanmoins un écran bleu a la fermeture de windows mais qui ne me laisse pas le temps de lire).

Une fois redémarré findykill ne se relance pas

je vous joins le rapportci dessous

Dans l attente de vos réponses cordialement.




----------------- FindyKill V4.711 ------------------

* User : Sloane - NEOYEVON
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 22:29:00 le 06/01/2009
* Windows XP - Internet Explorer 6.0.2900.5512

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\117593.EXE-148D91AE.pf
Found ! - C:\WINDOWS\prefetch\119031.EXE-370F03AF.pf
Found ! - C:\WINDOWS\prefetch\119718.EXE-072BED3B.pf
Found ! - C:\WINDOWS\prefetch\128171.EXE-234AE885.pf
Found ! - C:\WINDOWS\prefetch\138640.EXE-2FC301D2.pf
Found ! - C:\WINDOWS\prefetch\143812.EXE-0761CE9F.pf
Found ! - C:\WINDOWS\prefetch\168734.EXE-25324F4B.pf
Found ! - C:\WINDOWS\prefetch\204640.EXE-0AF45669.pf
Found ! - C:\WINDOWS\prefetch\212703.EXE-1DF1D249.pf
Found ! - C:\WINDOWS\prefetch\218421.EXE-1B3F16EB.pf
Found ! - C:\WINDOWS\prefetch\218828.EXE-1F55A19E.pf
Found ! - C:\WINDOWS\prefetch\219078.EXE-394FB033.pf
Found ! - C:\WINDOWS\prefetch\258750.EXE-003087E7.pf
Found ! - C:\WINDOWS\prefetch\275796.EXE-214AE00D.pf
Found ! - C:\WINDOWS\prefetch\309890.EXE-307B2DED.pf
Found ! - C:\WINDOWS\prefetch\318437.EXE-03D056C3.pf
Found ! - C:\WINDOWS\prefetch\351937.EXE-301070CC.pf
Found ! - C:\WINDOWS\prefetch\358875.EXE-24BC25A4.pf
Found ! - C:\WINDOWS\prefetch\411390.EXE-08E400DB.pf
Found ! - C:\WINDOWS\prefetch\413062.EXE-2AEE7461.pf
Found ! - C:\WINDOWS\prefetch\471234.EXE-096CDE46.pf
Found ! - C:\WINDOWS\prefetch\481984.EXE-2B20585F.pf
Found ! - C:\WINDOWS\prefetch\513078.EXE-137FB439.pf
Found ! - C:\WINDOWS\prefetch\629156.EXE-0BA7F054.pf
Found ! - C:\WINDOWS\prefetch\64046.EXE-2C1949ED.pf
Found ! - C:\WINDOWS\prefetch\664734.EXE-19EACC53.pf
Found ! - C:\WINDOWS\prefetch\70453.EXE-21210DA6.pf
Found ! - C:\WINDOWS\prefetch\70609.EXE-1155F366.pf
Found ! - C:\WINDOWS\prefetch\72156.EXE-2101F77B.pf
Found ! - C:\WINDOWS\prefetch\75250.EXE-272077E5.pf
Found ! - C:\WINDOWS\prefetch\98484.EXE-24C311C7.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-17A6EC36.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf
Found ! - C:\WINDOWS\Prefetch\NBKEYSCAN.EXE-2E1DB169.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [06/01/2009 22:25] - C:\WINDOWS\system32\mdelk.exe
Found ! [06/01/2009 22:25] - C:\WINDOWS\system32\wintems.exe
Found ! [06/01/2009 22:26] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Sloane\Application Data

Found ! [06/01/2009 21:06] - "C:\Documents and Settings\Sloane\Application Data\m\flec006.exe"
Found ! [06/01/2009 21:15] - "C:\Documents and Settings\Sloane\Application Data\m\list.oct"
Found ! [06/01/2009 21:17] - "C:\Documents and Settings\Sloane\Application Data\m\data.oct"
Found ! [06/01/2009 21:17] - "C:\Documents and Settings\Sloane\Application Data\m\srvlist.oct"
Found ! [06/01/2009 22:26] - "C:\Documents and Settings\Sloane\Application Data\m\shared"
Found ! [02/01/2009 22:48] - "C:\Documents and Settings\Sloane\Application Data\m"
Found ! [02/01/2009 21:43] - "C:\Documents and Settings\Sloane\Application Data\drivers"
Found ! [06/01/2009 22:24] - "C:\Documents and Settings\Sloane\Application Data\drivers\srosa.sys"
Found ! [06/01/2009 22:24] - "C:\Documents and Settings\Sloane\Application Data\drivers\srosa2.sys"
Found ! [02/09/2005 08:03] - "C:\Documents and Settings\Sloane\Application Data\drivers\winupgro.exe"
Found ! [06/01/2009 22:28] - "C:\Documents and Settings\Sloane\Application Data\drivers\downld"

»»»» Presence des fichiers dans C:\DOCUME~1\Sloane\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5

