Problème avec Generic!atr trojan et ver bagle
Résolu/Fermé
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
-
10 janv. 2009 à 01:12
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 17 janv. 2009 à 13:25
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 17 janv. 2009 à 13:25
A voir également:
- Problème avec Generic!atr trojan et ver bagle
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Csrss.exe trojan - Forum Virus
- Trojan win32 - Forum Virus
- Csrss.exe : processus suspect/virus ? - Forum Virus
- Trojan agent ✓ - Forum Virus
84 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
11 janv. 2009 à 03:04
11 janv. 2009 à 03:04
Bon, on va tuer cette infection Bagle une fois pour toutes.
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) en prenant soin de le renommer en KillBagle avant de l'enregistrer sur le Bureau.
--> Double-clique sur KillBagle.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) en prenant soin de le renommer en KillBagle avant de l'enregistrer sur le Bureau.
--> Double-clique sur KillBagle.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 03:11
11 janv. 2009 à 03:11
Il ne veut pas s'ouvrir, cela me met la même chose que pour Spybot, et voici le rapport après redémarage du pc:
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1638
Windows 5.1.2600 Service Pack 2
11/01/2009 03:10:39
mbam-log-2009-01-11 (03-10-35).txt
Type de recherche: Examen rapide
Eléments examinés: 56078
Temps écoulé: 5 minute(s), 10 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur\Application Data\m (Trojan.Agent) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur\Application Data\m\data.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\HP_Administrateur\Application Data\m\list.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\HP_Administrateur\Application Data\m\srvlist.oct (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
C:\Documents and Settings\HP_Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1638
Windows 5.1.2600 Service Pack 2
11/01/2009 03:10:39
mbam-log-2009-01-11 (03-10-35).txt
Type de recherche: Examen rapide
Eléments examinés: 56078
Temps écoulé: 5 minute(s), 10 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur\Application Data\m (Trojan.Agent) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\HP_Administrateur\Application Data\m\data.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\HP_Administrateur\Application Data\m\list.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\HP_Administrateur\Application Data\m\srvlist.oct (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
C:\Documents and Settings\HP_Administrateur\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
11 janv. 2009 à 03:12
11 janv. 2009 à 03:12
"Il ne veut pas s'ouvrir, cela me met la même chose que pour Spybot, et voici le rapport après redémarage du pc"
---> Tu dois le renommer AVANT qu'il soit enregistré sur le Bureau pas après.
---> Tu dois le renommer AVANT qu'il soit enregistré sur le Bureau pas après.
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 03:38
11 janv. 2009 à 03:38
Désolé désolé, je suis un peu fatiguée, erreur d'inattention, pardon, donc le rapport:
ComboFix 09-01-10.01 - HP_Administrateur 2009-01-11 3:25:02.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1022.702 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Administrateur\Mes documents\log\KillBagle.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\102359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\102625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\102953.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\103234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\103703.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\104156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\106390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\107171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\107484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\108406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109343.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109687.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\116312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\116968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\121281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\123312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\123828.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\124734.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\126140.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\130375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\136390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\137062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\137093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\137812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\138468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\138484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\140718.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\144031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\144062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\146375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148453.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\150562.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\150640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\150968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151671.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\152312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\152734.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\153468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\160531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\161843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\161859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\162250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\162703.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\162937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\163531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\163953.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\166406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\167375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\168796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\169390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\169421.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\169453.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\170031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\170359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\171250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\171765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\172031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\175859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176687.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\177531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\177890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\177953.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\178609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\179265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\179671.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\181234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\181765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\182062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\183156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\183796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\183812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\185921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\191046.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\193031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\194750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\194796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\195171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\195765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\195937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\196171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\196640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\196843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\197062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\197437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\197859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\198796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\199390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\199437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\1998656.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\1999812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2000218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2000843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2001500.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2001921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\201062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2022906.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2023468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2023750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2028578.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2030000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2059625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2060000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2060046.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211203.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211906.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\212281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\212890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\213296.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\215937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\216421.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\216796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\217750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\218265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\218343.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\219781.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\220437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\220453.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\221609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\222031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\222093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\222984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\223921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\224250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\225875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\227046.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\227546.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\228187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\228234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\228859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\229312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\229890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\230406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231781.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\232093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\232890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\233328.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\234093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\234781.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\235187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\238312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\247406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\247984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\248265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\254265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\268750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\269078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\269156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\291109.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\291640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\291937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\292546.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\296812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\305968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\306250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\306296.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\328734.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\329234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\329281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\340578.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\340828.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\340875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\349281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\350640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\350703.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\452828.