Sujet Précédent Sujet Suivant

Infection ! Comment se débarrasser de NTBS...

Résolu/Fermé
Uenyan - 28 déc. 2008 à 14:38
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 - 6 janv. 2009 à 23:06
Salut à tous ! ! !
Il y a un programme (NTBS investigators flight recorder (black box) analyzer)
qui empêche l'exécution de mon antivirus (Antivir Personnal Edition Classic), même celle de HijackThis. Il bloque aussi l'installation d'un quelconque antivirus...
Je suis donc passé par RSIT qui a produit ce log HijackThis...
Vous êtes mon dernier espoir :'(
_____________________________________________________________________________________________
Logfile of random's system information tool 1.05 (written by random/random)
Run by Mr KONE D at 2008-12-28 11:43:57
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 31 GB (52%) free of 60 GB
Total RAM: 503 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:03, on 15/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Topro\tppoll.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
D:\nakados\NAKI (F)\log\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ci/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [tppoll] C:\Program Files\Topro\tppoll.exe
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Documents and Settings\Mr KONE D\Bureau\poupou\MessengerSkinner\MessengerSkinner.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Premium\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Premium\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Premium\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Premium\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Premium\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Premium\menuTranslateAll.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file:///C:/Documents%20and%20Settings/Mr%20KONE%20D/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/ddfotg.1.0.0.37.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56DF2432-5DF6-45C3-B07C-4E2EF8479C95}: NameServer = 213.136.96.2 213.136.96.37
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Syntek STK1160 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

53 réponses

Réponse 1 / 53
T'Chiki Messages postés 59 Date d'inscription vendredi 26 décembre 2008 Statut Membre Dernière intervention 1 janvier 2009 6
29 déc. 2008 à 17:49
Salut

fais ceci stp :

Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton bureau

Double clique sur le OAD pour le lancer

- nom de fichier à rechercher tape ou fais un copier coller de :

srosa

- Type de recherche : sélectionne l'option 6 puis valide

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ait terminé.
Le rapport de recherche s'affichera automatiquement à l’écran dès qu'il aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques durs cette recherche peut prendre plusieurs minutes. Sois patient

>> fais la meme chose pour : winupgro

et : flec006

"3 rapports , merci de les fournir
1
Réponse 2 / 53
Utilisateur anonyme
28 déc. 2008 à 14:55
Vous êtes mon dernier espoir :'(

--> Wahou! quelle pression!

Commence par ceci:

Télécharge sur le bureau navilog1

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Double-clique sur le raccourci "navilog1" sur ton bureau.
Appuie sur la lettre f de ton clavier puis sur la touche Entrée.
Appuie sur une touche de ton clavier pour continuer...

Tape 1, puis appuie sur la touche Entrée.
Ainsi Navilog1 va effectuer la recherche des fichiers infectieux:

/!\ NE PAS UTILISER L'OPTION 2, 3, 4 SANS AVIS /!\

Patiente, cela peut prendre une dizaine de minutes...
Navilog1 t'informera que la recherche est terminée :
Appuie sur une touche pour afficher le rapport qu'il a généré.

Le rapport sera sauvegardé dans le fichier suivant : "fixnavi.txt" à la racine
du disque dur (ex : C:\fixnavi.txt).

Poste le rapport généré.
0
Réponse 3 / 53
jimkiller Messages postés 2006 Date d'inscription lundi 14 avril 2008 Statut Membre Dernière intervention 14 août 2020 471
28 déc. 2008 à 14:56
Installe Malwarebyte anti malware et fait un scan complet en te déconnectant d'internet et ferme toutes tes application (il est téléchargeable sur ce site et gratuit)

Je te conseil aussi spybot search and destroy et un petit coup de Ccleaner (pour ces trois logiciels, n'oublie pas de faire leurs mise à jours)
0
Réponse 4 / 53
Uenyan
28 déc. 2008 à 15:58
--ric025-->>
Hi hi! Désolé pour la pression mais c'est la vérité...
mon ordi a bruskement redémaré lorque j'ai lancé Navilog.
Bon, sa fait maintenant près d'une demi-heure qu'il me demande de patienter pour le scan... C'est pas que je sois trop pressé mais est-ce normal ?