Found ! [04/01/2009 10:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[1].jpg
Found ! [04/01/2009 19:33] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[2].jpg
Found ! [06/01/2009 20:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[3].jpg
Found ! [06/01/2009 12:16] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_3[1].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_5[1].jpg
Found ! [06/01/2009 20:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\file[1].txt
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\file[2].txt
Found ! [04/01/2009 10:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64[1].jpg
Found ! [06/01/2009 21:06] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64[2].jpg
Found ! [04/01/2009 11:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_1[1].jpg
Found ! [05/01/2009 18:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_1[2].jpg
Found ! [06/01/2009 16:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_2[1].jpg
Found ! [02/01/2009 22:48] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\mxd[1].jpg
Found ! [06/01/2009 20:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\servernames[1].htm
Found ! [06/01/2009 20:08] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_2[1].jpg
Found ! [02/01/2009 21:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[1].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[2].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[3].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64[1].jpg
Found ! [06/01/2009 19:51] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64[2].jpg
Found ! [02/01/2009 22:49] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[1].jpg
Found ! [04/01/2009 09:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[2].jpg
Found ! [04/01/2009 15:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[3].jpg
Found ! [05/01/2009 17:54] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[4].jpg
Found ! [05/01/2009 17:53] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[5].jpg
Found ! [06/01/2009 16:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[6].jpg
Found ! [06/01/2009 21:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[7].jpg
Found ! [04/01/2009 10:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_2[1].jpg
Found ! [03/01/2009 10:34] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[1].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[2].jpg
Found ! [05/01/2009 12:19] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[3].jpg
Found ! [05/01/2009 22:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[4].jpg
Found ! [06/01/2009 20:59] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[5].jpg
Found ! [02/01/2009 22:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[1].jpg
Found ! [06/01/2009 21:00] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[2].jpg
Found ! [06/01/2009 21:00] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[3].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[1].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[2].jpg
Found ! [04/01/2009 10:56] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[3].jpg
Found ! [06/01/2009 21:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[4].jpg
Found ! [05/01/2009 12:30] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_2[1].jpg
Found ! [04/01/2009 19:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_3[1].jpg
Found ! [06/01/2009 20:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_3[2].jpg
Found ! [05/01/2009 22:07] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[1].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[2].jpg
Found ! [06/01/2009 22:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[3].jpg
Found ! [02/01/2009 22:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[1].jpg
Found ! [03/01/2009 10:39] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[2].jpg
Found ! [04/01/2009 10:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[3].jpg
Found ! [04/01/2009 10:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[4].jpg
Found ! [06/01/2009 12:19] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[5].jpg
Found ! [06/01/2009 22:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_3[1].jpg
Found ! [06/01/2009 21:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\mxd[1].jpg
Found ! [04/01/2009 09:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[1].jpg
Found ! [04/01/2009 19:28] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[2].jpg
Found ! [05/01/2009 17:56] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[3].jpg
Found ! [06/01/2009 20:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[4].jpg
Found ! [03/01/2009 10:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64_2[1].jpg
Found ! [06/01/2009 20:31] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64_2[2].jpg
Found ! [04/01/2009 11:02] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\mxd[1].jpg
Found ! [03/01/2009 10:37] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64[1].jpg
Found ! [04/01/2009 10:28] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64[2].jpg
Found ! [05/01/2009 18:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_2[1].jpg
Found ! [04/01/2009 10:55] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[1].jpg
Found ! [04/01/2009 15:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[2].jpg
Found ! [06/01/2009 16:21] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[3].jpg
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\file[1].txt
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\file[2].txt
Found ! [06/01/2009 21:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\mxd[1].jpg
Found ! [06/01/2009 21:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\servernames[1].htm
Found ! [12/05/2008 15:36] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\K35JE2J5\B644328551ED9E9AFE595B8B26F2A[1].jpg
Found ! [04/01/2009 15:21] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[1].jpg
Found ! [06/01/2009 16:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[2].jpg
Found ! [06/01/2009 20:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[3].jpg
Found ! [04/01/2009 09:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[1].jpg
Found ! [05/01/2009 22:07] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[2].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[3].jpg
Found ! [02/01/2009 22:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_2[1].jpg
Found ! [06/01/2009 21:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_2[2].jpg
Found ! [05/01/2009 17:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[1].jpg
Found ! [06/01/2009 19:51] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[2].jpg
Found ! [06/01/2009 19:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[3].jpg
Found ! [06/01/2009 22:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\file[1].txt
Found ! [06/01/2009 19:58] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\mxd[1].jpg
Found ! [04/01/2009 09:38] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_1[1].jpg
Found ! [04/01/2009 09:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[1].jpg
Found ! [05/01/2009 18:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[2].jpg
Found ! [06/01/2009 12:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[3].jpg
Found ! [06/01/2009 12:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[4].jpg
Found ! [05/01/2009 22:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_3[1].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[1].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[2].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[3].jpg
Found ! [04/01/2009 11:01] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[4].jpg
Found ! [06/01/2009 21:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[5].jpg
Found ! [04/01/2009 09:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[1].jpg
Found ! [04/01/2009 19:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[2].jpg
Found ! [06/01/2009 20:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[3].jpg
Found ! [05/01/2009 22:11] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[1].jpg
Found ! [06/01/2009 16:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[2].jpg
Found ! [06/01/2009 20:31] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[3].jpg
Found ! [04/01/2009 10:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_3[1].jpg
Found ! [05/01/2009 18:01] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64[1].jpg
Found ! [06/01/2009 20:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_1[1].jpg
Found ! [04/01/2009 09:12] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[1].jpg
Found ! [04/01/2009 09:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[2].jpg
Found ! [04/01/2009 11:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[3].jpg
Found ! [04/01/2009 19:33] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[4].jpg
Found ! [04/01/2009 09:37] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_3[1].jpg
Found ! [06/01/2009 12:16] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_3[2].jpg
Found ! [03/01/2009 10:34] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\mxd[1].jpg
Found ! [20/05/2008 14:09] - C:\Program Files\Hack\dessassemblage\winhex\File Type Signatures.txt

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
WOOKIT=C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
DAEMON Tools="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
AlcoholAutomount="C:\Program Files\Alcohol 120\axcmd.exe" /automount
msnmsgr="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
NVRaidService=C:\WINDOWS\system32\nvraidservice.exe
ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LVCOMS=C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
LogitechGalleryRepair=C:\Program Files\Logitech\ImageStudio\ISStart.exe
LogitechImageStudioTray=C:\Program Files\Logitech\ImageStudio\LogiTray.exe
MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
NetLimiter=C:\Program Files\NetLimiter\NetLimiter.exe /s
NeroFilterCheck=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k

[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsgPlus]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RtlRack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\run]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR

/!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
/!\ Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

/!\ Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

/!\ Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

/!\ Mode sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4


--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8963406c-55a6-11dc-8f11-000fea313fa3}\Shell\AutoRun\command


------------------- ! Fin du rapport ! --------------------

25 réponses

  • 1
  • 2
Réponse 1 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
6 janv. 2009 à 23:20
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectées sans les ouvrir
réouvre Findykill,

choisis cette fois ci l'option 2 (suppression)

il y aura 2 redémarrages, laisse travailler l'outils jusqu'a l'apparition du message "nettoyage effectué"

un rapport va s'ouvrir, poste le dans ta prochaine réponse s-t-p

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valides

0
Réponse 2 / 25
Neoyevon
6 janv. 2009 à 23:23
Le processus ne s effectue pas correctement après le 1er démarrage il ne se passe plus rien impossible donc de poster le dit rapport
que puis-je faire?

Merci pour la reactivité^__^
0
Réponse 3 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
6 janv. 2009 à 23:26
réessaye de le relancer
il a surement dégommer des crasses
0
Réponse 4 / 25
Neoyevon
6 janv. 2009 à 23:34
Je l ai déja relancé plusieurs fois mais le résultat reste le même .Écran bleu (certainement d erreur) ,redémarrage puis plus rien mais winupgro toujours actif .
Le fait de terminer le processus de winupgro influence t'il le bon bon déroulement de findykill?
Je retente une suppression

merci de m accorder du tps
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
6 janv. 2009 à 23:49
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Avant de telecharger clic sur enregistrer renomme le en killbagle et enregistre le sur le bureau
**si il te demande d'installer la console,accepte(voir plus bas!)**

-> Double clique sur killbagle.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.


