Sujet Précédent Sujet Suivant

Avast win32

pottyboops Messages postés 15 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,

Sans doute suite à un mauvais téléchargement, avast ne fonctionne plus, il a disparu de la barre des tâches et impossible de le lancer depuis le disque dur. Il ne serait pas compatible avec win32. J'ai téléchargé le logiciel espagnol recommandé pour ce genre de problême qui ne veut pas non plus s'executer.

Quelqu'un pourrait-il m'aider s'il vous plait...

Voici
A voir également:

24 réponses

  • 1
  • 2
Réponse 1 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt surement une infection bagle

vire tes cracks

puis

Telecharge FindyKill sur ton bureau :

--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l installation avec les parametres par default

--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
Réponse 2 / 24
pottyboops Messages postés 15 Statut Membre
 
Voilà le rapport:

----------------- FindyKill V4.707 ------------------

* User : HP_Propriétaire - NOM-EB85C523610
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 06/12/08 par Chiquitine29
* Recherche effectuée à 18:42:17 le 07/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\downld\110046.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

--------------- [ Processus infectieux stoppés ] ----------------

"C:\WINDOWS\system32\drivers\downld\110046.exe" (3112)

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

Found ! [07/12/2008 17:30] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\101328.EXE-0C97C396.pf
Found ! - C:\WINDOWS\prefetch\108718.EXE-0479D86F.pf
Found ! - C:\WINDOWS\prefetch\118078.EXE-350435DD.pf
Found ! - C:\WINDOWS\prefetch\118546.EXE-26E92CBB.pf
Found ! - C:\WINDOWS\prefetch\122750.EXE-33D3E054.pf
Found ! - C:\WINDOWS\prefetch\125375.EXE-2E5004F6.pf
Found ! - C:\WINDOWS\prefetch\126156.EXE-08051609.pf
Found ! - C:\WINDOWS\prefetch\131671.EXE-08E0F42F.pf
Found ! - C:\WINDOWS\prefetch\136781.EXE-39656EEE.pf
Found ! - C:\WINDOWS\prefetch\147312.EXE-24048E53.pf
Found ! - C:\WINDOWS\prefetch\149218.EXE-2B8C3CA4.pf
Found ! - C:\WINDOWS\prefetch\154484.EXE-18A21AB2.pf
Found ! - C:\WINDOWS\prefetch\164875.EXE-05696CE5.pf
Found ! - C:\WINDOWS\prefetch\175859.EXE-18A172EA.pf
Found ! - C:\WINDOWS\prefetch\186890.EXE-10B97554.pf
Found ! - C:\WINDOWS\prefetch\67125.EXE-12FB8601.pf
Found ! - C:\WINDOWS\prefetch\76406.EXE-066667EB.pf
Found ! - C:\WINDOWS\prefetch\77656.EXE-39E2460C.pf
Found ! - C:\WINDOWS\prefetch\79640.EXE-3277AA12.pf
Found ! - C:\WINDOWS\prefetch\83078.EXE-0507F3C6.pf
Found ! - C:\WINDOWS\prefetch\85546.EXE-34D6E7A9.pf
Found ! - C:\WINDOWS\prefetch\85671.EXE-1D652328.pf
Found ! - C:\WINDOWS\prefetch\88890.EXE-3A237F26.pf
Found ! - C:\WINDOWS\prefetch\91875.EXE-122030FA.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0D3C241B.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-0EF461CE.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [07/12/2008 17:38] - C:\WINDOWS\system32\mdelk.exe
Found ! [07/12/2008 17:38] - C:\WINDOWS\system32\wintems.exe
Found ! [07/12/2008 17:45] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [07/12/2008 17:44] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [07/12/2008 17:44] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [17/03/2006 03:04] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [07/12/2008 17:46] - "C:\WINDOWS\system32\drivers\downld"
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\100437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\101328.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\101734.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\102484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\102640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\104375.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\104859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\104953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\105453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\106468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\107078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\108718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\110046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\110500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\111906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\111921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\111984.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\112359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\112468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\113953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\114343.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\114890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\115375.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\116500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\116953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\117218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\118078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\118546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\119031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\119093.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\120359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\121015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\121359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\122750.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\123078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\123718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125375.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\126156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\128421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\129046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\129906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\130515.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\130812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\131671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\131906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\132093.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\136781.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\138906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\139609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\139640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\142546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\143156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\143265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\143562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\144218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\144484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\144843.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\14679421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\14680546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\147312.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\147531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\149218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\149468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\150281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\150562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\150921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\151015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\151406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\151531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\153734.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\154484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\154906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\155156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\155562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\155687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\157328.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\159562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\159921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\160125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\160234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\160906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\161687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\163093.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\164000.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\164031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\164875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\165140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\165531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\166078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\168281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\169937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\170031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\170281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\170562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171296.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171734.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\173437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\175156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\175859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\177921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\178046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\178140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18329421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18339234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18340312.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18358765.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18369890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18373546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\183968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18419281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18420781.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18425359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\184421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18457546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18466593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\186000.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\186890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\187656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\187796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\189750.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\189812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\189859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\190953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\192296.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\192343.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\193125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\193796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\194812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\198218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\199437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\199625.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\200718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\201000.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\201859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\205546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\205953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\206484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\207406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\209406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\210718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\210921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\211187.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\211390.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\212015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\212359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\214593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\215140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\215906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\216296.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\220609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\222796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\223843.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\225828.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\226250.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\227203.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\233156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\233203.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\234218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\234468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\240218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\241593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\242546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\243406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\245046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\247156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\247515.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\248078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\251578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\252843.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\256859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\257656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\264500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\266750.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\273406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\285937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\287031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\289031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\296703.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\297812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\300390.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451439859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451446562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451457640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451459125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451472062.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\53859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\56453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\57906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\64484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\65218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\67125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\67937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\68390.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\68468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\68937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\70046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\70281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\71421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\71609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\72109.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\72546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74250.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74328.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\75343.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\75593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\75906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\76265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\76406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\76703.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\77656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\77796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\79265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\79640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\80156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\80687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\80968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\81562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\81640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\82453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\82859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83703.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\84781.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\88890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\89578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\90171.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\90890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\91234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\91875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\92359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\92515.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\92906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\93125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\93484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\96265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\96437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\96578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\97062.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\97562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\97906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\98875.exe

»»»» Presence des fichiers dans C:\Documents and Settings\HP_Propriétaire\Application Data

Found ! [07/12/2008 17:45] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\flec006.exe"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\list.oct"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\data.oct"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\srvlist.oct"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\shared"
Found ! [07/12/2008 17:31] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp

»»»» Presence des fichiers dans C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5