--jimkiller-->>
Ce virus bloque l'installation de tout programme qui ressemble de près ou de loin à un anti-virus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
28 déc. 2008 à 16:32
Voici le rapport:

Search Navipromo version 3.7.0 commencé le 28/12/2008 à 14:19:15,03

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Mr KONE D ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:58 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:174 Go (Free:141 Go)
E:\ (CD or DVD)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Mr KONE D\applic~1" ***

...\MessengerSkinner trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Mr KONE D\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Fichier(s) caché(s) :

C:\WINDOWS\system32\wintems.exe


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\mc trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 28/12/2008 à 15:31:21,03 ***
0
Réponse 6 / 53
Utilisateur anonyme
28 déc. 2008 à 16:40
Relance Navilog et exécute l'option 2, celle du nettoyage. Poste ensuite le rapport généré.
0
Réponse 7 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
28 déc. 2008 à 17:23
voici:

Clean Navipromo version 3.7.0 commencé le 28/12/2008 à 15:46:47,53

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) D CPU 3.33GHz )
BIOS : Default System BIOS
USER : Mr KONE D ( Administrator )
BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:58 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:174 Go (Free:141 Go)
E:\ (CD or DVD)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur

*** Creation backups fichiers trouvés par Catchme ***

Copie vers "C:\Program Files\navilog1\Backupnavi"

Copie C:\WINDOWS\system32\wintems.exe réalisée avec succès !

*** Suppression des fichiers trouvés avec Catchme ***

C:\WINDOWS\system32\wintems.exe !!ERREUR SUPPRESSION!!

** 2ème passage avec résultats Catchme **

* Dans "C:\WINDOWS\system32" *


wintems.exe trouvé !
Copie wintems.exe réalisée avec succès !
wintems.exe !!ERREUR SUPPRESSION!!

C:\WINDOWS\prefetch\wintems*.pf trouvé !
Copie C:\WINDOWS\prefetch\wintems*.pf réalisée avec succès !
C:\WINDOWS\prefetch\wintems*.pf supprimé !

C:\WINDOWS\system32\wintems.exe trouvé !
Copie C:\WINDOWS\system32\wintems.exe réalisée avec succès !
C:\WINDOWS\system32\wintems.exe !!ERREUR SUPPRESSION!!


* Dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" *


C:\WINDOWS\system32\wintems.exe trouvé !
Copie C:\WINDOWS\system32\wintems.exe réalisée avec succès !
C:\WINDOWS\system32\wintems.exe !!ERREUR SUPPRESSION!!


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" *



*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Mr KONE D\applic~1" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Mr KONE D\menudm~1\progra~1" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Mr KONE D\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


* Dans "C:\Documents and Settings\Mr KONE D\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 28/12/2008 à 16:12:48,01 ***
0
Réponse 8 / 53
Utilisateur anonyme
28 déc. 2008 à 17:27
Télécharge malwarebytes

Installe-le en veillant bien à ce que la case de mise à jour soit cochée en fin d'installation.

Lance-le et après la mise à jour, coche la case "Examen Rapide".

Après le scan, si le programme trouve quelque chose, clique sur "Voir les résultats" puis sur "Supprimer la sélection".

Si MBAM te demande de rebooter pour finaliser la suppression, accepte.

Poste ensuite le rapport généré dans ta prochaine réponse.

A+
0
Réponse 9 / 53
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
28 déc. 2008 à 17:36
mwouais,

wintems.exe c'est du bagle!

d'ailleurs il reste des traces de lui;srosa2.sys

et d'une vieille désinfection?
"ReEXEc"=C:\Documents and Settings\Mr KONE D\Bureau\ELIBAGLA.BIABBØH.EXE [2008-12-27 54283]

et les mountpoints2 sont infectés

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ac9a6f5-73af-11dd-b6e9-0019661cd3bc}]

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe WillPolo.vbs



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75eadb8f-97ad-11dd-b7af-4d6564696130}]

shell\AutoRun\command - n6t1h.cmd

shell\explore\command - n6t1h.cmd

shell\open\command - n6t1h.cmd
0
Réponse 10 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
28 déc. 2008 à 18:45
Le voici:

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1562
Windows 5.1.2600 Service Pack 3

28/12/2008 17:44:44
mbam-log-2008-12-28 (17-44-44).txt

Type de recherche: Examen rapide
Eléments examinés: 59371
Temps écoulé: 52 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rsvp (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr KONE D\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr KONE D\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr KONE D\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr KONE D\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\rsvp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\Mr KONE D\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Mr KONE D\Local Settings\Application Data\Microsoft\spoolsv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 11 / 53
Utilisateur anonyme
28 déc. 2008 à 20:26
Relance Malwarebytes, va dans quarantaine et supprime tout.