Une fois fait, sur ton bureau double-clic sur killbagle.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)


-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

*************** console de récupération **********************

installer la Console de Récupération sur ton pc(cela permettra de réparer ton système au cas où le pc ne redémarrerait plus suite à la désinfection.)

Clique sur le lien ci-dessous pour aller sur le site Web de Microsoft:

https://support.microsoft.com/en-us/help/310994

descend jusqu'à "Téléchargement du fichier programme des disquettes d'installation" et clique sur le téléchargement correspondant à ta version de Windows XP (Édition familiale ou Professionnel) et au Service Pack que tu as installé.
**note: pour le SP3 charge le Service Pack 2
pour Windows XP Media Center charge XP Pro Service Pack 2.

enregistre le sur ton bureau.

fais un glisser/déposer du fichier sur l'icone de combofix comme ceci
http://img.bleepingcomputer.com/combofix/usage/rc.gif

Combofix va installer la console de récupération sur ton pc

a la fin de l'installation,combofix va afficher un message qui te signale que la console est installée.
0
Réponse 6 / 25
Neoyevon
7 janv. 2009 à 18:05
Bonjour , je croyais avoir posté un message hier soir mais apparement j ai du foirer quelque chose : )

Mon pc semble beaucoup plus réactif et winupgro n apparait plus dans le processus

Voici le rapport:



ComboFix 09-01-05.05 - Sloane 2009-01-07 0:08:19.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.740 [GMT 1:00]
Lancé depuis: c:\documents and settings\Sloane\Bureau\killbagle.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Software Licensors
c:\documents and settings\Sloane\Application Data\drivers\downld
c:\documents and settings\Sloane\Application Data\drivers\downld\100093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\100203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1005250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1006921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1007343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1008109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1008937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1009562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1011343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1014218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1015046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\101765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\101984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\102750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\102765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\102859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1037000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1037843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1038234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\104578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1045984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\104671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\104796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1052265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1053656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1054296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1054640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1055156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1056546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\109078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1100390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1102609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1102953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1103781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1104250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1104531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\111250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\112468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\112703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\112937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\113281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\113765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\113796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\114015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\114843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\115250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\117593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\119031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\119718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\120343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\120500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\121875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\127234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\127703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\128171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\128515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\128984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\130093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\130140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\130281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\131859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\133015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\133453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\133859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\134390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\134421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\134671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\136140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\136890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\137046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\137750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\137796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\140203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\140531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\141390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\141718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\142078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\143703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\143812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\143953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14747796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14747906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14748437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14748468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14748500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14755531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14783765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14784843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14784890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14785250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14785343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14797484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14798187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14806156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14808687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14821812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14829078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14829281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14830375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14830687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14830875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14832062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14832625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14844359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14845250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14845640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\148468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14885062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14885203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14885328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14887875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14887984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14888140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14904765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14905359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14906468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14906703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14907234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14907453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14908468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14908500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14909562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14909734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14910187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14910437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14937375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14938093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14938718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14940250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14940812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14941187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14949671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14956109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14957203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14957906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15002250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15003109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15003375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15085828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15086328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15086515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15089515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15090218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15090546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15095656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15117625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15118562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15119093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\151937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\153078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15344796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15345156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15345234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15358125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15363390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15363515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15363765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15373281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15387265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15387875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15388234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\154000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15411406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15412015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15412500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15414718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15418640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15430296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15438796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15440125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15440281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15440875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\154468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15473515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15494484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15495921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15496718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15511515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15511921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15512296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15546812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15550390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15551640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15553187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15556734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15558000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15571140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15571500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15571703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15597171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15599000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15600062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15601593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15602640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\156031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15603343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15603531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15604593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15605515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15626609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15637890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15640781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\156437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15644109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15646843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15647531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15648171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15672796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15674937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15676812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\156812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15722015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15723406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15724078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15745234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15745906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15746437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16006218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\160171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\160453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\161031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\161046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16130703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16136718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16137375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16137671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16172484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16172750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16172953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\161859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16187578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16188437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16188875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16189671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16190562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16191078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16215578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16216046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16216375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\162281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16230171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16230609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16230906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16267093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16268031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16268296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\163312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\167843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\168734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\171843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\173859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\174171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\175828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\176546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\179578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\180000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\182968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\184203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\184750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\184984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\186062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\186453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\187109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\190968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\193375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\197296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\199593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\200265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\200656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\200671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\201203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\201953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\206875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\207187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\208000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\208437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\208687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\209312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\209359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\210031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\210109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\217125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\217203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\217718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\218421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\218828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\219078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\224046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\224265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\225843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\226234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\226828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\226921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\229109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\229703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\229906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\231015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\231187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\233406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\235734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\235843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\236421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\238468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\239343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\239546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\241406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\241578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\243406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\243687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\247125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\250109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\250359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\250515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\251078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\251265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\253328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\253828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\253968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\254812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\254906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\256656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\257625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\257937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\258640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\259140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\259281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\259312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\260468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\260890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\260937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\262671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\264046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\264375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\267375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\267687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\268125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\271515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\271671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\272500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\273437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\273453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\273593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\274406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\274531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\275218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\275796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\276484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\277109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\277593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\277921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\278500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\279546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\279984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\280750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\282156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\282390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\282531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\283015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\283671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\283718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\284046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\285484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\285781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\286265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\286828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\287468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\288140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\288968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\289203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\293953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\300656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\300703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\301875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\303015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\303046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\303468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30671281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30671328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30671343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30698000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30779828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30780406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30780734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30830765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30927562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30952343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30953078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30953296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\309890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31030734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31030765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31054296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31055156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31055578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31057890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31061593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31063187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31101437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31101843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31102156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31146609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31216078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31216578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31216875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31267031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31267390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31267656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\312859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\313015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\313234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\315703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\318437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\319031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\320468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\320765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\321109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\321484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\324968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\325015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\326328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\327234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\327250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\328515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\329265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\329609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\329953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\330109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\331578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\332875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\333500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\334468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\335406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\335968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\340312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\340578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\340937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\343312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\343703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\344500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\344640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\344703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\345625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\345812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\345937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\346046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\346203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\351406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\353156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\358875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\360906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\361531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\362062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3624328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\362437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\362625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\364859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\365062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\365312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\36609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\366812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\367109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\367250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\367546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\369046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\369265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\371265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\371687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\372953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\374109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3742562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3749265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3750578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3750796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\375421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\375765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\376312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\376625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\376796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\377312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\37796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\379453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3798515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3799828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3799968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\380156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\380421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3815859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3817453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3817953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3818828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3819781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3820328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3843859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3844718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3845031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3850812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\386468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3870078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3870984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3871453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\387312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\390562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\390703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\391484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\392015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\39234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3925015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3925828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3926000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\39468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\399375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\399843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\400546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\406437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\406484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\406937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\407171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\40781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\411156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\411390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\412562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\413062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\413406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\413468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\41515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\418921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\420343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\420640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\42484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\428968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\429484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\429921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\430375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\431953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\432625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\43468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\435328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\436281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\437109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\439843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\441859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\442390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\442609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\444609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\444625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\446796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\447625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\449156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\449203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\451015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\452484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\453406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\453562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\455312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\455500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\45656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\45687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\45781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\459046.exe
c:\documents and
0
Réponse 7 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
7 janv. 2009 à 18:42
il n'y a pas la fin du rapport,
c'est important merci
0
Réponse 8 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
7 janv. 2009 à 18:53
Oups toutes mes excuses