Found ! [04/12/2008 21:32] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1VARF224\s_40f31568fbb64fcb3ff5bc96b652d85a[1].jpg
Found ! [04/12/2008 21:36] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1VARF224\s_acb4fb7f50b642708d963b4aa9064a8d[1].jpg
Found ! [04/12/2008 20:59] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4BYMR5HK\l_5d19eb641e6748cf93aacaec409070b4[1].jpg
Found ! [04/12/2008 20:58] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4BYMR5HK\m_5d19eb641e6748cf93aacaec409070b4[1].jpg
Found ! [04/12/2008 23:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[1].jpg
Found ! [06/12/2008 16:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[2].jpg
Found ! [06/12/2008 16:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[3].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[4].jpg
Found ! [06/12/2008 16:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[5].jpg
Found ! [04/12/2008 23:34] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[1].jpg
Found ! [06/12/2008 16:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[2].jpg
Found ! [06/12/2008 17:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[3].jpg
Found ! [04/12/2008 23:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_2[1].jpg
Found ! [06/12/2008 17:12] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_2[2].jpg
Found ! [06/12/2008 17:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_3[1].jpg
Found ! [06/12/2008 17:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\mxd[1].jpg
Found ! [05/12/2008 00:14] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\s_aaad2d19cafeb64e5f138eb880749165[1].jpg
Found ! [04/12/2008 21:36] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UY0SLSK\l_6a59fe90b4b64fcc8dafe9797dc53b74[1].jpg
Found ! [04/12/2008 21:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UY0SLSK\s_896119c262924cd02b64130c1fe49ee7[1].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64[1].jpg
Found ! [04/12/2008 23:31] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[1].jpg
Found ! [06/12/2008 16:46] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[2].jpg
Found ! [06/12/2008 22:28] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[3].jpg
Found ! [06/12/2008 16:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[1].jpg
Found ! [06/12/2008 16:46] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[2].jpg
Found ! [06/12/2008 17:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[3].jpg
Found ! [04/12/2008 23:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[1].jpg
Found ! [06/12/2008 16:41] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[2].jpg
Found ! [06/12/2008 16:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[3].jpg
Found ! [06/12/2008 17:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[4].jpg
Found ! [05/12/2008 00:32] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\l_4e07a3c890c4417892616a38b6493da2[1].jpg
Found ! [07/12/2008 01:13] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64[1].jpg
Found ! [07/12/2008 02:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_2[1].jpg
Found ! [07/12/2008 03:07] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_2[2].jpg
Found ! [07/12/2008 02:34] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_3[1].jpg
Found ! [07/12/2008 01:55] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\mxd[1].jpg
Found ! [07/12/2008 02:19] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\mxd[2].jpg
Found ! [04/12/2008 23:36] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[1].jpg
Found ! [06/12/2008 16:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[2].jpg
Found ! [06/12/2008 17:26] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[3].jpg
Found ! [06/12/2008 22:29] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[4].jpg
Found ! [06/12/2008 17:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_1[1].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_2[1].jpg
Found ! [06/12/2008 22:29] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_2[2].jpg
Found ! [04/12/2008 23:32] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_3[1].jpg
Found ! [06/12/2008 16:48] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\mxd[3].jpg
Found ! [06/12/2008 20:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\s_dc1b27b6443720806767d09737b37e62[1].jpg
Found ! [05/12/2008 00:56] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\s_e20d425ac8b0578e17916047b6490b92[1].jpg
Found ! [07/12/2008 17:45] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\FPJ4ER0U\b64_2[1].jpg
Found ! [07/12/2008 00:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[1].jpg
Found ! [07/12/2008 02:26] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[2].jpg
Found ! [07/12/2008 02:27] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[3].jpg
Found ! [07/12/2008 17:45] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[4].jpg
Found ! [07/12/2008 01:53] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[1].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[2].jpg
Found ! [07/12/2008 02:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[3].jpg
Found ! [07/12/2008 02:34] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_2[1].jpg
Found ! [07/12/2008 01:54] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_3[1].jpg
Found ! [07/12/2008 17:39] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\mxd[1].jpg
Found ! [04/12/2008 21:27] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\UW4WV2GV\th_m_ff74e468ce9895b64e0ca04d15ab3b05[1].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[1].jpg
Found ! [07/12/2008 02:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[2].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[3].jpg
Found ! [07/12/2008 01:13] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[1].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[2].jpg
Found ! [07/12/2008 02:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[3].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[1].jpg
Found ! [07/12/2008 02:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[2].jpg
Found ! [07/12/2008 03:08] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[3].jpg
Found ! [07/12/2008 00:17] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\mxd[1].jpg
Found ! [04/12/2008 21:40] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WDSP4XLI\s_ca71282c7db640da9157877359605114[1].jpg
Found ! [03/12/2008 19:57] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WVVKP1IG\s_aea2839636b6aa65f7cc845bb643dab3[1].jpg
Found ! [06/12/2008 16:07] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64[1].jpg
Found ! [06/12/2008 16:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64[2].jpg
Found ! [06/12/2008 17:05] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_1[1].jpg
Found ! [06/12/2008 17:11] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_1[2].jpg
Found ! [06/12/2008 16:07] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[1].jpg
Found ! [06/12/2008 16:23] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[2].jpg
Found ! [06/12/2008 16:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[3].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[4].jpg
Found ! [06/12/2008 16:41] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[5].jpg
Found ! [06/12/2008 17:17] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[6].jpg
Found ! [06/12/2008 16:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[1].jpg
Found ! [06/12/2008 16:29] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[2].jpg
Found ! [06/12/2008 17:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[3].jpg
Found ! [05/12/2008 00:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_134c449e79c3b64c13f48d54308a6f6f[1].jpg
Found ! [05/12/2008 00:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_a57e6047f5b643d58bd3b40d5371ed5c[1].jpg
Found ! [06/12/2008 20:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_eb6479d77c0445e4ab7a8f7395d89ccc[1].jpg
Found ! [07/12/2008 01:54] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[1].jpg
Found ! [07/12/2008 02:19] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[2].jpg
Found ! [07/12/2008 02:43] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[3].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[4].jpg
Found ! [07/12/2008 01:12] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_1[1].jpg
Found ! [07/12/2008 00:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[1].jpg
Found ! [07/12/2008 01:54] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[2].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[3].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_3[1].jpg
Found ! [07/12/2008 01:14] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\mxd[1].jpg
Found ! [07/12/2008 02:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\mxd[2].jpg
Found ! [22/12/2005 23:26] - C:\Documents and Settings\HP_Propriétaire\Mes documents\Alan Stivell - Discografia 1964-2006 - by HF\Alan Stivell - Discografia 1964-2006 - by HF\1998 - I Douar\AlbumArt_{7FB64150-40D9-4181-AC6B-8FC84886E39B}_Large.jpg
Found ! [22/12/2005 23:26] - C:\Documents and Settings\HP_Propriétaire\Mes documents\Alan Stivell - Discografia 1964-2006 - by HF\Alan Stivell - Discografia 1964-2006 - by HF\1998 - I Douar\AlbumArt_{7FB64150-40D9-4181-AC6B-8FC84886E39B}_Small.jpg
Found ! [24/11/2008 13:36] - C:\RECYCLER\S-1-5-21-1519045139-1089153330-2504680991-1008\Dc23\MusicMaker15Premium_Version_a_telecharger\Bitmaps\InfoBox\f94db643211eb04870d6b65c493e129b.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
updateMgr=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
Performance Center=C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
Insider=C:\Program Files\Insider\Insider.exe
WinTouch=C:\Documents and Settings\HP_Propriétaire\Application Data\WinTouch\WinTouch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
hpsysdrv=c:\windows\system\hpsysdrv.exe
AlcxMonitor=ALCXMNTR.EXE
HPHUPD08=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
KBD=C:\HP\KBD\KBD.EXE
Recguard=C:\WINDOWS\SMINST\RECGUARD.EXE
PCDrProfiler=
PS2=C:\WINDOWS\system32\ps2.exe
HP Software Update=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
BigDogPath=C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
services.exe=C:\WINDOWS\services.exe
hozytyneg=C:\Program Files\MSN\hozytyneg77798.exe
UnlockerAssistant="C:\Program Files\Unlocker\UnlockerAssistant.exe"
SearchSettings=C:\Program Files\Search Settings\SearchSettings.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
WinampAgent="C:\Program Files\Winamp\winampa.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MyWebSearch Plugin=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /installquiet /keeploaded /nodetect
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DestComp]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\hprbui]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\setup]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

En redémarrant l'ordinateur ce matin elgibalga s'est bien enclenché mais n'a rien réparé pour autant.

Pendant l'execution du scan ci-dessus, j'ai quand-même un message d'erreur qui est revenu qquelques fois. Je ne l'ai pas imprimé, peut-etre aurais-je du?