----------------------

Nettoie un coup avec CCleaner:

Télécharge CCleaner

Lors de l’installation, décoche l’option qui t’installerait la barre Yahoo

Va dans "Options">>"Avancé". Décoche la première ligne.

Va dans la section "Nettoyeur". Lance l'analyse. La liste créée, lance le nettoyage deux fois de suite afin d'obtenir 0bytes supprimé!

Ensuite dans "Registre", lance une recherche des erreurs. La liste créée, fais-les réparer.

/!\ A ce moment CCleaner te demande normalement de sauvegarder le registre, fais-le. /!\

Recommence ensuite le cycle Recherche/Réparation des erreurs jusqu'à n'en trouver aucune lors de la recherche.

---------------------------------

Redémarre ton pc et reposte un nouveau rapport RSIT.

---------------------------------

Pour Chimay8: Faut-il vérifier par Elibagla ou Findykill?

Et pour les mountpoints infectés, je sais pas quoi faire! Je n'ai même pas pu vérifier qu'ils étaient infectés!! :((

Si tu peux m'éclairer?

Merci
0
Réponse 12 / 53
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
28 déc. 2008 à 20:39
oui
passe Findykill par sureté
et ensuite
lance usbfix
les MP2,ici, sont des infections autorun
0
Réponse 13 / 53
Utilisateur anonyme
28 déc. 2008 à 20:41
Ok!! Merci beaucoup! C'est ce que je pensais faire.

Bonne continuation à toi. Et encore merci.

A++
0
Réponse 14 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
28 déc. 2008 à 23:18
Je n'arrive pas à lancer l'exécution de CCleaner
0
Réponse 15 / 53
Utilisateur anonyme
28 déc. 2008 à 23:25
Ok! Laisse pour l'instant.

On va d'abord suivre les conseils de chimay8 :)

* Telecharge Findykill de Chiquitine29 sur ton bureau:

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

* Lance l'installation avec les parametres par default

* Double clique sur le raccourci FindyKill sur ton bureau

* Au menu principal,choisi l'option 1 (Recherche)

* Post le rapport FindyKill.txt


* Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
Réponse 16 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
28 déc. 2008 à 23:27
Le voici:



----------------- FindyKill V4.710 ------------------

* User : Mr KONE D - KONE
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 22:21:35 le 28/12/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System\logman.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Topro\tppoll.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Livestation\Livestation.exe
C:\Documents and Settings\Mr KONE D\Application Data\drivers\winupgro.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\dofus.dll
C:\WINDOWS\explorer.exe

--------------- [ Processus infectieux stoppés ] ----------------


"C:\Documents and Settings\Mr KONE D\Application Data\drivers\winupgro.exe" (1508)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [28/12/2008 14:12] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\1021281.EXE-07127F8C.pf
Found ! - C:\WINDOWS\prefetch\1237656.EXE-2A8BFA35.pf
Found ! - C:\WINDOWS\prefetch\1292953.EXE-0230B8DD.pf
Found ! - C:\WINDOWS\prefetch\1370125.EXE-3A76386F.pf
Found ! - C:\WINDOWS\prefetch\140140.EXE-24557B19.pf
Found ! - C:\WINDOWS\prefetch\168578.EXE-23E0F487.pf
Found ! - C:\WINDOWS\prefetch\257015.EXE-1511BE0E.pf
Found ! - C:\WINDOWS\prefetch\263531.EXE-25F0A7EE.pf
Found ! - C:\WINDOWS\prefetch\471125.EXE-3974D486.pf
Found ! - C:\WINDOWS\prefetch\526312.EXE-06174ABB.pf
Found ! - C:\WINDOWS\prefetch\554921.EXE-111F8159.pf
Found ! - C:\WINDOWS\prefetch\584093.EXE-2EEA1F56.pf
Found ! - C:\WINDOWS\prefetch\600218.EXE-2F3EC391.pf
Found ! - C:\WINDOWS\prefetch\628437.EXE-1F39BF1C.pf
Found ! - C:\WINDOWS\prefetch\799421.EXE-160D82D7.pf
Found ! - C:\WINDOWS\prefetch\804000.EXE-13DB928F.pf
Found ! - C:\WINDOWS\prefetch\824984.EXE-2454DD87.pf
Found ! - C:\WINDOWS\prefetch\891859.EXE-34A8D89A.pf
Found ! - C:\WINDOWS\prefetch\899734.EXE-3A2932FA.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-195E3C08.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf
Found ! - C:\WINDOWS\Prefetch\NBKEYSCAN.EXE-2E1DB169.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [28/12/2008 19:34] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Mr KONE D\Application Data