ComboFix 09-01-05.05 - Sloane 2009-01-07 0:08:19.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.740 [GMT 1:00]
Lancé depuis: c:\documents and settings\Sloane\Bureau\killbagle.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Software Licensors
c:\documents and settings\Sloane\Application Data\drivers\downld
c:\documents and settings\Sloane\Application Data\drivers\downld\100093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\100203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1005250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1006921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1007343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1008109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1008937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1009562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1011343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1014218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1015046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\101765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\101984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\102750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\102765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\102859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1037000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1037843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1038234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\103890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\104578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1045984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\104671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\104796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1052265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1053656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1054296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1054640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1055156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1056546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\109078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1100390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1102609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1102953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1103781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1104250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\1104531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\111250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\112468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\112703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\112937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\113281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\113765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\113796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\114015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\114843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\115250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\117593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\119031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\119718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\120343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\120500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\121875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\122875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\124687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\125937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\127234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\127703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\128171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\128515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\128984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\130093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\130140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\130281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\131859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\132625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\133015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\133453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\133859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\134390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\134421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\134671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\136140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\136890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\137046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\137750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\137796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\138906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\139828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\140203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\140531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\141390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\141718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\142078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\143703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\143812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\143953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\144921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\146968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14747796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14747906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14748437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14748468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14748500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14755531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14783765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14784843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14784890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14785250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14785343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14797484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14798187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14806156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14808687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14821812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14829078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14829281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14830375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14830687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14830875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14832062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14832625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14844359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14845250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14845640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\148468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14885062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14885203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14885328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14887875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14887984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14888140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14904765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14905359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14906468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14906703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14907234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14907453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14908468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14908500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14909562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14909734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14910187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14910437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14937375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14938093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14938718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14940250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14940812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14941187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14949671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14956109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14957203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\14957906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15002250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15003109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15003375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15085828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15086328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15086515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15089515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15090218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15090546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15095656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15117625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15118562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15119093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\151937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\153078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15344796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15345156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15345234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15358125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15363390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15363515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15363765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15373281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15387265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15387875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15388234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\154000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15411406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15412015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15412500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15414718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15418640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15430296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15438796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15440125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15440281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15440875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\154468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15473515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15494484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15495921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15496718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15511515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15511921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15512296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15546812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15550390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15551640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15553187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15556734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15558000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15571140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15571500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15571703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15597171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15599000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15600062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15601593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15602640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\156031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15603343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15603531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15604593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15605515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15626609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15637890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15640781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\156437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15644109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15646843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15647531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15648171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15672796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15674937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15676812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\156812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15722015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15723406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15724078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15745234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15745906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\15746437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16006218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\160171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\160453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\161031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\161046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16130703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16136718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16137375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16137671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16172484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16172750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16172953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\161859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16187578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16188437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16188875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16189671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16190562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16191078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16215578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16216046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16216375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\162281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16230171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16230609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16230906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16267093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16268031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\16268296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\163312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\167843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\168734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\171843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\173859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\174171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\175828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\176546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\177921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\178843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\179578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\180000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\182968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\184203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\184750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\184984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\185484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\186062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\186453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\187109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\190968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\192718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\193375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\194859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\197296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\199593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\200265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\200656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\200671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\201203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\201953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\202968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\203687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\204640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\205921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\206875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\207187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\208000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\208437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\208687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\209312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\209359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\210031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\210109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\211953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\212937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\213703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\214703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215093.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\215734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\216750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\217125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\217203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\217718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\218421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\218828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\219078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\224046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\224265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\225843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\226234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\226828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\226921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\227937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\228921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\229109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\229703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\229906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\230718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\231015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\231187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\233406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\235734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\235843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\236421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\237718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\238468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\239343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\239546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\240984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\241406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\241578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\243406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\243687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\245765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\246968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\247125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\248953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\249656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\250109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\250359.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\250515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\251078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\251265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\252828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\253328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\253828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\253968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\254812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\254906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\256656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\257625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\257937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\258640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\259140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\259281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\259312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\260468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\260890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\260937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\262671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\264046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\264375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\267375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\267687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\268125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\271515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\271671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\272500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\273437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\273453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\273593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\274406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\274531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\275218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\275796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\276484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\277109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\277593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\277921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\278500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\279546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\279984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\280750.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\281984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\282156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\282390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\282531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\283015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\283671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\283718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\284046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\285484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\285781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\286265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\286828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\287468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\288140.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\288968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\289203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\293953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\300656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\300703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\301875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\303015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\303046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\303468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30671281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30671328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30671343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30698000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30779828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30780406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30780734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30830765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30927562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30952343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30953078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\30953296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\309890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31030734.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31030765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31054296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31055156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31055578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31057890.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31061593.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31063187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31101437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31101843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31102156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31146609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31216078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31216578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31216875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31267031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31267390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\31267656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\312859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\313015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\313234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\314937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\315703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\318437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\319031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\320468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\320765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\321109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\321484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\323718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\324968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\325015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\326328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\327234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\327250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\328515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\329265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\329609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\329953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\330109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\331578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\332875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\333500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\334468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\335406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\335968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\340312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\340578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\340937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342671.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\342812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\343312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\343703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\344500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\344640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\344703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\345625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\345812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\345937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\346046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\346203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\351406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352125.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\352812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\353156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\358875.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\360906.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\361531.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\362062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3624328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\362437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\362625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\364859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\365062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\365312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\36609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\366812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\367109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\367250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\367546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368187.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\368984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\369046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\369265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\370859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\371265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\371687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\372953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\374109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3742562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3749265.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3750578.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3750796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\375421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\375765.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\376312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\376625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\376796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\377312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\37796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\379453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3798515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3799828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3799968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\380156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\380421.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3815859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3817453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3817953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3818828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3819781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3820328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3843859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3844718.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3845031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3850812.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\386468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3870078.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3870984.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3871453.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\387312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\390562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\390703.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\391484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\392015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\39234.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3925015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3925828.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\3926000.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\39468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\399375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\399843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\400546.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401218.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\401796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\406437.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\406484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\406937.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\407171.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\40781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\411156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\411390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\412562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\413062.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\413406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\413468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\41515.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\418921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\420343.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\420640.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\42484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\428968.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\429484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\429921.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\430375.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\431953.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\432625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\43468.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\435328.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\436281.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\437109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\439843.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44031.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44109.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\441859.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\442390.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44250.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\442609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\444609.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\444625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\44656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\446796.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\447625.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\449156.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\449203.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\451015.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\452484.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\453406.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\453562.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\455312.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\455500.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\45656.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\45687.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\45781.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\459046.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\460296.exe
c:\documents and settings\Sloane\Application Data\drivers\downld\460718.exe
c:\documents and settings\Sloane\Applic
0
Réponse 9 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
7 janv. 2009 à 19:11
y a toujours pas la fin