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\453531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\453937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\46640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\488812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\489203.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\489250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\49125.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\49468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\51078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\52687.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\52718.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\54328.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\55656.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\55812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\56609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\59437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\69187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\71171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\71796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\72640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\72656.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\73078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\73890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\75875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\75937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\76218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\77531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\78187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\78218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\78640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\79250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\79640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\79843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\83359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\83640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\84156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\84546.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\85187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\85765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\85812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\86093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\95078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\96218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\97859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\srosa.sys
c:\documents and settings\HP_Administrateur\Application Data\drivers\srosa2.sys
c:\documents and settings\HP_Administrateur\Application Data\drivers\winupgro.exe
c:\documents and settings\HP_Administrateur\Application Data\m
c:\documents and settings\HP_Administrateur\Application Data\m\data.oct
c:\documents and settings\HP_Administrateur\Application Data\m\flec006.exe
c:\documents and settings\HP_Administrateur\Application Data\m\list.oct
c:\documents and settings\HP_Administrateur\Application Data\m\shared\10by10 News 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Active Delivery 3.00.01.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AddShade.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Advanced DVD Ripper 5.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Aiseesoft DVD Audio Ripper 3.2.16.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Ajax-Controls.NET 1.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\alienClock 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AltDesk 1.8.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Arianna Deskmate 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Atomic PDF Password Recovery 1.90.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AUAU Flash Converter 5.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Audio Recorder Titanium 6.0.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AutoMouse 20000730e.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Avast.Professional.Edition.v4.5.561.Incl.Keymaker-ACME.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Babimals 1.01.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Barcode Alpha 1.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\BB Artist 1.00.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Bit Editor 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Blue Cat's FreqAnalyst 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Briefile 1.1.35.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Cafe Manager Pro for Internet Cafes 3.8.6.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\CatBase 6.60.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\click'n share photo 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Colin Mcrae Dirt 3D Nokia n73.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Color Mixer 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Contact Wolf 2.306.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\CoolSpool 1.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\crack.Panda.Platinium.Internet.Security.(2007).zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\DBF Explorer 1.0 Build 005.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\DNS MX Wizard ActiveX 3.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\dotancoh-HERETIC.CracK.NOD32.Antivirus.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Dxtory 1.0.47.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Dynamic Bid Maximizer Overture 3.2.31.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Easy Gradebook 3.5.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Empowered Doctor Custom Search 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Excel Invoice Manager Pro 2.9.1013.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\eXGrid 4.3.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Family Monitor 4.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\FastNet Connection Accelerator 3.20.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Firefox Showcase 0.9.4.9.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Fix8 1.2.82 Build 0241.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\FixRegistryError 2.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Flash Video Converter 6.0.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Floral Paradise Of Hawaii 2 1.0.6.2634.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\FontFlasher 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\GateWall 3.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\GeekClock 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\GetPicturesList 1.15.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Glasser for Firefox 1.0.16.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\InfGadget 3.007a.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Internet Book 5.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Internet Explorer Password Recovery 1.1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\IPD LAN Manager and Tools 3.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Jacques-Louis David Screensaver 1.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JavaScript Page Preloader 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Javascript PopWin EX 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JInstaller Creator Basic Edition 1.3.7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JR Time 2.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JRView 1.00.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Keychain Password Manager 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Locator Calculator 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Lock it Safe 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MacVolumes 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MaxSoft Access Password Recovery 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MB Free Vedic Astrology 1.80.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\McAfee.AntiSpyware.2006.Full.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Mcafee.Virusscan.Home.Edition.v9.0.Retail-Ror.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Messenger Plus! Compatibility 3.11.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MiLoPhoto 2.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MJG 3D Art ScreenSaver.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MoNooN Newspaper 1.2.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MouseLight 1.5.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MPC Batch Encoder 2.3.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MSN Backup 2.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Multimedia Tray Control 1.1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MultiTab 4.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\My Personal MessageBox 1.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MySimpleFTP 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Netwriter 2.5.8.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\NOD32_NT2kXP_2.12.4.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Oricle.info 3.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\PackageMapping.com Extension 1.0.4e.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Panda.Platinum.2006.Internet.Security10.02.01.WinALL.RETAIL-ARN.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\ParetoLogic Privacy Controls 2.0.6761.63.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Paste From Console 1.0.0.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Portable Guru3D - Driver Sweeper 0.9.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Power Video Joiner 4.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\PowerISO 4.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Prague Old Town Square 3D 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\PyMCA 4.0.7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\QMSys Tolerances and Fits 4.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Ras2Vec 1.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Recuva 1.21.373.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Registry Repair Doctor 1.0.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Relaxation Techniques Screensaver 1.01.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Reply In Group 0.0.05.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\S3C 2.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\safeHtmRename 1.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Scan Calculator 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Scanitto 1.16.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Schmap European Capitals 2.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Security Center Lite 1.3.9.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Sitemap Equalizer 1.6.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Sliv button 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\SNMP GUI - ADK 3.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Softstunt Video to iPod Converter 4.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\SpaceCadet 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Spamatak Free 1.1.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\SpyMyPC PRO 5.4.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\St Patrick Teddy Bears Demo Screensaver 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Symantec.Norton.Antivirus.2005.Liveupdate.Subscription.Limit.Remover.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Toolkit to Disable Automatic Delivery of Internet Explorer 7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Tree of Life - Animated Wallpaper 5.07.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\TreeDBNotes 3.36 Build 003.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Triplehash Hutmil 6.8.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\TSOfficePool - Auto Racing 6.2.7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Turtle Screensaver.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Uninstall Manager 4.30.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\USAPhotoMaps 2.77.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Virtual Hard Drive Pro 2.0 Build 07090417.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\VirusBuster Personal 6.000 Build 200.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\VQManager 6.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\WallMaster 2.4e.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Wave Editor 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\WBNS 10 News 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Web Service Creator 2.5.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\WildSavers Screensaver - Bugs ws-0002 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\xPodClone 1.3.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\srvlist.oct
c:\windows\system32\404Fix.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\java2.sys c:\windows\system32\snjava.dll
c:\windows\system32\mdelk.exe
c:\windows\system32\mfcans32.DLL
c:\windows\system32\mfcuia32.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\wintems.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-11 au 2009-01-11 ))))))))))))))))))))))))))))))))))))
.