Found ! [28/12/2008 20:38] - "C:\Documents and Settings\Mr KONE D\Application Data\m\flec006.exe"
Found ! [28/12/2008 20:38] - "C:\Documents and Settings\Mr KONE D\Application Data\m\list.oct"
Found ! [28/12/2008 20:41] - "C:\Documents and Settings\Mr KONE D\Application Data\m\data.oct"
Found ! [28/12/2008 20:41] - "C:\Documents and Settings\Mr KONE D\Application Data\m\srvlist.oct"
Found ! [28/12/2008 20:54] - "C:\Documents and Settings\Mr KONE D\Application Data\m\shared"
Found ! [28/12/2008 20:41] - "C:\Documents and Settings\Mr KONE D\Application Data\m"
Found ! [27/12/2008 13:36] - "C:\Documents and Settings\Mr KONE D\Application Data\drivers"
Found ! [28/12/2008 20:31] - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\srosa.sys"
Found ! [28/12/2008 20:31] - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\srosa2.sys"
Found ! [09/10/2006 08:05] - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\winupgro.exe"
Found ! [28/12/2008 20:46] - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld"
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1021281.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1023062.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1029015.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1030281.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1114109.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1116171.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1117000.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1147140.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1148953.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1149156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1170859.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1173109.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1174078.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1175421.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1178625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1180500.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1188046.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1190390.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1192390.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1234125.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1235031.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1237656.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\127078.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1274218.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1279640.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1281250.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1283171.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1292953.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\129656.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\131046.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\131156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\132328.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\132421.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1325000.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1328578.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1330562.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1370125.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1392500.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1396515.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1396937.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\140140.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15084031.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15116359.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15116609.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15215937.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15252734.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15253890.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15452421.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15566328.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15574984.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15579171.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15680937.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15694375.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15703625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15707015.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15718171.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15724718.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15857781.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15861046.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15862203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15893187.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15902984.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15909968.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16050156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16054171.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16055578.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\160765.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\168156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\168250.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\168578.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16875359.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16877093.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16877203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16883906.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16936156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16938015.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16938812.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17119828.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17229437.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17231296.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17231703.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17259968.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17262109.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17263109.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17297375.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17299140.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17299812.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17313343.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17315171.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17315687.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17319125.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17321062.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17322453.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17359906.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17385421.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17388234.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17388781.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\179500.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\181484.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\181609.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1956718.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1963656.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1963843.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1995734.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2026265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\202656.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2028343.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2029000.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\206625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\207953.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2194562.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2291578.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2292859.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2293093.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2319656.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2323625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2325406.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2363953.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2367046.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2368265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2385312.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2387843.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2388828.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2392515.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2394781.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2396125.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\241203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\245140.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\245203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\245687.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\246734.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2469718.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2471390.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2471718.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\248312.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\248375.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\248531.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\249203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\256484.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\257015.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\259875.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\260968.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\263531.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\318843.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\323718.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\324281.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\373125.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\375062.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\375687.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\419593.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\421218.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\421968.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\433437.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\471125.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\521703.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\522484.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\522546.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\526312.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\530203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\538687.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\538781.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\544109.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\546484.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\547437.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\549250.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\550265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\554921.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\555156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\557218.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\584093.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\593625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\596640.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\597281.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\600218.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\611703.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\615062.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\615765.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\615828.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\617625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\619015.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\620859.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\624234.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\624343.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\628437.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\629890.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\630718.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\630812.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\654203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\657109.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\658156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\660531.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\664453.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\665156.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\670359.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\673078.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\676265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\677562.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\678250.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\678625.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\682218.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\692093.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\698921.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\702921.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\704312.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\704859.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\715406.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\716593.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\716640.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\741609.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\745234.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\746265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\767375.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\769828.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\771000.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\774515.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\776890.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\780359.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\784593.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\786312.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\787265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\799421.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\804000.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\812515.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\814265.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\814984.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\824984.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\838875.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\842437.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\845437.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\858250.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\860312.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\861562.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\865234.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\867375.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\869453.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\891859.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\899734.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\923093.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\924796.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\925390.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\937953.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\941703.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\943453.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\946203.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\968000.exe
Found ! [28/12/2008 20:46] - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\971140.exe

»»»» Presence des fichiers dans C:\DOCUME~1\MRKONE~1\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Mr KONE D\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
Yahoo! Pager="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Livestation=C:\Program Files\Livestation\Livestation.exe -startup

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Cmaudio=RunDll32 cmicnfg.cpl,CMICtrlWnd
igfxhkcmd=C:\WINDOWS\system32\hkcmd.exe
igfxpers=C:\WINDOWS\system32\igfxpers.exe
NeroFilterCheck=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HP Software Update=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
tppoll=C:\Program Files\Topro\tppoll.exe
UVS10 Preload=C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
fssui="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DestComp]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\hprbui]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\keygen]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NMBgMonitor]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Registrar]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\Local AppWizard-Generated Applications\keygen
Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

- sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

- sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 17 / 53
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
28 déc. 2008 à 23:29
ah bin,tu vois??
0
Réponse 18 / 53
Utilisateur anonyme
28 déc. 2008 à 23:31
Merci chimay8 ^^

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptibles d avoir été infectés sans les ouvrir
* Double clique sur le raccourci FindyKill sur ton bureau
* Au menu principal,choisi l'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

* ensuite poste le rapport FindyKill.txt


* Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

* Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
0
Réponse 19 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
29 déc. 2008 à 14:58
----------------- FindyKill V4.710 ------------------

* User : Mr KONE D - KONE
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 12:27:30 the 29/12/2008
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-195E3C08.pf

»»»» Supression files in C:\WINDOWS\system32

Deleted ! - C:\WINDOWS\system32\ban_list.txt

»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers

Not deleted !! - C:\WINDOWS\system32\drivers\srosa.sys
Deleted ! - C:\WINDOWS\system32\drivers\srosa2.sys

»»»» Supression files in C:\Documents and Settings\Mr KONE D\Application Data

Not deleted !! - "C:\Documents and Settings\Mr KONE D\Application Data\m\flec006.exe"
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\m\list.oct"
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\m\data.oct"
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\m\srvlist.oct"
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\.Net Progress Bar 2.0.3233.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\2X ThinClientServer for Windows 3.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\310-301 Free Test Exam Questions 10.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\920-460 - Wireless LAN Practice Exam Questions 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Ability Presentation 4.15.000.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\AMP WinOFF 4.55.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\AnyZip 1.10.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Aprisa 1.02.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Aspose.Total for .Net 1.4.0.6.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Audacity Portable 1.2.6 Revision 3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Aunsoft FLV Converter 1.0.1.7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Aurelia Reporter 2.6.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Avaguide 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Avast!.Antivirus.4.1.357.BR.Professional.Edition.+.[KeyGeN].2005.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\AVG.Anti.Spyware.v7.5.0.50.Multilanguage.Cracked.PROPER-CRD.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\AVI To iPod Converter 1.10.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Birthday Reminder Pro 1.5.0.104.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Blue Sky and clouds 2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Clone Disk Generator 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\ClǸ.Kaspersky.5.0.237.fin.le.11-10-2007(Bon.Par.Hlaud).zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\CMC7 Font 1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Code Saver 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Converse 1.8.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\CPU Speed-Tester 1.21.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\DAIRGram 1.01.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Daniusoft Digital Media to Mobile Phone Converter 2.0.26.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\DAVID-Laserscanner 2.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\DetachPipe Free 5.0.9.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Digeus Image Resizer 6.14.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\DX Reverb 2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\EMAS PC(2006) 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Employee Expense Organizer 2.7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Expedition.NET 3.0.8.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Fast Video to GIF SWF Converter 3.3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\FileTracer 1.2.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\FinitySoft BMI Calculator 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Fission Media Player 1.7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Flask Icons.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Flippin 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Four Diagnostic Methods 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Free Time Machine SpX 1.0.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Freebox 3.24.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\GoMail 2.3.1773.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Goo DVD To WMV Converter 1.00.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Great Artist Goya 1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\HDD Manager 2006.2.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\High Visibility Animated Cursors 2.0c.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\IBrowse 4.00.2.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Image Scan 1.3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Image Viewer 0.9 Beta.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\ImageSite Pro 1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Interactive SQL for PostgreSQL 2.2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\iris.network.traffic.analyzer.v4.0.6.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\justHTML 2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\K Database Magic 2.8.3.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\LingvoSoft Picture Dictionary 2007 Vietnamese - Chinese Mandarin Simplified 1.2.26.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\LuraDocument Capture 5.1.07.23.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Magic Music Factory 7.0.6.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Mail Grab 2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\MailBee.NET POP3 4.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\MCP 0.2.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\MEAN 26 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Memory Smiley Gadget 1.0.0.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\MindSalt Time & Expense 2.7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Monitapp - Computer Inventory 1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Moon 3D Space Tour 1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Movie Star Screensaver 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\MSU Smart Brightness & Contrast 1.01.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\mTimer 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\MySQL Compare Two Tables Software 7.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Network Management Map 2007.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Ninotech Path Copy 4.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\No Pop Ups 1.3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\NOD32.2.50.44.Crack.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Nokia Fast RingTone Tuner 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Notification Workflow Solution Accelerator 2.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\NVT Internet Privacy Cleaner 1.1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Pacers NBA Schedule 1.4.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Panda.Antivirus.Platinum.Internet.Security.8.01.00.Completo.Serial.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\PEditor 1.7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\PhotoElf 4.0.18.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Portable DefragNT 1.9.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Power Writer 1.2.6.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Professor Franklin's Instant Photo Artist 2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\ProFix Backup 1.0.1.7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Quicktext 0.9.9.9.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Real Desktop Light 1.42.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\ReportBuilder Enterprise 10.04.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\RicherBox OCX.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Secret Sharp 1.0.0.4.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Secure Password Generator 2.3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\SetNameToTime 2.4.9.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Slim PMV 1.5.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Smart Sharpen 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\SmEdit 1.170.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Sof..AVG.Antivirus.Professional.7.5.keygen.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Software - Avast Antivirus Pro Version 4.6.665 Keygen.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Sonar Screensaver 1.00.1.214.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Speech Google Gadget 1.5.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Spider 1.1.6.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Stop Notify Me 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\StrMatch 5.41.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\StumbleUpon Toolbar For Internet Explorer 3.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Stylet File Manager 2.06.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Sub2DivX 3.3.2.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Swiftpage for SalesLogix 2.4.9.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Tab Popup 1.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Task Track Analyst 1.3 build 356.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Taxgst Accounting Software 7.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Teen Spirit 0.95g Build 863.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\The Flying Dutchman 3D 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\TimeCult 0.5.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Tinysoar PSP Video Converter 1.6.2.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\TinySOF Screen Capture 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\TotalEdit Pro 5.0.8.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Tournament Time 14.06.041.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Txt2Csv 1.0.4.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\URLBlaze 1.3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Valiant AIM Expression 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\VividScreenshot 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\W32.Antinny Removal Tool 1.2.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Wii New Virtual Console Games 1.3.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Win2PDF 3.40.1.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\WinISD 0.44 Beta.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\X-Mas Icons 1.0.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\Xanadu.zip
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\m\shared\XIGraffixListView 1.0.7.1121.zip
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\m\shared"
Not deleted !! - "C:\Documents and Settings\Mr KONE D\Application Data\m"
Not deleted !! - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\srosa.sys"
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\winupgro.exe"
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1021281.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1023062.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1029015.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1030281.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1114109.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1116171.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1117000.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1147140.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1148953.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1149156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1170859.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1173109.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1174078.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1175421.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1178625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1180500.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1188046.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1190390.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1192390.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1234125.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1235031.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1237656.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\127078.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1274218.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1279640.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1281250.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1283171.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1292953.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\129656.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\131046.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\131156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\132328.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\132421.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1325000.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1328578.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1330562.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1370125.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1392500.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1396515.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1396937.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\140140.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15084031.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15116359.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15116609.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15215937.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15252734.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15253890.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15452421.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15566328.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15574984.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15579171.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15680937.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15694375.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15703625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15707015.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15718171.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15724718.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15857781.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15861046.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15862203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15893187.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15902984.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\15909968.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16050156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16054171.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16055578.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\160765.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\168156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\168250.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\168578.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16875359.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16877093.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16877203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16883906.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16936156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16938015.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\16938812.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17119828.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17229437.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17231296.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17231703.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17259968.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17262109.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17263109.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17297375.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17299140.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17299812.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17313343.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17315171.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17315687.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17319125.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17321062.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17322453.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17359906.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17385421.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17388234.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\17388781.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\179500.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\181484.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\181609.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1956718.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1963656.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1963843.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\1995734.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2026265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\202656.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2028343.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2029000.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\206625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\207953.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2194562.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2291578.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2292859.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2293093.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2319656.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2323625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2325406.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2363953.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2367046.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2368265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2385312.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2387843.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2388828.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2392515.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2394781.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2396125.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\241203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\245140.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\245203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\245687.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\246734.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2469718.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2471390.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\2471718.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\248312.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\248375.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\248531.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\249203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\256484.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\257015.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\259875.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\260968.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\263531.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\318843.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\323718.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\324281.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\373125.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\375062.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\375687.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\419593.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\421218.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\421968.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\433437.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\471125.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\521703.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\522484.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\522546.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\526312.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\530203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\538687.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\538781.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\544109.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\546484.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\547437.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\549250.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\550265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\554921.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\555156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\557218.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\584093.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\593625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\596640.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\597281.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\600218.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\611703.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\615062.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\615765.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\615828.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\617625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\619015.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\620859.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\624234.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\624343.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\628437.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\629890.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\630718.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\630812.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\654203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\657109.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\658156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\660531.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\664453.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\665156.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\670359.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\673078.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\676265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\677562.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\678250.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\678625.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\682218.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\692093.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\698921.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\702921.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\704312.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\704859.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\715406.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\716593.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\716640.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\741609.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\745234.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\746265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\767375.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\769828.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\771000.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\774515.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\776890.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\780359.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\784593.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\786312.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\787265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\799421.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\804000.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\812515.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\814265.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\814984.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\824984.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\838875.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\842437.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\845437.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\858250.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\860312.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\861562.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\865234.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\867375.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\869453.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\891859.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\899734.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\923093.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\924796.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\925390.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\937953.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\941703.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\943453.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\946203.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\968000.exe
Deleted ! - C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld\971140.exe
Deleted ! - "C:\Documents and Settings\Mr KONE D\Application Data\drivers\downld"
Not deleted !! - "C:\Documents and Settings\Mr KONE D\Application Data\drivers"

»»»» Supression files in C:\DOCUME~1\MRKONE~1\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\Mr KONE D\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\Mr KONE D\Local Settings\Temporary Internet Files\Content.IE5\B83MOYRW\mxd[1].jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\Local AppWizard-Generated Applications\keygen
Deleted ! - HKEY_USERS\S-1-5-21-448539723-1637723038-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Safe boot mode restored !


+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------



---------------- ! End of report ! ------------------
0
Réponse 20 / 53
Uenyan Messages postés 75 Date d'inscription dimanche 28 décembre 2008 Statut Membre Dernière intervention 27 janvier 2012 4
29 déc. 2008 à 15:50
Qu'est-ce que je doit faire maintenant ?
Je n'arrive toujours pas à scanner l'ordi
:'(
0

Discussions similaires

comment supprimer la liste de diffusion Critelab
evebri1 -
jeanmi -

4 réponses
Comment me débarrasser d'un phishing
jojo333 -
Merko -

7 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
Mon ordinateur a été infecté par un virus ou
henry4002 -
jorginho67 -

6 réponses