mais tu peux sauter toutes les lignes comme ceci
c:\documents and settings\Sloane\Application Data\drivers\downld
et me mettre se qu'il y a derrière stp
0
Réponse 10 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
8 janv. 2009 à 18:45
bonsoir j ai eu un soucis hier je n arrivais plus a poster sur le forum

voici la suite du rapport

c:\documents and settings\Sloane\Application Data\drivers\srosa.sys
c:\documents and settings\Sloane\Application Data\drivers\srosa2.sys
c:\documents and settings\Sloane\Application Data\drivers\winupgro.exe
c:\documents and settings\Sloane\Application Data\m
c:\documents and settings\Sloane\Application Data\m\data.oct
c:\documents and settings\Sloane\Application Data\m\flec006.exe
c:\documents and settings\Sloane\Application Data\m\list.oct
c:\documents and settings\Sloane\Application Data\m\shared\!!!!!!!!.Ewido.Anti-Malware.V.3.5.Crack.zip
c:\documents and settings\Sloane\Application Data\m\shared\3D Seascape Screensaver 1.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Account Manager Toolbar Button 0.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Adobe AIR SDK 1.1.0.5790.zip
c:\documents and settings\Sloane\Application Data\m\shared\Agree MP3 to AMR Converter 4.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Aimersoft MOV Converter 1.1.58.zip
c:\documents and settings\Sloane\Application Data\m\shared\Alchemy Ping 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Aloud4ie 1.20.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Ascalaph Graphics 1.0.5.zip
c:\documents and settings\Sloane\Application Data\m\shared\ASCIIDiff Text File Comparison Utility 1.6.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Avast!.Antivirus.Professional.4.6.691.(ITA+Keygen).zip
c:\documents and settings\Sloane\Application Data\m\shared\Avast.Home.4.6.691[esp][todocvcd]por.gamolama.zip
c:\documents and settings\Sloane\Application Data\m\shared\avg.antivirus.7.1.plus.firewall.+.serial.zip
c:\documents and settings\Sloane\Application Data\m\shared\Batch Replacer 3.7.zip
c:\documents and settings\Sloane\Application Data\m\shared\BigAnt Messenger for Enterprise 2.43.zip
c:\documents and settings\Sloane\Application Data\m\shared\Blog This for Firefox.zip
c:\documents and settings\Sloane\Application Data\m\shared\Bluefox MP3 WAV Converter 2.10.08.1127.zip
c:\documents and settings\Sloane\Application Data\m\shared\Business Hints for Men and Women 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Call411 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\CamUpload 1.43.zip
c:\documents and settings\Sloane\Application Data\m\shared\Chicago Area Traffic 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\ChiliBurner 3.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Cisak Address Book 3.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Clear And Close 1.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Clipboard Extender 2.02.zip
c:\documents and settings\Sloane\Application Data\m\shared\Color ComboBox ActiveX Control 1.05.zip
c:\documents and settings\Sloane\Application Data\m\shared\Connection Enumerator 1.03 Build 8.5.zip
c:\documents and settings\Sloane\Application Data\m\shared\CreativDoc PDF Editor 1.0.0.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\CSSTidy 1.3.zip
c:\documents and settings\Sloane\Application Data\m\shared\CyberCubes CubeStudio 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\DevArt 2.2.zip
c:\documents and settings\Sloane\Application Data\m\shared\Disk Investigator 1.32.zip
c:\documents and settings\Sloane\Application Data\m\shared\Doll Collector Pro 5.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\EF Find 5.10.zip
c:\documents and settings\Sloane\Application Data\m\shared\EggKey Gateway 1.0.66.zip
c:\documents and settings\Sloane\Application Data\m\shared\Embird Alphabet 27 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Embroidery Reader 1.3.0.25.zip
c:\documents and settings\Sloane\Application Data\m\shared\ewido.security.suite.3.5[Todocvcd]por.Gamolama.zip
c:\documents and settings\Sloane\Application Data\m\shared\F-Prot.Antivirus.for.Windows.3.14d.Retail-ROR.ShareConnector.zip
c:\documents and settings\Sloane\Application Data\m\shared\FaaRClock 2.0.7.zip
c:\documents and settings\Sloane\Application Data\m\shared\FastMenu 6.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Fireware ZIP 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Font Wizard 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Future Value of Savings Calculator 1.4.13.zip
c:\documents and settings\Sloane\Application Data\m\shared\giochi nokia_the_hulk.zip
c:\documents and settings\Sloane\Application Data\m\shared\Global Clock Screensaver 3.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\HiFi MP3 Cutter 1.00.zip
c:\documents and settings\Sloane\Application Data\m\shared\History Patrol 2.2.zip
c:\documents and settings\Sloane\Application Data\m\shared\HTTP Recorder 1.00.zip
c:\documents and settings\Sloane\Application Data\m\shared\HVM MailInfinite 0.5.0.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Ice Blue Antarctica.zip
c:\documents and settings\Sloane\Application Data\m\shared\IconExperience Toolbox 4.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Idea Knot 1.1.0.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\iMesh 8.0.0.56402.zip
c:\documents and settings\Sloane\Application Data\m\shared\Insert Quick Link 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\JavaScript PopUpMenu Builder 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Kaspersky.Anti-Virus.Personal.Pro.5.0.372+key.zip
c:\documents and settings\Sloane\Application Data\m\shared\Keygen Kaspersky Mobile.zip
c:\documents and settings\Sloane\Application Data\m\shared\Landscapes Screensaver 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Limnor Codeless Programming System 3.3.zip
c:\documents and settings\Sloane\Application Data\m\shared\Mask Icons.zip
c:\documents and settings\Sloane\Application Data\m\shared\MB Free Tea Leaf Reading 1.30.zip
c:\documents and settings\Sloane\Application Data\m\shared\MD5 Fingerprint 1.2.zip