Merci infiniment pour ce coup de main...
0
Réponse 3 / 24
pottyboops Messages postés 15 Statut Membre
 
Voilà le rapport:

----------------- FindyKill V4.707 ------------------

* User : HP_Propriétaire - NOM-EB85C523610
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 06/12/08 par Chiquitine29
* Recherche effectuée à 18:42:17 le 07/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\downld\110046.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

--------------- [ Processus infectieux stoppés ] ----------------

"C:\WINDOWS\system32\drivers\downld\110046.exe" (3112)

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

Found ! [07/12/2008 17:30] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\101328.EXE-0C97C396.pf
Found ! - C:\WINDOWS\prefetch\108718.EXE-0479D86F.pf
Found ! - C:\WINDOWS\prefetch\118078.EXE-350435DD.pf
Found ! - C:\WINDOWS\prefetch\118546.EXE-26E92CBB.pf
Found ! - C:\WINDOWS\prefetch\122750.EXE-33D3E054.pf
Found ! - C:\WINDOWS\prefetch\125375.EXE-2E5004F6.pf
Found ! - C:\WINDOWS\prefetch\126156.EXE-08051609.pf
Found ! - C:\WINDOWS\prefetch\131671.EXE-08E0F42F.pf
Found ! - C:\WINDOWS\prefetch\136781.EXE-39656EEE.pf
Found ! - C:\WINDOWS\prefetch\147312.EXE-24048E53.pf
Found ! - C:\WINDOWS\prefetch\149218.EXE-2B8C3CA4.pf
Found ! - C:\WINDOWS\prefetch\154484.EXE-18A21AB2.pf
Found ! - C:\WINDOWS\prefetch\164875.EXE-05696CE5.pf
Found ! - C:\WINDOWS\prefetch\175859.EXE-18A172EA.pf
Found ! - C:\WINDOWS\prefetch\186890.EXE-10B97554.pf
Found ! - C:\WINDOWS\prefetch\67125.EXE-12FB8601.pf
Found ! - C:\WINDOWS\prefetch\76406.EXE-066667EB.pf
Found ! - C:\WINDOWS\prefetch\77656.EXE-39E2460C.pf
Found ! - C:\WINDOWS\prefetch\79640.EXE-3277AA12.pf
Found ! - C:\WINDOWS\prefetch\83078.EXE-0507F3C6.pf
Found ! - C:\WINDOWS\prefetch\85546.EXE-34D6E7A9.pf
Found ! - C:\WINDOWS\prefetch\85671.EXE-1D652328.pf
Found ! - C:\WINDOWS\prefetch\88890.EXE-3A237F26.pf
Found ! - C:\WINDOWS\prefetch\91875.EXE-122030FA.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0D3C241B.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-0EF461CE.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-377E42D4.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [07/12/2008 17:38] - C:\WINDOWS\system32\mdelk.exe
Found ! [07/12/2008 17:38] - C:\WINDOWS\system32\wintems.exe
Found ! [07/12/2008 17:45] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Found ! [07/12/2008 17:44] - C:\WINDOWS\system32\drivers\srosa.sys
Found ! [07/12/2008 17:44] - C:\WINDOWS\system32\drivers\srosa2.sys
Found ! [17/03/2006 03:04] - C:\WINDOWS\system32\drivers\winfilse.exe
Found ! [07/12/2008 17:46] - "C:\WINDOWS\system32\drivers\downld"
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\100437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\101328.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\101734.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\102484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\102640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\103875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\104375.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\104859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\104953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\105453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\106468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\107078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\108718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\110046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\110500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\111906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\111921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\111984.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\112359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\112468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\113953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\114343.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\114890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\115375.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\116500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\116953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\117218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\118078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\118546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\119031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\119093.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\120359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\121015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\121359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\122750.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\123078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\123718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125375.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\125671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\126156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\128421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\129046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\129906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\130515.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\130812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\131671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\131906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\132093.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\136781.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\138906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\139609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\139640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\142546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\143156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\143265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\143562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\144218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\144484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\144843.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\14679421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\14680546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\147312.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\147531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\149218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\149468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\150281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\150562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\150921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\151015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\151406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\151531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\153734.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\154484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\154906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\155156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\155562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\155687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\157328.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\159562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\159921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\160125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\160234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\160906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\161687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\163093.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\164000.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\164031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\164875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\165140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\165531.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\166078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\168281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\169937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\170031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\170281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\170562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171296.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\171734.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\173437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\175156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\175859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\177921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\178046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\178140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18329421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18339234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18340312.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18358765.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18369890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18373546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\183968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18419281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18420781.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18425359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\184421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18457546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\18466593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\186000.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\186890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\187656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\187796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\189750.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\189812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\189859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\190953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\192296.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\192343.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\193125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\193796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\194812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\198218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\199437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\199625.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\200718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\201000.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\201859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\205546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\205953.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\206484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\207406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\209406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\210718.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\210921.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\211187.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\211390.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\212015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\212359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\214593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\215140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\215906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\216296.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\220609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\222796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\223843.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\225828.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\226250.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\227203.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\233156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\233203.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\234218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\234468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\240218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\241593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\242546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\243406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\245046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\247156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\247515.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\248078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\251578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\252843.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\256859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\257656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\264500.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\266750.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\273406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\285937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\287031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\289031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\296703.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\297812.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\300390.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451439859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451446562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451457640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451459125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\451472062.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\53859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\56453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\57906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\64484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\65218.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66031.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\66687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\67125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\67937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\68390.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\68468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\68937.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\70046.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\70281.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\71421.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\71609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\72109.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\72546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74250.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74328.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\74640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\75343.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\75593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\75906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\76265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\76406.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\76703.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\77656.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\77796.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\79265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\79640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\80156.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\80687.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\80968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\81562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\81640.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\82453.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\82859.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83078.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83703.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\83890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\84781.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85015.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85140.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85546.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\85968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87468.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87593.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87609.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87671.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\87875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\88890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\89578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\90171.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\90890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\91234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\91875.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\92359.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\92515.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\92906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\93125.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\93484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94234.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94484.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94890.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\94968.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\96265.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\96437.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\96578.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\97062.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\97562.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\97906.exe
Found ! [07/12/2008 17:46] - C:\WINDOWS\system32\drivers\downld\98875.exe

»»»» Presence des fichiers dans C:\Documents and Settings\HP_Propriétaire\Application Data

Found ! [07/12/2008 17:45] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\flec006.exe"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\list.oct"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\data.oct"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\srvlist.oct"
Found ! [07/12/2008 17:46] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m\shared"
Found ! [07/12/2008 17:31] - "C:\Documents and Settings\HP_Propriétaire\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp

»»»» Presence des fichiers dans C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5

