Sujet Précédent Sujet Suivant

Mdelk....... entre autre?

Résolu
SDK_Luciole Messages postés 7 Statut Membre -  
SDK_Luciole Messages postés 7 Statut Membre -
Bonjour à tous

Après plusieurs jours de surf sur le net j'essai de faire un scan complet de mon système avec antivi^^' et c'est là que je vois que mon antivirus ne fonctionnait plus depuis un certain temps(voir même un temps certain).
Mon message comme quoi antivir n'était pas une application win32 valide m'énervait légèrement donc j 'ai fait une analyse en ligne via kaspersky.........qui plantait lamentablement au bout d'une heure(1% en une heure c'est si long d'habitude) mais en me donnant une info quand même(brave bête)-----------> Infection par C:\WINDOWS\system32\mdelk.exe Pas supprimable evidemment donc si quelqu'un pouvait me communiquer une solution miracle ou même une solution tout court ça m'aiderait.

Merci d'avance

12 réponses

Réponse 1 / 12
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt
tu dois etre infécté par bagle!

------------

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

-----------

Fais DEMARRER puis EXECUTER et tape mrt puis clique sur ok et suis la procedure

----------

* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse
------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

scan en ligne firefox

https://www.trendmicro.com/fr_fr/business.html
0
Réponse 2 / 12
SDK_Luciole Messages postés 7 Statut Membre
 