c:\documents and settings\Sloane\Application Data\m\shared\Microsoft CRM Search Gadget 0.8.zip
c:\documents and settings\Sloane\Application Data\m\shared\MIDIFADE 1.5.zip
c:\documents and settings\Sloane\Application Data\m\shared\Mighty Waterfalls Screen Saver.zip
c:\documents and settings\Sloane\Application Data\m\shared\Millions of Light Years Screensaver 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Music MasterWorks 3.94.zip
c:\documents and settings\Sloane\Application Data\m\shared\My Broadcast Station toolbar for IE 4.5.134.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\NCP Seremo Client 8.3.zip
c:\documents and settings\Sloane\Application Data\m\shared\NEC Test Pattern Generator 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Nettalk 6.5.zip
c:\documents and settings\Sloane\Application Data\m\shared\Network Programming Gear 2.6.zip
c:\documents and settings\Sloane\Application Data\m\shared\Nile FM Widget 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\NOD32_v2.51.20_Standard_by_M0rpheuss.zip
c:\documents and settings\Sloane\Application Data\m\shared\Nurse Dispatchers 1.4.zip
c:\documents and settings\Sloane\Application Data\m\shared\Olli Compolli.zip
c:\documents and settings\Sloane\Application Data\m\shared\Online TV Player 4.9.0.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Opulent Font PostScript 2.00.zip
c:\documents and settings\Sloane\Application Data\m\shared\Paint Express 1.31.zip
c:\documents and settings\Sloane\Application Data\m\shared\Palm Pad 2.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\PDF Content Split 1.25.zip
c:\documents and settings\Sloane\Application Data\m\shared\PeonySoft Video to AVI Converter 2.0.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Perfect Day
c:\documents and settings\Sloane\Application Data\m\shared\Plastic Flash Template 1.0 build 2007.01.11.zip
c:\documents and settings\Sloane\Application Data\m\shared\Plesk for Windows 7.5.2.zip
c:\documents and settings\Sloane\Application Data\m\shared\PMPro Mobile Phone Video Converter 2.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Pocket Wallpaper 1.01.zip
c:\documents and settings\Sloane\Application Data\m\shared\PocketExcel Password 10.1.6805.zip
c:\documents and settings\Sloane\Application Data\m\shared\Pod Player for Windows 1.4.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Poppy 5.9.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Power Cursor 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Product Key Manager 3.0.0.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Product Pricing Calculator Standard 1.0.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Pulse MP 1.20.zip
c:\documents and settings\Sloane\Application Data\m\shared\Quickly compare 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Realistic Virtual Piano 2.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\RecoveryFIX for BKF 4.02.01.zip
c:\documents and settings\Sloane\Application Data\m\shared\River Past Ringtone Converter 2.7.16.1904.zip
c:\documents and settings\Sloane\Application Data\m\shared\RM To MP3 Converter 1.30.zip
c:\documents and settings\Sloane\Application Data\m\shared\Scattered Flurries 1.0.2b1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Scotland in Focus ScreenSaver 1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Scroll To Key 1.0.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\Secure FTP 2.5.7.zip
c:\documents and settings\Sloane\Application Data\m\shared\SetFileDate 2.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Shelltelnet 2.0 Beta.zip
c:\documents and settings\Sloane\Application Data\m\shared\ShopAssist Point Of Sale System 5.10.zip
c:\documents and settings\Sloane\Application Data\m\shared\Signature 0.4.0.4.200610221528.zip
c:\documents and settings\Sloane\Application Data\m\shared\SlovoEd Deluxe Spanish-Spanish 6.4.zip
c:\documents and settings\Sloane\Application Data\m\shared\Snoop 1.2.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\SP VIDEO 3.02.zip
c:\documents and settings\Sloane\Application Data\m\shared\SparkNotes Search 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Standard Score Converter 1.00.zip
c:\documents and settings\Sloane\Application Data\m\shared\Stereo Base Calculator 1.00.zip
c:\documents and settings\Sloane\Application Data\m\shared\Symantec.pcAnywhere.10.5.CourseWare.zip
c:\documents and settings\Sloane\Application Data\m\shared\Text To Speech Gadget 1.0.0.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\TwinGrid 7.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Twistpad 1.64.zip
c:\documents and settings\Sloane\Application Data\m\shared\Typing Reflex 3.11.zip
c:\documents and settings\Sloane\Application Data\m\shared\Update Rollup for Windows XP Embedded Evaluation Edition 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\VideoGIF Lib 1.2.zip
c:\documents and settings\Sloane\Application Data\m\shared\Virtual Screen Spy 1.2.2.zip
c:\documents and settings\Sloane\Application Data\m\shared\Visual Weld 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\VrokSub 1.10.zip
c:\documents and settings\Sloane\Application Data\m\shared\WebVocab 1.1.zip
c:\documents and settings\Sloane\Application Data\m\shared\WiiSearcher Stock Levels 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Window Information 1.0.zip
c:\documents and settings\Sloane\Application Data\m\shared\Xilisoft 3GP Video Converter 5.1.17.1121.zip
c:\documents and settings\Sloane\Application Data\m\shared\YASA DVD Ripper Platinum 2.8.37.1997.zip
c:\documents and settings\Sloane\Application Data\m\shared\Ysofts Mysql 1.1.zip
c:\documents and settings\Sloane\Application Data\m\srvlist.oct
c:\program files\MessengerPlus! 3\MsgPlus.exe
c:\program files\Mozilla Firefox\plugins\NPNd2fn.dll
c:\program files\Need2Find
c:\program files\Need2Find\bar\History\search
c:\windows\Downloaded Program Files\setup.inf
c:\windows\Fonts\acrsecB.fon
c:\windows\Fonts\acrsecI.fon
c:\windows\smdat32m.sys
c:\windows\system32\ban_list.txt
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s


((((((((((((((((((((((((((((( Fichiers créés du 2008-12-06 au 2009-01-06 ))))))))))))))))))))))))))))))))))))
.