Found ! [04/12/2008 21:32] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1VARF224\s_40f31568fbb64fcb3ff5bc96b652d85a[1].jpg
Found ! [04/12/2008 21:36] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1VARF224\s_acb4fb7f50b642708d963b4aa9064a8d[1].jpg
Found ! [04/12/2008 20:59] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4BYMR5HK\l_5d19eb641e6748cf93aacaec409070b4[1].jpg
Found ! [04/12/2008 20:58] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4BYMR5HK\m_5d19eb641e6748cf93aacaec409070b4[1].jpg
Found ! [04/12/2008 23:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[1].jpg
Found ! [06/12/2008 16:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[2].jpg
Found ! [06/12/2008 16:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[3].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[4].jpg
Found ! [06/12/2008 16:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[5].jpg
Found ! [04/12/2008 23:34] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[1].jpg
Found ! [06/12/2008 16:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[2].jpg
Found ! [06/12/2008 17:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[3].jpg
Found ! [04/12/2008 23:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_2[1].jpg
Found ! [06/12/2008 17:12] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_2[2].jpg
Found ! [06/12/2008 17:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_3[1].jpg
Found ! [06/12/2008 17:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\mxd[1].jpg
Found ! [05/12/2008 00:14] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\s_aaad2d19cafeb64e5f138eb880749165[1].jpg
Found ! [04/12/2008 21:36] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UY0SLSK\l_6a59fe90b4b64fcc8dafe9797dc53b74[1].jpg
Found ! [04/12/2008 21:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UY0SLSK\s_896119c262924cd02b64130c1fe49ee7[1].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64[1].jpg
Found ! [04/12/2008 23:31] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[1].jpg
Found ! [06/12/2008 16:46] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[2].jpg
Found ! [06/12/2008 22:28] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[3].jpg
Found ! [06/12/2008 16:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[1].jpg
Found ! [06/12/2008 16:46] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[2].jpg
Found ! [06/12/2008 17:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[3].jpg
Found ! [04/12/2008 23:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[1].jpg
Found ! [06/12/2008 16:41] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[2].jpg
Found ! [06/12/2008 16:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[3].jpg
Found ! [06/12/2008 17:06] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[4].jpg
Found ! [05/12/2008 00:32] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\l_4e07a3c890c4417892616a38b6493da2[1].jpg
Found ! [07/12/2008 01:13] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64[1].jpg
Found ! [07/12/2008 02:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_2[1].jpg
Found ! [07/12/2008 03:07] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_2[2].jpg
Found ! [07/12/2008 02:34] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_3[1].jpg
Found ! [07/12/2008 01:55] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\mxd[1].jpg
Found ! [07/12/2008 02:19] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\mxd[2].jpg
Found ! [04/12/2008 23:36] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[1].jpg
Found ! [06/12/2008 16:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[2].jpg
Found ! [06/12/2008 17:26] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[3].jpg
Found ! [06/12/2008 22:29] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[4].jpg
Found ! [06/12/2008 17:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_1[1].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_2[1].jpg
Found ! [06/12/2008 22:29] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_2[2].jpg
Found ! [04/12/2008 23:32] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_3[1].jpg
Found ! [06/12/2008 16:48] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\mxd[3].jpg
Found ! [06/12/2008 20:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\s_dc1b27b6443720806767d09737b37e62[1].jpg
Found ! [05/12/2008 00:56] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\s_e20d425ac8b0578e17916047b6490b92[1].jpg
Found ! [07/12/2008 17:45] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\FPJ4ER0U\b64_2[1].jpg
Found ! [07/12/2008 00:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[1].jpg
Found ! [07/12/2008 02:26] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[2].jpg
Found ! [07/12/2008 02:27] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[3].jpg
Found ! [07/12/2008 17:45] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[4].jpg
Found ! [07/12/2008 01:53] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[1].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[2].jpg
Found ! [07/12/2008 02:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[3].jpg
Found ! [07/12/2008 02:34] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_2[1].jpg
Found ! [07/12/2008 01:54] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_3[1].jpg
Found ! [07/12/2008 17:39] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\mxd[1].jpg
Found ! [04/12/2008 21:27] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\UW4WV2GV\th_m_ff74e468ce9895b64e0ca04d15ab3b05[1].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[1].jpg
Found ! [07/12/2008 02:35] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[2].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[3].jpg
Found ! [07/12/2008 01:13] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[1].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[2].jpg
Found ! [07/12/2008 02:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[3].jpg
Found ! [07/12/2008 02:18] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[1].jpg
Found ! [07/12/2008 02:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[2].jpg
Found ! [07/12/2008 03:08] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[3].jpg
Found ! [07/12/2008 00:17] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\mxd[1].jpg
Found ! [04/12/2008 21:40] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WDSP4XLI\s_ca71282c7db640da9157877359605114[1].jpg
Found ! [03/12/2008 19:57] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WVVKP1IG\s_aea2839636b6aa65f7cc845bb643dab3[1].jpg
Found ! [06/12/2008 16:07] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64[1].jpg
Found ! [06/12/2008 16:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64[2].jpg
Found ! [06/12/2008 17:05] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_1[1].jpg
Found ! [06/12/2008 17:11] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_1[2].jpg
Found ! [06/12/2008 16:07] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[1].jpg
Found ! [06/12/2008 16:23] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[2].jpg
Found ! [06/12/2008 16:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[3].jpg
Found ! [06/12/2008 16:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[4].jpg
Found ! [06/12/2008 16:41] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[5].jpg
Found ! [06/12/2008 17:17] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[6].jpg
Found ! [06/12/2008 16:24] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[1].jpg
Found ! [06/12/2008 16:29] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[2].jpg
Found ! [06/12/2008 17:25] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[3].jpg
Found ! [05/12/2008 00:47] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_134c449e79c3b64c13f48d54308a6f6f[1].jpg
Found ! [05/12/2008 00:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_a57e6047f5b643d58bd3b40d5371ed5c[1].jpg
Found ! [06/12/2008 20:30] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_eb6479d77c0445e4ab7a8f7395d89ccc[1].jpg
Found ! [07/12/2008 01:54] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[1].jpg
Found ! [07/12/2008 02:19] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[2].jpg
Found ! [07/12/2008 02:43] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[3].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[4].jpg
Found ! [07/12/2008 01:12] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_1[1].jpg
Found ! [07/12/2008 00:16] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[1].jpg
Found ! [07/12/2008 01:54] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[2].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[3].jpg
Found ! [07/12/2008 17:38] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_3[1].jpg
Found ! [07/12/2008 01:14] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\mxd[1].jpg
Found ! [07/12/2008 02:42] - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\mxd[2].jpg
Found ! [22/12/2005 23:26] - C:\Documents and Settings\HP_Propriétaire\Mes documents\Alan Stivell - Discografia 1964-2006 - by HF\Alan Stivell - Discografia 1964-2006 - by HF\1998 - I Douar\AlbumArt_{7FB64150-40D9-4181-AC6B-8FC84886E39B}_Large.jpg
Found ! [22/12/2005 23:26] - C:\Documents and Settings\HP_Propriétaire\Mes documents\Alan Stivell - Discografia 1964-2006 - by HF\Alan Stivell - Discografia 1964-2006 - by HF\1998 - I Douar\AlbumArt_{7FB64150-40D9-4181-AC6B-8FC84886E39B}_Small.jpg
Found ! [24/11/2008 13:36] - C:\RECYCLER\S-1-5-21-1519045139-1089153330-2504680991-1008\Dc23\MusicMaker15Premium_Version_a_telecharger\Bitmaps\InfoBox\f94db643211eb04870d6b65c493e129b.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
updateMgr=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
Performance Center=C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
Insider=C:\Program Files\Insider\Insider.exe
WinTouch=C:\Documents and Settings\HP_Propriétaire\Application Data\WinTouch\WinTouch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
hpsysdrv=c:\windows\system\hpsysdrv.exe
AlcxMonitor=ALCXMNTR.EXE
HPHUPD08=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
KBD=C:\HP\KBD\KBD.EXE
Recguard=C:\WINDOWS\SMINST\RECGUARD.EXE
PCDrProfiler=
PS2=C:\WINDOWS\system32\ps2.exe
HP Software Update=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
BigDogPath=C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
services.exe=C:\WINDOWS\services.exe
hozytyneg=C:\Program Files\MSN\hozytyneg77798.exe
UnlockerAssistant="C:\Program Files\Unlocker\UnlockerAssistant.exe"
SearchSettings=C:\Program Files\Search Settings\SearchSettings.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
WinampAgent="C:\Program Files\Winamp\winampa.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MyWebSearch Plugin=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /installquiet /keeploaded /nodetect
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DestComp]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\hprbui]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\setup]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1519045139-1089153330-2504680991-1008\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

-> Not found !

------------------- ! Fin du rapport ! --------------------

En redémarrant l'ordinateur ce matin elgibalga s'est bien enclenché mais n'a rien réparé pour autant.

Pendant l'execution du scan ci-dessus, j'ai quand-même un message d'erreur qui est revenu qquelques fois. Je ne l'ai pas imprimé, peut-etre aurais-je du?

Merci infiniment pour ce coup de main...
0
Réponse 4 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt oui tu es infecté par bagle!