Oulala Le beau rapport que voila
Merci jlpjlp de m'aider

ComboFix 08-03-14.4 - Nicolas 2008-03-17 13:29:10.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.710 [GMT 1:00]
Endroit: C:\Documents and Settings\Nicolas\Bureau\KillBagle.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100140.exe
C:\WINDOWS\system32\drivers\down\103171.exe
C:\WINDOWS\system32\drivers\down\103198875.exe
C:\WINDOWS\system32\drivers\down\103212281.exe
C:\WINDOWS\system32\drivers\down\103215734.exe
C:\WINDOWS\system32\drivers\down\103220656.exe
C:\WINDOWS\system32\drivers\down\103261031.exe
C:\WINDOWS\system32\drivers\down\103282218.exe
C:\WINDOWS\system32\drivers\down\103304984.exe
C:\WINDOWS\system32\drivers\down\103334406.exe
C:\WINDOWS\system32\drivers\down\103338593.exe
C:\WINDOWS\system32\drivers\down\103339484.exe
C:\WINDOWS\system32\drivers\down\103344875.exe
C:\WINDOWS\system32\drivers\down\103389703.exe
C:\WINDOWS\system32\drivers\down\104890.exe
C:\WINDOWS\system32\drivers\down\10521656.exe
C:\WINDOWS\system32\drivers\down\105218.exe
C:\WINDOWS\system32\drivers\down\10525125.exe
C:\WINDOWS\system32\drivers\down\107250.exe
C:\WINDOWS\system32\drivers\down\110609.exe
C:\WINDOWS\system32\drivers\down\111625.exe
C:\WINDOWS\system32\drivers\down\111734.exe
C:\WINDOWS\system32\drivers\down\113671.exe
C:\WINDOWS\system32\drivers\down\114546.exe
C:\WINDOWS\system32\drivers\down\114562.exe
C:\WINDOWS\system32\drivers\down\117816796.exe
C:\WINDOWS\system32\drivers\down\118281.exe
C:\WINDOWS\system32\drivers\down\121423890.exe
C:\WINDOWS\system32\drivers\down\121425968.exe
C:\WINDOWS\system32\drivers\down\121428453.exe
C:\WINDOWS\system32\drivers\down\122500.exe
C:\WINDOWS\system32\drivers\down\124187.exe
C:\WINDOWS\system32\drivers\down\124578.exe
C:\WINDOWS\system32\drivers\down\125084390.exe
C:\WINDOWS\system32\drivers\down\125089171.exe
C:\WINDOWS\system32\drivers\down\125092921.exe
C:\WINDOWS\system32\drivers\down\125101093.exe
C:\WINDOWS\system32\drivers\down\125104453.exe
C:\WINDOWS\system32\drivers\down\125105593.exe
C:\WINDOWS\system32\drivers\down\125113781.exe
C:\WINDOWS\system32\drivers\down\125150312.exe
C:\WINDOWS\system32\drivers\down\125734.exe
C:\WINDOWS\system32\drivers\down\128375.exe
C:\WINDOWS\system32\drivers\down\129328.exe
C:\WINDOWS\system32\drivers\down\132640.exe
C:\WINDOWS\system32\drivers\down\134671.exe
C:\WINDOWS\system32\drivers\down\135437.exe
C:\WINDOWS\system32\drivers\down\137390.exe
C:\WINDOWS\system32\drivers\down\138000.exe
C:\WINDOWS\system32\drivers\down\139093.exe
C:\WINDOWS\system32\drivers\down\139171.exe
C:\WINDOWS\system32\drivers\down\139566437.exe
C:\WINDOWS\system32\drivers\down\139569406.exe
C:\WINDOWS\system32\drivers\down\139571296.exe
C:\WINDOWS\system32\drivers\down\139573515.exe
C:\WINDOWS\system32\drivers\down\139601000.exe
C:\WINDOWS\system32\drivers\down\139604859.exe
C:\WINDOWS\system32\drivers\down\139608781.exe
C:\WINDOWS\system32\drivers\down\139617671.exe
C:\WINDOWS\system32\drivers\down\139621000.exe
C:\WINDOWS\system32\drivers\down\139622671.exe
C:\WINDOWS\system32\drivers\down\139651750.exe
C:\WINDOWS\system32\drivers\down\139690296.exe
C:\WINDOWS\system32\drivers\down\140250.exe
C:\WINDOWS\system32\drivers\down\140453.exe
C:\WINDOWS\system32\drivers\down\142984.exe
C:\WINDOWS\system32\drivers\down\144078.exe
C:\WINDOWS\system32\drivers\down\144328.exe
C:\WINDOWS\system32\drivers\down\146406.exe
C:\WINDOWS\system32\drivers\down\14659718.exe
C:\WINDOWS\system32\drivers\down\14679250.exe
C:\WINDOWS\system32\drivers\down\14681796.exe
C:\WINDOWS\system32\drivers\down\14690437.exe
C:\WINDOWS\system32\drivers\down\14709140.exe
C:\WINDOWS\system32\drivers\down\14711718.exe
C:\WINDOWS\system32\drivers\down\14713687.exe
C:\WINDOWS\system32\drivers\down\14716437.exe
C:\WINDOWS\system32\drivers\down\14719281.exe
C:\WINDOWS\system32\drivers\down\14720890.exe
C:\WINDOWS\system32\drivers\down\14731140.exe
C:\WINDOWS\system32\drivers\down\14735750.exe
C:\WINDOWS\system32\drivers\down\14742765.exe
C:\WINDOWS\system32\drivers\down\14746296.exe
C:\WINDOWS\system32\drivers\down\147500.exe
C:\WINDOWS\system32\drivers\down\14759875.exe
C:\WINDOWS\system32\drivers\down\14766000.exe
C:\WINDOWS\system32\drivers\down\14766671.exe
C:\WINDOWS\system32\drivers\down\14768281.exe
C:\WINDOWS\system32\drivers\down\14772437.exe
C:\WINDOWS\system32\drivers\down\14772578.exe
C:\WINDOWS\system32\drivers\down\14780625.exe
C:\WINDOWS\system32\drivers\down\14783468.exe
C:\WINDOWS\system32\drivers\down\14788671.exe
C:\WINDOWS\system32\drivers\down\148187.exe
C:\WINDOWS\system32\drivers\down\14820250.exe
C:\WINDOWS\system32\drivers\down\14827609.exe
C:\WINDOWS\system32\drivers\down\14832890.exe
C:\WINDOWS\system32\drivers\down\149656.exe
C:\WINDOWS\system32\drivers\down\150125.exe
C:\WINDOWS\system32\drivers\down\151966562.exe
C:\WINDOWS\system32\drivers\down\151984484.exe
C:\WINDOWS\system32\drivers\down\151990312.exe
C:\WINDOWS\system32\drivers\down\151993953.exe
C:\WINDOWS\system32\drivers\down\151996750.exe
C:\WINDOWS\system32\drivers\down\152047828.exe
C:\WINDOWS\system32\drivers\down\152054781.exe
C:\WINDOWS\system32\drivers\down\152061906.exe
C:\WINDOWS\system32\drivers\down\152065828.exe
C:\WINDOWS\system32\drivers\down\152081968.exe
C:\WINDOWS\system32\drivers\down\152092093.exe
C:\WINDOWS\system32\drivers\down\152097750.exe
C:\WINDOWS\system32\drivers\down\152113234.exe
C:\WINDOWS\system32\drivers\down\152160859.exe
C:\WINDOWS\system32\drivers\down\154108984.exe
C:\WINDOWS\system32\drivers\down\154112421.exe
C:\WINDOWS\system32\drivers\down\154890.exe
C:\WINDOWS\system32\drivers\down\1558921.exe
C:\WINDOWS\system32\drivers\down\157234.exe
C:\WINDOWS\system32\drivers\down\157720203.exe
C:\WINDOWS\system32\drivers\down\157723000.exe
C:\WINDOWS\system32\drivers\down\157762328.exe
C:\WINDOWS\system32\drivers\down\157775296.exe
C:\WINDOWS\system32\drivers\down\157787406.exe
C:\WINDOWS\system32\drivers\down\157809500.exe
C:\WINDOWS\system32\drivers\down\157813593.exe
C:\WINDOWS\system32\drivers\down\157814546.exe
C:\WINDOWS\system32\drivers\down\157822625.exe
C:\WINDOWS\system32\drivers\down\157865312.exe
C:\WINDOWS\system32\drivers\down\157875.exe
C:\WINDOWS\system32\drivers\down\158828.exe
C:\WINDOWS\system32\drivers\down\159828.exe
C:\WINDOWS\system32\drivers\down\160531.exe
C:\WINDOWS\system32\drivers\down\162218.exe
C:\WINDOWS\system32\drivers\down\166611390.exe
C:\WINDOWS\system32\drivers\down\166620515.exe
C:\WINDOWS\system32\drivers\down\166624015.exe
C:\WINDOWS\system32\drivers\down\166626953.exe
C:\WINDOWS\system32\drivers\down\166634718.exe
C:\WINDOWS\system32\drivers\down\166859.exe
C:\WINDOWS\system32\drivers\down\168500.exe
C:\WINDOWS\system32\drivers\down\169406.exe
C:\WINDOWS\system32\drivers\down\169875.exe
C:\WINDOWS\system32\drivers\down\171015.exe
C:\WINDOWS\system32\drivers\down\1722843.exe
C:\WINDOWS\system32\drivers\down\172295453.exe
C:\WINDOWS\system32\drivers\down\172310453.exe
C:\WINDOWS\system32\drivers\down\172314593.exe
C:\WINDOWS\system32\drivers\down\172320812.exe
C:\WINDOWS\system32\drivers\down\172421.exe
C:\WINDOWS\system32\drivers\down\1750640.exe
C:\WINDOWS\system32\drivers\down\175958578.exe
C:\WINDOWS\system32\drivers\down\175969843.exe
C:\WINDOWS\system32\drivers\down\175980703.exe
C:\WINDOWS\system32\drivers\down\176003125.exe
C:\WINDOWS\system32\drivers\down\1794203.exe
C:\WINDOWS\system32\drivers\down\179619109.exe
C:\WINDOWS\system32\drivers\down\179621984.exe
C:\WINDOWS\system32\drivers\down\179650250.exe
C:\WINDOWS\system32\drivers\down\1796843.exe
C:\WINDOWS\system32\drivers\down\181234.exe
C:\WINDOWS\system32\drivers\down\183307421.exe
C:\WINDOWS\system32\drivers\down\18459640.exe
C:\WINDOWS\system32\drivers\down\18497906.exe
C:\WINDOWS\system32\drivers\down\18543453.exe
C:\WINDOWS\system32\drivers\down\185703.exe
C:\WINDOWS\system32\drivers\down\187515.exe
C:\WINDOWS\system32\drivers\down\189500.exe
C:\WINDOWS\system32\drivers\down\190703.exe
C:\WINDOWS\system32\drivers\down\208484.exe
C:\WINDOWS\system32\drivers\down\21337578.exe
C:\WINDOWS\system32\drivers\down\21341171.exe
C:\WINDOWS\system32\drivers\down\21367515.exe
C:\WINDOWS\system32\drivers\down\21402093.exe
C:\WINDOWS\system32\drivers\down\21412531.exe
C:\WINDOWS\system32\drivers\down\21423359.exe
C:\WINDOWS\system32\drivers\down\21427546.exe
C:\WINDOWS\system32\drivers\down\21440859.exe
C:\WINDOWS\system32\drivers\down\21446906.exe
C:\WINDOWS\system32\drivers\down\21449203.exe
C:\WINDOWS\system32\drivers\down\21453015.exe
C:\WINDOWS\system32\drivers\down\21510406.exe
C:\WINDOWS\system32\drivers\down\219796.exe
C:\WINDOWS\system32\drivers\down\2201125.exe
C:\WINDOWS\system32\drivers\down\2231156.exe
C:\WINDOWS\system32\drivers\down\2231562.exe
C:\WINDOWS\system32\drivers\down\2233000.exe
C:\WINDOWS\system32\drivers\down\225078.exe
C:\WINDOWS\system32\drivers\down\2348359.exe
C:\WINDOWS\system32\drivers\down\237250.exe
C:\WINDOWS\system32\drivers\down\237640.exe
C:\WINDOWS\system32\drivers\down\2397734.exe
C:\WINDOWS\system32\drivers\down\250468.exe
C:\WINDOWS\system32\drivers\down\254531.exe
C:\WINDOWS\system32\drivers\down\255453.exe
C:\WINDOWS\system32\drivers\down\258484.exe
C:\WINDOWS\system32\drivers\down\2738250.exe
C:\WINDOWS\system32\drivers\down\273875.exe
C:\WINDOWS\system32\drivers\down\276140.exe
C:\WINDOWS\system32\drivers\down\279937.exe
C:\WINDOWS\system32\drivers\down\286328.exe
C:\WINDOWS\system32\drivers\down\29252343.exe
C:\WINDOWS\system32\drivers\down\293078.exe
C:\WINDOWS\system32\drivers\down\29315531.exe
C:\WINDOWS\system32\drivers\down\29346265.exe
C:\WINDOWS\system32\drivers\down\29382109.exe
C:\WINDOWS\system32\drivers\down\29529593.exe
C:\WINDOWS\system32\drivers\down\29623640.exe
C:\WINDOWS\system32\drivers\down\29634812.exe
C:\WINDOWS\system32\drivers\down\29638828.exe
C:\WINDOWS\system32\drivers\down\29678281.exe
C:\WINDOWS\system32\drivers\down\29690859.exe
C:\WINDOWS\system32\drivers\down\29718750.exe
C:\WINDOWS\system32\drivers\down\29723421.exe
C:\WINDOWS\system32\drivers\down\29771546.exe
C:\WINDOWS\system32\drivers\down\29773375.exe
C:\WINDOWS\system32\drivers\down\29790937.exe
C:\WINDOWS\system32\drivers\down\29806078.exe
C:\WINDOWS\system32\drivers\down\29857093.exe
C:\WINDOWS\system32\drivers\down\32975718.exe
C:\WINDOWS\system32\drivers\down\32981250.exe
C:\WINDOWS\system32\drivers\down\32984015.exe
C:\WINDOWS\system32\drivers\down\32990531.exe
C:\WINDOWS\system32\drivers\down\32994015.exe
C:\WINDOWS\system32\drivers\down\35942312.exe
C:\WINDOWS\system32\drivers\down\35946734.exe
C:\WINDOWS\system32\drivers\down\35950843.exe
C:\WINDOWS\system32\drivers\down\35954359.exe
C:\WINDOWS\system32\drivers\down\35958000.exe
C:\WINDOWS\system32\drivers\down\35989312.exe
C:\WINDOWS\system32\drivers\down\35999046.exe
C:\WINDOWS\system32\drivers\down\36004953.exe
C:\WINDOWS\system32\drivers\down\36007781.exe
C:\WINDOWS\system32\drivers\down\36018656.exe
C:\WINDOWS\system32\drivers\down\36024718.exe
C:\WINDOWS\system32\drivers\down\36026359.exe
C:\WINDOWS\system32\drivers\down\36033843.exe
C:\WINDOWS\system32\drivers\down\36078953.exe
C:\WINDOWS\system32\drivers\down\3754609.exe
C:\WINDOWS\system32\drivers\down\3754781.exe
C:\WINDOWS\system32\drivers\down\3761421.exe
C:\WINDOWS\system32\drivers\down\3768000.exe
C:\WINDOWS\system32\drivers\down\3771812.exe
C:\WINDOWS\system32\drivers\down\3772687.exe
C:\WINDOWS\system32\drivers\down\3774984.exe
C:\WINDOWS\system32\drivers\down\3780281.exe
C:\WINDOWS\system32\drivers\down\3794734.exe
C:\WINDOWS\system32\drivers\down\3797343.exe
C:\WINDOWS\system32\drivers\down\3809562.exe
C:\WINDOWS\system32\drivers\down\3817156.exe
C:\WINDOWS\system32\drivers\down\3817406.exe
C:\WINDOWS\system32\drivers\down\383734.exe
C:\WINDOWS\system32\drivers\down\3879984.exe
C:\WINDOWS\system32\drivers\down\3915390.exe
C:\WINDOWS\system32\drivers\down\395812.exe
C:\WINDOWS\system32\drivers\down\3969796.exe
C:\WINDOWS\system32\drivers\down\40261906.exe
C:\WINDOWS\system32\drivers\down\40272203.exe
C:\WINDOWS\system32\drivers\down\40278390.exe
C:\WINDOWS\system32\drivers\down\40290921.exe
C:\WINDOWS\system32\drivers\down\40295937.exe
C:\WINDOWS\system32\drivers\down\40297703.exe
C:\WINDOWS\system32\drivers\down\40302421.exe
C:\WINDOWS\system32\drivers\down\40346562.exe
C:\WINDOWS\system32\drivers\down\4186781.exe
C:\WINDOWS\system32\drivers\down\4214046.exe
C:\WINDOWS\system32\drivers\down\423546.exe
C:\WINDOWS\system32\drivers\down\424234.exe
C:\WINDOWS\system32\drivers\down\424937.exe
C:\WINDOWS\system32\drivers\down\4251671.exe
C:\WINDOWS\system32\drivers\down\4346984.exe
C:\WINDOWS\system32\drivers\down\4350468.exe
C:\WINDOWS\system32\drivers\down\435625.exe
C:\WINDOWS\system32\drivers\down\44309671.exe
C:\WINDOWS\system32\drivers\down\44316812.exe
C:\WINDOWS\system32\drivers\down\44318234.exe
C:\WINDOWS\system32\drivers\down\44319703.exe
C:\WINDOWS\system32\drivers\down\44322234.exe
C:\WINDOWS\system32\drivers\down\44340671.exe
C:\WINDOWS\system32\drivers\down\44347203.exe
C:\WINDOWS\system32\drivers\down\44348953.exe
C:\WINDOWS\system32\drivers\down\44351109.exe
C:\WINDOWS\system32\drivers\down\44364296.exe
C:\WINDOWS\system32\drivers\down\4444921.exe
C:\WINDOWS\system32\drivers\down\44523562.exe
C:\WINDOWS\system32\drivers\down\44556140.exe
C:\WINDOWS\system32\drivers\down\44579703.exe
C:\WINDOWS\system32\drivers\down\44579984.exe
C:\WINDOWS\system32\drivers\down\44646187.exe
C:\WINDOWS\system32\drivers\down\44647687.exe
C:\WINDOWS\system32\drivers\down\44687859.exe
C:\WINDOWS\system32\drivers\down\448062.exe
C:\WINDOWS\system32\drivers\down\4512734.exe
C:\WINDOWS\system32\drivers\down\4517343.exe
C:\WINDOWS\system32\drivers\down\4527000.exe
C:\WINDOWS\system32\drivers\down\4684671.exe
C:\WINDOWS\system32\drivers\down\4688171.exe
C:\WINDOWS\system32\drivers\down\4767234.exe
C:\WINDOWS\system32\drivers\down\479953.exe
C:\WINDOWS\system32\drivers\down\498890.exe
C:\WINDOWS\system32\drivers\down\50509015.exe
C:\WINDOWS\system32\drivers\down\50511515.exe
C:\WINDOWS\system32\drivers\down\50513718.exe
C:\WINDOWS\system32\drivers\down\50516000.exe
C:\WINDOWS\system32\drivers\down\50518984.exe
C:\WINDOWS\system32\drivers\down\50550000.exe
C:\WINDOWS\system32\drivers\down\50558375.exe
C:\WINDOWS\system32\drivers\down\50563718.exe
C:\WINDOWS\system32\drivers\down\50566968.exe
C:\WINDOWS\system32\drivers\down\50574343.exe
C:\WINDOWS\system32\drivers\down\50578687.exe
C:\WINDOWS\system32\drivers\down\50579656.exe
C:\WINDOWS\system32\drivers\down\50586500.exe
C:\WINDOWS\system32\drivers\down\50627796.exe
C:\WINDOWS\system32\drivers\down\54769546.exe
C:\WINDOWS\system32\drivers\down\54773328.exe
C:\WINDOWS\system32\drivers\down\54776359.exe
C:\WINDOWS\system32\drivers\down\54790531.exe
C:\WINDOWS\system32\drivers\down\54794593.exe
C:\WINDOWS\system32\drivers\down\54823562.exe
C:\WINDOWS\system32\drivers\down\54830296.exe
C:\WINDOWS\system32\drivers\down\54838812.exe
C:\WINDOWS\system32\drivers\down\54857687.exe
C:\WINDOWS\system32\drivers\down\54862578.exe
C:\WINDOWS\system32\drivers\down\54863531.exe
C:\WINDOWS\system32\drivers\down\54870875.exe
C:\WINDOWS\system32\drivers\down\54910703.exe
C:\WINDOWS\system32\drivers\down\59122281.exe
C:\WINDOWS\system32\drivers\down\59149203.exe
C:\WINDOWS\system32\drivers\down\59157187.exe
C:\WINDOWS\system32\drivers\down\59193859.exe
C:\WINDOWS\system32\drivers\down\59237734.exe
C:\WINDOWS\system32\drivers\down\59270546.exe
C:\WINDOWS\system32\drivers\down\59277718.exe
C:\WINDOWS\system32\drivers\down\59308500.exe
C:\WINDOWS\system32\drivers\down\59372406.exe
C:\WINDOWS\system32\drivers\down\59374921.exe
C:\WINDOWS\system32\drivers\down\59426765.exe
C:\WINDOWS\system32\drivers\down\59429796.exe
C:\WINDOWS\system32\drivers\down\59430031.exe
C:\WINDOWS\system32\drivers\down\59430265.exe
C:\WINDOWS\system32\drivers\down\59432890.exe
C:\WINDOWS\system32\drivers\down\59434328.exe
C:\WINDOWS\system32\drivers\down\59467937.exe
C:\WINDOWS\system32\drivers\down\631906.exe
C:\WINDOWS\system32\drivers\down\65075250.exe
C:\WINDOWS\system32\drivers\down\65078312.exe
C:\WINDOWS\system32\drivers\down\65084062.exe
C:\WINDOWS\system32\drivers\down\65088078.exe
C:\WINDOWS\system32\drivers\down\65091187.exe
C:\WINDOWS\system32\drivers\down\65121843.exe
C:\WINDOWS\system32\drivers\down\65129656.exe
C:\WINDOWS\system32\drivers\down\65143546.exe
C:\WINDOWS\system32\drivers\down\65146203.exe
C:\WINDOWS\system32\drivers\down\65167781.exe
C:\WINDOWS\system32\drivers\down\65174187.exe
C:\WINDOWS\system32\drivers\down\65175015.exe
C:\WINDOWS\system32\drivers\down\65177937.exe
C:\WINDOWS\system32\drivers\down\65239000.exe
C:\WINDOWS\system32\drivers\down\67312.exe
C:\WINDOWS\system32\drivers\down\6879609.exe
C:\WINDOWS\system32\drivers\down\69363531.exe
C:\WINDOWS\system32\drivers\down\69366750.exe
C:\WINDOWS\system32\drivers\down\69369281.exe
C:\WINDOWS\system32\drivers\down\69371187.exe
C:\WINDOWS\system32\drivers\down\69408515.exe
C:\WINDOWS\system32\drivers\down\69414281.exe
C:\WINDOWS\system32\drivers\down\69420625.exe
C:\WINDOWS\system32\drivers\down\69435000.exe
C:\WINDOWS\system32\drivers\down\69440031.exe
C:\WINDOWS\system32\drivers\down\69440765.exe
C:\WINDOWS\system32\drivers\down\69444359.exe
C:\WINDOWS\system32\drivers\down\69484515.exe
C:\WINDOWS\system32\drivers\down\6948859.exe
C:\WINDOWS\system32\drivers\down\6952734.exe
C:\WINDOWS\system32\drivers\down\6958625.exe
C:\WINDOWS\system32\drivers\down\6966375.exe
C:\WINDOWS\system32\drivers\down\70000.exe
C:\WINDOWS\system32\drivers\down\7023078.exe
C:\WINDOWS\system32\drivers\down\7039187.exe
C:\WINDOWS\system32\drivers\down\7043781.exe
C:\WINDOWS\system32\drivers\down\7062078.exe
C:\WINDOWS\system32\drivers\down\7065859.exe
C:\WINDOWS\system32\drivers\down\7080875.exe
C:\WINDOWS\system32\drivers\down\7089375.exe
C:\WINDOWS\system32\drivers\down\7091078.exe
C:\WINDOWS\system32\drivers\down\7093375.exe
C:\WINDOWS\system32\drivers\down\7105593.exe
C:\WINDOWS\system32\drivers\down\7112906.exe
C:\WINDOWS\system32\drivers\down\72093.exe
C:\WINDOWS\system32\drivers\down\72859.exe
C:\WINDOWS\system32\drivers\down\7460562.exe
C:\WINDOWS\system32\drivers\down\74703.exe
C:\WINDOWS\system32\drivers\down\75109.exe
C:\WINDOWS\system32\drivers\down\76687.exe
C:\WINDOWS\system32\drivers\down\77593.exe
C:\WINDOWS\system32\drivers\down\79718.exe
C:\WINDOWS\system32\drivers\down\79906.exe
C:\WINDOWS\system32\drivers\down\79953.exe
C:\WINDOWS\system32\drivers\down\81921.exe
C:\WINDOWS\system32\drivers\down\82000.exe
C:\WINDOWS\system32\drivers\down\82421.exe
C:\WINDOWS\system32\drivers\down\82703.exe
C:\WINDOWS\system32\drivers\down\83218.exe
C:\WINDOWS\system32\drivers\down\83935875.exe
C:\WINDOWS\system32\drivers\down\83938218.exe
C:\WINDOWS\system32\drivers\down\83940828.exe
C:\WINDOWS\system32\drivers\down\83942906.exe
C:\WINDOWS\system32\drivers\down\83970968.exe
C:\WINDOWS\system32\drivers\down\84625.exe
C:\WINDOWS\system32\drivers\down\84859.exe
C:\WINDOWS\system32\drivers\down\85921.exe
C:\WINDOWS\system32\drivers\down\87312.exe
C:\WINDOWS\system32\drivers\down\87580796.exe
C:\WINDOWS\system32\drivers\down\87589015.exe
C:\WINDOWS\system32\drivers\down\87600656.exe
C:\WINDOWS\system32\drivers\down\87604187.exe
C:\WINDOWS\system32\drivers\down\87606484.exe
C:\WINDOWS\system32\drivers\down\87612750.exe
C:\WINDOWS\system32\drivers\down\87653609.exe
C:\WINDOWS\system32\drivers\down\88203.exe
C:\WINDOWS\system32\drivers\down\92375.exe
C:\WINDOWS\system32\drivers\down\93109.exe
C:\WINDOWS\system32\drivers\down\93750.exe
C:\WINDOWS\system32\drivers\down\95156.exe
C:\WINDOWS\system32\drivers\down\95421.exe
C:\WINDOWS\system32\drivers\down\97890.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\mt_32.dll
C:\WINDOWS\system32\plus32.ocx
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\LEGACY_SROSA
-------\srosa

((((((((((((((((((((((((((((( Fichiers créés 2008-02-17 to 2008-03-17 ))))))))))))))))))))))))))))))))))))
.

2008-03-17 13:34 . 2008-03-17 13:34 4 --a------ C:\WINDOWS\system32\GVTunner.ref
2008-03-16 12:57 . 2008-03-16 12:57 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-12 13:53 . 2008-03-12 13:54 <REP> d--h----- C:\Documents and Settings\Nicolas\Application Data\m
2008-02-29 15:47 . 2008-02-29 15:47 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-24 12:56 . 2008-02-24 12:56 <REP> d-------- C:\Program Files\Firaxis Games
2008-02-23 19:20 . 2008-02-23 19:20 <REP> d-------- C:\Program Files\DIFX
2008-02-23 19:12 . 2008-02-23 19:12 <REP> d-------- C:\Program Files\Sega
2008-02-23 19:11 . 2008-02-23 19:11 <REP> d-------- C:\WINDOWS\system32\xlive
2008-02-22 09:02 . 2008-02-22 09:02 <REP> d-------- C:\Program Files\iPod
2008-02-21 21:25 . 2008-02-21 21:25 <REP> d-------- C:\Program Files\Google
2008-02-17 11:37 . 2008-02-17 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-02-17 10:56 . 2007-02-20 16:04 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2008-02-17 10:56 . 2007-02-20 16:04 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-17 12:34 19,039 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys
2008-03-17 12:34 --------- d-----w C:\Program Files\Wanadoo
2008-03-15 16:12 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 16:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-15 15:00 --------- d-----w C:\Program Files\eMule
2008-02-26 16:11 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-24 11:52 --------- d-----w C:\Documents and Settings\Nicolas\Application Data\My Games
2008-02-24 10:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-22 08:03 --------- d-----w C:\Program Files\iTunes
2008-02-22 08:00 --------- d-----w C:\Program Files\QuickTime
2008-02-21 18:47 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-17 11:51 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-02 13:17 --------- d-----w C:\Program Files\Photo Viewer 3.03fs
2008-01-18 20:26 --------- d-----w C:\Program Files\The Witcher
2007-12-26 15:10 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2007-12-26 15:10 22,328 ----a-w C:\Documents and Settings\Nicolas\Application Data\PnkBstrK.sys
2007-12-26 15:10 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-08-31 21:26 1 ----a-w C:\Documents and Settings\Nicolas\SI.bin
2007-02-19 23:55 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2001-03-28 11:02 122,880 ----a-w C:\WINDOWS\inf\Agfa\message.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3C49DDAC-3DA4-4743-AF6C-5974FEAF875C}]
C:\WINDOWS\system32\winload.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54C7D1DD-4296-451e-B756-1E94F665B4FF}]
C:\WINDOWS\system32\yatool.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09 15360]
"Steam"="C:\Program Files\Valve\Steam\\Steam.exe" [2008-02-02 17:31 1266936]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-25 09:09 68856]
"mule_st_key"="C:\Documents and Settings\Nicolas\Application Data\m\flec006.exe" [2008-03-17 11:03 98308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VGAUtil"="C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe" [2006-07-12 15:27 544768]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 08:34 57344 C:\WINDOWS\SOUNDMAN.EXE]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 16:04 707376]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 16:01 277296]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-12-06 17:26 185896]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]
"nwiz"="nwiz.exe" [2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{3C49DDAC-3DA4-4743-AF6C-5974FEAF875C}"= C:\WINDOWS\system32\winload.dll [ ]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
backup=C:\WINDOWS\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Nicolas^Menu Démarrer^Programmes^Démarrage^Registration .LNK]
path=C:\Documents and Settings\Nicolas\Menu Démarrer\Programmes\Démarrage\Registration .LNK
backup=C:\WINDOWS\pss\Registration .LNKStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 15:09 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-10-04 17:14 8491008 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-10-04 17:14 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2003-11-10 17:06 406016 C:\WINDOWS\system32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCS]
--a------ 2006-06-08 09:42 65536 C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]
--a------ 2003-03-11 16:24 86016 C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
--a------ 2006-10-13 16:04 707376 C:\WINDOWS\vVX3000.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gigabyte\\VGA Utility Manager\\G-VGA.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\sdk_luciole\\half-life 2 deathmatch\\hl2.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Sega\\Universe At War Earth Assault\\UAWEA.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2056:TCP"= 2056:TCP:bof
"2056:UDP"= 2056:UDP:gritton

R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2006-10-13 16:01]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-09-02 15:43]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-09-15 19:57]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 14:45]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-10 15:24:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-17 13:35:08
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

C:\WINDOWS\system32\GVGenl.ref 4 bytes

Scan terminé avec succès
Les fichiers cachés: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-17 13:43:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-17 12:43:16
.
2007-10-27 09:04:04 --- E O F ---

L'analyse mrt ne me trouve aucun logiciel malveillant
0
Réponse 3 / 12
SDK_Luciole Messages postés 7 Statut Membre
 
Oulala Le beau rapport que voila
Merci jlpjlp de m'aider

ComboFix 08-03-14.4 - Nicolas 2008-03-17 13:29:10.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.710 [GMT 1:00]
Endroit: C:\Documents and Settings\Nicolas\Bureau\KillBagle.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100140.exe
C:\WINDOWS\system32\drivers\down\103171.exe
C:\WINDOWS\system32\drivers\down\103198875.exe
C:\WINDOWS\system32\drivers\down\103212281.exe
C:\WINDOWS\system32\drivers\down\103215734.exe
C:\WINDOWS\system32\drivers\down\103220656.exe
C:\WINDOWS\system32\drivers\down\103261031.exe
C:\WINDOWS\system32\drivers\down\103282218.exe
C:\WINDOWS\system32\drivers\down\103304984.exe
C:\WINDOWS\system32\drivers\down\103334406.exe
C:\WINDOWS\system32\drivers\down\103338593.exe
C:\WINDOWS\system32\drivers\down\103339484.exe
C:\WINDOWS\system32\drivers\down\103344875.exe
C:\WINDOWS\system32\drivers\down\103389703.exe
C:\WINDOWS\system32\drivers\down\104890.exe
C:\WINDOWS\system32\drivers\down\10521656.exe
C:\WINDOWS\system32\drivers\down\105218.exe
C:\WINDOWS\system32\drivers\down\10525125.exe
C:\WINDOWS\system32\drivers\down\107250.exe
C:\WINDOWS\system32\drivers\down\110609.exe
C:\WINDOWS\system32\drivers\down\111625.exe
C:\WINDOWS\system32\drivers\down\111734.exe
C:\WINDOWS\system32\drivers\down\113671.exe
C:\WINDOWS\system32\drivers\down\114546.exe
C:\WINDOWS\system32\drivers\down\114562.exe
C:\WINDOWS\system32\drivers\down\117816796.exe
C:\WINDOWS\system32\drivers\down\118281.exe
C:\WINDOWS\system32\drivers\down\121423890.exe
C:\WINDOWS\system32\drivers\down\121425968.exe
C:\WINDOWS\system32\drivers\down\121428453.exe
C:\WINDOWS\system32\drivers\down\122500.exe
C:\WINDOWS\system32\drivers\down\124187.exe
C:\WINDOWS\system32\drivers\down\124578.exe
C:\WINDOWS\system32\drivers\down\125084390.exe
C:\WINDOWS\system32\drivers\down\125089171.exe
C:\WINDOWS\system32\drivers\down\125092921.exe
C:\WINDOWS\system32\drivers\down\125101093.exe
C:\WINDOWS\system32\drivers\down\125104453.exe
C:\WINDOWS\system32\drivers\down\125105593.exe
C:\WINDOWS\system32\drivers\down\125113781.exe
C:\WINDOWS\system32\drivers\down\125150312.exe
C:\WINDOWS\system32\drivers\down\125734.exe
C:\WINDOWS\system32\drivers\down\128375.exe
C:\WINDOWS\system32\drivers\down\129328.exe
C:\WINDOWS\system32\drivers\down\132640.exe
C:\WINDOWS\system32\drivers\down\134671.exe
C:\WINDOWS\system32\drivers\down\135437.exe
C:\WINDOWS\system32\drivers\down\137390.exe
C:\WINDOWS\system32\drivers\down\138000.exe
C:\WINDOWS\system32\drivers\down\139093.exe
C:\WINDOWS\system32\drivers\down\139171.exe
C:\WINDOWS\system32\drivers\down\139566437.exe
C:\WINDOWS\system32\drivers\down\139569406.exe
C:\WINDOWS\system32\drivers\down\139571296.exe
C:\WINDOWS\system32\drivers\down\139573515.exe
C:\WINDOWS\system32\drivers\down\139601000.exe
C:\WINDOWS\system32\drivers\down\139604859.exe
C:\WINDOWS\system32\drivers\down\139608781.exe
C:\WINDOWS\system32\drivers\down\139617671.exe
C:\WINDOWS\system32\drivers\down\139621000.exe
C:\WINDOWS\system32\drivers\down\139622671.exe
C:\WINDOWS\system32\drivers\down\139651750.exe
C:\WINDOWS\system32\drivers\down\139690296.exe
C:\WINDOWS\system32\drivers\down\140250.exe
C:\WINDOWS\system32\drivers\down\140453.exe
C:\WINDOWS\system32\drivers\down\142984.exe
C:\WINDOWS\system32\drivers\down\144078.exe
C:\WINDOWS\system32\drivers\down\144328.exe
C:\WINDOWS\system32\drivers\down\146406.exe
C:\WINDOWS\system32\drivers\down\14659718.exe
C:\WINDOWS\system32\drivers\down\14679250.exe
C:\WINDOWS\system32\drivers\down\14681796.exe
C:\WINDOWS\system32\drivers\down\14690437.exe
C:\WINDOWS\system32\drivers\down\14709140.exe
C:\WINDOWS\system32\drivers\down\14711718.exe
C:\WINDOWS\system32\drivers\down\14713687.exe
C:\WINDOWS\system32\drivers\down\14716437.exe
C:\WINDOWS\system32\drivers\down\14719281.exe
C:\WINDOWS\system32\drivers\down\14720890.exe
C:\WINDOWS\system32\drivers\down\14731140.exe
C:\WINDOWS\system32\drivers\down\14735750.exe
C:\WINDOWS\system32\drivers\down\14742765.exe
C:\WINDOWS\system32\drivers\down\14746296.exe
C:\WINDOWS\system32\drivers\down\147500.exe
C:\WINDOWS\system32\drivers\down\14759875.exe
C:\WINDOWS\system32\drivers\down\14766000.exe
C:\WINDOWS\system32\drivers\down\14766671.exe
C:\WINDOWS\system32\drivers\down\14768281.exe
C:\WINDOWS\system32\drivers\down\14772437.exe
C:\WINDOWS\system32\drivers\down\14772578.exe
C:\WINDOWS\system32\drivers\down\14780625.exe
C:\WINDOWS\system32\drivers\down\14783468.exe
C:\WINDOWS\system32\drivers\down\14788671.exe
C:\WINDOWS\system32\drivers\down\148187.exe
C:\WINDOWS\system32\drivers\down\14820250.exe
C:\WINDOWS\system32\drivers\down\14827609.exe
C:\WINDOWS\system32\drivers\down\14832890.exe
C:\WINDOWS\system32\drivers\down\149656.exe
C:\WINDOWS\system32\drivers\down\150125.exe
C:\WINDOWS\system32\drivers\down\151966562.exe
C:\WINDOWS\system32\drivers\down\151984484.exe
C:\WINDOWS\system32\drivers\down\151990312.exe
C:\WINDOWS\system32\drivers\down\151993953.exe
C:\WINDOWS\system32\drivers\down\151996750.exe
C:\WINDOWS\system32\drivers\down\152047828.exe
C:\WINDOWS\system32\drivers\down\152054781.exe
C:\WINDOWS\system32\drivers\down\152061906.exe
C:\WINDOWS\system32\drivers\down\152065828.exe
C:\WINDOWS\system32\drivers\down\152081968.exe
C:\WINDOWS\system32\drivers\down\152092093.exe
C:\WINDOWS\system32\drivers\down\152097750.exe
C:\WINDOWS\system32\drivers\down\152113234.exe
C:\WINDOWS\system32\drivers\down\152160859.exe
C:\WINDOWS\system32\drivers\down\154108984.exe
C:\WINDOWS\system32\drivers\down\154112421.exe
C:\WINDOWS\system32\drivers\down\154890.exe
C:\WINDOWS\system32\drivers\down\1558921.exe
C:\WINDOWS\system32\drivers\down\157234.exe
C:\WINDOWS\system32\drivers\down\157720203.exe
C:\WINDOWS\system32\drivers\down\157723000.exe
C:\WINDOWS\system32\drivers\down\157762328.exe
C:\WINDOWS\system32\drivers\down\157775296.exe
C:\WINDOWS\system32\drivers\down\157787406.exe
C:\WINDOWS\system32\drivers\down\157809500.exe
C:\WINDOWS\system32\drivers\down\157813593.exe
C:\WINDOWS\system32\drivers\down\157814546.exe
C:\WINDOWS\system32\drivers\down\157822625.exe
C:\WINDOWS\system32\drivers\down\157865312.exe
C:\WINDOWS\system32\drivers\down\157875.exe
C:\WINDOWS\system32\drivers\down\158828.exe
C:\WINDOWS\system32\drivers\down\159828.exe
C:\WINDOWS\system32\drivers\down\160531.exe
C:\WINDOWS\system32\drivers\down\162218.exe
C:\WINDOWS\system32\drivers\down\166611390.exe
C:\WINDOWS\system32\drivers\down\166620515.exe
C:\WINDOWS\system32\drivers\down\166624015.exe
C:\WINDOWS\system32\drivers\down\166626953.exe
C:\WINDOWS\system32\drivers\down\166634718.exe
C:\WINDOWS\system32\drivers\down\166859.exe
C:\WINDOWS\system32\drivers\down\168500.exe
C:\WINDOWS\system32\drivers\down\169406.exe
C:\WINDOWS\system32\drivers\down\169875.exe
C:\WINDOWS\system32\drivers\down\171015.exe
C:\WINDOWS\system32\drivers\down\1722843.exe
C:\WINDOWS\system32\drivers\down\172295453.exe
C:\WINDOWS\system32\drivers\down\172310453.exe
C:\WINDOWS\system32\drivers\down\172314593.exe
C:\WINDOWS\system32\drivers\down\172320812.exe
C:\WINDOWS\system32\drivers\down\172421.exe
C:\WINDOWS\system32\drivers\down\1750640.exe
C:\WINDOWS\system32\drivers\down\175958578.exe
C:\WINDOWS\system32\drivers\down\175969843.exe
C:\WINDOWS\system32\drivers\down\175980703.exe
C:\WINDOWS\system32\drivers\down\176003125.exe
C:\WINDOWS\system32\drivers\down\1794203.exe
C:\WINDOWS\system32\drivers\down\179619109.exe
C:\WINDOWS\system32\drivers\down\179621984.exe
C:\WINDOWS\system32\drivers\down\179650250.exe
C:\WINDOWS\system32\drivers\down\1796843.exe
C:\WINDOWS\system32\drivers\down\181234.exe
C:\WINDOWS\system32\drivers\down\183307421.exe
C:\WINDOWS\system32\drivers\down\18459640.exe
C:\WINDOWS\system32\drivers\down\18497906.exe
C:\WINDOWS\system32\drivers\down\18543453.exe
C:\WINDOWS\system32\drivers\down\185703.exe
C:\WINDOWS\system32\drivers\down\187515.exe
C:\WINDOWS\system32\drivers\down\189500.exe
C:\WINDOWS\system32\drivers\down\190703.exe
C:\WINDOWS\system32\drivers\down\208484.exe
C:\WINDOWS\system32\drivers\down\21337578.exe
C:\WINDOWS\system32\drivers\down\21341171.exe
C:\WINDOWS\system32\drivers\down\21367515.exe
C:\WINDOWS\system32\drivers\down\21402093.exe
C:\WINDOWS\system32\drivers\down\21412531.exe
C:\WINDOWS\system32\drivers\down\21423359.exe
C:\WINDOWS\system32\drivers\down\21427546.exe
C:\WINDOWS\system32\drivers\down\21440859.exe
C:\WINDOWS\system32\drivers\down\21446906.exe
C:\WINDOWS\system32\drivers\down\21449203.exe
C:\WINDOWS\system32\drivers\down\21453015.exe
C:\WINDOWS\system32\drivers\down\21510406.exe
C:\WINDOWS\system32\drivers\down\219796.exe
C:\WINDOWS\system32\drivers\down\2201125.exe
C:\WINDOWS\system32\drivers\down\2231156.exe
C:\WINDOWS\system32\drivers\down\2231562.exe
C:\WINDOWS\system32\drivers\down\2233000.exe
C:\WINDOWS\system32\drivers\down\225078.exe
C:\WINDOWS\system32\drivers\down\2348359.exe
C:\WINDOWS\system32\drivers\down\237250.exe
C:\WINDOWS\system32\drivers\down\237640.exe
C:\WINDOWS\system32\drivers\down\2397734.exe
C:\WINDOWS\system32\drivers\down\250468.exe
C:\WINDOWS\system32\drivers\down\254531.exe
C:\WINDOWS\system32\drivers\down\255453.exe
C:\WINDOWS\system32\drivers\down\258484.exe
C:\WINDOWS\system32\drivers\down\2738250.exe
C:\WINDOWS\system32\drivers\down\273875.exe
C:\WINDOWS\system32\drivers\down\276140.exe
C:\WINDOWS\system32\drivers\down\279937.exe
C:\WINDOWS\system32\drivers\down\286328.exe
C:\WINDOWS\system32\drivers\down\29252343.exe
C:\WINDOWS\system32\drivers\down\293078.exe
C:\WINDOWS\system32\drivers\down\29315531.exe
C:\WINDOWS\system32\drivers\down\29346265.exe
C:\WINDOWS\system32\drivers\down\29382109.exe
C:\WINDOWS\system32\drivers\down\29529593.exe
C:\WINDOWS\system32\drivers\down\29623640.exe
C:\WINDOWS\system32\drivers\down\29634812.exe
C:\WINDOWS\system32\drivers\down\29638828.exe
C:\WINDOWS\system32\drivers\down\29678281.exe
C:\WINDOWS\system32\drivers\down\29690859.exe
C:\WINDOWS\system32\drivers\down\29718750.exe
C:\WINDOWS\system32\drivers\down\29723421.exe
C:\WINDOWS\system32\drivers\down\29771546.exe
C:\WINDOWS\system32\drivers\down\29773375.exe
C:\WINDOWS\system32\drivers\down\29790937.exe
C:\WINDOWS\system32\drivers\down\29806078.exe
C:\WINDOWS\system32\drivers\down\29857093.exe
C:\WINDOWS\system32\drivers\down\32975718.exe
C:\WINDOWS\system32\drivers\down\32981250.exe
C:\WINDOWS\system32\drivers\down\32984015.exe
C:\WINDOWS\system32\drivers\down\32990531.exe
C:\WINDOWS\system32\drivers\down\32994015.exe
C:\WINDOWS\system32\drivers\down\35942312.exe
C:\WINDOWS\system32\drivers\down\35946734.exe
C:\WINDOWS\system32\drivers\down\35950843.exe
C:\WINDOWS\system32\drivers\down\35954359.exe
C:\WINDOWS\system32\drivers\down\35958000.exe
C:\WINDOWS\system32\drivers\down\35989312.exe
C:\WINDOWS\system32\drivers\down\35999046.exe
C:\WINDOWS\system32\drivers\down\36004953.exe
C:\WINDOWS\system32\drivers\down\36007781.exe
C:\WINDOWS\system32\drivers\down\36018656.exe
C:\WINDOWS\system32\drivers\down\36024718.exe
C:\WINDOWS\system32\drivers\down\36026359.exe
C:\WINDOWS\system32\drivers\down\36033843.exe
C:\WINDOWS\system32\drivers\down\36078953.exe
C:\WINDOWS\system32\drivers\down\3754609.exe
C:\WINDOWS\system32\drivers\down\3754781.exe
C:\WINDOWS\system32\drivers\down\3761421.exe
C:\WINDOWS\system32\drivers\down\3768000.exe
C:\WINDOWS\system32\drivers\down\3771812.exe
C:\WINDOWS\system32\drivers\down\3772687.exe
C:\WINDOWS\system32\drivers\down\3774984.exe
C:\WINDOWS\system32\drivers\down\3780281.exe
C:\WINDOWS\system32\drivers\down\3794734.exe
C:\WINDOWS\system32\drivers\down\3797343.exe
C:\WINDOWS\system32\drivers\down\3809562.exe
C:\WINDOWS\system32\drivers\down\3817156.exe
C:\WINDOWS\system32\drivers\down\3817406.exe
C:\WINDOWS\system32\drivers\down\383734.exe
C:\WINDOWS\system32\drivers\down\3879984.exe
C:\WINDOWS\system32\drivers\down\3915390.exe
C:\WINDOWS\system32\drivers\down\395812.exe
C:\WINDOWS\system32\drivers\down\3969796.exe
C:\WINDOWS\system32\drivers\down\40261906.exe
C:\WINDOWS\system32\drivers\down\40272203.exe
C:\WINDOWS\system32\drivers\down\40278390.exe
C:\WINDOWS\system32\drivers\down\40290921.exe
C:\WINDOWS\system32\drivers\down\40295937.exe
C:\WINDOWS\system32\drivers\down\40297703.exe
C:\WINDOWS\system32\drivers\down\40302421.exe
C:\WINDOWS\system32\drivers\down\40346562.exe
C:\WINDOWS\system32\drivers\down\4186781.exe
C:\WINDOWS\system32\drivers\down\4214046.exe
C:\WINDOWS\system32\drivers\down\423546.exe
C:\WINDOWS\system32\drivers\down\424234.exe
C:\WINDOWS\system32\drivers\down\424937.exe
C:\WINDOWS\system32\drivers\down\4251671.exe
C:\WINDOWS\system32\drivers\down\4346984.exe
C:\WINDOWS\system32\drivers\down\4350468.exe
C:\WINDOWS\system32\drivers\down\435625.exe
C:\WINDOWS\system32\drivers\down\44309671.exe
C:\WINDOWS\system32\drivers\down\44316812.exe
C:\WINDOWS\system32\drivers\down\44318234.exe
C:\WINDOWS\system32\drivers\down\44319703.exe
C:\WINDOWS\system32\drivers\down\44322234.exe
C:\WINDOWS\system32\drivers\down\44340671.exe
C:\WINDOWS\system32\drivers\down\44347203.exe
C:\WINDOWS\system32\drivers\down\44348953.exe
C:\WINDOWS\system32\drivers\down\44351109.exe
C:\WINDOWS\system32\drivers\down\44364296.exe
C:\WINDOWS\system32\drivers\down\4444921.exe
C:\WINDOWS\system32\drivers\down\44523562.exe
C:\WINDOWS\system32\drivers\down\44556140.exe
C:\WINDOWS\system32\drivers\down\44579703.exe
C:\WINDOWS\system32\drivers\down\44579984.exe
C:\WINDOWS\system32\drivers\down\44646187.exe
C:\WINDOWS\system32\drivers\down\44647687.exe
C:\WINDOWS\system32\drivers\down\44687859.exe
C:\WINDOWS\system32\drivers\down\448062.exe
C:\WINDOWS\system32\drivers\down\4512734.exe
C:\WINDOWS\system32\drivers\down\4517343.exe
C:\WINDOWS\system32\drivers\down\4527000.exe
C:\WINDOWS\system32\drivers\down\4684671.exe
C:\WINDOWS\system32\drivers\down\4688171.exe
C:\WINDOWS\system32\drivers\down\4767234.exe
C:\WINDOWS\system32\drivers\down\479953.exe
C:\WINDOWS\system32\drivers\down\498890.exe
C:\WINDOWS\system32\drivers\down\50509015.exe
C:\WINDOWS\system32\drivers\down\50511515.exe
C:\WINDOWS\system32\drivers\down\50513718.exe
C:\WINDOWS\system32\drivers\down\50516000.exe
C:\WINDOWS\system32\drivers\down\50518984.exe
C:\WINDOWS\system32\drivers\down\50550000.exe
C:\WINDOWS\system32\drivers\down\50558375.exe
C:\WINDOWS\system32\drivers\down\50563718.exe
C:\WINDOWS\system32\drivers\down\50566968.exe
C:\WINDOWS\system32\drivers\down\50574343.exe
C:\WINDOWS\system32\drivers\down\50578687.exe
C:\WINDOWS\system32\drivers\down\50579656.exe
C:\WINDOWS\system32\drivers\down\50586500.exe
C:\WINDOWS\system32\drivers\down\50627796.exe
C:\WINDOWS\system32\drivers\down\54769546.exe
C:\WINDOWS\system32\drivers\down\54773328.exe
C:\WINDOWS\system32\drivers\down\54776359.exe
C:\WINDOWS\system32\drivers\down\54790531.exe
C:\WINDOWS\system32\drivers\down\54794593.exe
C:\WINDOWS\system32\drivers\down\54823562.exe
C:\WINDOWS\system32\drivers\down\54830296.exe
C:\WINDOWS\system32\drivers\down\54838812.exe
C:\WINDOWS\system32\drivers\down\54857687.exe
C:\WINDOWS\system32\drivers\down\54862578.exe
C:\WINDOWS\system32\drivers\down\54863531.exe
C:\WINDOWS\system32\drivers\down\54870875.exe
C:\WINDOWS\system32\drivers\down\54910703.exe
C:\WINDOWS\system32\drivers\down\59122281.exe
C:\WINDOWS\system32\drivers\down\59149203.exe
C:\WINDOWS\system32\drivers\down\59157187.exe
C:\WINDOWS\system32\drivers\down\59193859.exe
C:\WINDOWS\system32\drivers\down\59237734.exe
C:\WINDOWS\system32\drivers\down\59270546.exe
C:\WINDOWS\system32\drivers\down\59277718.exe
C:\WINDOWS\system32\drivers\down\59308500.exe
C:\WINDOWS\system32\drivers\down\59372406.exe
C:\WINDOWS\system32\drivers\down\59374921.exe
C:\WINDOWS\system32\drivers\down\59426765.exe
C:\WINDOWS\system32\drivers\down\59429796.exe
C:\WINDOWS\system32\drivers\down\59430031.exe
C:\WINDOWS\system32\drivers\down\59430265.exe
C:\WINDOWS\system32\drivers\down\59432890.exe
C:\WINDOWS\system32\drivers\down\59434328.exe
C:\WINDOWS\system32\drivers\down\59467937.exe
C:\WINDOWS\system32\drivers\down\631906.exe
C:\WINDOWS\system32\drivers\down\65075250.exe
C:\WINDOWS\system32\drivers\down\65078312.exe
C:\WINDOWS\system32\drivers\down\65084062.exe
C:\WINDOWS\system32\drivers\down\65088078.exe
C:\WINDOWS\system32\drivers\down\65091187.exe
C:\WINDOWS\system32\drivers\down\65121843.exe
C:\WINDOWS\system32\drivers\down\65129656.exe
C:\WINDOWS\system32\drivers\down\65143546.exe
C:\WINDOWS\system32\drivers\down\65146203.exe
C:\WINDOWS\system32\drivers\down\65167781.exe
C:\WINDOWS\system32\drivers\down\65174187.exe
C:\WINDOWS\system32\drivers\down\65175015.exe
C:\WINDOWS\system32\drivers\down\65177937.exe
C:\WINDOWS\system32\drivers\down\65239000.exe
C:\WINDOWS\system32\drivers\down\67312.exe
C:\WINDOWS\system32\drivers\down\6879609.exe
C:\WINDOWS\system32\drivers\down\69363531.exe
C:\WINDOWS\system32\drivers\down\69366750.exe
C:\WINDOWS\system32\drivers\down\69369281.exe
C:\WINDOWS\system32\drivers\down\69371187.exe
C:\WINDOWS\system32\drivers\down\69408515.exe
C:\WINDOWS\system32\drivers\down\69414281.exe
C:\WINDOWS\system32\drivers\down\69420625.exe
C:\WINDOWS\system32\drivers\down\69435000.exe
C:\WINDOWS\system32\drivers\down\69440031.exe
C:\WINDOWS\system32\drivers\down\69440765.exe
C:\WINDOWS\system32\drivers\down\69444359.exe
C:\WINDOWS\system32\drivers\down\69484515.exe
C:\WINDOWS\system32\drivers\down\6948859.exe
C:\WINDOWS\system32\drivers\down\6952734.exe
C:\WINDOWS\system32\drivers\down\6958625.exe
C:\WINDOWS\system32\drivers\down\6966375.exe
C:\WINDOWS\system32\drivers\down\70000.exe
C:\WINDOWS\system32\drivers\down\7023078.exe
C:\WINDOWS\system32\drivers\down\7039187.exe
C:\WINDOWS\system32\drivers\down\7043781.exe
C:\WINDOWS\system32\drivers\down\7062078.exe
C:\WINDOWS\system32\drivers\down\7065859.exe
C:\WINDOWS\system32\drivers\down\7080875.exe
C:\WINDOWS\system32\drivers\down\7089375.exe
C:\WINDOWS\system32\drivers\down\7091078.exe
C:\WINDOWS\system32\drivers\down\7093375.exe
C:\WINDOWS\system32\drivers\down\7105593.exe
C:\WINDOWS\system32\drivers\down\7112906.exe
C:\WINDOWS\system32\drivers\down\72093.exe
C:\WINDOWS\system32\drivers\down\72859.exe
C:\WINDOWS\system32\drivers\down\7460562.exe
C:\WINDOWS\system32\drivers\down\74703.exe
C:\WINDOWS\system32\drivers\down\75109.exe
C:\WINDOWS\system32\drivers\down\76687.exe
C:\WINDOWS\system32\drivers\down\77593.exe
C:\WINDOWS\system32\drivers\down\79718.exe
C:\WINDOWS\system32\drivers\down\79906.exe
C:\WINDOWS\system32\drivers\down\79953.exe
C:\WINDOWS\system32\drivers\down\81921.exe
C:\WINDOWS\system32\drivers\down\82000.exe
C:\WINDOWS\system32\drivers\down\82421.exe
C:\WINDOWS\system32\drivers\down\82703.exe
C:\WINDOWS\system32\drivers\down\83218.exe
C:\WINDOWS\system32\drivers\down\83935875.exe
C:\WINDOWS\system32\drivers\down\83938218.exe
C:\WINDOWS\system32\drivers\down\83940828.exe
C:\WINDOWS\system32\drivers\down\83942906.exe
C:\WINDOWS\system32\drivers\down\83970968.exe
C:\WINDOWS\system32\drivers\down\84625.exe
C:\WINDOWS\system32\drivers\down\84859.exe
C:\WINDOWS\system32\drivers\down\85921.exe
C:\WINDOWS\system32\drivers\down\87312.exe
C:\WINDOWS\system32\drivers\down\87580796.exe
C:\WINDOWS\system32\drivers\down\87589015.exe
C:\WINDOWS\system32\drivers\down\87600656.exe
C:\WINDOWS\system32\drivers\down\87604187.exe
C:\WINDOWS\system32\drivers\down\87606484.exe
C:\WINDOWS\system32\drivers\down\87612750.exe
C:\WINDOWS\system32\drivers\down\87653609.exe
C:\WINDOWS\system32\drivers\down\88203.exe
C:\WINDOWS\system32\drivers\down\92375.exe
C:\WINDOWS\system32\drivers\down\93109.exe
C:\WINDOWS\system32\drivers\down\93750.exe
C:\WINDOWS\system32\drivers\down\95156.exe
C:\WINDOWS\system32\drivers\down\95421.exe
C:\WINDOWS\system32\drivers\down\97890.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\mt_32.dll
C:\WINDOWS\system32\plus32.ocx
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\LEGACY_SROSA
-------\srosa

((((((((((((((((((((((((((((( Fichiers créés 2008-02-17 to 2008-03-17 ))))))))))))))))))))))))))))))))))))
.

2008-03-17 13:34 . 2008-03-17 13:34 4 --a------ C:\WINDOWS\system32\GVTunner.ref
2008-03-16 12:57 . 2008-03-16 12:57 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-12 13:53 . 2008-03-12 13:54 <REP> d--h----- C:\Documents and Settings\Nicolas\Application Data\m
2008-02-29 15:47 . 2008-02-29 15:47 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-24 12:56 . 2008-02-24 12:56 <REP> d-------- C:\Program Files\Firaxis Games
2008-02-23 19:20 . 2008-02-23 19:20 <REP> d-------- C:\Program Files\DIFX
2008-02-23 19:12 . 2008-02-23 19:12 <REP> d-------- C:\Program Files\Sega
2008-02-23 19:11 . 2008-02-23 19:11 <REP> d-------- C:\WINDOWS\system32\xlive
2008-02-22 09:02 . 2008-02-22 09:02 <REP> d-------- C:\Program Files\iPod
2008-02-21 21:25 . 2008-02-21 21:25 <REP> d-------- C:\Program Files\Google
2008-02-17 11:37 . 2008-02-17 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-02-17 10:56 . 2007-02-20 16:04 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2008-02-17 10:56 . 2007-02-20 16:04 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-17 12:34 19,039 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys
2008-03-17 12:34 --------- d-----w C:\Program Files\Wanadoo
2008-03-15 16:12 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-15 16:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-15 15:00 --------- d-----w C:\Program Files\eMule
2008-02-26 16:11 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-24 11:52 --------- d-----w C:\Documents and Settings\Nicolas\Application Data\My Games
2008-02-24 10:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-22 08:03 --------- d-----w C:\Program Files\iTunes
2008-02-22 08:00 --------- d-----w C:\Program Files\QuickTime
2008-02-21 18:47 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-17 11:51 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-02 13:17 --------- d-----w C:\Program Files\Photo Viewer 3.03fs
2008-01-18 20:26 --------- d-----w C:\Program Files\The Witcher
2007-12-26 15:10 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2007-12-26 15:10 22,328 ----a-w C:\Documents and Settings\Nicolas\Application Data\PnkBstrK.sys
2007-12-26 15:10 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-08-31 21:26 1 ----a-w C:\Documents and Settings\Nicolas\SI.bin
2007-02-19 23:55 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2001-03-28 11:02 122,880 ----a-w C:\WINDOWS\inf\Agfa\message.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3C49DDAC-3DA4-4743-AF6C-5974FEAF875C}]
C:\WINDOWS\system32\winload.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54C7D1DD-4296-451e-B756-1E94F665B4FF}]
C:\WINDOWS\system32\yatool.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09 15360]
"Steam"="C:\Program Files\Valve\Steam\\Steam.exe" [2008-02-02 17:31 1266936]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-25 09:09 68856]
"mule_st_key"="C:\Documents and Settings\Nicolas\Application Data\m\flec006.exe" [2008-03-17 11:03 98308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VGAUtil"="C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe" [2006-07-12 15:27 544768]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 08:34 57344 C:\WINDOWS\SOUNDMAN.EXE]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 16:04 707376]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 16:01 277296]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-12-06 17:26 185896]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]
"nwiz"="nwiz.exe" [2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{3C49DDAC-3DA4-4743-AF6C-5974FEAF875C}"= C:\WINDOWS\system32\winload.dll [ ]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
backup=C:\WINDOWS\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Nicolas^Menu Démarrer^Programmes^Démarrage^Registration .LNK]
path=C:\Documents and Settings\Nicolas\Menu Démarrer\Programmes\Démarrage\Registration .LNK
backup=C:\WINDOWS\pss\Registration .LNKStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-19 15:09 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-10-04 17:14 8491008 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-10-04 17:14 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-10-04 17:14 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2003-11-10 17:06 406016 C:\WINDOWS\system32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCS]
--a------ 2006-06-08 09:42 65536 C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]
--a------ 2003-03-11 16:24 86016 C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
--a------ 2006-10-13 16:04 707376 C:\WINDOWS\vVX3000.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gigabyte\\VGA Utility Manager\\G-VGA.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\sdk_luciole\\half-life 2 deathmatch\\hl2.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Sega\\Universe At War Earth Assault\\UAWEA.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2056:TCP"= 2056:TCP:bof
"2056:UDP"= 2056:UDP:gritton

R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2006-10-13 16:01]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-09-02 15:43]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-09-15 19:57]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 14:45]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-10 15:24:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-17 13:35:08
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

C:\WINDOWS\system32\GVGenl.ref 4 bytes

Scan terminé avec succès
Les fichiers cachés: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-17 13:43:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-17 12:43:16
.
2007-10-27 09:04:04 --- E O F ---
0
Réponse 4 / 12
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
oui beau rapport . Fais le reste . À plus
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
SDK_Luciole Messages postés 7 Statut Membre
 
Voila c'est fait analyse par panda dont voici le rapport

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-03-17 15:57:36
PROTECTIONS: 64
MALWARE: 23
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 No Yes
Avira AntiVir PersonalEdition Classic 6.38.1.27
Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 No Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.121
Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes No
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.134
Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.81
Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 No Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 No Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.19
No Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.134
Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 6.38.1.107
Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
Avira AntiVir PersonalEdition Classic 0.0.0.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@tradedoubler[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@mediaplex[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.xiti.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@apmebf[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@weborama[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.fl01.ct2.comclick.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@advertising[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@overture[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.bluestreak.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Application Data\Mozilla\Firefox\Profiles\3vo6bqx6.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Nicolas\Cookies\nicolas@smartadserver[2].txt
01048936 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060875.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060432.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060870.sys
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060562.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060633.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060705.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060447.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\104890.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14659718.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\158828.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29252343.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\44309671.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\59122281.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060502.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\6879609.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\72859.exe.vir
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060792.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060822.exe
02893167 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060759.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0056915.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0056916.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060857.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060856.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060854.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060836.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060830.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060868.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060825.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059475.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059476.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059477.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\95421.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059539.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059546.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059547.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP267\A0059561.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP267\A0059562.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP267\A0059563.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059574.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059575.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059582.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060809.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059595.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059596.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060805.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060793.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059650.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059651.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059652.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\93109.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059662.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059663.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059664.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060791.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059675.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP269\A0059970.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP270\A0060380.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060778.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP270\A0060421.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP270\A0060422.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP270\A0060423.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\67312.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060435.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060448.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060450.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060458.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060463.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060484.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060506.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060507.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060532.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060533.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060546.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060869.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060566.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060577.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\catchme2008-03-17_133449.96.zip[mdelk.exe]
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060651.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060652.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060656.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060657.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\catchme2008-03-17_133449.96.zip[wintems.exe]
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060732.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060733.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060746.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060747.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060826.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060777.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060911.exe
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059674.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059661.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059649.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059639.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP268\A0059594.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP266\A0059532.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP265\A0059451.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0058451.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0057451.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP270\A0060420.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0057439.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0057426.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0056940.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP264\A0056926.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP263\A0056798.sys
02898935 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\QooBox\Quarantine\catchme2008-03-17_133449.96.zip[srosa.sys]
02904978 W32/Bagle.SB.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{673993AD-120D-47B5-88E2-BD26BBCE4D4C}\RP271\A0060833.exe
02906583 Trj/Mitglieder.TA Virus/Trojan No 0 Yes No C:\Program Files\Valve\Steam\Steam.exe -silent
02906583 Trj/Mitglieder.TA Virus/Trojan No 0 Yes No C:\QooBox\Quarantine\catchme2008-03-17_133449.96.zip[hldrrr.exe]
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================

D'ailleur c'est bizarre qu il me dise qu'Antivir est a jour vu que je l'avait desinstallé mais bon
0
Réponse 6 / 12
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :
C:\Program Files\Valve\Steam\Steam.exe

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

_____________

vire ce qui est dans moved files en allant dans poste de travail puis c puis otmovit

_______________

vire ce qui est dans quarantine en allant dans poste de travail puis c puis

C:\QooBox\Quarantine

___________________

utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

__________________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

___________________

resinstalle antivir et colle moi un rapport et dis tes soucis

a plus
0
Réponse 7 / 12
SDK_Luciole Messages postés 7 Statut Membre
 
Je pense que tout est rentré dans l'ordre, voici mon rapport d'antivir

AntiVir PersonalEdition Classic
Report file date: lundi 17 mars 2008 17:34

Scanning for 1150818 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Nicolas
Computer name: ORDINATEUR

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:22:51
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 16:22:51
ANTIVIR3.VDF : 7.0.3.41 197632 Bytes 17/03/2008 16:22:51
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 17/03/2008 16:22:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/03/2008 16:22:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 17 mars 2008 17:34

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
C:\Program Files\Valve\Steam\Steam.exe -silent
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP
[INFO] The file was deleted!
C:\Program Files\Valve\Steam\Steam.exe -silent
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.KP

The registry was scanned ( '35' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\eMule\Incoming\ADOBE Photoshop CS3 Extended FR [en FRANCAIS KEYGEN ACTIVATION] 100%OK by ROSKA.rar
[0] Archive type: RAR
--> ADOBE Photoshop CS3 Extended FR [en FRANCAIS + KEYGEN ACTIVATION] 100%OK by ROSKA\ADOBE PhotoShop CS3 Extended [Keygen+Activation]\PhotoShop.CS3.Extended.Keygen+Activation.exe
[DETECTION] Is the Trojan horse TR/Proxy.Horst.aae.3
[INFO] The file was deleted!
C:\Program Files\eMule\Incoming\Adobe Photoshop CS3 Extended Francais Version finale.rar
[0] Archive type: RAR
--> Adobe Photoshop CS3 Extended Francais\Adobe CS3 family Activation\DreamWeaver.CS3.Keygen_Activation\DreamWeaver.CS3.Keygen+Activation\DreamWeaver.CS3.Keygen+Activation.exe
[DETECTION] Is the Trojan horse TR/Proxy.Horst.aae.11
--> Adobe Photoshop CS3 Extended Francais\Adobe CS3 family Activation\FireWorks.CS3.Keygen_Activation\FireWorks.CS3.Keygen+Activation\FireWorks.CS3.Keygen+Activation.exe
[DETECTION] Is the Trojan horse TR/Proxy.Horst.aae.13
--> Adobe Photoshop CS3 Extended Francais\Adobe CS3 family Activation\Flash.CS3.Keygen_Activation\Flash.CS3.Keygen+Activation\Flash.CS3.Keygen+Activation.exe
[DETECTION] Is the Trojan horse TR/Proxy.Horst.aae.10
--> Adobe Photoshop CS3 Extended Francais\Adobe CS3 family Activation\PhotoShop.CS3.Extended.Keygen_Activation\PhotoShop.CS3.Extended.Keygen+Activation\PhotoShop.CS3.Extended.Keygen+Activation.exe
[DETECTION] Is the Trojan horse TR/Proxy.Horst.aae.3
[INFO] The file was deleted!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was deleted!
C:\Program Files\Panda Security\TotalScan\pskavs.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!

End of the scan: lundi 17 mars 2008 21:11
Used time: 3:37:40 min

The scan has been done completely.

7137 Scanning directories
516104 Files were scanned
8 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
5 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
516096 Files not concerned
2442 Archives were scanned
2 Warnings
0 Notes

En tout cas merci pour ton aide mon pc semble de nouveau fonctioner normalement
0
Réponse 8 / 12
lina-mis Messages postés 1 Statut Membre
 
slt tt le mounde je v 1 sit pour envi des sms ver les tel mobil on iatly
0
Réponse 9 / 12
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire tes cracks et recolle un rapport antivir
0
Réponse 10 / 12
SDK_Luciole Messages postés 7 Statut Membre
 
Voili voilou le dernier scan antivir ne ma rien detecté voila quand même le rapport

AntiVir PersonalEdition Classic
Report file date: vendredi 21 mars 2008 15:57

Scanning for 1160082 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ORDINATEUR

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:22:51
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 16:22:51
ANTIVIR3.VDF : 7.0.3.61 328192 Bytes 20/03/2008 16:19:28
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 19/03/2008 16:20:18
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/03/2008 16:22:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: G:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 21 mars 2008 15:57

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'iTunes.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'vVX3000.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '31' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'G:\' <Nicolas>

End of the scan: vendredi 21 mars 2008 17:20
Used time: 1:23:42 min

The scan has been done completely.

7466 Scanning directories
320758 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
320758 Files not concerned
2128 Archives were scanned
2 Warnings
1 Notes

Voila
0
Réponse 11 / 12
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
encore des socuis?
0
Réponse 12 / 12
SDK_Luciole Messages postés 7 Statut Membre
 
Nan plus aucun
encore merci pour ton aide ca ma évité le brutal formatage de disque dur
0