2009-01-06 20:49 . 2009-01-06 23:37 <REP> d-------- c:\program files\FindyKill
2009-01-06 20:30 . 2009-01-06 20:30 <REP> d-------- c:\program files\ZNsoft Free
2009-01-06 20:30 . 2004-10-06 13:08 606,208 --a------ c:\windows\system32\BtnPlus1.ocx
2009-01-06 20:30 . 2004-10-06 13:24 471,040 --a------ c:\windows\system32\FraPlus1.ocx
2009-01-06 20:30 . 2006-04-16 23:06 225,280 --a------ c:\windows\system32\OfficeMenu2003.ocx
2009-01-06 20:30 . 1998-07-13 00:00 141,312 --a------ c:\windows\system32\MSCMCFR.DLL
2009-01-06 20:30 . 2004-03-09 00:00 124,688 --a------ c:\windows\system32\MSWINSCK.OCX
2009-01-06 20:30 . 2004-02-23 00:00 119,808 --a------ c:\windows\system32\MSSTDFMT.DLL
2009-01-06 20:30 . 1998-07-13 00:00 15,872 --a------ c:\windows\system32\WINSKFR.DLL
2009-01-06 20:30 . 1998-07-13 00:00 6,656 --a------ c:\windows\system32\STDFTFR.DLL
2009-01-02 22:46 . 2009-01-02 22:46 <REP> d-------- c:\documents and settings\Sloane\Application Data\Apple Computer
2009-01-02 22:42 . 2009-01-02 22:42 <REP> d-------- c:\program files\Fichiers communs\Apple
2009-01-02 22:42 . 2009-01-02 22:42 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2009-01-02 22:41 . 2009-01-02 22:41 <REP> d-------- c:\program files\Apple Software Update
2009-01-02 22:41 . 2009-01-02 22:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-01-02 21:40 . 2009-01-07 00:12 <REP> d--h----- c:\documents and settings\Sloane\Application Data\drivers
2008-12-27 23:06 . 2008-12-27 23:06 664 --a------ c:\windows\system32\d3d9caps.dat
2008-12-26 17:23 . 2009-01-06 20:24 <REP> d-------- c:\program files\Hack
2008-12-18 20:47 . 2008-12-18 20:47 410,984 --a------ c:\windows\system32\deploytk.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-06 23:13 --------- d-----w c:\program files\MessengerPlus! 3
2009-01-06 19:24 --------- d-----w c:\program files\GV AbsoluCasino
2009-01-06 19:24 --------- d-----w c:\documents and settings\Sloane\Application Data\Azureus
2009-01-06 18:43 --------- d-----w c:\documents and settings\Sloane\Application Data\OpenOffice.org2
2009-01-02 21:43 --------- d-----w c:\program files\QuickTime
2009-01-02 20:49 --------- d-----w c:\program files\eMule
2008-12-18 19:47 --------- d-----w c:\program files\Java
2008-12-16 17:57 --------- d-----w c:\program files\World of Warcraft
2008-11-12 19:07 --------- d-----w c:\program files\Alcohol 120
2008-11-12 19:05 715,248 ----a-w c:\windows\system32\drivers\sptd.sys
2006-05-06 16:42 7,260,160 ----a-w c:\program files\mozilla firefox\plugins\libvlc.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-06 1833296]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-11-17 171464]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"AlcoholAutomount"="c:\program files\Alcohol 120\axcmd.exe" [2007-12-22 222080]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2005-01-17 84480]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-18 136600]
"NetLimiter"="c:\program files\NetLimiter\NetLimiter.exe" [2004-03-31 823296]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2009-01-06 266497]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 c:\windows\SOUNDMAN.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-11-03 113664]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2003-07-29 499773]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=73.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.4.6314-to-2.0.5.6320-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-frFR-downloader.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6346:TCP"= 6346:TCP:Shaeraza
"6346:UDP"= 6346:UDP:Shareaza
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"4843:UDP"= 4843:UDP:eMule
"44826:TCP"= 44826:TCP:eMule
"1180:UDP"= 1180:UDP:Windows Media Format SDK (IEXPLORE.EXE)
"1181:UDP"= 1181:UDP:Windows Media Format SDK (IEXPLORE.EXE)

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-29 42512]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-MessengerPlus3 - c:\program files\MessengerPlus! 3\MsgPlus.exe
HKCU-Run-WOOKIT - c:\program files\Wanadoo\Shell.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\program files\NetLimiter\nl_lsp.dll
TCP: {1273B02A-115F-4852-87C0-3AD270B276CE} = 194.2.0.20,195.248.0.2
FF - ProfilePath - c:\documents and settings\Sloane\Application Data\Mozilla\Firefox\Profiles\77pv608a.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - MediaDICO
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPNd2fn.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-07 00:14:28
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(892)
c:\program files\NetLimiter\nl_lsp.dll
c:\windows\system32\nl_msgc.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\rundll32.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\progra~1\MSNMES~1\msnmsgr.exe
c:\program files\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe
c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Heure de fin: 2009-01-07 0:26:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-06 23:26:22

Avant-CF: 46,797,529,088 octets libres
Après-CF: 46,840,442,880 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

1387 --- E O F --- 2008-12-18 12:11:24
0
Réponse 11 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
9 janv. 2009 à 12:44
c'est important

Lancer Spybot-S&D, Mode avancé, Outils, Résident, décocher la case située devant TeaTimer.
Fermer Spybot-S&D.
aide

Tu le réactiveras une fois que nous auront terminé la désinfection ( et pas avant ! ) .
Attention , à ce moment là, Spybot te demandera des modifs de registres :
tu les accepteras toutes ! ...


ensuite

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectées sans les ouvrir
réouvre Findykill,

choisis cette fois ci l'option 2 (suppression)

il y aura 2 redémarrages, laisse travailler l'outils jusqu'a l'apparition du message "nettoyage effectué"

un rapport va s'ouvrir, poste le dans ta prochaine réponse s-t-p

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valides

0
Réponse 12 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
9 janv. 2009 à 15:56
voila :



----------------- FindyKill V4.711 ------------------

* User : Sloane - NEOYEVON
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 15:15:31 the 09/01/2009
* Windows XP - Internet Explorer 6.0.2900.5512


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-17A6EC36.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\Sloane\Application Data

Deleted ! - "C:\Documents and Settings\Sloane\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\Sloane\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
Deleted ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Other Infections ] ----------------


Références de comparaison Bagle MD5 :

113ac36b77630a2f67dd6cb7844406a4 C:\Qoobox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
113ac36b77630a2f67dd6cb7844406a4 C:\Qoobox\Quarantine\C\WINDOWS\system32\wintems.exe.vir


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\Ultimate ZIP Cracker Trial
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\Ultimate ZIP Cracker Trial\Ultimate ZIP Cracker release notes.html
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\Ultimate ZIP Cracker Trial\Ultimate ZIP Cracker.lnk
C:\Documents and Settings\Sloane\Mes documents\Peer to peer\Incoming Shareaza\Metadata\(cracked) hack gu 23.zip.xml
C:\Documents and Settings\Sloane\Mes documents\Peer to peer\Incoming Shareaza\Metadata\(cracked) hack sora theme 40.rar.xml
C:\Documents and Settings\Sloane\Mes documents\Peer to peer\Incoming Shareaza\Metadata\_crack_ hack gu 55.zip.xml


---------------- ! End of report ! ------------------
0
Réponse 13 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
9 janv. 2009 à 16:20
faut que tu vires ça

C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\Ultimate ZIP Cracker Trial
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\Ultimate ZIP Cracker Trial\Ultimate ZIP Cracker release notes.html
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\Ultimate ZIP Cracker Trial\Ultimate ZIP Cracker.lnk
C:\Documents and Settings\Sloane\Mes documents\Peer to peer\Incoming Shareaza\Metadata\(cracked) hack gu 23.zip.xml
C:\Documents and Settings\Sloane\Mes documents\Peer to peer\Incoming Shareaza\Metadata\(cracked) hack sora theme 40.rar.xml
C:\Documents and Settings\Sloane\Mes documents\Peer to peer\Incoming Shareaza\Metadata\_crack_ hack gu 55.zip.xml

ensuite


- Télécharge TrendMicro™ HijackThis™ de Merijn(prog de diagnostic) sur ton bureau.
- Cette version est sans installateur! ( Zip à décompresser )
- Enregistre le sur ton bureau.

-A l'installation,
****Place le dans son répertoire par défaut, c'est à dire : C:\program files***

Important : Sous Vista, clic droit sur le fichier Hijackthis.exe ou sur le raccourci, Propriétés, Onglet Compatibilité, cocher :
"Exécuter ce programme en tant qu'administrateur"

installer hijackthis correctement:
https://forums.cnetfrance.fr

*** Ferme toute les fenêtres ouvertes , et déconnecte toi du web***

- Double-clique dessus
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur "Do a scan and save log file".
- Le rapport s'ouvre sur le Bloc-Note.
- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller
- ** ne pas fixer de lignes sans notre avis **
Aide : N'hésite pas à consulter l'aide HiJackThis de Malekal_morte
En image
0
Réponse 14 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
9 janv. 2009 à 16:51
voici:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:48:33, on 09/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hijackthis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1273B02A-115F-4852-87C0-3AD270B276CE}: NameServer = 194.2.0.20,195.248.0.2
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: wampapache - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe (file missing)
0
Réponse 15 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
9 janv. 2009 à 17:18
y a encore une autre infection

Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
Tutorial Toolbar S&D
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis valide avec la touche "Entrée".
* Choisis l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 16 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
9 janv. 2009 à 17:27
Par "une autre infection" tu veux dire un autre virus ou c est ce mechant winupgro qui s'est collé dans tous les coins?
voici le rapport:


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3800+ )
BIOS : Award Modular BIOS v6.00PG
USER : Sloane ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:279 Go (Free:69 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 09/01/2009|17:24 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\KaZaA
C:\Program Files\KaZaA\My Shared Folder
C:\Program Files\KaZaA\My Shared Folder\kazaa327_en.exe
C:\WINDOWS\Fonts\acrsec.fon

-----------\\ Extensions

(Sloane) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.google.fr/?gws_rd=ssl"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 09/01/2009|17:25 - Option : [1]

-----------\\ Fin du rapport a 17:25:19,50
0
Réponse 17 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
9 janv. 2009 à 17:42
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
*** Ne ferme pas la fenêtre lors de la suppression ***
Un rapport sera créé, poste son contenu ici.

poste un nouveau rapport hijack avec stp
0
Réponse 18 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
9 janv. 2009 à 17:52
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3800+ )
BIOS : Award Modular BIOS v6.00PG
USER : Sloane ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:279 Go (Free:69 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 09/01/2009|17:48 )

-----------\\ SUPPRESSION

Supprime! - C:\WINDOWS\Fonts\acrsec.fon

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Sloane) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.google.fr/?gws_rd=ssl"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 09/01/2009|17:25 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 09/01/2009|17:49 - Option : [2]

-----------\\ Fin du rapport a 17:49:21,96




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:46, on 09/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1273B02A-115F-4852-87C0-3AD270B276CE}: NameServer = 194.2.0.20,195.248.0.2
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: wampapache - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe (file missing)
0
Réponse 19 / 25
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
9 janv. 2009 à 17:58
bien

on a presque terminé

Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton Bureau.
https://www.malwarebytes.com/

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.
Double-clique sur l'icône "Download_mbam-setup.exe" sur ton bureau pour démarrer le programme d'installation.

Pendant l'installation, suis les indications n'apporte aucune modification aux réglages par défaut et en fin d'installation, vérifie que les options "Update Malwarebytes' Anti-Malware" et "Launch Malwarebytes' Anti-Malware" soit cochées.
MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue.
La fenêtre principale de MBAM s'affiche :
Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.
MBAM analyse ton ordinateur.
L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
Si des malwares sont détectés, leur liste s'affiche.
***EN CLIQUANT SUR SUPPRESSION(?)FAIT LE*** , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
Ferme MBAM en cliquant sur Quitter.
Poste le rapport dans ta réponse

poste un nouveau rapport hijacj avec
0
Réponse 20 / 25
Neoyevon Messages postés 10 Date d'inscription mercredi 7 janvier 2009 Statut Membre Dernière intervention 12 janvier 2009
9 janv. 2009 à 19:09
voici le rapport Mbam:

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1634
Windows 5.1.2600 Service Pack 3

09/01/2009 19:01:55
mbam-log-2009-01-09 (19-01-55).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 109934
Temps écoulé: 30 minute(s), 52 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{2ab289ae-4b90-4281-b2ae-1f4bb034b647} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{deceaaa2-370a-49bb-9362-68c3a58ddc62} (Adware.180Solutions) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\Documents and Settings\Sloane\Application Data\drivers\srosa2.sys.vir (Worm.Bagel) -> Quarantined and deleted successfully.


Et le rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:05, on 09/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hijackthis\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1273B02A-115F-4852-87C0-3AD270B276CE}: NameServer = 194.2.0.20,195.248.0.2
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: wampapache - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe (file missing)
0

Discussions similaires

worm bagle
manu2531 -
Utilisateur anonyme -

30 réponses
Infécté par virus Bagle
cadum87 -
cadum87 -

2 réponses
Infecté par un bagle ?!
ionisis -
Utilisateur anonyme -

9 réponses