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 2 (Suppression)

/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
0
pottyboops Messages postés 15 Statut Membre
 
J'ai suivi les instructions. Lors du premier nettoyage, il n'y a eu qu'un redémarrage, je l'ai donc laissé se terminer puis je l'ai relancé une deuxième fois durant laquelle il y a bien eu deux redémarrages. Voici le rapport:



----------------- FindyKill V4.707 ------------------

* User : HP_Propriétaire - NOM-EB85C523610
* executed from : C:\Program Files\FindyKill
* Update on 06/12/08 par Chiquitine29
* Start at 21:17:23 the 07/12/2008
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\HP_Propriétaire\Application Data


»»»» Supression files in C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1VARF224\s_40f31568fbb64fcb3ff5bc96b652d85a[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\1VARF224\s_acb4fb7f50b642708d963b4aa9064a8d[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4BYMR5HK\l_5d19eb641e6748cf93aacaec409070b4[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4BYMR5HK\m_5d19eb641e6748cf93aacaec409070b4[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[4].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64[5].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\mxd[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\5SMXOMLF\s_aaad2d19cafeb64e5f138eb880749165[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UY0SLSK\l_6a59fe90b4b64fcc8dafe9797dc53b74[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9UY0SLSK\s_896119c262924cd02b64130c1fe49ee7[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\b64_3[4].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\BO0NMQFO\l_4e07a3c890c4417892616a38b6493da2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\mxd[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\E7IV1GFA\mxd[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64[4].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\mxd[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\s_dc1b27b6443720806767d09737b37e62[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ED06HRBH\s_e20d425ac8b0578e17916047b6490b92[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\FPJ4ER0U\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64[4].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\P4UPNCDB\mxd[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\UW4WV2GV\th_m_ff74e468ce9895b64e0ca04d15ab3b05[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\VDV4ZDRQ\mxd[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WDSP4XLI\s_ca71282c7db640da9157877359605114[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WVVKP1IG\s_aea2839636b6aa65f7cc845bb643dab3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[4].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[5].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_2[6].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_134c449e79c3b64c13f48d54308a6f6f[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_a57e6047f5b643d58bd3b40d5371ed5c[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XPSM3FB2\s_eb6479d77c0445e4ab7a8f7395d89ccc[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64[4].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_2[3].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\mxd[1].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZV4IXAPR\mxd[2].jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Mes documents\Alan Stivell - Discografia 1964-2006 - by HF\Alan Stivell - Discografia 1964-2006 - by HF\1998 - I Douar\AlbumArt_{7FB64150-40D9-4181-AC6B-8FC84886E39B}_Large.jpg
Deleted ! - C:\Documents and Settings\HP_Propriétaire\Mes documents\Alan Stivell - Discografia 1964-2006 - by HF\Alan Stivell - Discografia 1964-2006 - by HF\1998 - I Douar\AlbumArt_{7FB64150-40D9-4181-AC6B-8FC84886E39B}_Small.jpg
Deleted ! - C:\RECYCLER\S-1-5-21-1519045139-1089153330-2504680991-1008\Dc23\MusicMaker15Premium_Version_a_telecharger\Bitmaps\InfoBox\f94db643211eb04870d6b65c493e129b.jpg

--------------- [ Registry / Infected keys ] ----------------


--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

J: - Lecteur amovible


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\HP_Propriétaire\Mes documents\The Rolling Stones Discography\The Rolling Stones\1977 - Love You Live\1977 - Love You Live (Disc 2)\The Rolling Stones - Crackin' Up.mp3
C:\Documents and Settings\HP_Propriétaire\Mes documents\[DISCOGRAFIA] The Rolling Stones (completa + cover)\--Tutto Rolling Stone--\1977 - Love You Live Cd2\02 - Crackin' Up.mp3
C:\Documents and Settings\HP_Propriétaire\Recent\Crack (2).lnk
C:\Documents and Settings\HP_Propriétaire\Recent\crack.lnk
C:\Documents and Settings\HP_Propriétaire\Recent\cracked.lnk
C:\Documents and Settings\HP_Propriétaire\Recent\Fruity Loops Studio 5 + Crack (full program).lnk
C:\Documents and Settings\HP_Propriétaire\Recent\techno ejay 5 crack (2).lnk
C:\Documents and Settings\HP_Propriétaire\Recent\techno ejay 5 crack.lnk
C:\Documents and Settings\HP_Propriétaire\Recent\• Keygen For Microsoft Office Xp Pro (Word, Excel, Powerpoint, Outlook, Access, Frontpage) By Atomix&Ztaz Zip.lnk


---------------- ! End of report ! ------------------


Merci encore!

Est-ce que c'est réglé?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire tes cracks

C:\Documents and Settings\HP_Propriétaire\Mes documents\The Rolling Stones Discography\The Rolling Stones\1977 - Love You Live\1977 - Love You Live (Disc 2)\The Rolling Stones - Crackin' Up.mp3
C:\Documents and Settings\HP_Propriétaire\Mes documents\[DISCOGRAFIA] The Rolling Stones (completa + cover)\--Tutto Rolling Stone--\1977 - Love You Live Cd2\02 - Crackin' Up.mp3
C:\Documents and Settings\HP_Propriétaire\Recent\Crack (2).lnk
C:\Documents and Settings\HP_Propriétaire\Recent\crack.lnk
C:\Documents and Settings\HP_Propriétaire\Recent\cracked.lnk
C:\Documents and Settings\HP_Propriétaire\Recent\Fruity Loops Studio 5 + Crack (full program).lnk
C:\Documents and Settings\HP_Propriétaire\Recent\techno ejay 5 crack (2).lnk
C:\Documents and Settings\HP_Propriétaire\Recent\techno ejay 5 crack.lnk
C:\Documents and Settings\HP_Propriétaire\Recent\• Keygen For Microsoft Office Xp Pro (Word, Excel, Powerpoint, Outlook, Access, Frontpage) By Atomix&Ztaz Zip.lnk

puis

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

puis

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Réponse 6 / 24
pottyboops Messages postés 15 Statut Membre
 
J'ai donc à nouveau suivi les instructions, Avast fonctionne à présent, le scan a supprimé 162 fichiers infectés, ci-dessous le rapport combofix:

ComboFix 08-12-06.06 - HP_Propriétaire 2008-12-08 9:49:27.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.648 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\HP_Propriétaire\Application Data\FunWebProducts
c:\documents and settings\HP_Propriétaire\Application Data\FunWebProducts\Data\HP_Propriétaire\avatar.dat
c:\documents and settings\HP_Propriétaire\Application Data\FunWebProducts\Data\HP_Propriétaire\outfit.dat
c:\documents and settings\HP_Propriétaire\Application Data\FunWebProducts\Data\HP_Propriétaire\register.dat
c:\documents and settings\HP_Propriétaire\Application Data\FunWebProducts\Data\HP_Propriétaire\zbucks.dat
c:\documents and settings\HP_Propriétaire\Application Data\WinTouch
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\zfbmrua.dat
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\zfbmrua.exe
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\zfbmrua_nav.dat
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\zfbmrua_navps.dat
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\Insider
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Avatar\COMMON\avatar.htm
c:\program files\MyWebSearch\bar\Avatar\COMMON\bgfadel.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\bgfader.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\common-x.css
c:\program files\MyWebSearch\bar\Avatar\COMMON\common.css
c:\program files\MyWebSearch\bar\Avatar\COMMON\cornerbl.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\cornerbr.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\ext_def.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\ext_roll.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\include.js
c:\program files\MyWebSearch\bar\Avatar\COMMON\index.htm
c:\program files\MyWebSearch\bar\Avatar\COMMON\loader.htm
c:\program files\MyWebSearch\bar\Avatar\COMMON\loading.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\logo.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\max_def.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\max_roll.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\min_def.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\min_roll.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\noflash.htm
c:\program files\MyWebSearch\bar\Avatar\COMMON\res_def.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\res_roll.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\spacer.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\spacer.swf
c:\program files\MyWebSearch\bar\Avatar\COMMON\topgrad.gif
c:\program files\MyWebSearch\bar\Avatar\COMMON\window.ico
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19C50A
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19E93C
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19EFA5.bin
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19F1D7.bin
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19F3EA.bin
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19F590.bin
c:\program files\MyWebSearch\bar\Cache\[u]0/uB19F717.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Message\COMMON\ask_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.htm
c:\program files\MyWebSearch\bar\Message\COMMON\center.htm
c:\program files\MyWebSearch\bar\Message\COMMON\index.htm
c:\program files\MyWebSearch\bar\Message\COMMON\mid_dots.gif
c:\program files\MyWebSearch\bar\Message\COMMON\mws_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\protect.htm
c:\program files\MyWebSearch\bar\Message\COMMON\shocked.gif
c:\program files\MyWebSearch\bar\Message\COMMON\stop.gif
c:\program files\MyWebSearch\bar\Message\COMMON\systray.htm
c:\program files\MyWebSearch\bar\Message\COMMON\systrayp.htm
c:\program files\MyWebSearch\bar\Message\COMMON\tp_grad.gif
c:\program files\MyWebSearch\bar\Message\COMMON\warn.gif
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
c:\program files\Uninstall Information\promymyl.html
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\Microsoft\backup.ftp
c:\windows\system32\Microsoft\backup.tftp

