Sujet Précédent Sujet Suivant

Probleme logiciel de securite

Résolu/Fermé
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021 - 16 janv. 2010 à 10:11
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021 - 30 janv. 2010 à 19:34
Bonjour,
a nouveau de retour pour quelques soucis, je ne peux plus lancer antivir, ni le désinstaller, je ne peux pas redemarrer non plus en mode sans echec, lorsque je lance ccleaner, j'arrive à nettoyer et il se ferme tout seul
en regardant dans le forum j'ai fait quelques manipulations mais rien n'y fait
la je vais lancer jacfind et puis je vous posterai le rapport
merci de votre aide
A voir également:

161 réponses

Précédent
Réponse 101 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 21:40
je confirme ça a bien évolué j'arrive a redémarré en mode sans échec, j'ai passé Avira Antivir le seul souci c'est pour faire les mises à jour d'avira antivir

au niveau des anti-virus tu me conseilles lequel, même en payant ?

je vais essayer de passer d'autres logiciels comme Spybot, Ccleaner, je te tiens au courant, merci pour tout
0
Réponse 102 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 21:46
regardes fabuleux j'ai même réussit à passer HijackThis je te poste le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:51, on 21/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.mozilla.org/fr/firefox/new/?utm_source=mozilla-fr&utm_medium=referral
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://charon777.free.fr/plugins/hardwaredetection_2_0_4_10.cab
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 103 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
21 janv. 2010 à 21:49
Les mises à jour : c'est normal si ça bloque, les serveurs sont chargés.
Mets-le à jour ainsi :
https://www.commentcamarche.net/faq/21023-mise-a-jour-manuelle-d-avira-antivir

*******

Pour les antivirus : en gratuit => Antivir
En payant => Kaspersky.

*******

Tu diras bien aux enfants que les cracks, c'est terminé !!! (ça aurait pu être pire l'infection alors imagine ...!)

*******

Poste la fin du rapport Combofix stp.

*******

Affiche les fichiers et dossiers cachés ainsi que les fichiers du système :
- Mes documents
- Outils
- Options des dossiers
- Onglet « Affichage »
- Coche Afficher les fichiers et dossiers cachés
- Décoche « Masquer les fichiers protégés du système d’exploitation (recommandé) »

********

Analyse ces fichiers : 
c:\program files\Cake_Mania-setup.exe
c:\windows\java\Packages\mtz93lbx.zip
c:\windows\java\Packages\4ylfvxjb.zip

Sur le site de virustotal :
https://www.virustotal.com/gui/

Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.

Poste bien les rapports en m’indiquant à chaque rapport envoyé le nom du fichier concerné !

(Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant).

********

Désinstalle Super Anti Spyware.

********

Refais une analyse en ligne avec BitDefender.
0
Réponse 104 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 22:06
t'inquiètes pour les enfants ils ont eu une morale d'enfer, une bonne punition puisque depuis que le début que tu m'aides ils ont plus eu droit à toucher le PC j'espère bien que ça leur servira de leçon sous peine de ne plus avoir de connexion internet du tout

je te poste à nouveau le rapport ComboFix en espérant qu'il est complet

Entre temps j'ai pu passer Ccleaner super contente du boss, lol, non vraiment chapeau à toi

ComboFix 10-01-20.05 - MYRIAM 21/01/2010 19:08:30.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.750 [GMT 1:00]
Lancé depuis: c:\documents and settings\MYRIAM\Bureau\KillB.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\MYRIAM\Application Data\drivers\downld
c:\documents and settings\MYRIAM\Application Data\drivers\downld\122859.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\123078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\123281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\123921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\124312.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\124906.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\125546.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\126468.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\127390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\128078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\128484.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\128703.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\129093.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\129468.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\130953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\131500.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\131765.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\131953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\135187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\135593.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\135968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\136218.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\136406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\136593.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\137203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\137828.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\138062.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\138281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\138562.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\138843.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\139734.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\140218.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\141390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\142031.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\142406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\142640.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\143359.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\143984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\144156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\144343.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\144750.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\145125.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\145375.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\145578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\145812.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\146062.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\146218.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\146390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\147984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\148578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\149500.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\150203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\150562.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\150765.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\150984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\151187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\152656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\153609.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\153843.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\156203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\157453.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\164234.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\164531.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\164750.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\165406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\165812.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\166078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\166250.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\167484.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\167718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\168062.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\168281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\169156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\169781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\170156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\170390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\170578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\175390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\175968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\176406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\176656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\177796.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\178562.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\179078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\179671.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\180093.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\180687.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\181078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\181718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\182109.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\182468.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\182671.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\182937.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\225265.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\226390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\227062.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\227640.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\227921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\228875.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\229625.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\230328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\230750.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\231968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\233156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\235125.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\236109.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\236578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\236843.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\237046.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\247531.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\248281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\248750.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\251953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\254281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\254609.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\275359.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\275953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\280015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\280296.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\280593.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\280921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\281140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\281796.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\282187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\283484.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\284343.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\284921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\285328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\285859.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\286156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\286734.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\287000.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\287781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\288187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\289093.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\289781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\290015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\311281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\320640.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\320906.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\321140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\322281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\322921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\323203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\323406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\323687.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\324000.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\324968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\325375.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\328359.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\329765.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\330000.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\330203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\330546.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\330781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\331234.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\331546.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\331796.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\331968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\332203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\332437.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\332687.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\332875.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\334515.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\335171.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\335859.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\336234.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\336578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\336796.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\337734.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\338390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\339093.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\369750.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\371171.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\374390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\374937.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\375375.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\376265.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\376500.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\376921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\377265.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\377953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\420609.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\420796.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\420984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\421937.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\422890.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\423140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\423343.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\423687.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\423843.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\424078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\424328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\424703.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\424906.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\425484.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\425875.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\426109.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\426296.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\427328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\428203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\429375.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\430312.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\432593.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\434546.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\435140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\435656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\436843.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\437812.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\438968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\439718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\441937.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\443031.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\443593.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\449140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\450187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\450953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\451312.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\451484.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\452015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\452406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\453078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\453781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\454421.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\454890.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\455984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\456656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\456875.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\499140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\499640.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\500000.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\500281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\500515.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\500812.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\501062.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\501562.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\501781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\503734.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\505437.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\505765.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\506015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\506203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\506375.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\507265.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\507921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\508156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\508343.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\508875.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\509421.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\509656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\509875.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\510234.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\510703.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\511921.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\512859.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\519687.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\524187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\524484.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\524718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\525125.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\525328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\525968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\526218.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\526578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\526781.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\526984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\527156.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\527343.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\527531.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\528015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\528406.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\531140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\532562.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\533218.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\533718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\535390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\535906.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\539656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\543593.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\543843.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\547109.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\547375.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\547578.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\548250.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\548765.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\549265.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\549656.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\550562.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\551203.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\553500.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\554234.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\555281.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\555984.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\556500.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\561703.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\562625.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\563312.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\563640.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\568968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\569140.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\569328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\570015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\570453.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\570953.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\571328.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\573968.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\577000.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\577234.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\577437.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\578109.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\578625.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\579250.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\579718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\581078.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\586000.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\586718.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\587218.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\587828.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\81609.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\81812.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\82015.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\82187.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\82390.exe
c:\documents and settings\MYRIAM\Application Data\drivers\downld\90515.exe
c:\documents and settings\MYRIAM\Application Data\drivers\winupgro.exe
c:\documents and settings\MYRIAM\Application Data\m
c:\documents and settings\MYRIAM\Application Data\m\data.oct
c:\documents and settings\MYRIAM\Application Data\m\flec006.exe
c:\documents and settings\MYRIAM\Application Data\m\list.oct
c:\documents and settings\MYRIAM\Application Data\m\shared\1-2-3 PieCharts 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\1Click DVD Copy v4.1.1.8 WinALL Incl Keygen Repack by BLiZZARD.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\1st DVD Ripper v5.0.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\3D Matrix ScreenSaver- The Endless Corridors (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\3DField 1.77.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\A1 DVD Ripper Professional 1.0.xx 1.0.xx (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\A1 Website Download v1.2.8 by AHCU.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Access Animation v1.90 by TMG.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Acoustica MP3 CD Burner v4.0.95 by EMBRACE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Ad Muncher 4.06.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Adobe PageMaker Plug-in Pack for InDesign CS 1.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Advanced Replacer v1.1 by LasH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Aglare All to 3GP MP4 iPod Zune iPhone Converter 7.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Aha Password and Info Manager 7.61.00.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Album Player v2.12 by DiGERATi.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Alcohol 120 Percent v1.3.4 build 1106 by LasH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Alive CD Ripper 1.1.0.2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Allok Audio Converter 1.1.0 CrAcKed.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Alltags Planer 99.09 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Andromeda Screen Shot Saver 2.38.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Aone Ultra Video Splitter v3.7.0 by BRD.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Archon Weld Calculator 6.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Aresuki 3.0 for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ASE ChartDirector for Python v4.0 Solaris Incl Keymaker by ZWT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Ashampoo Burning Studio v5.0.1 by EMBRACE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Audio Developer SDK 1.0 (crack).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Available Domains 1.02 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\AVS DV to DVD 1.2.1.102-key.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\BackupXpress Pro 2.72.35.176 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bali PLANNING v5.48.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Benutec RamCleaner v3.55 build 1726.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bibliotheque 3.0 for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Binary Vortex 2.7.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\BluePrint Personal Edition 1.2.7 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\BoXiKoN v1.5.2 WinALL CRACKED by iNDUCT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bram Stokers Dracula (1993) (Psygnosis) FULL!.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\BT Printer List ActiveX v2.0.2.2 by DSi.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bubble Frenzy Remix v2.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bubble Trouble 1.0.0 for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bulker v3.24 WinALL Incl Keygen by BLiZZARD.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Bytegeist Ghost Trails v3.0 for 3DSMAX v6.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CalendarMirror for Outlook 2.1 keygen.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Call of Duty Modern Warfare 2 NO INTRO FIX.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Call of Duty World at War v1.5 MULTIHACK.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Capturix VideoSpy 2007 Enterprise Edition v4.10.2096 by TE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Cartesia Map Art Clip Art Pack vAll for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Catalogue Pro v4.2.21 by diGERATi.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CFi ShellToys XP 2.0.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Chaser Keygen.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CHN Calculator 4 for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Classical Spanish Solitaires 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CodeTangler Professional 2.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ColorImpact v2.3.0.308 Winall Cracked by iNFECTED.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Command Mail v2.21 by TMG.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Connectpc v1.1 WinALL Incl Keygen by ECLiPSE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CopyToCD v1.06b.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Crossword Construction Kit v4.0.3.1 by Core.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CUSeeMe Windows PC for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\CyberLink StreamAuthor 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\DacEasy Order Entry Network 9.10.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Dark Sector v1.0 [MULTI2] +4 TRAINER #1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Deneba Canvas all versions for Mac.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\DialogBlocks v4.10 Unicode by ACME.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Digital Physiognomy v1.x Generic by FFF.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\DigitByte Studio Traffic Counter v2.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Directory Toolkit v3.2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Doppelganger 3.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\dotConnect for SQL Server 2.05.49.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\DropFolder 1.01.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\DVD Rebuilder Pro v1.09 by DVT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\dvdXSoft DVD to iPhone Converter v1.42 by AT4RE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\DzWords 1.29 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\EasyText 3.5 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\eAuction Watcher 2.3.5 beta 10.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\EAUpload 1.3.1 patch.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\EBP Compta Facturation 2005 v9.1 R2BIS 877 French RETAIL by RESET.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Elite Software Ecoord v3.0.11 Incl Keyfilemaker by AGAiN.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Email Man 3.0.1.12011.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Embird Alphabet 10 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Enable Toolbox 2.3d build 9.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\English-Spanish Interpreter (ESI) Standard 1.31.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ESP Mail Check 2.0 Beta 3.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Fancy DVD Copy v2.0 WinALL Incl Keygen by BRD.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Fast Exit Pro 1.06 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Feeding Frenzy 2.9.16.1 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Financial Advisor for Excel Full Access 4.1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Finanzrechner 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Fire Frenzy Retail JAVA SE K810 by RLYEH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Folder Encryption Fairy v3.5.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\GameHouse Super Jigsaw Flowers by BalCrNepal.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Gene Troopers v1.0 +5 TRAINER.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Goetz's Graphics Kit 1.02.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\goUpdater 1.0.4.51.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\GretagMacbeth ProfileMaker Pro v4.1.5.108 (CD) and 4.1.5.110 (WEB).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\GTA San Andreas v1.0 +10 TRAINER 2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Heinecke Airomate v1.02 by HAZE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Hello Engines 3.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\HGSBuchArchiv 4.01 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\His Grepship v4.2.1.6 Keymaker Only REPACK by ACME.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\History sweeper XXL 3.7.40.078.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Hoolicon 2.01 Updated.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\HTMLPad 2000.3 x Beta.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Hucks Rocket Boot Hero v1.2 by AERiS.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\IAS Log Viewer 2.28.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Icon Processor v3.0 by SND.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\IdentaFone 4.3.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Image Editor 3.1.02.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Import-Export Studio v2.2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Installed Programs Finder 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Investintech Sonic PDF Creator v2.0 WinALL Cracked by iNViSiBLE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Invoy 2.00.2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ISpQ VideoChat 5.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ItsTime 2.8e-key.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\J. River Media JukeBox v8.0.265.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\JetBoat SuperChamps (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\jigpix 2.5 serial by TSRh.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\JProbe Profiler Professional Edition 2.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\KeyView Pro 6.5.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\KoolMoves 1.95.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Lavalys EVEREST Corporate Edition v5.00.1650 by CRD.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Little Hopper's Math Tac Toe 1.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Magic SWF2AVI v1.10 by FFF.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Mailcoach 2 x (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\MakeMS v2.7.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\McFunSoft DVD Creator v7.8 WinALL Regged by iNDUCT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\MEDIAKG FotoWorks v9.1.4 German WinALL Incl Keygen by ViRiLiTY.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Microsoft VirtualEarth Satellite Downloader v3.203 by AHCU.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Millennium 2000 World Book International Standard English Edition (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Mini Video Converter Video to iPhone Converter by AT4RE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Mocha Telnet for Vista 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Motherload Goldium Edition v1.006 by DELiGHT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\MP3 Disc Burner v1.60 by LasH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\MySuperSoft Flash2Video v3.68.950 by DVT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\MySuperSoft SuperAVConverter v7.6.3500 by DVT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Mytoolsoft Batch WaterMark v1.5 by FFF.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Nero Burning ROM Enterprise Edition v6.6.0.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\NetCetera Rida Rida Ranka v2.5.1.8 SWEDISH by TFT.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\NetInfo v3.0 build 1116.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\NetSpy 3.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\NextUp Talker v1.011 by TBE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\NFS Underground 2 [US] EURO CARS UNLOCKED.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\NFS Underground v1.3.4 +6 TRAINER.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Norbyte Petal Palace v1.0.6 CRACKED by RHE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Norton Antivirus for Macintosh Subscription Renewal 9.x for Mac (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Noughts and Crosses 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\OandO Defrag Server Edition 8.0.1398 (2005-06-08) (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Olympic Organizer Deluxe v2.7 WinALL by CHiCNCREAM.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Omaitek OmaiProtect v1.00 for SymbianOS7 S60.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\OrgScheduler 5.7.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\OTTER 1.3.26.129-key.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Palm Heroes v1.03 Retail Russian by RLYEH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Pariah v1.02 [ENGLISH] Fixed EXE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\PC Door Guard v2.8.0.0 Serial.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Pdf File Splitter 1 CrAcKed.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Phelios Super Sprites 1.6 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Pile Volume 2.1.6.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Platinum FTP Server 1.0.18 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Poker Break 1.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Polar Studio 6.35 (crack).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Pop3check XP 1.0.1009.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Predator 1.4 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\PS to Tiff 2.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Psiloc irRemote Control for Series60.1.65 for Symbian.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Quick ePics 3.2.3.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\RA Dicey 1.0.117.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\RegistryFix v6.0 Keymaker Only by EMBRACE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Remove 4.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Romi v3.3 by LasH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Sage 100 Comptabilite SQL v13.01 French RETAIL by RESET.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Sage Moyens de Paiement 100 v13.00 French RETAIL by RESET.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SaveForm 2.31.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Security Administrator 7.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Setup Specialist 2001.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SFR visCrypt v1.2.0 Retail for PocketPC by RLYEH.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Shadow Remote Administartor 1.04a.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Smart report maker 1.2 keygen.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Snooper 3.43.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SobolSoft Find and Replace Multiple Items At Once Software by AT4RE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Source Guard Professional 2.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SpeedAddress v2006.04 German by BLiZZARD.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\speedlaunch 1.0 cracked prc by TSRh.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SPX Instant Screen Capture 4.41.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Spy Bouncer v1.32 by CSS.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SpyRemover v1.64 by Lucid.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SQL Dictionary Swedish Portuguese 1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SQLMerger 2.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\StartPro 2.0 B2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Steinberg My MP3 Pro 5 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Stomp RecordNow MAX v4.50.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Studo 10.0 Plus ( Serial ) 10.0 Plus (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Super Disk Reder 98.1.0.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Supersoft PROPHET 2008 by TSRh.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\SwitchSniffer v1.2.0 WinNT Cracked by GRACO.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Text tree 1.2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\TGS Open Inventor v6.0 for VC6 Incl Licgen by TBE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\The Cleaner Professional v4.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ThumbsUp 3.5.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\TinyIRC Pro v2.0.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Trash It 1.71.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\TrendMedium 2.75.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\TVTool 6.5a.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\ultra mp3 1.33 for Symbian OS (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Understand for Ada 1.4.242.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Unios 1.9.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\URL Archiv 1.04 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\USB-ToolBox 2.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\USB over Ethernet 2.4.1.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\VB Builder 1.3.2.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Vern 2.1 Beta 9 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\VideoToolbox 0.7.0.30 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\VOVO Zune video converter 1.24.005 keygen.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WebCheck 4.00.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WebTabs 1.0a.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WinASO Registry Optimizer v2.8 WinALL Keygen Only by ViRiLiTY.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Windows 2003 Server VLK.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WinDVD 4 4 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WITHMP3 1.52 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Wizard Brush 5.83.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Wondershare 3GP Video Converter build 3.2.47 Fixed by Bidjan.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WordDecryptor 1.3 (crack).zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WordQuiz 5.0.0.42.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\WordToPDF Pro v1.10.95 WinAll by LAXiTY.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Writers Cafe v1.21 Unicode by ViRiLiTY.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Xtreme Air Racing v1.031 [ENGLISH] No-CD Fixed EXE.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Yaldex JSFactory Pro v2.0 Full.zip
c:\documents and settings\MYRIAM\Application Data\m\shared\Zend Studio 5.1.0 (Serial).zip
c:\documents and settings\MYRIAM\Application Data\m\srvlist.oct
C:\LOG.TXT
c:\program files\Java\jre6\bin\jucheck.exe
c:\program files\Java\jre6\bin\jusched.exe
c:\program files\Mozilla Firefox\extensions\{AE6173F2-35A9-46B3-9796-3D0AA500CEA9}
c:\program files\Mozilla Firefox\extensions\{AE6173F2-35A9-46B3-9796-3D0AA500CEA9}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{AE6173F2-35A9-46B3-9796-3D0AA500CEA9}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{AE6173F2-35A9-46B3-9796-3D0AA500CEA9}\install.rdf
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\mdelk.exe
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
c:\windows\wintems.exe

----- BITS: Il y a peut-être des sites infectés -----

hxxp://armmf.adobe.com
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-21 au 2010-01-21 ))))))))))))))))))))))))))))))))))))
.

2010-01-21 16:42 . 2010-01-21 16:42 -------- d-----w- c:\program files\ZHPDiag
2010-01-21 14:09 . 2010-01-21 18:13 -------- d--h--w- c:\documents and settings\MYRIAM\Application Data\drivers
2010-01-20 13:05 . 2010-01-20 13:05 -------- d-----w- c:\program files\CCleaner
2010-01-20 08:33 . 2010-01-20 08:33 2128660 ----a-w- c:\windows\system32\pythondll.zip
2010-01-17 10:37 . 2010-01-20 12:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-16 12:50 . 2010-01-17 11:06 -------- d--h--w- c:\documents and settings\LocalService\Application Data\drivers
2010-01-16 08:41 . 2010-01-21 14:08 -------- d-----w- C:\FindyKill
2010-01-12 19:09 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-09 20:00 . 2010-01-09 20:03 -------- d-----w- c:\program files\Dactylo
2009-12-25 22:18 . 2009-12-25 22:18 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-25 22:18 . 2009-12-25 22:18 -------- d-----w- c:\program files\MSBuild
2009-12-25 22:18 . 2009-12-25 22:18 -------- d-----w- c:\program files\Reference Assemblies
2009-12-25 22:18 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-25 22:17 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-25 22:17 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-25 22:17 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-25 22:17 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-25 22:17 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-25 22:17 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-25 22:17 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-25 22:17 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-23 07:56 . 2009-12-23 07:56 52224 ------w- c:\documents and settings\MYRIAM\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-21 16:21 . 2008-03-26 14:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-21 13:56 . 2008-09-26 16:29 -------- d-----w- c:\program files\Trend Micro
2010-01-21 09:23 . 2009-11-21 19:27 -------- d-----w- c:\documents and settings\MYRIAM\Application Data\vlc
2010-01-21 06:47 . 2009-03-22 17:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-01-21 06:22 . 2010-01-21 06:22 933941 ----a-w- c:\windows\java\Packages\YCJ1NVRF.ZIP
2010-01-21 06:22 . 2010-01-21 06:22 807416 ----a-w- c:\windows\java\Packages\VPZ735RX.ZIP
2010-01-21 06:22 . 2010-01-21 06:22 6548308 ----a-w- c:\windows\java\Packages\RDZHBD3F.ZIP
2010-01-21 06:22 . 2010-01-21 06:22 1120159 ----a-w- c:\windows\java\Packages\O09797PJ.ZIP
2010-01-21 06:22 . 2010-01-21 06:22 1354601 ----a-w- c:\windows\java\Packages\mtz93lbx.zip
2010-01-21 06:22 . 2010-01-21 06:21 5110617 ----a-w- c:\windows\java\Packages\GF93T3J7.ZIP
2010-01-21 06:21 . 2010-01-21 06:21 988305 ----a-w- c:\windows\java\Packages\43VVLNH3.ZIP
2010-01-21 06:21 . 2010-01-21 06:21 952456 ----a-w- c:\windows\java\Packages\4ylfvxjb.zip
2010-01-20 14:08 . 2008-04-19 09:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-20 14:08 . 2008-01-10 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-19 21:50 . 2007-11-25 13:53 55104 ------w- c:\documents and settings\MYRIAM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-16 21:04 . 2007-12-11 08:24 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2010-01-15 20:21 . 2009-10-15 12:07 -------- d-----w- c:\program files\Oberon Media
2010-01-13 16:41 . 2007-11-24 17:36 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-02 11:13 . 2009-04-23 12:47 -------- d-----w- c:\documents and settings\MYRIAM\Application Data\dvdcss
2009-12-27 08:25 . 2008-04-05 15:05 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-12-26 09:59 . 2009-07-01 19:44 55104 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-25 22:21 . 2001-08-28 12:00 87560 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-25 22:21 . 2001-08-28 12:00 523788 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-24 22:18 . 2009-03-24 12:55 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-23 07:55 . 2009-12-04 09:04 117760 ------w- c:\documents and settings\MYRIAM\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-22 09:51 . 2009-11-15 18:55 -------- d-----w- c:\program files\Bubble Town
2009-12-21 16:13 . 2007-12-11 08:27 81984 ----a-w- c:\windows\system32\bdod.bin
2009-12-05 18:20 . 2009-12-05 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited
2009-12-04 09:03 . 2009-03-21 18:24 -------- d-----w- c:\documents and settings\MYRIAM\Application Data\SUPERAntiSpyware.com
2009-12-04 09:02 . 2009-04-25 18:14 -------- d-----w- c:\program files\CDBurnerXP
2009-11-30 13:48 . 2009-09-06 13:11 -------- d-----w- c:\documents and settings\MYRIAM\Application Data\HpUpdate
2009-11-25 15:25 . 2009-11-23 17:49 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-25 10:55 . 2009-11-25 10:54 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-25 10:19 . 2009-12-21 16:25 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-21 15:58 . 2002-08-29 09:44 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-15 15:18 . 2009-03-13 18:26 230432 ----a-w- C:\SPC220NC.DAT
2009-11-14 13:24 . 2009-11-14 13:24 64072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.736\French\setup.exe
2008-03-26 14:14 . 2008-03-26 14:14 17681640 -c----w- c:\program files\Cake_Mania-setup.exe
.

------- Sigcheck -------

[-] 2009-04-22 . A29E1209F925A0E9B330E11DA5FC7BAB . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\TCPIP.SYS
[-] 2009-04-22 . A29E1209F925A0E9B330E11DA5FC7BAB . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\TCPIP.SYS
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2GDR\tcpip.sys
[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2010-01-20 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-06-09 7700480]
"nwiz"="nwiz.exe" [2007-06-09 1626112]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2007-06-09 86016]
"SchedulingAgent"="mstinit.exe" [2008-04-13 12288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^EPSON Status Monitor 3 Environment Check.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TrayMin220.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\TrayMin220.lnk
backup=c:\windows\pss\TrayMin220.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-13 18:34 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-06-09 10:30 7700480 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startup
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 105 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
21 janv. 2010 à 22:10
Merci c'est gentil.
Le rapport combofix est trop long pour passer ici alors envoie le ici :
http://cijoint.fr/
Et envoie moi l'URL qui te sera communiquée pour que je puisse consulter le document.

*****

Parfait, tous les outils devraient passer maintenant : Fais un RSIT stp ce sera plus complet (tu as la procédure précédemment : à la recherche :P)

*****

Mets à jour Malwarebytes' Anti Malware, on l'utilisera dans pas longtemps.

*****

Télécharge Ad-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
= = = =>>> En cliquant ici <<<= = = =

/!\ Déconnectes toi et fermes toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

* Double clique sur l’exécutable pour le lancer.
* Au message d’avertissement qui s’affiche, sélectionne ‘Oui’.
* Au menu principal choisi l’option "S" et tape ensuite sur la touche Entrée.
* Poste le rapport qui apparaît à la fin de l’analyse qui peut prendre du temps.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :
"Process.exe", une composante de l’outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s’agit pas d’un virus, mais d’un utilitaire destiné à mettre fin à des processus.
0
Réponse 106 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 22:14
voilà déjà le lien pour ComboFix:

http://www.cijoint.fr/cjlink.php?file=cj201001/cijgOaBvFl.txt
0
Réponse 107 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 22:27
rapport RSIT :

info.txt logfile of random's system information tool 1.06 2010-01-21 22:25:14

======Uninstall list======

-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
BPM-Studio 4 Profi-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ALCATech\BPM-Studio Profi\DeIsL1.isu" -c"C:\Program Files\ALCATech\BPM-Studio Profi\_ISREG32.DLL"
Bubble Town 1.1.0.1-->C:\Program Files\Bubble Town\Uninstall.exe
Bubble Town-->"C:\WINDOWS\Bubble Town\uninstall.exe" "/U:C:\Program Files\Bubble Town\Uninstall\uninstall.xml"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Digital Photo Navigator 1.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7EF4BD8-CA13-11D5-AE3D-005004B8E30C}\Setup.exe" -l0x9
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Precisionscan Pro 3.1-->MsiExec.exe /I{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Codec Pack 3.5.7 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Les Indispensables Éducation pour Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP Manager-->MsiExec.exe /X{49E597BA-63D3-4936-9E02-AEDB5D1FE002}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Philips SPC220NC Webcam-->C:\Program Files\InstallShield Installation Information\{97CB5A86-4887-4919-A251-FBF6414A200D}\setup.exe -runfromtemp -l0x040c -removeonly
Pochette Express 2-->C:\Program Files\Pochette Express 2\uninstall.exe
PowerDirector Express-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Ranch Rush-->"C:\Program Files\orange\jeux\Ranch Rush\Uninstall.exe" "C:\Program Files\orange\jeux\Ranch Rush\install.log"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
USB Flash Disk-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDFEDAEF-95AA-11D7-A949-5254AB1235E1}\Setup.exe" -l0x9
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Webcam Video Viewer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CECB7782-F35F-45CE-97C0-74BBBDC51C22}\Setup.exe" -l0x40c
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: AntiVir Desktop (disabled)

======System event log======

Computer Name: PCMIMI
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

Record Number: 201376
Source Name: Service Control Manager
Time Written: 20100114094354.000000+060
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

Record Number: 201375
Source Name: Service Control Manager
Time Written: 20100114094354.000000+060
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

Record Number: 201374
Source Name: Service Control Manager
Time Written: 20100114094354.000000+060
Event Type: Informations
User: PCMIMI\MYRIAM

Computer Name: PCMIMI
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

Record Number: 201373
Source Name: Service Control Manager
Time Written: 20100114094349.000000+060
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

Record Number: 201372
Source Name: Service Control Manager
Time Written: 20100114094349.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: PCMIMI
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 5
Source Name: SecurityCenter
Time Written: 20090525072711.000000+120
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20090524114441.000000+120
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 3
Source Name: SecurityCenter
Time Written: 20090523203340.000000+120
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20090523191313.000000+120
Event Type: Informations
User:

Computer Name: PCMIMI
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 1
Source Name: SecurityCenter
Time Written: 20090523190157.000000+120
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"OldPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Fichiers communs\Teleca Shared
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------
0
Réponse 108 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
21 janv. 2010 à 22:30
Fais une analyse complète du système avec Malwarebytes' Anti Malware comme tu l'as parfaitement fait précédemment.
Poste le rapport une fois terminé.

*****

Essaye une analyse en ligne BitDefender.
0
Réponse 109 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 22:46
voilà le rapport Ad-Remover:

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 21.01.2010 à 9:13
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:41:19, 21/01/2010 | Mode Normal | Option: SCAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: PCMIMI | Utilisateur actuel: MYRIAM
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

.
HKCU\software\microsoft\internet explorer\searchscopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.6 [fr] *
.
Nom du profil: pt4d2ij2.default (MYRIAM)
.
(MYRIAM, prefs.js) Browser.download.lastDir, C:\Documents and Settings\MYRIAM\Bureau\rugby
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Searchœ÷
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Search
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
(MYRIAM, prefs.js) Browser.search.selectedEngine, Live Searchœ÷.
(MYRIAM, prefs.js) Browser.download.lastDir, C:\Documents and Settings\MYRIAM\Bureau
(MYRIAM, prefs.js) Browser.startup.homepage, hxxp://google.fr/
(MYRIAM, prefs.js) Extensions.enabledItems, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03,{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12,jqs@sun.com:1.0,{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}:1.0.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
(MYRIAM, prefs.js) Keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q=
.
.
* Internet Explorer Version 6.0.2900.5512 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Use Custom Search URL: 0 (0x0)
Start Page: hxxp://mozilla.fr/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Use Search Asst: no
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\windows\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 0 (0x0)
Search bar: hxxp://search.msn.com/spbasic.htm
SearchAssistant: hxxp://www.crawler.com/search/ie.aspx?tb_id=60341
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
6405 Octet(s) - C:\Ad-Report-SCAN[1].log
.
34 Fichier(s) - C:\DOCUME~1\MYRIAM\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
129 Fichier(s) - C:\WINDOWS\Prefetch
.
2 Fichier(s) - C:\Ad-Remover\BACKUP
0 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 22:43:40 | 21/01/2010 - SCAN[1]
.
============== E.O.F ==============
.
0
Réponse 110 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
21 janv. 2010 à 22:47
Excellent.

Nettoyage avec Ad-Remover :

/!\ Déconnectes toi et fermes toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

* Double clique sur l’exécutable pour le lancer.
* Au message d’avertissement qui s’affiche, sélectionne ‘Oui’.
* Au menu principal choisi l’option "L" et tape ensuite sur la touche Entrée.
* Poste le rapport qui apparaît à la fin de l’analyse qui peut prendre du temps.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :
"Process.exe", une composante de l’outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s’agit pas d’un virus, mais d’un utilitaire destiné à mettre fin à des processus.
0
Réponse 111 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
21 janv. 2010 à 23:19
Je m'occupe de tout le restant demain ouah j'ai veillé ce soir,lol, et toi donc.....tu dois pas avoir beaucoup de repos entre nous tous, encore merci, bonne nuit je reprend demain entre temps j'avais lancer malwarebytes' Anti-Malware voilà le rapport :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

21/01/2010 23:16:52
mbam-log-2010-01-21 (23-16-52).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 213796
Temps écoulé: 27 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{482E715D-4B80-4849-BF77-B243B54D6D73}\RP351\A0080846.sys (Malware.Trace) -> Quarantined and deleted successfully.
0
Réponse 112 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
21 janv. 2010 à 23:20
Très bien tu pourras vider la quarantaine de MBAM.
L'élément trouvé se situe dans la restauration : pas de souci, on la purgera en fin de désinfection.
Bonne nuit et à demain !
0
Réponse 113 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
22 janv. 2010 à 08:07
bonjour,

je te poste le rapport de VirusTotal, mais ça craint quand même je vois un virus sur CakeMania, alors que je peux t'envoyer la facture je l'ai acheté (et pas cracké) sur orange alors même en payant c'est désolant


Fichier Cake_Mania-setup.exe reçu le 2010.01.22 07:01:48 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 1/41 (2.44%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 4.
L'heure estimée de démarrage est entre 81 et 116 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.50 2010.01.22 -
AhnLab-V3 5.0.0.2 2010.01.22 -
AntiVir 7.9.1.146 2010.01.21 -
Antiy-AVL 2.0.3.7 2010.01.21 -
Authentium 5.2.0.5 2010.01.22 -
Avast 4.8.1351.0 2010.01.22 -
AVG 9.0.0.730 2010.01.21 -
BitDefender 7.2 2010.01.22 -
CAT-QuickHeal 10.00 2010.01.22 -
ClamAV 0.94.1 2010.01.22 PUA.Packed.MinGWGCCDLL.2xx
Comodo 3666 2010.01.22 -
DrWeb 5.0.1.12222 2010.01.22 -
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7251 2010.01.21 -
F-Prot 4.5.1.85 2010.01.21 -
F-Secure 9.0.15370.0 2010.01.22 -
Fortinet 4.0.14.0 2010.01.22 -
GData 19 2010.01.22 -
Ikarus T3.1.1.80.0 2010.01.22 -
Jiangmin 13.0.900 2010.01.22 -
K7AntiVirus 7.10.951 2010.01.20 -
Kaspersky 7.0.0.125 2010.01.22 -
McAfee 5868 2010.01.21 -
McAfee+Artemis 5868 2010.01.21 -
McAfee-GW-Edition 6.8.5 2010.01.21 -
Microsoft 1.5302 2010.01.21 -
NOD32 4795 2010.01.22 -
Norman 6.04.03 2010.01.21 -
nProtect 2009.1.8.0 2010.01.22 -
Panda 10.0.2.2 2010.01.21 -
PCTools 7.0.3.5 2010.01.22 -
Prevx 3.0 2010.01.22 -
Rising 22.31.04.03 2010.01.22 -
Sophos 4.50.0 2010.01.22 -
Sunbelt 3.2.1858.2 2010.01.22 -
Symantec 20091.2.0.41 2010.01.22 -
TheHacker 6.5.0.9.158 2010.01.22 -
TrendMicro 9.120.0.1004 2010.01.22 -
VBA32 3.12.12.1 2010.01.21 -
ViRobot 2010.1.22.2150 2010.01.22 -
VirusBuster 5.0.21.0 2010.01.21 -
Information additionnelle
File size: 17681640 bytes
MD5...: 921f0b88d34a340e5cc6d0f428e7cb83
SHA1..: b9fa3778c10393945a9159a7c9c442959eda1d31
SHA256: 34c18739110ee0aa4f6f646e46342502e161f9dd85e152f8a8b07b218f80a63a
ssdeep: 393216:ziTsezbvPLtEnFmoEiF9zYcRLjNnV9vlwNEaAsmHTy2He8L:zqseHzym8
bvLh7dwN9AsmTyihL
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x9264
timedatestamp.....: 0x469dd0b1 (Wed Jul 18 08:34:57 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x163b8 0x17000 6.55 74a7644a4e6b70d4770a421bd7bc2e91
.rdata 0x18000 0x4e9e 0x5000 5.06 f2ae17a5f44394f39099bd499dae916f
.data 0x1d000 0x33a0 0x2000 2.23 b67fa4aabea55f394c9fcfccf90f355c
.rsrc 0x21000 0x1b08 0x2000 4.29 e2f8b0ac031b20b23aef61765386be7b

( 5 imports )
> KERNEL32.dll: GetLastError, ReadFile, WideCharToMultiByte, CreateFileA, GetModuleFileNameA, CloseHandle, GetFileSize, SetFilePointer, GetTempPathA, Sleep, GetCurrentProcessId, WaitForSingleObject, DeleteFileA, GetTickCount, GetCommandLineA, MultiByteToWideChar, WriteFile, InterlockedExchange, SetStdHandle, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, GetLocaleInfoW, IsValidLocale, EnumSystemLocalesA, GetUserDefaultLCID, GetStringTypeW, GetStringTypeA, IsValidCodePage, CreateThread, GetVersionExA, GlobalAlloc, GetMailslotInfo, CreateMailslotA, InterlockedIncrement, InterlockedDecrement, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetACP, GetLocaleInfoA, GetThreadLocale, HeapAlloc, HeapFree, RaiseException, HeapReAlloc, VirtualAlloc, GetProcAddress, GetModuleHandleA, RtlUnwind, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetProcessHeap, GetStartupInfoA, ExitProcess, LCMapStringA, LCMapStringW, GetCPInfo, VirtualFree, HeapDestroy, HeapCreate, GetStdHandle, HeapSize, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetSystemTimeAsFileTime, GetConsoleCP, GetConsoleMode, FlushFileBuffers, LoadLibraryA, GetOEMCP
> SHLWAPI.dll: PathFileExistsA
> SHELL32.dll: ShellExecuteA, ShellExecuteExA
> USER32.dll: DefWindowProcA, PostQuitMessage, GetMessageA, DispatchMessageA, UpdateWindow, ShowWindow, CreateWindowExA, RegisterClassA, PostMessageA, TranslateMessage
> ADVAPI32.dll: SetSecurityDescriptorDacl, InitializeSecurityDescriptor

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (35.1%)
UPX compressed Win32 Executable (28.4%)
Win32 EXE Yoda's Crypter (24.7%)
Win32 Executable Generic (7.9%)
Generic Win/DOS Executable (1.8%)
packers (Kaspersky): UPX, Armadillo, Armadillo
sigcheck:
publisher....: Oberon Media Inc.
copyright....: Copyright (c) Oberon-Media Inc 2004.
product......: Oberon Media Game Runner
description..: Runner: Extracts and runs the game setup
original name: Runner.exe
internal name: Runner
file version.: 1, 0, 0, 8
comments.....: info@oberon-media.com
signers......: Oberon Media Inc.
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 4:36 PM 11/20/2007
verified.....: -
packers (F-Prot): UPX
0
Réponse 114 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
22 janv. 2010 à 08:16
voilà le second rapport

Fichier mtz93lbx.zip reçu le 2010.01.22 07:08:21 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 32/41 (78.05%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 4.
L'heure estimée de démarrage est entre 81 et 116 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.50 2010.01.22 -
AhnLab-V3 5.0.0.2 2010.01.22 Win-Trojan/Bagle.813568.C
AntiVir 7.9.1.146 2010.01.21 TR/Dldr.Bagle.cez
Antiy-AVL 2.0.3.7 2010.01.21 Trojan/Win32.Bagle.gen
Authentium 5.2.0.5 2010.01.22 W32/Themida_Packed!Eldorado
Avast 4.8.1351.0 2010.01.22 -
AVG 9.0.0.730 2010.01.21 Win32/Cryptor
BitDefender 7.2 2010.01.22 Trojan.Generic.2963967
CAT-QuickHeal 10.00 2010.01.22 TrojanDownloader.Bagle.cez
ClamAV 0.94.1 2010.01.22 -
Comodo 3666 2010.01.22 Heur.Suspicious
DrWeb 5.0.1.12222 2010.01.22 Win32.HLLM.Beagle.618
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7251 2010.01.21 Win32/ASuspect.HACJR
F-Prot 4.5.1.85 2010.01.21 W32/Themida_Packed!Eldorado
F-Secure 9.0.15370.0 2010.01.22 Trojan-Downloader:W32/Bagle.gen!A
Fortinet 4.0.14.0 2010.01.22 W32/Packed.B
GData 19 2010.01.22 Trojan.Generic.2963967
Ikarus T3.1.1.80.0 2010.01.22 Trojan-Downloader.Win32.Bagle
Jiangmin 13.0.900 2010.01.22 TrojanDownloader.Bagle.bmz
K7AntiVirus 7.10.951 2010.01.20 Trojan-Downloader.Win32.Bagle.cez
Kaspersky 7.0.0.125 2010.01.22 Trojan-Downloader.Win32.Bagle.cez
McAfee 5868 2010.01.21 Generic Downloader.x!cjz
McAfee+Artemis 5868 2010.01.21 Generic Downloader.x!cjz
McAfee-GW-Edition 6.8.5 2010.01.21 Trojan.Dldr.Bagle.cez
Microsoft 1.5302 2010.01.21 TrojanDownloader:Win32/Bagle.gen!A
NOD32 4795 2010.01.22 Win32/Bagle.UN
Norman 6.04.03 2010.01.21 DLoader.ACMWD
nProtect 2009.1.8.0 2010.01.22 -
Panda 10.0.2.2 2010.01.21 Generic Trojan
PCTools 7.0.3.5 2010.01.22 -
Prevx 3.0 2010.01.22 -
Rising 22.31.04.03 2010.01.22 Trojan.Win32.Generic.51F5D957
Sophos 4.50.0 2010.01.22 Mal/Generic-A
Sunbelt 3.2.1858.2 2010.01.22 Backdoor.Win32.Ircbot.gen (v)
Symantec 20091.2.0.41 2010.01.22 -
TheHacker 6.5.0.9.158 2010.01.22 Trojan/Downloader.Bagle.cez
TrendMicro 9.120.0.1004 2010.01.22 -
VBA32 3.12.12.1 2010.01.21 Trojan-Downloader.Win32.Bagle.cez
ViRobot 2010.1.22.2150 2010.01.22 Trojan.Win32.Downloader-Bagle.813568
VirusBuster 5.0.21.0 2010.01.21 Trojan.DL.Bagle.ACTS
Information additionnelle
File size: 1354601 bytes
MD5...: 1650b9c6657a190860d6df89178da2a5
SHA1..: 5911e439cef1d22f8b573e5d67c64dd5ab316e3b
SHA256: 2f7edb6119cdc8ea4b881c2a1e63df6dd6629e36653a7dedd276f8338dac58c6
ssdeep: 24576:67sD9GOL7JKSomg8gaM0TFROcXHHNVW3f8kx9se6xE9/:ks4OL7JDo0F/d
tsLsK/
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: ZIP compressed archive (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Themida
packers (Authentium): Themida
0
Réponse 115 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
22 janv. 2010 à 08:19
et voilà pour le 3ième


Fichier 4ylfvxjb.zip reçu le 2010.01.22 07:17:16 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 32/41 (78.05%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 2.
L'heure estimée de démarrage est entre 58 et 83 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.50 2010.01.22 -
AhnLab-V3 5.0.0.2 2010.01.22 Win-Trojan/Bagle.813568.C
AntiVir 7.9.1.146 2010.01.21 TR/Dldr.Bagle.cez
Antiy-AVL 2.0.3.7 2010.01.21 Trojan/Win32.Bagle.gen
Authentium 5.2.0.5 2010.01.22 W32/Themida_Packed!Eldorado
Avast 4.8.1351.0 2010.01.22 -
AVG 9.0.0.730 2010.01.21 Win32/Cryptor
BitDefender 7.2 2010.01.22 Trojan.Generic.2963967
CAT-QuickHeal 10.00 2010.01.22 TrojanDownloader.Bagle.cez
ClamAV 0.94.1 2010.01.22 -
Comodo 3666 2010.01.22 Heur.Suspicious
DrWeb 5.0.1.12222 2010.01.22 Win32.HLLM.Beagle.618
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7251 2010.01.21 Win32/ASuspect.HACJR
F-Prot 4.5.1.85 2010.01.21 W32/Themida_Packed!Eldorado
F-Secure 9.0.15370.0 2010.01.22 Trojan-Downloader:W32/Bagle.gen!A
Fortinet 4.0.14.0 2010.01.22 W32/Packed.B
GData 19 2010.01.22 Trojan.Generic.2963967
Ikarus T3.1.1.80.0 2010.01.22 Trojan-Downloader.Win32.Bagle
Jiangmin 13.0.900 2010.01.22 TrojanDownloader.Bagle.bmz
K7AntiVirus 7.10.951 2010.01.20 Trojan-Downloader.Win32.Bagle.cez
Kaspersky 7.0.0.125 2010.01.22 Trojan-Downloader.Win32.Bagle.cez
McAfee 5868 2010.01.21 Generic Downloader.x!cjz
McAfee+Artemis 5868 2010.01.21 Generic Downloader.x!cjz
McAfee-GW-Edition 6.8.5 2010.01.21 Trojan.Dldr.Bagle.cez
Microsoft 1.5405 2010.01.22 TrojanDownloader:Win32/Bagle.gen!A
NOD32 4795 2010.01.22 Win32/Bagle.UN
Norman 6.04.03 2010.01.21 DLoader.ACMWD
nProtect 2009.1.8.0 2010.01.22 -
Panda 10.0.2.2 2010.01.21 Generic Trojan
PCTools 7.0.3.5 2010.01.22 -
Prevx 3.0 2010.01.22 -
Rising 22.31.04.03 2010.01.22 Trojan.Win32.Generic.51F5D957
Sophos 4.50.0 2010.01.22 Mal/Generic-A
Sunbelt 3.2.1858.2 2010.01.22 Backdoor.Win32.Ircbot.gen (v)
Symantec 20091.2.0.41 2010.01.22 -
TheHacker 6.5.0.9.158 2010.01.22 Trojan/Downloader.Bagle.cez
TrendMicro 9.120.0.1004 2010.01.22 -
VBA32 3.12.12.1 2010.01.21 Trojan-Downloader.Win32.Bagle.cez
ViRobot 2010.1.22.2150 2010.01.22 Trojan.Win32.Downloader-Bagle.813568
VirusBuster 5.0.21.0 2010.01.21 Trojan.DL.Bagle.ACTS
Information additionnelle
File size: 952456 bytes
MD5...: eac1da3205fa0b1d6c7f19c9e9b1630a
SHA1..: da0233ef2362ad543aa521df03d77e34537b572b
SHA256: a260eea96b3c40d2ae2f7e46fa1eaaf5eecad7bb8458fc34fe7df51c10179b02
ssdeep: 24576:uvc9sD9GOL7JKSomg8gaM0TFROcXHHNVW3f8kx9se6xE9V:Bs4OL7JDo0F
/dtsLsKV
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
packers (Authentium): Themida
packers (F-Prot): Themida
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: ZIP compressed archive (100.0%)
pdfid.: -
0
Réponse 116 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
22 janv. 2010 à 09:23
voilà j'ai vidé la quarantaine de MBAM

et j'ai passé bitdefender en ligne voilà le rapport
BitDefender QuickScan Beta 32-bit v0.9.9.0
------------------------------------------

Date de l'analyse : Fri Jan 22 09:21:23 2010
ID de la machine : 50BC8CC2



Aucune infection détectée.
----------------------------


Processus
---------
<non signé> AntiVir Desktop 3120 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<non signé> AntiVir Desktop 1544 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
<non signé> AntiVir Desktop 1424 C:\Program Files\Avira\AntiVir Desktop\sched.exe
<non signé> hp digital imaging 3524 C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

<verifié> hpwuSchd Application 2984 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
<verifié> Firefox 1404 C:\Program Files\Mozilla Firefox\firefox.exe
<verifié> hp digital imaging 3896 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
<verifié> hp digital imaging 3248 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
<verifié> Java(TM) Platform SE 6 U12 1580 C:\Program Files\Java\jre6\bin\jqs.exe
<verifié> Microsoft Search Enhancement Pack 1680 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
<verifié> Microsoft® Windows® Operating System 1036 C:\WINDOWS\System32\alg.exe
<verifié> Microsoft® Windows® Operating System 656 C:\WINDOWS\system32\csrss.exe
<verifié> Microsoft® Windows® Operating System 736 C:\WINDOWS\system32\lsass.exe
<verifié> Microsoft® Windows® Operating System 1372 C:\WINDOWS\system32\spoolsv.exe
<verifié> Microsoft® Windows® Operating System 916 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 976 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1072 C:\WINDOWS\System32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1160 C:\WINDOWS\System32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1244 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1744 C:\WINDOWS\System32\svchost.exe
<verifié> Microsoft® Windows® Operating System 3340 C:\WINDOWS\system32\wuauclt.exe
<verifié> NMSAccessU.exe 1604 C:\Program Files\CDBurnerXP\NMSAccessU.exe
<verifié> NVIDIA Driver Helper Service, Version 94.24 1616 C:\WINDOWS\System32\nvsvc32.exe
<verifié> Système d'exploitation Microsoft® Windows® 2772 C:\WINDOWS\Explorer.EXE
<verifié> Système d'exploitation Microsoft® Windows® 724 C:\WINDOWS\system32\services.exe
<verifié> Système d'exploitation Microsoft® Windows® 608 C:\WINDOWS\System32\smss.exe
<verifié> Système d'exploitation Microsoft® Windows® 648 C:\WINDOWS\System32\wbem\wmiapsrv.exe
<verifié> Système d'exploitation Microsoft® Windows® 680 C:\WINDOWS\system32\winlogon.exe


Activité du réseau
------------------
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - wy-in-f147.1e100.net
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - wy-in-f138.1e100.net
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - wy-in-f100.1e100.net
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - a92-123-12-20.deploy.akamaitechnologies.com
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - *.122.2o7.net
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - 81.52.160.74
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - ww-in-f113.1e100.net
Processus firefox.exe (1404) connecté sur le port 80 (HTTP) - 66.40.145.26

Processus svchost.exe (976) écoute sur les ports: 135 (RPC)


Fichiers critiques et Autorun
-----------------------------
<non signé> AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<non signé> hp digital imaging C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
<non signé> nwiz.exe C:\WINDOWS\system32\nwiz.exe

<verifié> hpwuSchd Application C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
<verifié> Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
<verifié> Adobe Reader and Acrobat Manager C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
<verifié> hp digital imaging C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
<verifié> NVIDIA Compatible Windows 2000 Display driver, Ver C:\WINDOWS\System32\NvCpl.dll
<verifié> NVIDIA Media Center Library C:\WINDOWS\System32\NvMcTray.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\browseui.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\crypt32.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\logonui.exe
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\mstinit.exe
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\shell32.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\stobject.dll
<verifié> Système d'exploitation Microsoft® Windows® c:\windows\system32\userinit.exe
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\webcheck.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\wlnotify.dll


Plugins du navigateur
---------------------
<non signé> bdoscandel.exe C:\WINDOWS\bdoscandel.exe
<non signé> bdscanonline C:\WINDOWS\Downloaded Program Files\oscan8.ocx
<non signé> bdupd.dll C:\WINDOWS\Downloaded Program Files\bdupd.dll
<non signé> Installer Control C:\WINDOWS\Downloaded Program Files\CONFLICT.1\InstallerControl.dll
<non signé> Installer Control C:\WINDOWS\Downloaded Program Files\InstallerControl.dll
<non signé> ipsupd.dll C:\WINDOWS\Downloaded Program Files\ipsupd.dll
<non signé> Java(TM) Platform SE 6 U12 c:\program files\java\jre6\bin\jp2ssv.dll
<non signé> Java(TM) Platform SE 6 U12 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
<non signé> nppdf32.FRA C:\Program Files\Internet Explorer\plugins\nppdf32.FRA
<non signé> nppdf32.FRA C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> Orange Installer Plugin C:\Documents and Settings\MYRIAM\Application Data\Mozilla\Firefox\Profiles/pt4d2ij2.default\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}\plugins\npOrangeInstaller.dll
<non signé> Shockwave for Director C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
<non signé> Zylom Plugin C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll

<verifié> AcroIEHelperShim Library c:\program files\fichiers communs\adobe\acrobat\activex\acroiehelpershim.dll
<verifié> Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
<verifié> Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
<verifié> BitDefender QuickScan C:\Documents and Settings\MYRIAM\Application Data\Mozilla\Firefox\Profiles/pt4d2ij2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
<verifié> BitDefender QuickScan C:\Documents and Settings\MYRIAM\Application Data\Mozilla\Firefox\Profiles/pt4d2ij2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verifié> ddfotg.1.0.0.37 C:\WINDOWS\Downloaded Program Files\ddfotg.1.0.0.37.dll
<verifié> DinerDash.1.0.0.98 C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.98.dll
<verifié> DinerDash2_fr.1.0.0.70 C:\WINDOWS\Downloaded Program Files\CONFLICT.1\DinerDash2_fr.1.0.0.70.dll
<verifié> DinerDash2_fr.1.0.0.70 C:\WINDOWS\Downloaded Program Files\DinerDash2_fr.1.0.0.70.dll
<verifié> Dldrv2 ActiveX Control Module C:\WINDOWS\Downloaded Program Files\Dldrv.ocx
<verifié> Java(TM) Platform SE 6 U12 C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
<verifié> Messenger C:\Program Files\Messenger\msmsgs.exe
<verifié> Microsoft Office 2003 C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
<verifié> Microsoft Office Live Plug-in for Firefox C:\Program Files\Microsoft\Office Live\npOLW.dll
<verifié> Microsoft Search Helper Extention c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll
<verifié> Microsoft® Windows Live Login Helper c:\program files\fichiers communs\microsoft shared\windows live\windowslivelogin.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
<verifié> Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verifié> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ZIntro.ocx
<verifié> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
<verifié> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
<verifié> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verifié> Silverlight Plug-In C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll
<verifié> Sweetopia.1.0.0.46 C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.46.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\mswsock.dll
<verifié> Système d'exploitation Microsoft® Windows® C:\WINDOWS\system32\shdocvw.dll
<verifié> UNO Messenger C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll
<verifié> Windows Live Toolbar c:\program files\windows live\toolbar\wltcore.dll
<verifié> Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
<verifié> Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll


Analyse
-------
Le(s) fichier(s) suivant(s) doit/doivent être téléchargé(s) pour une analyse côté serveur:
C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e602b262\System.Drawing.dll

Le téléchargement vers le serveur a démarré - 1 fichier(s)
téléchargement vers le serveur : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e602b262\System.Drawing.dll - 835584 octets, hash : 57719b4a396cf22ae31b8ab0045c0880
Vitesse de téléchargement vers le serveur - 39 KB/s
Téléchargement vers le serveur terminé - 1 téléchargés vers le serveur, 0 ont échoué

Le(s) fichier(s) téléchargé(s) vers le serveur est/sont sain(s)

Analyse terminée - la communication a duré 22 secondes
Trafic total - 0.86 Mo envoyés, 3.13 Ko reçus
1192 fichiers et modules analysés - 56 seconds
0
Réponse 117 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
22 janv. 2010 à 10:13
C'est un faux positif pour ton logiciel acheté, pas de souci.

******

Envoie tous ces dossiers : 

c:\windows\java\Packages\YCJ1NVRF.ZIP
c:\windows\java\Packages\VPZ735RX.ZIP
c:\windows\java\Packages\RDZHBD3F.ZIP­
c:\windows\java\Packages\O09797PJ.ZIP­
c:\windows\java\Packages\mtz93lbx.zip­
c:\windows\java\Packages\GF93T3J7.ZIP­
c:\windows\java\Packages\43VVLNH3.ZIP
c:\windows\java\Packages\4ylfvxjb.zip


Ici :
http://analysis.avira.com/samples/

Quand je rentre chez moi, je te les ferai envoyer ailleurs pour faire remonter les infos.
Dis moi quand c'est fait ;-)...
Merci.
0
Réponse 118 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
22 janv. 2010 à 10:33
ça y est j'ai tout envoyé
0
Réponse 119 / 161
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
22 janv. 2010 à 11:53
Fais la même chose ici :
http://uploads.malwarebytes.org/

******

Je me renseigne auprès de quelqu'un s'il les désire aussi.
0
Réponse 120 / 161
mimie17 Messages postés 217 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 13 juillet 2021
22 janv. 2010 à 12:57
C'est fait
0

Discussions similaires

La nouvelle messagerie du Boncoin....
Utilisateur anonyme -
Madabatro -

69 réponses
comment lire un message masqué????
linx33 -
linx33 -

6 réponses