2009-01-11 02:42 . 2009-01-11 02:42 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-11 02:42 . 2009-01-11 02:42 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes
2009-01-11 02:42 . 2009-01-11 02:42 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-11 02:42 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-11 02:42 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-11 02:40 . 2009-01-11 02:39 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-11 02:36 . 2009-01-11 02:36 <REP> d-------- c:\program files\Fichiers communs\Adobe
2009-01-11 02:33 . 2009-01-11 02:33 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-01-11 01:35 . 2009-01-11 01:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-11 00:42 . 2009-01-11 00:43 <REP> d-------- C:\rsit
2009-01-10 23:33 . 2009-01-10 23:33 <REP> d-------- C:\_OTMoveIt
2009-01-10 02:04 . 2009-01-11 03:27 <REP> d--h----- c:\documents and settings\HP_Administrateur\Application Data\drivers
2009-01-10 01:22 . 2009-01-10 01:51 <REP> d-------- c:\program files\FindyKill
2009-01-10 01:20 . 2009-01-11 00:43 <REP> d-------- c:\program files\Trend Micro
2009-01-09 23:59 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe
2009-01-09 18:06 . 2009-01-10 16:09 <REP> d-------- c:\program files\Navilog1
2009-01-09 15:17 . 2009-01-09 17:48 <REP> d-------- c:\documents and settings\HP_Administrateur\.housecall6.6
2009-01-09 01:03 . 2009-01-09 01:03 <REP> d-------- c:\program files\Softwin
2009-01-08 22:25 . 2009-01-09 14:29 <REP> d-------- c:\program files\a-squared Anti-Malware
2009-01-08 22:19 . 2009-01-08 22:19 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2009-01-08 21:23 . 2009-01-08 21:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-01-08 20:31 . 2009-01-10 23:33 <REP> d-------- C:\drivers
2009-01-06 17:20 . 2009-01-06 17:20 <REP> d-------- c:\windows\OpenOffice.org
2009-01-06 17:16 . 2009-01-06 17:16 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\OpenOffice.org
2009-01-06 17:14 . 2009-01-06 17:14 <REP> d-------- c:\program files\OpenOffice.org 3
2009-01-06 17:14 . 2009-01-06 17:14 <REP> d-------- c:\program files\JRE
2009-01-06 17:14 . 2009-01-11 02:39 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-06 16:57 . 2009-01-06 16:57 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\AdobeUM
2008-12-30 20:52 . 2008-12-30 20:54 116,849,736 --a------ c:\program files\xpesp1_lang_jpn.exe
2008-12-30 17:37 . 2008-12-30 17:37 <REP> d-------- c:\program files\CCleaner
2008-12-27 10:52 . 2008-12-27 10:52 <REP> d-------- c:\program files\Windows Media Connect 2
2008-12-27 10:51 . 2008-12-27 10:51 <REP> d-------- c:\windows\system32\LogFiles
2008-12-27 10:51 . 2008-12-27 10:51 <REP> d-------- c:\windows\system32\drivers\UMDF
2008-12-26 23:49 . 2008-12-27 00:07 105,897,889 --a------ c:\program files\dn3d_hrp-2005-11-01.exe
2008-12-26 20:55 . 2008-12-26 20:55 <REP> d-------- C:\DUKE3D
2008-12-26 20:36 . 2008-12-26 20:36 <REP> d--h----- c:\windows\PIF
2008-12-26 20:30 . 2008-12-26 20:30 <REP> d-------- c:\program files\Plus!
2008-12-26 20:24 . 2008-12-26 20:35 <REP> d-------- C:\KillATon
2008-12-26 20:24 . 1996-10-15 18:01 298,496 --a------ c:\windows\uninst.exe
2008-12-26 17:50 . 2008-12-26 17:50 <REP> d-------- c:\program files\Webcam 1200
2008-12-26 17:50 . 2008-12-26 17:50 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\InstallShield
2008-12-26 17:50 . 2007-06-29 16:32 611,584 --a------ c:\windows\system32\drivers\PFC027.SYS
2008-12-26 16:39 . 2008-12-26 16:39 <REP> d-------- c:\windows\PixArt
2008-12-26 16:35 . 2007-05-17 15:50 129,024 --a------ c:\windows\system32\SP207.AX
2008-12-26 16:35 . 2006-11-20 09:04 6,656 --a------ c:\windows\system32\CoInst_070629.dll
2008-12-26 16:35 . 2007-06-29 11:07 566 --a------ c:\windows\system32\SP207.INI
2008-12-26 13:55 . 2009-01-09 15:38 <REP> d-------- c:\program files\eMule
2008-12-25 20:45 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-25 20:44 . 2008-12-25 20:44 <REP> d-------- c:\program files\Microsoft Sync Framework
2008-12-25 20:42 . 2008-12-25 20:42 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-12-25 14:35 . 2008-12-25 14:35 236 --a------ C:\sqmdata06.sqm
2008-12-25 14:35 . 2008-12-25 14:35 200 --a------ C:\sqmnoopt06.sqm
2008-12-25 04:42 . 2009-01-07 21:09 81,984 --a------ c:\windows\system32\bdod.bin
2008-12-24 22:45 . 2008-12-24 22:45 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\TomTom
2008-12-24 22:44 . 2008-12-24 22:45 <REP> d-------- c:\program files\TomTom HOME 2
2008-12-24 22:13 . 2008-12-24 22:13 <REP> d-------- c:\program files\TomTom DesktopSuite
2008-12-22 21:46 . 2008-12-22 21:46 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\vlc
2008-12-22 21:30 . 2008-12-22 21:30 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\HPQ
2008-12-22 19:44 . 2008-12-29 16:50 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\dvdcss
2008-12-22 19:42 . 2008-12-22 19:42 <REP> d-------- c:\program files\VideoLAN
2008-12-22 19:30 . 2008-12-22 19:30 128,116 --a------ c:\program files\VLC.exe
2008-12-22 19:03 . 2008-12-22 19:03 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\InterVideo
2008-12-22 19:02 . 2009-01-08 20:35 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\HP
2008-12-21 18:26 . 2008-12-21 18:26 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Media Player Classic
2008-12-21 11:18 . 2008-12-21 11:18 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Sonic
2008-12-21 11:18 . 2008-12-21 11:18 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Leadertech
2008-12-21 10:54 . 2008-12-21 10:54 <REP> d-------- c:\windows\Sun
2008-12-20 14:36 . 2008-12-20 14:36 236 --a------ C:\sqmdata05.sqm
2008-12-20 14:36 . 2008-12-20 14:36 200 --a------ C:\sqmnoopt05.sqm
2008-12-20 12:12 . 2008-12-20 12:12 <REP> d-------- c:\program files\SFR
2008-12-20 12:06 . 2008-12-20 12:06 236 --a------ C:\sqmdata04.sqm
2008-12-20 12:06 . 2008-12-20 12:06 200 --a------ C:\sqmnoopt04.sqm
2008-12-19 23:04 . 2001-09-30 19:10 246,784 --a------ c:\windows\system32\ActiveSkin.ocx
2008-12-19 23:04 . 2001-05-24 12:59 162,304 --a------ C:\UNWISE.EXE
2008-12-19 23:04 . 2002-01-18 18:12 112 --a------ c:\windows\ActiveSkin.INI
2008-12-19 21:52 . 2008-12-19 21:52 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Macrovision
2008-12-19 21:50 . 2008-12-19 21:50 236 --a------ C:\sqmdata03.sqm
2008-12-19 21:50 . 2008-12-19 21:50 200 --a------ C:\sqmnoopt03.sqm
2008-12-19 21:49 . 2008-12-19 21:49 <REP> d-------- c:\program files\Vodafone
2008-12-19 21:49 . 2008-12-19 21:49 <REP> d-------- c:\documents and settings\All Users\Application Data\Macrovision
2008-12-19 21:49 . 2007-11-05 11:56 101,120 -ra------ c:\windows\system32\drivers\ewusbmdm.sys
2008-12-19 20:36 . 2008-12-19 20:36 <REP> d-------- c:\program files\Microsoft Games
2008-12-19 11:40 . 2008-12-19 11:40 236 --a------ C:\sqmdata02.sqm
2008-12-19 11:40 . 2008-12-19 11:40 200 --a------ C:\sqmnoopt02.sqm
2008-12-18 18:44 . 2008-12-18 18:44 236 --a------ C:\sqmdata01.sqm
2008-12-18 18:44 . 2008-12-18 18:44 200 --a------ C:\sqmnoopt01.sqm
2008-12-18 16:08 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-18 16:08 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\dllcache\usbprint.sys
2008-12-18 16:07 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-12-18 16:07 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\dllcache\usbccgp.sys
2008-12-18 14:59 . 2008-12-18 14:59 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Template
2008-12-18 14:59 . 2009-01-07 18:02 768 --a------ c:\documents and settings\HP_Administrateur\Application Data\wklnhst.dat
2008-12-17 20:56 . 2008-12-17 20:56 236 --a------ C:\sqmdata00.sqm
2008-12-17 20:56 . 2008-12-17 20:56 200 --a------ C:\sqmnoopt00.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 02:05 --------- d-----w c:\program files\Symantec
2009-01-11 01:40 --------- d-----w c:\program files\Java
2009-01-10 02:50 --------- d-----w c:\program files\Alwil Software
2008-12-26 16:50 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-25 19:45 --------- d-----w c:\program files\Windows Live
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-11-24 01:21 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-24 01:15 --------- d-----w c:\program files\MSXML 4.0
2008-11-23 21:25 --------- d-----w c:\program files\EA GAMES
2008-11-23 14:38 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2008-11-23 14:37 --------- d-----w c:\program files\Microsoft
2008-11-23 14:31 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-11-23 14:29 --------- d-----w c:\program files\Microsoft Silverlight
2008-11-23 13:52 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-11-21 13:41 --------- d-----w c:\documents and settings\HP_Administrateur\Application Data\Symantec
2008-11-21 13:35 1,953 --sha-r c:\windows\system32\drivers\103C_HP_CPC_EP239AA-ABF m7355.fr_YC_0Pavi_QCZB604_E61FRemMPC2_48_IAMETHYST-M_SMSI_V1.0_B3.43_T060112_WXP2_L40C_M1023_J250_7AMD_8Athlon 64 X2 Dual Core_91.99_#081121_N10EC8139_Z_G10027146_OTSSTcorp CD DVDW TS-H552D.MRK
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-11 2156368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-11 136600]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-10-02 57344]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-03 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2009-01-11 319488]
"a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2009-01-11 2782352]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-03 180269]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-01-11 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"ftutil2"="ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]
c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Barre d'‚tat systŠme d'ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-10-02 57344]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2005-01-03 2799488]
R3 PAC207;Webcam 1200;c:\windows\system32\drivers\PFC027.SYS [2008-12-26 611584]
R4 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-25 55136]
R4 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
R4 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
S1 aswSP;avast! Self Protection; [x]
S4 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6617ba8-d1ed-11dd-90f1-0013d3f4aa0e}]
\Shell\AutoRun\command - J:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee765a3e-ce05-11dd-90df-0013d3f4aa0e}]
\Shell\AutoRun\command - J:\StartVMCLite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee765a3f-ce05-11dd-90df-0013d3f4aa0e}]
\Shell\AutoRun\command - J:\StartVMCLite.exe
.
Contenu du dossier 'Tâches planifiées'
2005-01-03 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 18:22]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
HKLM-Run-IS CfgWiz - c:\program files\Norton Internet Security\cfgwiz.exe
HKLM-Run-URLLSTCK.exe - c:\program files\Norton Internet Security\UrlLstCk.exe
HKLM-Run-PCDrProfiler - (no file)
.
------- Examen supplémentaire -------
.
IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
FF - ProfilePath - c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\kn56ta3r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 03:33:19
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(564)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\arservice.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Heure de fin: 2009-01-11 3:36:45 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-11 02:36:43
Avant-CF: 192,678,400,000 octets libres
Après-CF: 192,653,283,328 octets libres
656 --- E O F --- 2009-01-07 17:19:46
ComboFix 09-01-10.01 - HP_Administrateur 2009-01-11 3:25:02.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1022.702 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Administrateur\Mes documents\log\KillBagle.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\102359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\102625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\102953.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\103234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\103703.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\104156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\106390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\107171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\107484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\108406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109343.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109687.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\109968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\116312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\116968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\119984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\121281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\123312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\123828.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\124734.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\126140.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\129921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\130375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\136390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\137062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\137093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\137812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\138468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\138484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\140718.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\144031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\144062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\146375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\147843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148453.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\148812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\149984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\150562.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\150640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\150968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151671.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\151859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\152312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\152734.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\153468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\160531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\161843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\161859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\162250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\162703.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\162937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\163531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\163953.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\166406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\167375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\168796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\169390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\169421.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\169453.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\170031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\170359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\171250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\171765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\172031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\175859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\176687.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\177531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\177890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\177953.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\178609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\179265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\179671.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\181234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\181765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\182062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\183156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\183796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\183812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\185921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\191046.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\193031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\194750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\194796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\195171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\195765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\195937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\196171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\196640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\196843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\197062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\197437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\197859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\198796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\199390.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\199437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\1998656.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\1999812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2000218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2000843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2001500.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2001921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\201062.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2022906.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2023468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2023750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2028578.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2030000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2059625.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2060000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\2060046.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210000.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210375.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\210875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211203.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211484.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211906.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\211921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\212281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\212890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\213296.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\215937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\216421.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\216796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\217750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\218265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\218343.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\219781.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\220437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\220453.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\221609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\222031.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\222093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\222984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\223921.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\224250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\225875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\227046.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\227546.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\228187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\228234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\228859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\229312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\229890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\230406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231781.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\231890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\232093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\232890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\233328.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\234093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\234781.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\235187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\238312.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\247406.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\247984.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\248265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\254265.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\268750.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\269078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\269156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\291109.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\291640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\291937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\292546.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\296812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\305968.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\306250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\306296.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\328734.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\329234.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\329281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\340578.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\340828.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\340875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\349281.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\350640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\350703.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\452828.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\453531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\453937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\46640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\488812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\489203.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\489250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\49125.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\49468.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\51078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\52687.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\52718.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\54328.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\55656.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\55812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\56609.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\59437.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\69187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\71171.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\71796.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\72640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\72656.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\73078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\73890.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\75875.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\75937.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\76218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\77531.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\78187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\78218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\78640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\79250.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\79640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\79843.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\83359.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\83640.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\84156.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\84546.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\85187.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\85765.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\85812.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\86093.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\95078.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\96218.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\downld\97859.exe
c:\documents and settings\HP_Administrateur\Application Data\drivers\srosa.sys
c:\documents and settings\HP_Administrateur\Application Data\drivers\srosa2.sys
c:\documents and settings\HP_Administrateur\Application Data\drivers\winupgro.exe
c:\documents and settings\HP_Administrateur\Application Data\m
c:\documents and settings\HP_Administrateur\Application Data\m\data.oct
c:\documents and settings\HP_Administrateur\Application Data\m\flec006.exe
c:\documents and settings\HP_Administrateur\Application Data\m\list.oct
c:\documents and settings\HP_Administrateur\Application Data\m\shared\10by10 News 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Active Delivery 3.00.01.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AddShade.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Advanced DVD Ripper 5.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Aiseesoft DVD Audio Ripper 3.2.16.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Ajax-Controls.NET 1.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\alienClock 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AltDesk 1.8.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Arianna Deskmate 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Atomic PDF Password Recovery 1.90.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AUAU Flash Converter 5.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Audio Recorder Titanium 6.0.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\AutoMouse 20000730e.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Avast.Professional.Edition.v4.5.561.Incl.Keymaker-ACME.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Babimals 1.01.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Barcode Alpha 1.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\BB Artist 1.00.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Bit Editor 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Blue Cat's FreqAnalyst 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Briefile 1.1.35.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Cafe Manager Pro for Internet Cafes 3.8.6.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\CatBase 6.60.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\click'n share photo 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Colin Mcrae Dirt 3D Nokia n73.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Color Mixer 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Contact Wolf 2.306.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\CoolSpool 1.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\crack.Panda.Platinium.Internet.Security.(2007).zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\DBF Explorer 1.0 Build 005.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\DNS MX Wizard ActiveX 3.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\dotancoh-HERETIC.CracK.NOD32.Antivirus.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Dxtory 1.0.47.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Dynamic Bid Maximizer Overture 3.2.31.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Easy Gradebook 3.5.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Empowered Doctor Custom Search 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Excel Invoice Manager Pro 2.9.1013.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\eXGrid 4.3.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Family Monitor 4.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\FastNet Connection Accelerator 3.20.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Firefox Showcase 0.9.4.9.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Fix8 1.2.82 Build 0241.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\FixRegistryError 2.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Flash Video Converter 6.0.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Floral Paradise Of Hawaii 2 1.0.6.2634.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\FontFlasher 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\GateWall 3.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\GeekClock 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\GetPicturesList 1.15.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Glasser for Firefox 1.0.16.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\InfGadget 3.007a.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Internet Book 5.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Internet Explorer Password Recovery 1.1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\IPD LAN Manager and Tools 3.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Jacques-Louis David Screensaver 1.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JavaScript Page Preloader 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Javascript PopWin EX 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JInstaller Creator Basic Edition 1.3.7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JR Time 2.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\JRView 1.00.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Keychain Password Manager 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Locator Calculator 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Lock it Safe 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MacVolumes 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MaxSoft Access Password Recovery 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MB Free Vedic Astrology 1.80.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\McAfee.AntiSpyware.2006.Full.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Mcafee.Virusscan.Home.Edition.v9.0.Retail-Ror.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Messenger Plus! Compatibility 3.11.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MiLoPhoto 2.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MJG 3D Art ScreenSaver.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MoNooN Newspaper 1.2.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MouseLight 1.5.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MPC Batch Encoder 2.3.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MSN Backup 2.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Multimedia Tray Control 1.1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MultiTab 4.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\My Personal MessageBox 1.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\MySimpleFTP 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Netwriter 2.5.8.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\NOD32_NT2kXP_2.12.4.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Oricle.info 3.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\PackageMapping.com Extension 1.0.4e.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Panda.Platinum.2006.Internet.Security10.02.01.WinALL.RETAIL-ARN.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\ParetoLogic Privacy Controls 2.0.6761.63.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Paste From Console 1.0.0.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Portable Guru3D - Driver Sweeper 0.9.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Power Video Joiner 4.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\PowerISO 4.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Prague Old Town Square 3D 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\PyMCA 4.0.7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\QMSys Tolerances and Fits 4.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Ras2Vec 1.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Recuva 1.21.373.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Registry Repair Doctor 1.0.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Relaxation Techniques Screensaver 1.01.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Reply In Group 0.0.05.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\S3C 2.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\safeHtmRename 1.0.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Scan Calculator 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Scanitto 1.16.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Schmap European Capitals 2.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Security Center Lite 1.3.9.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Sitemap Equalizer 1.6.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Sliv button 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\SNMP GUI - ADK 3.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Softstunt Video to iPod Converter 4.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\SpaceCadet 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Spamatak Free 1.1.2.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\SpyMyPC PRO 5.4.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\St Patrick Teddy Bears Demo Screensaver 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Symantec.Norton.Antivirus.2005.Liveupdate.Subscription.Limit.Remover.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Toolkit to Disable Automatic Delivery of Internet Explorer 7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Tree of Life - Animated Wallpaper 5.07.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\TreeDBNotes 3.36 Build 003.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Triplehash Hutmil 6.8.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\TSOfficePool - Auto Racing 6.2.7.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Turtle Screensaver.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Uninstall Manager 4.30.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\USAPhotoMaps 2.77.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Virtual Hard Drive Pro 2.0 Build 07090417.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\VirusBuster Personal 6.000 Build 200.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\VQManager 6.1.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\WallMaster 2.4e.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Wave Editor 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\WBNS 10 News 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\Web Service Creator 2.5.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\WildSavers Screensaver - Bugs ws-0002 1.0.zip
c:\documents and settings\HP_Administrateur\Application Data\m\shared\xPodClone 1.3.3.zip
c:\documents and settings\HP_Administrateur\Application Data\m\srvlist.oct
c:\windows\system32\404Fix.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\java2.sys c:\windows\system32\snjava.dll
c:\windows\system32\mdelk.exe
c:\windows\system32\mfcans32.DLL
c:\windows\system32\mfcuia32.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\wintems.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-11 au 2009-01-11 ))))))))))))))))))))))))))))))))))))
.
2009-01-11 02:42 . 2009-01-11 02:42 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-11 02:42 . 2009-01-11 02:42 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes
2009-01-11 02:42 . 2009-01-11 02:42 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-11 02:42 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-11 02:42 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-11 02:40 . 2009-01-11 02:39 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-11 02:36 . 2009-01-11 02:36 <REP> d-------- c:\program files\Fichiers communs\Adobe
2009-01-11 02:33 . 2009-01-11 02:33 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-01-11 01:35 . 2009-01-11 01:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-11 00:42 . 2009-01-11 00:43 <REP> d-------- C:\rsit
2009-01-10 23:33 . 2009-01-10 23:33 <REP> d-------- C:\_OTMoveIt
2009-01-10 02:04 . 2009-01-11 03:27 <REP> d--h----- c:\documents and settings\HP_Administrateur\Application Data\drivers
2009-01-10 01:22 . 2009-01-10 01:51 <REP> d-------- c:\program files\FindyKill
2009-01-10 01:20 . 2009-01-11 00:43 <REP> d-------- c:\program files\Trend Micro
2009-01-09 23:59 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe
2009-01-09 18:06 . 2009-01-10 16:09 <REP> d-------- c:\program files\Navilog1
2009-01-09 15:17 . 2009-01-09 17:48 <REP> d-------- c:\documents and settings\HP_Administrateur\.housecall6.6
2009-01-09 01:03 . 2009-01-09 01:03 <REP> d-------- c:\program files\Softwin
2009-01-08 22:25 . 2009-01-09 14:29 <REP> d-------- c:\program files\a-squared Anti-Malware
2009-01-08 22:19 . 2009-01-08 22:19 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2009-01-08 21:23 . 2009-01-08 21:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-01-08 20:31 . 2009-01-10 23:33 <REP> d-------- C:\drivers
2009-01-06 17:20 . 2009-01-06 17:20 <REP> d-------- c:\windows\OpenOffice.org
2009-01-06 17:16 . 2009-01-06 17:16 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\OpenOffice.org
2009-01-06 17:14 . 2009-01-06 17:14 <REP> d-------- c:\program files\OpenOffice.org 3
2009-01-06 17:14 . 2009-01-06 17:14 <REP> d-------- c:\program files\JRE
2009-01-06 17:14 . 2009-01-11 02:39 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-06 16:57 . 2009-01-06 16:57 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\AdobeUM
2008-12-30 20:52 . 2008-12-30 20:54 116,849,736 --a------ c:\program files\xpesp1_lang_jpn.exe
2008-12-30 17:37 . 2008-12-30 17:37 <REP> d-------- c:\program files\CCleaner
2008-12-27 10:52 . 2008-12-27 10:52 <REP> d-------- c:\program files\Windows Media Connect 2
2008-12-27 10:51 . 2008-12-27 10:51 <REP> d-------- c:\windows\system32\LogFiles
2008-12-27 10:51 . 2008-12-27 10:51 <REP> d-------- c:\windows\system32\drivers\UMDF
2008-12-26 23:49 . 2008-12-27 00:07 105,897,889 --a------ c:\program files\dn3d_hrp-2005-11-01.exe
2008-12-26 20:55 . 2008-12-26 20:55 <REP> d-------- C:\DUKE3D
2008-12-26 20:36 . 2008-12-26 20:36 <REP> d--h----- c:\windows\PIF
2008-12-26 20:30 . 2008-12-26 20:30 <REP> d-------- c:\program files\Plus!
2008-12-26 20:24 . 2008-12-26 20:35 <REP> d-------- C:\KillATon
2008-12-26 20:24 . 1996-10-15 18:01 298,496 --a------ c:\windows\uninst.exe
2008-12-26 17:50 . 2008-12-26 17:50 <REP> d-------- c:\program files\Webcam 1200
2008-12-26 17:50 . 2008-12-26 17:50 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\InstallShield
2008-12-26 17:50 . 2007-06-29 16:32 611,584 --a------ c:\windows\system32\drivers\PFC027.SYS
2008-12-26 16:39 . 2008-12-26 16:39 <REP> d-------- c:\windows\PixArt
2008-12-26 16:35 . 2007-05-17 15:50 129,024 --a------ c:\windows\system32\SP207.AX
2008-12-26 16:35 . 2006-11-20 09:04 6,656 --a------ c:\windows\system32\CoInst_070629.dll
2008-12-26 16:35 . 2007-06-29 11:07 566 --a------ c:\windows\system32\SP207.INI
2008-12-26 13:55 . 2009-01-09 15:38 <REP> d-------- c:\program files\eMule
2008-12-25 20:45 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-25 20:44 . 2008-12-25 20:44 <REP> d-------- c:\program files\Microsoft Sync Framework
2008-12-25 20:42 . 2008-12-25 20:42 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-12-25 14:35 . 2008-12-25 14:35 236 --a------ C:\sqmdata06.sqm
2008-12-25 14:35 . 2008-12-25 14:35 200 --a------ C:\sqmnoopt06.sqm
2008-12-25 04:42 . 2009-01-07 21:09 81,984 --a------ c:\windows\system32\bdod.bin
2008-12-24 22:45 . 2008-12-24 22:45 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\TomTom
2008-12-24 22:44 . 2008-12-24 22:45 <REP> d-------- c:\program files\TomTom HOME 2
2008-12-24 22:13 . 2008-12-24 22:13 <REP> d-------- c:\program files\TomTom DesktopSuite
2008-12-22 21:46 . 2008-12-22 21:46 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\vlc
2008-12-22 21:30 . 2008-12-22 21:30 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\HPQ
2008-12-22 19:44 . 2008-12-29 16:50 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\dvdcss
2008-12-22 19:42 . 2008-12-22 19:42 <REP> d-------- c:\program files\VideoLAN
2008-12-22 19:30 . 2008-12-22 19:30 128,116 --a------ c:\program files\VLC.exe
2008-12-22 19:03 . 2008-12-22 19:03 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\InterVideo
2008-12-22 19:02 . 2009-01-08 20:35 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\HP
2008-12-21 18:26 . 2008-12-21 18:26 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Media Player Classic
2008-12-21 11:18 . 2008-12-21 11:18 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Sonic
2008-12-21 11:18 . 2008-12-21 11:18 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Leadertech
2008-12-21 10:54 . 2008-12-21 10:54 <REP> d-------- c:\windows\Sun
2008-12-20 14:36 . 2008-12-20 14:36 236 --a------ C:\sqmdata05.sqm
2008-12-20 14:36 . 2008-12-20 14:36 200 --a------ C:\sqmnoopt05.sqm
2008-12-20 12:12 . 2008-12-20 12:12 <REP> d-------- c:\program files\SFR
2008-12-20 12:06 . 2008-12-20 12:06 236 --a------ C:\sqmdata04.sqm
2008-12-20 12:06 . 2008-12-20 12:06 200 --a------ C:\sqmnoopt04.sqm
2008-12-19 23:04 . 2001-09-30 19:10 246,784 --a------ c:\windows\system32\ActiveSkin.ocx
2008-12-19 23:04 . 2001-05-24 12:59 162,304 --a------ C:\UNWISE.EXE
2008-12-19 23:04 . 2002-01-18 18:12 112 --a------ c:\windows\ActiveSkin.INI
2008-12-19 21:52 . 2008-12-19 21:52 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Macrovision
2008-12-19 21:50 . 2008-12-19 21:50 236 --a------ C:\sqmdata03.sqm
2008-12-19 21:50 . 2008-12-19 21:50 200 --a------ C:\sqmnoopt03.sqm
2008-12-19 21:49 . 2008-12-19 21:49 <REP> d-------- c:\program files\Vodafone
2008-12-19 21:49 . 2008-12-19 21:49 <REP> d-------- c:\documents and settings\All Users\Application Data\Macrovision
2008-12-19 21:49 . 2007-11-05 11:56 101,120 -ra------ c:\windows\system32\drivers\ewusbmdm.sys
2008-12-19 20:36 . 2008-12-19 20:36 <REP> d-------- c:\program files\Microsoft Games
2008-12-19 11:40 . 2008-12-19 11:40 236 --a------ C:\sqmdata02.sqm
2008-12-19 11:40 . 2008-12-19 11:40 200 --a------ C:\sqmnoopt02.sqm
2008-12-18 18:44 . 2008-12-18 18:44 236 --a------ C:\sqmdata01.sqm
2008-12-18 18:44 . 2008-12-18 18:44 200 --a------ C:\sqmnoopt01.sqm
2008-12-18 16:08 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-18 16:08 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\dllcache\usbprint.sys
2008-12-18 16:07 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-12-18 16:07 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\dllcache\usbccgp.sys
2008-12-18 14:59 . 2008-12-18 14:59 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Template
2008-12-18 14:59 . 2009-01-07 18:02 768 --a------ c:\documents and settings\HP_Administrateur\Application Data\wklnhst.dat
2008-12-17 20:56 . 2008-12-17 20:56 236 --a------ C:\sqmdata00.sqm
2008-12-17 20:56 . 2008-12-17 20:56 200 --a------ C:\sqmnoopt00.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 02:05 --------- d-----w c:\program files\Symantec
2009-01-11 01:40 --------- d-----w c:\program files\Java
2009-01-10 02:50 --------- d-----w c:\program files\Alwil Software
2008-12-26 16:50 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-25 19:45 --------- d-----w c:\program files\Windows Live
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-11-24 01:21 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-24 01:15 --------- d-----w c:\program files\MSXML 4.0
2008-11-23 21:25 --------- d-----w c:\program files\EA GAMES
2008-11-23 14:38 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2008-11-23 14:37 --------- d-----w c:\program files\Microsoft
2008-11-23 14:31 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-11-23 14:29 --------- d-----w c:\program files\Microsoft Silverlight
2008-11-23 13:52 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-11-21 13:41 --------- d-----w c:\documents and settings\HP_Administrateur\Application Data\Symantec
2008-11-21 13:35 1,953 --sha-r c:\windows\system32\drivers\103C_HP_CPC_EP239AA-ABF m7355.fr_YC_0Pavi_QCZB604_E61FRemMPC2_48_IAMETHYST-M_SMSI_V1.0_B3.43_T060112_WXP2_L40C_M1023_J250_7AMD_8Athlon 64 X2 Dual Core_91.99_#081121_N10EC8139_Z_G10027146_OTSSTcorp CD DVDW TS-H552D.MRK
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-11 2156368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-11 136600]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-10-02 57344]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-03 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2009-01-11 319488]
"a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2009-01-11 2782352]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-03 180269]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-01-11 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"ftutil2"="ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]
c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Barre d'‚tat systŠme d'ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-10-02 57344]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2005-01-03 2799488]
R3 PAC207;Webcam 1200;c:\windows\system32\drivers\PFC027.SYS [2008-12-26 611584]
R4 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-25 55136]
R4 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
R4 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
S1 aswSP;avast! Self Protection; [x]
S4 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6617ba8-d1ed-11dd-90f1-0013d3f4aa0e}]
\Shell\AutoRun\command - J:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee765a3e-ce05-11dd-90df-0013d3f4aa0e}]
\Shell\AutoRun\command - J:\StartVMCLite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee765a3f-ce05-11dd-90df-0013d3f4aa0e}]
\Shell\AutoRun\command - J:\StartVMCLite.exe
.
Contenu du dossier 'Tâches planifiées'
2005-01-03 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 18:22]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
HKLM-Run-IS CfgWiz - c:\program files\Norton Internet Security\cfgwiz.exe
HKLM-Run-URLLSTCK.exe - c:\program files\Norton Internet Security\UrlLstCk.exe
HKLM-Run-PCDrProfiler - (no file)
.
------- Examen supplémentaire -------
.
IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
FF - ProfilePath - c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\kn56ta3r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 03:33:19
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(564)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\arservice.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Heure de fin: 2009-01-11 3:36:45 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-11 02:36:43
Avant-CF: 192,678,400,000 octets libres
Après-CF: 192,653,283,328 octets libres
656 --- E O F --- 2009-01-07 17:19:46
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
11 janv. 2009 à 04:01
11 janv. 2009 à 04:01
Impecc', réinstalle tes programmes.
Je reviens demain.
Je reviens demain.
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 04:03
11 janv. 2009 à 04:03
C'est vrai, super, merci énormément, bonne nuit alors.
Et encore merci ^^
Et encore merci ^^
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 16:35
11 janv. 2009 à 16:35
Bonjour Destrio5, je voulais savoir si mon pc était ok au niveau désinfection, donc voilà, merci
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
11 janv. 2009 à 16:36
11 janv. 2009 à 16:36
/!\ Seul Umine-chan, peut suivre cette procédure /!\
1/
---> Ouvre le Bloc-notes.
---> Copie le texte ci-dessous par sélection puis Ctrl+C :
KillAll::
DirLook::
C:\drivers
c:\documents and settings\HP_Administrateur\Application Data\drivers\
---> Colle la sélection dans le bloc-notes
---> Enregistre ce fichier sur le bureau (Impératif)
---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes
2/
---> Fait un glisser/déposer de ce fichier CFScript sur le fichier KillBagle.exe comme sur la capture :
http://www.searchengines.pl/phpbb203/pliki/picasso/virus/programs/combofix/combofix_cfscript.gif
[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.
[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.
[*] Une fois le scan achevé, un rapport va s'afficher : poste-le
[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix\Combofix.txt
1/
---> Ouvre le Bloc-notes.
---> Copie le texte ci-dessous par sélection puis Ctrl+C :
KillAll::
DirLook::
C:\drivers
c:\documents and settings\HP_Administrateur\Application Data\drivers\
---> Colle la sélection dans le bloc-notes
---> Enregistre ce fichier sur le bureau (Impératif)
---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes
2/
---> Fait un glisser/déposer de ce fichier CFScript sur le fichier KillBagle.exe comme sur la capture :
http://www.searchengines.pl/phpbb203/pliki/picasso/virus/programs/combofix/combofix_cfscript.gif
[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.
[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.
[*] Une fois le scan achevé, un rapport va s'afficher : poste-le
[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix\Combofix.txt
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 16:50
11 janv. 2009 à 16:50
J'ai fait ce qui est indiquer, me=ais la fenêtre bleu reste... bleu, aucun message ne s'affiche et cela doit faire 15min déjà que j'attends
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 16:52
11 janv. 2009 à 16:52
Ah, pardon je n'ai pas tenté se qui est dit à la fin du message, j'essaye de suite
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
11 janv. 2009 à 17:00
11 janv. 2009 à 17:00
Heu désolé, je dois vraiment être trop stupide, mais je ne tryouve pas C:\ComboFix\Combofix.txt (j'ai donc supposé que se serais C:\KillBagle\KillBagle.txt, mais je ne trouve pas) désolé
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
11 janv. 2009 à 17:44
11 janv. 2009 à 17:44
Réessaie la manip'.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
12 janv. 2009 à 19:55
12 janv. 2009 à 19:55
Es-tu toujours là ?
On va faire autrement.
On va faire autrement.
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
12 janv. 2009 à 23:30
12 janv. 2009 à 23:30
Bonjours Distrio5, me revoilà, désolé, je finis assez tard avec le boulot et hier, pas le temps d'allez sur le pc.
Je vous écoute pour ton autre solution
Je vous écoute pour ton autre solution
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
12 janv. 2009 à 23:43
12 janv. 2009 à 23:43
Il y a quoi dans ce dossier ?
C:\drivers
C:\drivers
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
12 janv. 2009 à 23:45
12 janv. 2009 à 23:45
Ben je n'avais jamais remarquer, mais il est vide. Il me semblé portant qu'avant il contenez quelque chose. Pourquoi ça? Il pose problème?
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
12 janv. 2009 à 23:46
12 janv. 2009 à 23:46
Genre winupgro.exe ?
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
12 janv. 2009 à 23:50
12 janv. 2009 à 23:50
Est bizarrement il à était créer le 08/01/09, je n'ai pourtant rien installer se jour si, mais c'est le jour ou j'ai découvert les infections de mon pc qui me pourrisse la vie (ou plutôt mon pc). Après je psychose peut-être un peu trop ^^
Umine-chan
Messages postés
51
Date d'inscription
samedi 10 janvier 2009
Statut
Membre
Dernière intervention
26 mars 2009
12 janv. 2009 à 23:51
12 janv. 2009 à 23:51
Peut-être bien, fichier detecter suspect qui contient le trojan ou bagle, n'est pas?
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
12 janv. 2009 à 23:52
12 janv. 2009 à 23:52
Oui, tu peux supprimer ce dossier.
Je vais regarder ce qu'on a fait.
Je vais regarder ce qu'on a fait.