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_Boonty Games
-------\Service_MyWebSearchService
-------\Service_poof

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-08 au 2008-12-08 ))))))))))))))))))))))))))))))))))))
.

2008-12-07 18:41 . 2008-12-07 21:23 <REP> d-------- c:\program files\FindyKill
2008-12-07 17:51 . 2008-12-07 17:51 <REP> d-------- c:\documents and settings\All Users\Application Data\MAGIX
2008-12-07 03:35 . 2008-12-07 03:35 11,310,447 --a------ C:\upload_moi_NOM-EB85C523610.tar.gz
2008-12-06 16:46 . 2008-12-06 17:04 <REP> d-------- c:\windows\nview
2008-12-06 16:46 . 2005-08-02 16:30 176,128 --a------ c:\windows\system32\nvudisp.exe
2008-12-06 16:46 . 2008-12-08 09:53 29,204 --a------ c:\windows\system32\nvapps.xml
2008-12-06 16:46 . 2005-08-02 16:30 14,757 --a------ c:\windows\system32\nvdisp.nvu
2008-12-01 22:11 . 2008-12-01 22:48 <REP> d-------- c:\windows\system32\Adobe
2008-11-26 23:01 . 2008-12-07 17:45 <REP> d-------- c:\program files\Image-Line
2008-11-26 22:57 . 2008-12-07 17:44 <REP> d-------- c:\program files\VstPlugins
2008-11-26 22:57 . 2003-04-07 12:07 217,088 --a------ c:\windows\system32\rewire.dll
2008-11-26 22:56 . 2002-07-08 00:14 1,294,336 --a------ c:\windows\system32\vorbis.acm
2008-11-26 22:52 . 2002-12-03 22:13 1,048,576 --a------ c:\windows\system32\lameACM.acm
2008-11-26 22:52 . 2003-03-25 06:49 306,960 -ra------ c:\windows\system32\h263_32.ax
2008-11-26 22:52 . 2003-03-25 06:49 277,264 -ra------ c:\windows\system32\h261_32.ax
2008-11-26 22:52 . 2003-03-25 06:49 135,168 -ra------ c:\windows\system32\L3CODECX.ACM
2008-11-26 22:52 . 2003-03-25 06:49 121,856 -ra------ c:\windows\system32\Mp3cnfg.cpl
2008-11-26 22:52 . 2003-03-25 06:49 34,064 -ra------ c:\windows\system32\lhacm.acm
2008-11-26 22:52 . 2003-03-25 06:49 27,648 -ra------ c:\windows\system32\ir50_lcs.dll
2008-11-26 22:52 . 2003-03-25 06:49 18,944 -ra------ c:\windows\system32\Mp3cnfg.exe
2008-11-26 01:13 . 2002-11-02 09:53 57,344 --a------ c:\windows\system32\WNASPINT.DLL
2008-11-26 01:12 . 2008-11-26 01:12 <REP> d-------- C:\eJay
2008-11-24 13:36 . 2008-11-24 13:36 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\MAGIX
2008-11-24 13:36 . 2008-11-24 13:36 28 --a------ c:\windows\Robota.INI
2008-11-24 13:35 . 2001-05-16 17:54 309,616 --a------ c:\windows\system32\wmv8dmod.dll
2008-11-24 13:35 . 2001-03-26 04:41 245,760 --a------ c:\windows\system32\mp4sds32.ax
2008-11-24 13:34 . 2007-04-18 22:07 53,248 --a------ c:\windows\system32\mgxasio2.dll
2008-11-24 13:34 . 2003-04-18 15:29 44,544 --a------ c:\windows\system32\msxml4a.dll
2008-11-24 13:33 . 2008-12-07 17:54 <REP> d-------- c:\program files\MAGIX
2008-11-24 13:33 . 2007-04-27 09:43 120,200 --a------ c:\windows\system32\DLLDEV32i.dll
2008-11-20 21:35 . 2008-11-20 21:35 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Valusoft
2008-11-20 21:35 . 2008-11-20 21:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Valusoft
2008-11-20 11:55 . 2008-11-20 11:55 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\iWin
2008-11-19 22:46 . 2008-11-19 22:46 <REP> d-------- c:\program files\Fichiers communs\SWF Studio
2008-11-19 22:42 . 2008-11-19 22:42 <REP> d-------- C:\Downloads
2008-11-19 21:44 . 2008-11-20 17:37 <REP> d-------- c:\program files\Free Download Manager
2008-11-17 21:00 . 2008-11-17 21:00 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\SulusGames
2008-11-15 21:13 . 2008-11-15 21:13 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Gogii Games
2008-11-15 21:06 . 2008-11-25 08:57 <REP> d-------- c:\program files\iWin Games
2008-11-12 19:57 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 19:56 . 2008-09-04 18:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-07 16:43 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-07 16:33 --------- d-----w c:\program files\iWin.com
2008-12-07 16:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\IMVU
2008-12-07 01:18 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-07 00:49 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-05 22:48 --------- d-----w c:\program files\eMule
2008-12-03 21:20 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\OpenOffice.org2
2008-11-26 00:14 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield
2008-11-25 07:59 --------- d-----w c:\program files\Ahead
2008-11-12 23:55 --------- d-----w c:\program files\adslTV
2008-11-05 14:58 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Home Sweet Home
2008-11-03 22:32 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\vlc
2008-11-03 18:24 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-02 00:25 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\PlayFirst
2008-11-02 00:25 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
2008-10-27 16:26 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\iWinArcade
2008-10-27 16:26 --------- d-----w c:\documents and settings\All Users\Application Data\iWin Games
2008-10-25 19:41 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\FarmerJane
2008-10-25 16:49 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\BeachPartyCraze
2008-10-24 22:08 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\blg
2008-10-24 22:08 --------- d-----w c:\documents and settings\All Users\Application Data\blg
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-18 02:06 --------- d-----w c:\program files\MioNet
2008-10-15 12:41 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-10-15 12:23 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-15 09:15 --------- d-----w c:\program files\Fichiers communs\BOONTY Shared
2008-10-15 09:15 --------- d-----w c:\program files\Boonty
2008-10-15 09:15 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Zylom
2008-10-15 09:15 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Metaversum
2008-10-15 09:11 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-10-15 09:11 --------- d-----w c:\program files\Java
2008-10-15 09:05 --------- d-----w c:\program files\Zylom Games
2008-10-15 09:05 --------- d-----w c:\program files\BoontyGames
2008-10-15 08:56 --------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-10-15 08:02 --------- d-----w c:\program files\MSECache
2008-10-11 16:21 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Friday's games
2008-10-10 22:09 --------- d-----w c:\documents and settings\All Users\Application Data\Zylom
2008-06-23 10:36 0 ----a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-03 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-07-16 185896]
"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-04-16 985440]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]
"nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe]

c:\documents and settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
iWin Desktop Alerts.lnk - c:\documents and settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe [2008-10-27 108032]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Google Updater.lnk - c:\program files\Google\Google Updater\GoogleUpdater.exe [2007-02-11 123640]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
TrayMin300.exe.lnk - c:\program files\Philips\SPC 200NC PC Camera\TrayMin200.exe [2007-03-11 278528]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification

R2 MioNet;MioNet Service;"c:\program files\MioNet\MioNetManager.exe" -s "c:\program files\MioNet\wrapper.conf" [2005-07-15 139264]
R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2005-01-03 2799488]
.
Contenu du dossier 'Tâches planifiées'

2008-12-08 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []

2008-12-07 c:\windows\Tasks\RegistrySmart Scheduled Scan.job
- c:\program files\RegistrySmart\RegistrySmart.exe []

2008-12-07 c:\windows\Tasks\RegistrySmart Scheduled Scan.job
- c:\program files\RegistrySmart []
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{ce0c2586-da36-452b-acdb-320d9bcb19bf} - (no file)
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
Toolbar-{ce0c2586-da36-452b-acdb-320d9bcb19bf} - (no file)
WebBrowser-{CE0C2586-DA36-452B-ACDB-320D9BCB19BF} - (no file)
HKCU-Run-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKCU-Run-Performance Center - c:\program files\Ascentive\Performance Center\ApcMain.exe
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-hozytyneg - c:\program files\MSN\hozytyneg77798.exe
HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
HKLM-Run-PCDrProfiler - (no file)

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://fr.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJman000
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\HP_Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\HP_Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk -
FireFox -: Profile - c:\documents and settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\axm71qzz.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.yahoo.com/
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPMyWebS.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 09:52:50
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\MioNet\MioNetManager.exe
c:\program files\MioNet\jvm\bin\MioNet.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-12-08 9:56:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-08 08:55:29

Avant-CF: 33 342 095 360 octets libres
Après-CF: 33,371,742,208 octets libres

355 --- E O F --- 2008-11-12 22:00:22

Est ce OK cette fois ci?
0
Réponse 7 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle le rapport rsit

pour voir
0
Réponse 8 / 24
pottyboops Messages postés 15 Statut Membre
 
rsit????

Excuse mon ignorance...
0
Réponse 9 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
c'est indiqué dans le message 6

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Réponse 10 / 24
pottyboops Messages postés 15 Statut Membre
 
Excuse en fait j'avais pas du tout terminé...

1/

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Propriétaire at 2008-12-08 17:35:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 32 GB (14%) free of 232 GB
Total RAM: 1022 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:36:05, on 08/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: iWin Desktop Alerts.lnk = C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJman000
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 11 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 12 / 24
pottyboops Messages postés 15 Statut Membre
 
OK Donc:

--------- Logfile of AD-Remover 1.0.6.5 by C_XX ---------

# START at: 18:12:27 | Lun 08/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal

# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: NOM-EB85C523610 | USER: HP_Propriétaire ( Current user is an administrator )

# DRIVE(S): C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.13

--------- [ RUNNING PROCESSES: 39 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------

+-----------------------| Boonty/Boonty Games Elements found..

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
.
[15/10/2008 10:15|d--------] C:\Program Files\Boonty
[15/10/2008 10:05|d--------] C:\Program Files\BoontyGames
[15/10/2008 10:15|d--------] C:\Program Files\Fichiers communs\BOONTY Shared

+-----------------------| Eorezo Elements found..

.
[07/02/2007 16:23|d--------] C:\Program Files\EoRezo

+-----------------------| Everest Poker Elements found..

.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found..

"HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}"
"HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}"
"HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}"
"HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}"
"HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390}"
"HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}"
"HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}"
"HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}"
"HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728}"
"HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244f69}"
"HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}"
"HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}"
"HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}"
"HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}"
"HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}"
"HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}"
"HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}"
"HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}"
"HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}"
"HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler"
"HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar"
"HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2"
"HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager"
"HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1"
"HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager"
"HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1"
"HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller"
"HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1"
"HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin"
"HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel"
"HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1"
"HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin"
"HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1"
"HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin"
"HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1"
"HKEY_CURRENT_USER\SOFTWARE\Fun Web Products"
"HKEY_CURRENT_USER\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources" /v "f3PopularScreensavers"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}"
.
[01/12/2008 21:51|--a------] C:\Program Files\Mozilla Firefox\Plugins\NPMyWebS.dll
[01/12/2008 21:51|--a------] C:\Program Files\Windows live\Messenger\riched20.dll
[01/12/2008 21:51|--a------] C:\Program Files\Windows live\Messenger\msimg32.dll
[01/12/2008 21:51|--a------] C:\Program Files\Internet explorer\msimg32.dll

+-----------------------| Messenger Skinner Elements found..

.

+-----------------------| Sweetim Elements found..

.

+-----------------------| ADDED SCAN ..

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\axm71qzz.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page : "https://fr.yahoo.com/"

+----------+

+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\..\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
AlcxMonitor REG_SZ ALCXMNTR.EXE
HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
KBD REG_SZ C:\HP\KBD\KBD.EXE
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
PS2 REG_SZ C:\WINDOWS\system32\ps2.exe
HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
BigDogPath REG_SZ C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SearchSettings REG_SZ C:\Program Files\Search Settings\SearchSettings.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /installquiet /keeploaded /nodetect
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

+--[HKEY_USERS\.DEFAULT\..\Run]

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://google.fr/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.yahoo.com

+---------------------------------------------------------------------------+

- "C:\AD-report-08.12.2008.log" (12017 octets)

[ END at: 18:12:41 | 08/12/2008 ] - [ Time elapsed: 13.4 seconds ]

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 223 lines ]
+---------------------------------------------------------------------------+

Alors Docteur?
0
Réponse 13 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
relance ad remover choisi l'option B et tape le chiffre correspondant a ces 3 elements:

Boonty
EoRezo
FunWebProducts/MyWay/MyWebSearch/

puis supprime avec S

et colle le rapport
0
pottyboops Messages postés 15 Statut Membre
 
C'est fini?

Je vais regarder tes réponses, et puis je sais que je me répète mais merci infiniment!
0
Réponse 14 / 24
pottyboops Messages postés 15 Statut Membre
 
Done:

--------- Logfile of AD-Remover 1.0.6.5 by C_XX ---------

# START at: 18:12:27 | Lun 08/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal

# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: NOM-EB85C523610 | USER: HP_Propriétaire ( Current user is an administrator )

# DRIVE(S): C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.13

--------- [ RUNNING PROCESSES: 39 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------

+-----------------------| Boonty/Boonty Games Elements found..

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
.
[15/10/2008 10:15|d--------] C:\Program Files\Boonty
[15/10/2008 10:05|d--------] C:\Program Files\BoontyGames
[15/10/2008 10:15|d--------] C:\Program Files\Fichiers communs\BOONTY Shared

+-----------------------| Eorezo Elements found..

.
[07/02/2007 16:23|d--------] C:\Program Files\EoRezo

+-----------------------| Everest Poker Elements found..

.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found..

"HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}"
"HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}"
"HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}"
"HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}"
"HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390}"
"HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}"
"HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}"
"HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}"
"HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728}"
"HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244f69}"
"HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}"
"HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}"
"HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}"
"HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}"
"HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}"
"HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}"
"HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}"
"HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}"
"HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}"
"HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler"
"HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar"
"HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2"
"HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager"
"HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1"
"HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager"
"HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1"
"HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller"
"HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1"
"HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin"
"HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel"
"HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1"
"HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin"
"HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1"
"HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin"
"HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1"
"HKEY_CURRENT_USER\SOFTWARE\Fun Web Products"
"HKEY_CURRENT_USER\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources" /v "f3PopularScreensavers"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}"
.
[01/12/2008 21:51|--a------] C:\Program Files\Mozilla Firefox\Plugins\NPMyWebS.dll
[01/12/2008 21:51|--a------] C:\Program Files\Windows live\Messenger\riched20.dll
[01/12/2008 21:51|--a------] C:\Program Files\Windows live\Messenger\msimg32.dll
[01/12/2008 21:51|--a------] C:\Program Files\Internet explorer\msimg32.dll

+-----------------------| Messenger Skinner Elements found..

.

+-----------------------| Sweetim Elements found..

.

+-----------------------| ADDED SCAN ..

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\axm71qzz.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page : "https://fr.yahoo.com/"

+----------+

+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\..\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
AlcxMonitor REG_SZ ALCXMNTR.EXE
HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
KBD REG_SZ C:\HP\KBD\KBD.EXE
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
PS2 REG_SZ C:\WINDOWS\system32\ps2.exe
HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
BigDogPath REG_SZ C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SearchSettings REG_SZ C:\Program Files\Search Settings\SearchSettings.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /installquiet /keeploaded /nodetect
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

+--[HKEY_USERS\.DEFAULT\..\Run]

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://google.fr/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.yahoo.com

+---------------------------------------------------------------------------+

- "C:\AD-report-08.12.2008.log" (12017 octets)

[ END at: 18:12:41 | 08/12/2008 ] - [ Time elapsed: 13.4 seconds ]

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 223 lines ]
+---------------------------------------------------------------------------+
0
Réponse 15 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
il faut nettoyer:

relance ad remover choisi l'option B et tape le chiffre correspondant a ces 3 elements:

Boonty
EoRezo
FunWebProducts/MyWay/MyWebSearch/

puis supprime avec S

et colle le rapport

_______________

colle le rapport d'un scan en ligne
avec un des suivants:

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

Panda en ligne :
http://pandasoftware.fr
0
Réponse 16 / 24
pottyboops Messages postés 15 Statut Membre
 
Faute de pouvoir supprimer juste les 3 éléments j'ai tout coché puis supprimé, voici le rapport:

--------- Logfile of AD-Remover 1.0.6.5 by C_XX ---------

*** Limited to ***

Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
Messenger Skinner
Sweetim

******************

# START at: 20:12:24 | Lun 08/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal

# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat

# PC: NOM-EB85C523610 | USER: HP_Propriétaire ( Current user is an administrator )

# DRIVE(S): C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v7.0.5730.13

--------- [ RUNNING PROCESSES: 41 ] ---------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\ntvdm.exe

-----------------------------------

(!) ---- IE start pages reset

+-----------------------| Boonty/Boonty Games Elements Deleted..

"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
.
[15/10/2008 10:15|d--------] C:\Program Files\Boonty
[15/10/2008 10:05|d--------] C:\Program Files\BoontyGames
[15/10/2008 10:15|d--------] C:\Program Files\Fichiers communs\BOONTY Shared

+-----------------------| Eorezo Elements Deleted..

.
[07/02/2007 16:23|d--------] C:\Program Files\EoRezo

+-----------------------| Everest Poker Elements Deleted..

.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted..

"HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}"
"HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}"
"HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}"
"HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}"
"HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390}"
"HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}"
"HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}"
"HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}"
"HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728}"
"HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244f69}"
"HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}"
"HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}"
"HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}"
"HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}"
"HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}"
"HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}"
"HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}"
"HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}"
"HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}"
"HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}"
"HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler"
"HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar"
"HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1"
"HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2"
"HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager"
"HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1"
"HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager"
"HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl"
"HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1"
"HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller"
"HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1"
"HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin"
"HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel"
"HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1"
"HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin"
"HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1"
"HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin"
"HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin"
"HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1"
"HKEY_CURRENT_USER\SOFTWARE\Fun Web Products"
"HKEY_CURRENT_USER\SOFTWARE\MyWebSearch"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources" /v "f3PopularScreensavers"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}"
.
[01/12/2008 21:51|--a------] C:\Program Files\Mozilla Firefox\Plugins\NPMyWebS.dll
[01/12/2008 21:51|--a------] C:\Program Files\Windows live\Messenger\riched20.dll
[01/12/2008 21:51|--a------] C:\Program Files\Windows live\Messenger\msimg32.dll
[01/12/2008 21:51|--a------] C:\Program Files\Internet explorer\msimg32.dll

+-----------------------| Messenger Skinner Elements Deleted..

.

+-----------------------| Sweetim Elements Deleted..

.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

...\axm71qzz.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page : "https://fr.yahoo.com/"

+----------+

+--[HKEY_CURRENT_USER\..\Run]

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

+--[HKEY_LOCAL_MACHINE\..\Run]

hpsysdrv REG_SZ c:\windows\system\hpsysdrv.exe
AlcxMonitor REG_SZ ALCXMNTR.EXE
HPHUPD08 REG_SZ c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
KBD REG_SZ C:\HP\KBD\KBD.EXE
Recguard REG_SZ C:\WINDOWS\SMINST\RECGUARD.EXE
PS2 REG_SZ C:\WINDOWS\system32\ps2.exe
HP Software Update REG_EXPAND_SZ C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
BigDogPath REG_SZ C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
SearchSettings REG_SZ C:\Program Files\Search Settings\SearchSettings.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /installquiet /keeploaded /nodetect
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

+--[HKEY_USERS\.DEFAULT\..\Run]

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

- "C:\AD-report-08.12.2008.log" (12368 octets)

[ END at: 20:15:57 | 08/12/2008 ] - [ Time elapsed: 3 minutes, 32 seconds ]

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 238 lines ]
+---------------------------------------------------------------------------+

Je désisnstalle maintenant avast et te dirai si ca marche après redémarrage
0
Réponse 17 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle le rapport d'un scan en ligne
avec un des suivants:

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

Panda en ligne :
http://pandasoftware.fr
0
Réponse 18 / 24
pottyboops Messages postés 15 Statut Membre
 
Alors, j'ai installé Avast qui a l'air de fonctionner et qui a effectivement trouvé le baggle suivant:
WIN32: Beagle-AAW (Trj). Les fichiers infectés ont été mis en quarantaine.

J'ai essayé de faire les scan que tu m'as indiqués:

-Kaspersky me dit que je dois désinstaller certains logiciels, mais ne me précise pas lesquels pour pouvoir terminer l'installation

-Panda me dit désolé la mise à jour est incomplète en raison d'une erreur veuillez recommencer mais j'ai beau recommencer, ce message revient sans arrêt...

Que pasa?
0
Réponse 19 / 24
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire ce qui est en quarantaine dans avast

puis

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 20 / 24
pottyboops Messages postés 15 Statut Membre
 
Voici le rapport:

-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 081208-0] 4.8.1296 (Activated)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:31 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:5 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB) - FAT32 - Total:3839 Mo (Free:3 Go)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 09/12/2008|10:06 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@mywebsearch[1].txt
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127\temp\ws-14219.log
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127\temp\ws-14220.log
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127\temp\ws-14221.log
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Search Settings\kb127\temp\ws-14222.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb127\temp

-----------\\ Extensions

(HP_Propriétaire) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(HP_Propriétaire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Propriétaire) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - 09/12/2008|10:10 - Option : [1]

-----------\\ Fin du rapport a 10:10:12,48

Alors?
0

Discussions similaires

Phishing faux mail d'avast
Colette34 -
Gerper -

2 réponses
Arnaque installation Avast Premium security
Eldanield -
bazfile -

9 réponses
arnaque de avast prelevement sans autorisation
petit -
Petittoune -

15 réponses
Impossible de joindre Avast
soleil12 -
Panth33ra -

6 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses