Virus bagle et trojan help
Résolu/Fermé
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
-
8 déc. 2008 à 08:51
estevecig Messages postés 124 Date d'inscription samedi 26 novembre 2005 Statut Membre Dernière intervention 17 décembre 2016 - 8 déc. 2008 à 14:46
estevecig Messages postés 124 Date d'inscription samedi 26 novembre 2005 Statut Membre Dernière intervention 17 décembre 2016 - 8 déc. 2008 à 14:46
A voir également:
- Virus bagle et trojan help
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Svchost.exe virus - Guide
- Altruistic virus ✓ - Forum Antivirus
- Trojan spyware ✓ - Forum Virus
- Faux message virus iphone - Forum iPhone
32 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 09:16
8 déc. 2008 à 09:16
slt,
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
(dans les options puis avancé :désactive la case: effacer les fichiers de plus de 48 heures)
https://www.malekal.com/tutoriel-ccleaner/
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
puis
Telecharge FindyKill sur ton bureau :
--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
(dans les options puis avancé :désactive la case: effacer les fichiers de plus de 48 heures)
https://www.malekal.com/tutoriel-ccleaner/
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
puis
Telecharge FindyKill sur ton bureau :
--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 09:17
8 déc. 2008 à 09:17
J'ai reussi a faire un ComboFix :
Voici le rapport :
ComboFix 08-12-06.06 - Usine 2008-12-08 9:03:59.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.373 [GMT 1:00]
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Usine\Application Data\m
c:\documents and settings\Usine\Application Data\m\flec006.exe
c:\documents and settings\Usine\Application Data\m\list.oct
c:\documents and settings\Usine\Application Data\m\shared\1-abc.net Startup Booster 1.03.zip
c:\documents and settings\Usine\Application Data\m\shared\1-Calc_2.1.zip
c:\documents and settings\Usine\Application Data\m\shared\1st German ExamCram 4.0.0.0.zip
c:\documents and settings\Usine\Application Data\m\shared\3D_World_Map_2.1_(KeyGen).zip
c:\documents and settings\Usine\Application Data\m\shared\4D Keeper 1.4.zip
c:\documents and settings\Usine\Application Data\m\shared\A.M.L. - Lite Edition
c:\documents and settings\Usine\Application Data\m\shared\Access_To_MySQL_2.zip
c:\documents and settings\Usine\Application Data\m\shared\Active_Privacy_Guardian_Washer_1.57.zip
c:\documents and settings\Usine\Application Data\m\shared\Advanced Desktop Shield 2.02 [Cracked].zip
c:\documents and settings\Usine\Application Data\m\shared\Albion_StopNow!_3.5.zip
c:\documents and settings\Usine\Application Data\m\shared\All-Secure Computer Locking Software 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Allok 3GP PSP MP4 iPod Video Converter 4.8.0310.zip
c:\documents and settings\Usine\Application Data\m\shared\AntiDuplicate_2.08.zip
c:\documents and settings\Usine\Application Data\m\shared\Application Manager 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Ashley Judd Screensaver.zip
c:\documents and settings\Usine\Application Data\m\shared\Asteroid_ES_0.8.zip
c:\documents and settings\Usine\Application Data\m\shared\AVG.Anti-Spyware.Plus.7.5.0.47.zip
c:\documents and settings\Usine\Application Data\m\shared\AVG.Internet.security.7.5.ITA..multilingual.+seriale.zip
c:\documents and settings\Usine\Application Data\m\shared\Battery Information 1.2b.zip
c:\documents and settings\Usine\Application Data\m\shared\Battlefield_1942_-_Mountain_Battle_map.zip
c:\documents and settings\Usine\Application Data\m\shared\Bowl_Bound_College_Football_1.11.zip
c:\documents and settings\Usine\Application Data\m\shared\Chaos_League_v1.04_patch.zip
c:\documents and settings\Usine\Application Data\m\shared\Chilibase for Outlook 1.5.4.138 (Cracked).zip
c:\documents and settings\Usine\Application Data\m\shared\CorrOpti 3.0 (Cracked).zip
c:\documents and settings\Usine\Application Data\m\shared\Counter Spy 2.5.1043.zip
c:\documents and settings\Usine\Application Data\m\shared\Crypt2002 1.1.zip
c:\documents and settings\Usine\Application Data\m\shared\CSC_Date_Calculator_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Destucto Beam Font 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Drempels 1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\DWF_Print_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\e-mix_Home_Edition_3.2.1.78_[Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\EasyPostCodes 1.0.0.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Elf_Bowling_3.zip
c:\documents and settings\Usine\Application Data\m\shared\eMail_Previewer_1.0_Crack.zip
c:\documents and settings\Usine\Application Data\m\shared\EMCO_MSI_Package_Builder_Professional_3.3.1.24.zip
c:\documents and settings\Usine\Application Data\m\shared\Excel File Size Reduce Software 7.0.zip
c:\documents and settings\Usine\Application Data\m\shared\EyeOnSite 1.7.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Flying Logic Reader 1.0.4.zip
c:\documents and settings\Usine\Application Data\m\shared\Folder_Security_2.5_[With_Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\Fomine LAN Chat 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\FontOpt_1.1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\FoxPro2MySQL Pro 1.2.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Funny_Faces_ScreenSaver_1.0_(KeyGen).zip
c:\documents and settings\Usine\Application Data\m\shared\GimmeFTP 1.0a.zip
c:\documents and settings\Usine\Application Data\m\shared\Goverlan_Remote_Administration_Suite_6.76.0200.zip
c:\documents and settings\Usine\Application Data\m\shared\HDC_Syslog_1.zip
c:\documents and settings\Usine\Application Data\m\shared\Hermetic File Search 2.25.zip
c:\documents and settings\Usine\Application Data\m\shared\HyperText Studio (Help Edition) 5.0.0.48.zip
c:\documents and settings\Usine\Application Data\m\shared\iCueMix_1.2.2.14_(Serial).zip
c:\documents and settings\Usine\Application Data\m\shared\Image2DXF_1.1_With_Crack.zip
c:\documents and settings\Usine\Application Data\m\shared\In the Chair 1.5.1.98.zip
c:\documents and settings\Usine\Application Data\m\shared\Intranet Sleuthhound Enterprise 1.4 [With Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\ItelPop 1.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Jagacy_VT_1.1.1_[KeyGen].zip
c:\documents and settings\Usine\Application Data\m\shared\Kaspersky_Anti-Virus_for_Windows_Workstations_5.zip
c:\documents and settings\Usine\Application Data\m\shared\LangPad_-_International_Characters_1.10_(With_Crack).zip
c:\documents and settings\Usine\Application Data\m\shared\Lavavo_CD_Ripper_5.0_[Patch].zip
c:\documents and settings\Usine\Application Data\m\shared\Led Pointers.zip
c:\documents and settings\Usine\Application Data\m\shared\LinCVS_XXL_1.6.0_[Patch].zip
c:\documents and settings\Usine\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Chinese Simplified 4.0.22.zip
c:\documents and settings\Usine\Application Data\m\shared\LingvoSoft Talking Dictionary 2007 German - Polish 4.0.22.zip
c:\documents and settings\Usine\Application Data\m\shared\LingvoSoft_Talking_Dictionary_2006_English_Spanish_3.1.41.zip
c:\documents and settings\Usine\Application Data\m\shared\ListWizard 1.5.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Living Rivers ScreenSaver 2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Magic of Morning 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\mbx2eml_0.68.zip
c:\documents and settings\Usine\Application Data\m\shared\MD5_Com_Component_1.00_(Patch).zip
c:\documents and settings\Usine\Application Data\m\shared\MITCalc_-_Shaft_connection_1.15.zip
c:\documents and settings\Usine\Application Data\m\shared\Mixed In Key 1.2.6.0.zip
c:\documents and settings\Usine\Application Data\m\shared\MSDict_Oxford_Concise_Medical_Dictionary_(Symbian_Series_80)_2.40.zip
c:\documents and settings\Usine\Application Data\m\shared\My_CPU_1.13g.zip
c:\documents and settings\Usine\Application Data\m\shared\Myspace Friend Finder 1.7.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Nawras Files Splitter 4.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Note Pilot 1.00.zip
c:\documents and settings\Usine\Application Data\m\shared\NumberBox_ActiveX_1.4.zip
c:\documents and settings\Usine\Application Data\m\shared\OrbitGraph_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Outlook_Tools_2.8.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Panda.Antivirus..Platinum.7.zip
c:\documents and settings\Usine\Application Data\m\shared\Paper Grains Collection 1.0.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Patchwork_1.1_(With_Crack).zip
c:\documents and settings\Usine\Application Data\m\shared\PDF To Image Converter 2.1.zip
c:\documents and settings\Usine\Application Data\m\shared\PhoneTray_Dialup_2.27_[With_Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\Picture2Web_2.3.1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Power_Audio_CD_Burner_1.01_[KeyGen].zip
c:\documents and settings\Usine\Application Data\m\shared\PractiCount Toolbar Standard for MS Office 1.4.zip
c:\documents and settings\Usine\Application Data\m\shared\Private Post Reader 4.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Protect Folder Plus 2.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Proxy_Tab_0.99.zip
c:\documents and settings\Usine\Application Data\m\shared\Pyramid_1.4.1.zip
c:\documents and settings\Usine\Application Data\m\shared\R9 Barebone MPEG Multiplexer SDK 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Radio Canada toolbar for IE 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\RAMDisk 2.0.100.zip
c:\documents and settings\Usine\Application Data\m\shared\Refined_Elliot_Trader_1.0.9.zip
c:\documents and settings\Usine\Application Data\m\shared\Registry_Remember_1.00.zip
c:\documents and settings\Usine\Application Data\m\shared\Retirement_Savings_Planner_Personal_2004.8g.zip
c:\documents and settings\Usine\Application Data\m\shared\RSS Czech News Gray Bar 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Scanner_Recorder_(Scanrec)_1.9.zip
c:\documents and settings\Usine\Application Data\m\shared\Share360_Sync_for_Palm_OS_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Sigblaster 1.03.zip
c:\documents and settings\Usine\Application Data\m\shared\Sleep Player 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\SmartVersion 1.15 RC beta.zip
c:\documents and settings\Usine\Application Data\m\shared\SoftMirrorCopy_1.zip
c:\documents and settings\Usine\Application Data\m\shared\Solsoft NetfilterOne 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Spb_Imageer_Plus_1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\SpeakToText_2.35_build_25.zip
c:\documents and settings\Usine\Application Data\m\shared\Spelling_Tutor_6.7_[Serial].zip
c:\documents and settings\Usine\Application Data\m\shared\SQL Effects Clarity 1.3.6.zip
c:\documents and settings\Usine\Application Data\m\shared\SQL Server Data Access Components 4.00.zip
c:\documents and settings\Usine\Application Data\m\shared\Star_Trek_Voyager_-_Elite_Force_R.M.S._Titanic_map.zip
c:\documents and settings\Usine\Application Data\m\shared\SubCrawler 1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\TED for MSN Messenger 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\TopMail 2.0 With Crack.zip
c:\documents and settings\Usine\Application Data\m\shared\TracePlus_Web_Detective_(eBusiness_Edition)_4.20.zip
c:\documents and settings\Usine\Application Data\m\shared\TuneBar 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\TYPO3 4.1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\Universal_Unit_Convertor_1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Visual_Zip_Password_Recovery_Processor_6.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Web_Dumper_2.2.3.zip
c:\documents and settings\Usine\Application Data\m\shared\Web_Form_Plugin_1.0_Serial.zip
c:\documents and settings\Usine\Application Data\m\shared\WebPad_2.6.1_(Key).zip
c:\documents and settings\Usine\Application Data\m\shared\WhatNext 1.17.11.21.zip
c:\documents and settings\Usine\Application Data\m\shared\Wild_Wild_West_demo.zip
c:\documents and settings\Usine\Application Data\m\shared\WinBit 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\WinRAR_3.70_Final.zip
c:\documents and settings\Usine\Application Data\m\shared\WMV-9_Export_Component_for_Quicktime_2.zip
c:\documents and settings\Usine\Application Data\m\shared\WorldMerge_4.3_KeyGen.zip
c:\documents and settings\Usine\Application Data\m\shared\WSQ viewer 2.7.zip
c:\documents and settings\Usine\Application Data\m\shared\XP_Medic_1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\YASA_DVD_to_VCD_Converter_3.2_build_036_(Serial).zip
c:\documents and settings\Usine\Application Data\m\srvlist.oct
c:\program files\AOL 9.0 VR\AOL.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\downld
c:\windows\system32\drivers\downld\102547562.exe
c:\windows\system32\drivers\downld\102550156.exe
c:\windows\system32\drivers\downld\102566781.exe
c:\windows\system32\drivers\downld\102567890.exe
c:\windows\system32\drivers\downld\102590281.exe
c:\windows\system32\drivers\downld\102594093.exe
c:\windows\system32\drivers\downld\102601296.exe
c:\windows\system32\drivers\downld\102621234.exe
c:\windows\system32\drivers\downld\102654296.exe
c:\windows\system32\drivers\downld\102673265.exe
c:\windows\system32\drivers\downld\102674750.exe
c:\windows\system32\drivers\downld\102680343.exe
c:\windows\system32\drivers\downld\102713625.exe
c:\windows\system32\drivers\downld\102739109.exe
c:\windows\system32\drivers\downld\117171750.exe
c:\windows\system32\drivers\downld\117183328.exe
c:\windows\system32\drivers\downld\117185046.exe
c:\windows\system32\drivers\downld\117202281.exe
c:\windows\system32\drivers\downld\117226859.exe
c:\windows\system32\drivers\downld\117268734.exe
c:\windows\system32\drivers\downld\117273531.exe
c:\windows\system32\drivers\downld\117305421.exe
c:\windows\system32\drivers\downld\117323875.exe
c:\windows\system32\drivers\downld\131750093.exe
c:\windows\system32\drivers\downld\131761031.exe
c:\windows\system32\drivers\downld\131763187.exe
c:\windows\system32\drivers\downld\131775687.exe
c:\windows\system32\drivers\downld\131801734.exe
c:\windows\system32\drivers\downld\131855984.exe
c:\windows\system32\drivers\downld\131862765.exe
c:\windows\system32\drivers\downld\131897843.exe
c:\windows\system32\drivers\downld\131909375.exe
c:\windows\system32\drivers\downld\146329156.exe
c:\windows\system32\drivers\downld\146330062.exe
c:\windows\system32\drivers\downld\146331468.exe
c:\windows\system32\drivers\downld\146349781.exe
c:\windows\system32\drivers\downld\146350890.exe
c:\windows\system32\drivers\downld\146357281.exe
c:\windows\system32\drivers\downld\146362859.exe
c:\windows\system32\drivers\downld\146367031.exe
c:\windows\system32\drivers\downld\146379765.exe
c:\windows\system32\drivers\downld\146408796.exe
c:\windows\system32\drivers\downld\146426203.exe
c:\windows\system32\drivers\downld\146431562.exe
c:\windows\system32\drivers\downld\146465671.exe
c:\windows\system32\drivers\downld\146475453.exe
c:\windows\system32\drivers\downld\14985328.exe
c:\windows\system32\drivers\downld\14988640.exe
c:\windows\system32\drivers\downld\15002968.exe
c:\windows\system32\drivers\downld\15004718.exe
c:\windows\system32\drivers\downld\15026703.exe
c:\windows\system32\drivers\downld\15049421.exe
c:\windows\system32\drivers\downld\15083343.exe
c:\windows\system32\drivers\downld\15101171.exe
c:\windows\system32\drivers\downld\15102640.exe
c:\windows\system32\drivers\downld\15107531.exe
c:\windows\system32\drivers\downld\15141734.exe
c:\windows\system32\drivers\downld\15156750.exe
c:\windows\system32\drivers\downld\160888750.exe
c:\windows\system32\drivers\downld\160895250.exe
c:\windows\system32\drivers\downld\160896531.exe
c:\windows\system32\drivers\downld\160906531.exe
c:\windows\system32\drivers\downld\160910515.exe
c:\windows\system32\drivers\downld\160924296.exe
c:\windows\system32\drivers\downld\160963750.exe
c:\windows\system32\drivers\downld\160968296.exe
c:\windows\system32\drivers\downld\161000234.exe
c:\windows\system32\drivers\downld\161010265.exe
c:\windows\system32\drivers\downld\162765.exe
c:\windows\system32\drivers\downld\163328.exe
c:\windows\system32\drivers\downld\174390.exe
c:\windows\system32\drivers\downld\175424687.exe
c:\windows\system32\drivers\downld\175427750.exe
c:\windows\system32\drivers\downld\175446687.exe
c:\windows\system32\drivers\downld\175447968.exe
c:\windows\system32\drivers\downld\175469937.exe
c:\windows\system32\drivers\downld\175496984.exe
c:\windows\system32\drivers\downld\175512656.exe
c:\windows\system32\drivers\downld\175523156.exe
c:\windows\system32\drivers\downld\175557921.exe
c:\windows\system32\drivers\downld\175570921.exe
c:\windows\system32\drivers\downld\176156.exe
c:\windows\system32\drivers\downld\183390.exe
c:\windows\system32\drivers\downld\189015.exe
c:\windows\system32\drivers\downld\189988093.exe
c:\windows\system32\drivers\downld\189996109.exe
c:\windows\system32\drivers\downld\189997156.exe
c:\windows\system32\drivers\downld\190014156.exe
c:\windows\system32\drivers\downld\190024546.exe
c:\windows\system32\drivers\downld\190043375.exe
c:\windows\system32\drivers\downld\190071171.exe
c:\windows\system32\drivers\downld\190086437.exe
c:\windows\system32\drivers\downld\190092000.exe
c:\windows\system32\drivers\downld\190124281.exe
c:\windows\system32\drivers\downld\190140546.exe
c:\windows\system32\drivers\downld\200421.exe
c:\windows\system32\drivers\downld\203640.exe
c:\windows\system32\drivers\downld\204564468.exe
c:\windows\system32\drivers\downld\204597562.exe
c:\windows\system32\drivers\downld\204599453.exe
c:\windows\system32\drivers\downld\204622890.exe
c:\windows\system32\drivers\downld\204628937.exe
c:\windows\system32\drivers\downld\204643125.exe
c:\windows\system32\drivers\downld\204684140.exe
c:\windows\system32\drivers\downld\204688937.exe
c:\windows\system32\drivers\downld\204723312.exe
c:\windows\system32\drivers\downld\204749890.exe
c:\windows\system32\drivers\downld\219166328.exe
c:\windows\system32\drivers\downld\219173468.exe
c:\windows\system32\drivers\downld\219174453.exe
c:\windows\system32\drivers\downld\219180750.exe
c:\windows\system32\drivers\downld\219202921.exe
c:\windows\system32\drivers\downld\219206828.exe
c:\windows\system32\drivers\downld\219234062.exe
c:\windows\system32\drivers\downld\219253312.exe
c:\windows\system32\drivers\downld\219261625.exe
c:\windows\system32\drivers\downld\219294828.exe
c:\windows\system32\drivers\downld\219305562.exe
c:\windows\system32\drivers\downld\221031.exe
c:\windows\system32\drivers\downld\225953.exe
c:\windows\system32\drivers\downld\228187.exe
c:\windows\system32\drivers\downld\229031.exe
c:\windows\system32\drivers\downld\233721328.exe
c:\windows\system32\drivers\downld\233725140.exe
c:\windows\system32\drivers\downld\233744515.exe
c:\windows\system32\drivers\downld\233745546.exe
c:\windows\system32\drivers\downld\233759437.exe
c:\windows\system32\drivers\downld\233771781.exe
c:\windows\system32\drivers\downld\233799625.exe
c:\windows\system32\drivers\downld\233814609.exe
c:\windows\system32\drivers\downld\233821343.exe
c:\windows\system32\drivers\downld\233854562.exe
c:\windows\system32\drivers\downld\233865546.exe
c:\windows\system32\drivers\downld\237734.exe
c:\windows\system32\drivers\downld\248281234.exe
c:\windows\system32\drivers\downld\248283625.exe
c:\windows\system32\drivers\downld\248302078.exe
c:\windows\system32\drivers\downld\248303437.exe
c:\windows\system32\drivers\downld\248316093.exe
c:\windows\system32\drivers\downld\248331250.exe
c:\windows\system32\drivers\downld\248360296.exe
c:\windows\system32\drivers\downld\248376515.exe
c:\windows\system32\drivers\downld\248382406.exe
c:\windows\system32\drivers\downld\248417296.exe
c:\windows\system32\drivers\downld\248429468.exe
c:\windows\system32\drivers\downld\250250.exe
c:\windows\system32\drivers\downld\260406.exe
c:\windows\system32\drivers\downld\267078.exe
c:\windows\system32\drivers\downld\269218.exe
c:\windows\system32\drivers\downld\275390.exe
c:\windows\system32\drivers\downld\277531.exe
c:\windows\system32\drivers\downld\280812.exe
c:\windows\system32\drivers\downld\292546.exe
c:\windows\system32\drivers\downld\292593.exe
c:\windows\system32\drivers\downld\29635765.exe
c:\windows\system32\drivers\downld\29654046.exe
c:\windows\system32\drivers\downld\29668312.exe
c:\windows\system32\drivers\downld\29670312.exe
c:\windows\system32\drivers\downld\29698359.exe
c:\windows\system32\drivers\downld\297000.exe
c:\windows\system32\drivers\downld\29713875.exe
c:\windows\system32\drivers\downld\29759781.exe
c:\windows\system32\drivers\downld\29761500.exe
c:\windows\system32\drivers\downld\29766781.exe
c:\windows\system32\drivers\downld\29801968.exe
c:\windows\system32\drivers\downld\29818875.exe
c:\windows\system32\drivers\downld\302812.exe
c:\windows\system32\drivers\downld\310562.exe
c:\windows\system32\drivers\downld\311468.exe
c:\windows\system32\drivers\downld\318296.exe
c:\windows\system32\drivers\downld\324421.exe
c:\windows\system32\drivers\downld\327046.exe
c:\windows\system32\drivers\downld\3283281.exe
c:\windows\system32\drivers\downld\3289109.exe
c:\windows\system32\drivers\downld\3305328.exe
c:\windows\system32\drivers\downld\3306859.exe
c:\windows\system32\drivers\downld\3321171.exe
c:\windows\system32\drivers\downld\3326703.exe
c:\windows\system32\drivers\downld\3345171.exe
c:\windows\system32\drivers\downld\3350421.exe
c:\windows\system32\drivers\downld\3390593.exe
c:\windows\system32\drivers\downld\3420578.exe
c:\windows\system32\drivers\downld\3422375.exe
c:\windows\system32\drivers\downld\3428343.exe
c:\windows\system32\drivers\downld\345812.exe
c:\windows\system32\drivers\downld\351031.exe
c:\windows\system32\drivers\downld\354390.exe
c:\windows\system32\drivers\downld\359140.exe
c:\windows\system32\drivers\downld\365046.exe
c:\windows\system32\drivers\downld\367875.exe
c:\windows\system32\drivers\downld\368968.exe
c:\windows\system32\drivers\downld\375171.exe
c:\windows\system32\drivers\downld\375593.exe
c:\windows\system32\drivers\downld\380843.exe
c:\windows\system32\drivers\downld\382187.exe
c:\windows\system32\drivers\downld\388578.exe
c:\windows\system32\drivers\downld\396828.exe
c:\windows\system32\drivers\downld\399500.exe
c:\windows\system32\drivers\downld\402484.exe
c:\windows\system32\drivers\downld\412156.exe
c:\windows\system32\drivers\downld\414593.exe
c:\windows\system32\drivers\downld\436328.exe
c:\windows\system32\drivers\downld\44248328.exe
c:\windows\system32\drivers\downld\44252000.exe
c:\windows\system32\drivers\downld\44266546.exe
c:\windows\system32\drivers\downld\44268562.exe
c:\windows\system32\drivers\downld\44277375.exe
c:\windows\system32\drivers\downld\44282312.exe
c:\windows\system32\drivers\downld\44289718.exe
c:\windows\system32\drivers\downld\44309187.exe
c:\windows\system32\drivers\downld\44359906.exe
c:\windows\system32\drivers\downld\44361859.exe
c:\windows\system32\drivers\downld\44367187.exe
c:\windows\system32\drivers\downld\44404000.exe
c:\windows\system32\drivers\downld\44416890.exe
c:\windows\system32\drivers\downld\449859.exe
c:\windows\system32\drivers\downld\450593.exe
c:\windows\system32\drivers\downld\453359.exe
c:\windows\system32\drivers\downld\453468.exe
c:\windows\system32\drivers\downld\471453.exe
c:\windows\system32\drivers\downld\472765.exe
c:\windows\system32\drivers\downld\473578.exe
c:\windows\system32\drivers\downld\474421.exe
c:\windows\system32\drivers\downld\479265.exe
c:\windows\system32\drivers\downld\480578.exe
c:\windows\system32\drivers\downld\483421.exe
c:\windows\system32\drivers\downld\484734.exe
c:\windows\system32\drivers\downld\485031.exe
c:\windows\system32\drivers\downld\490703.exe
c:\windows\system32\drivers\downld\512234.exe
c:\windows\system32\drivers\downld\512578.exe
c:\windows\system32\drivers\downld\514218.exe
c:\windows\system32\drivers\downld\521593.exe
c:\windows\system32\drivers\downld\525062.exe
c:\windows\system32\drivers\downld\531609.exe
c:\windows\system32\drivers\downld\538046.exe
c:\windows\system32\drivers\downld\561734.exe
c:\windows\system32\drivers\downld\573406.exe
c:\windows\system32\drivers\downld\588531.exe
c:\windows\system32\drivers\downld\58856968.exe
c:\windows\system32\drivers\downld\58866531.exe
c:\windows\system32\drivers\downld\58867718.exe
c:\windows\system32\drivers\downld\58880750.exe
c:\windows\system32\drivers\downld\58897906.exe
c:\windows\system32\drivers\downld\58943296.exe
c:\windows\system32\drivers\downld\58945281.exe
c:\windows\system32\drivers\downld\58949828.exe
c:\windows\system32\drivers\downld\58983406.exe
c:\windows\system32\drivers\downld\58995375.exe
c:\windows\system32\drivers\downld\602687.exe
c:\windows\system32\drivers\downld\73412718.exe
c:\windows\system32\drivers\downld\73414203.exe
c:\windows\system32\drivers\downld\73436390.exe
c:\windows\system32\drivers\downld\73437640.exe
c:\windows\system32\drivers\downld\73443593.exe
c:\windows\system32\drivers\downld\73450906.exe
c:\windows\system32\drivers\downld\73464203.exe
c:\windows\system32\drivers\downld\73493078.exe
c:\windows\system32\drivers\downld\73509500.exe
c:\windows\system32\drivers\downld\73510937.exe
c:\windows\system32\drivers\downld\73515609.exe
c:\windows\system32\drivers\downld\73552031.exe
c:\windows\system32\drivers\downld\73562187.exe
c:\windows\system32\drivers\downld\87979968.exe
c:\windows\system32\drivers\downld\87984296.exe
c:\windows\system32\drivers\downld\87996375.exe
c:\windows\system32\drivers\downld\87997296.exe
c:\windows\system32\drivers\downld\88009937.exe
c:\windows\system32\drivers\downld\88014046.exe
c:\windows\system32\drivers\downld\88035046.exe
c:\windows\system32\drivers\downld\88062140.exe
c:\windows\system32\drivers\downld\88078031.exe
c:\windows\system32\drivers\downld\88079734.exe
c:\windows\system32\drivers\downld\88083625.exe
c:\windows\system32\drivers\downld\88115359.exe
c:\windows\system32\drivers\downld\88125078.exe
c:\windows\system32\drivers\srosa.sys
c:\windows\system32\drivers\srosa2.sys
c:\windows\system32\drivers\winfilse.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-08 au 2008-12-08 ))))))))))))))))))))))))))))))))))))
.
2008-12-08 08:37 . 2008-12-08 08:37 <REP> d-------- c:\program files\Panda Security
2008-12-08 08:33 . 2008-12-08 08:33 <REP> d-------- c:\windows\BDOSCAN8
2008-12-05 14:05 . 2008-04-13 19:33 116,736 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-05 14:05 . 2001-08-23 17:47 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe
2008-12-05 14:05 . 2001-08-23 17:47 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe
2008-12-05 14:05 . 2001-08-23 17:47 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-05 14:05 . 2008-04-13 19:33 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll
2008-12-05 14:05 . 2001-08-23 17:47 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe
2008-12-05 14:04 . 2008-04-13 09:35 154,624 --a--c--- c:\windows\system32\dllcache\wlluc48.sys
2008-12-05 14:04 . 2001-08-23 17:05 35,402 --a--c--- c:\windows\system32\dllcache\wlandrv2.sys
2008-12-05 14:04 . 2008-04-13 09:34 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys
2008-12-05 14:04 . 2008-04-13 11:46 19,200 --a--c--- c:\windows\system32\dllcache\wstcodec.sys
2008-12-05 14:04 . 2001-08-17 20:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys
2008-12-05 14:04 . 2008-04-13 09:34 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys
2008-12-05 14:04 . 2008-04-13 11:36 8,832 --a--c--- c:\windows\system32\dllcache\wmiacpi.sys
2008-12-05 14:04 . 2008-04-13 19:33 8,192 --a--c--- c:\windows\system32\dllcache\wshirda.dll
2008-12-05 14:03 . 2001-08-17 21:28 771,581 --a--c--- c:\windows\system32\dllcache\winacisa.sys
2008-12-05 14:03 . 2001-08-17 21:28 701,386 --a--c--- c:\windows\system32\dllcache\wdhaalba.sys
2008-12-05 14:03 . 2001-08-23 17:47 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll
2008-12-05 14:03 . 2001-08-23 17:47 54,272 --a--c--- c:\windows\system32\dllcache\wiamsmud.dll
2008-12-05 14:03 . 2008-04-13 09:34 23,615 --a--c--- c:\windows\system32\dllcache\wch7xxnt.sys
2008-12-05 14:01 . 2001-08-17 21:28 604,253 --a--c--- c:\windows\system32\dllcache\vmodem.sys
2008-12-05 14:01 . 2001-08-17 21:28 397,502 --a--c--- c:\windows\system32\dllcache\vpctcom.sys
2008-12-05 14:01 . 2001-08-17 21:28 64,605 --a--c--- c:\windows\system32\dllcache\vvoice.sys
2008-12-05 14:01 . 2001-08-17 20:13 19,528 --a--c--- c:\windows\system32\dllcache\w840nd.sys
2008-12-05 14:00 . 2001-08-17 21:28 765,884 --a--c--- c:\windows\system32\dllcache\usrti.sys
2008-12-05 14:00 . 2001-08-17 21:28 687,999 --a--c--- c:\windows\system32\dllcache\usrwdxjs.sys
2008-12-05 14:00 . 2001-08-17 20:14 249,402 --a--c--- c:\windows\system32\dllcache\vinwm.sys
2008-12-05 14:00 . 2001-08-17 21:28 113,762 --a--c--- c:\windows\system32\dllcache\usrpda.sys
2008-12-05 14:00 . 2008-04-13 19:33 54,784 --a--c--- c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-05 14:00 . 2008-04-13 19:34 28,672 --a--c--- c:\windows\system32\dllcache\vidcap.ax
2008-12-05 14:00 . 2001-08-17 21:49 24,576 --a--c--- c:\windows\system32\dllcache\viairda.sys
2008-12-05 14:00 . 2008-04-13 19:33 11,325 --a--c--- c:\windows\system32\dllcache\vchnt5.dll
2008-12-05 13:59 . 2001-08-17 21:28 794,654 --a--c--- c:\windows\system32\dllcache\usr1801.sys
2008-12-05 13:59 . 2001-08-17 21:28 794,399 --a--c--- c:\windows\system32\dllcache\usr1806v.sys
2008-12-05 13:59 . 2001-08-17 21:28 793,598 --a--c--- c:\windows\system32\dllcache\usr1806.sys
2008-12-05 13:59 . 2001-08-17 21:28 224,802 --a--c--- c:\windows\system32\dllcache\usr1807a.sys
2008-12-05 13:59 . 2001-08-17 21:28 7,556 --a--c--- c:\windows\system32\dllcache\usroslba.sys
2008-12-05 13:58 . 2008-04-13 11:46 121,984 --a--c--- c:\windows\system32\dllcache\usbvideo.sys
2008-12-05 13:58 . 2001-08-23 17:47 94,720 --a--c--- c:\windows\system32\dllcache\umaxud32.dll
2008-12-05 13:58 . 2008-04-13 11:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-12-05 13:58 . 2008-04-13 18:55 32,384 --a--c--- c:\windows\system32\dllcache\usb101et.sys
2008-12-05 13:58 . 2008-04-13 11:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2008-12-05 13:58 . 2001-08-23 17:47 28,672 --a--c--- c:\windows\system32\dllcache\umaxu40.dll
2008-12-05 13:58 . 2001-08-23 17:47 27,136 --a--c--- c:\windows\system32\dllcache\umaxu22.dll
2008-12-05 13:58 . 2008-04-13 11:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2008-12-05 13:58 . 2008-04-13 11:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-12-05 13:58 . 2008-04-13 11:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2008-12-05 13:58 . 2008-04-13 11:56 12,800 --a--c--- c:\windows\system32\dllcache\usb8023x.sys
2008-12-05 13:57 . 2001-08-23 17:47 70,144 --a--c--- c:\windows\system32\dllcache\umaxu12.dll
2008-12-05 13:57 . 2001-08-23 17:47 50,688 --a--c--- c:\windows\system32\dllcache\umaxscan.dll
2008-12-05 13:57 . 2001-08-23 17:47 50,688 --a--c--- c:\windows\system32\dllcache\umaxp60.dll
2008-12-05 13:57 . 2001-08-23 17:47 47,616 --a--c--- c:\windows\system32\dllcache\umaxcam.dll
2008-12-05 13:57 . 2001-08-17 21:58 22,912 --a--c--- c:\windows\system32\dllcache\umaxpcls.sys
2008-12-05 13:56 . 2001-08-23 17:47 216,576 --a--c--- c:\windows\system32\dllcache\um34scan.dll
2008-12-05 13:56 . 2001-08-23 17:47 212,480 --a--c--- c:\windows\system32\dllcache\um54scan.dll
2008-12-05 13:56 . 2001-08-17 20:51 166,784 --a--c--- c:\windows\system32\dllcache\tridxpm.sys
2008-12-05 13:56 . 2008-04-13 11:36 44,672 --a--c--- c:\windows\system32\dllcache\uagp35.sys
2008-12-05 13:56 . 2001-08-17 21:52 36,736 --a--c--- c:\windows\system32\dllcache\ultra.sys
2008-12-05 13:56 . 2001-08-17 21:48 11,520 --a--c--- c:\windows\system32\dllcache\twotrack.sys
2008-12-05 13:55 . 2001-08-23 17:47 525,568 --a--c--- c:\windows\system32\dllcache\tridxp.dll
2008-12-05 13:55 . 2001-08-23 17:46 440,576 --a--c--- c:\windows\system32\dllcache\tridkb.dll
2008-12-05 13:55 . 2001-08-23 17:46 315,520 --a--c--- c:\windows\system32\dllcache\trid3d.dll
2008-12-05 13:55 . 2001-08-17 20:51 222,336 --a--c--- c:\windows\system32\dllcache\trid3dm.sys
2008-12-05 13:55 . 2001-08-17 20:51 159,232 --a--c--- c:\windows\system32\dllcache\tridkbm.sys
2008-12-05 13:54 . 2001-08-17 22:02 230,912 --a--c--- c:\windows\system32\dllcache\tosdvd03.sys
2008-12-05 13:54 . 2008-04-13 19:34 82,944 --a--c--- c:\windows\system32\dllcache\tp4mon.exe
2008-12-05 13:54 . 2001-08-23 17:46 43,520 --a--c--- c:\windows\system32\dllcache\tp4res.dll
2008-12-05 13:54 . 2001-08-17 20:12 34,375 --a--c--- c:\windows\system32\dllcache\tpro4.sys
2008-12-05 13:54 . 2001-08-23 17:47 31,744 --a--c--- c:\windows\system32\dllcache\tp4.dll
2008-12-05 13:54 . 2001-08-23 17:00 4,992 --a--c--- c:\windows\system32\dllcache\toside.sys
2008-12-05 13:53 . 2001-08-17 22:01 241,664 --a--c--- c:\windows\system32\dllcache\tosdvd02.sys
2008-12-05 13:53 . 2001-08-17 20:51 138,528 --a--c--- c:\windows\system32\dllcache\tgiulnt5.sys
2008-12-05 13:53 . 2001-08-17 20:14 123,995 --a--c--- c:\windows\system32\dllcache\tjisdn.sys
2008-12-05 13:53 . 2001-08-23 17:46 81,408 --a--c--- c:\windows\system32\dllcache\tgiul50.dll
2008-12-05 13:53 . 2001-08-17 20:10 28,232 --a--c--- c:\windows\system32\dllcache\tos4mo.sys
2008-12-05 13:52 . 2008-04-13 11:40 149,376 --a--c--- c:\windows\system32\dllcache\tffsport.sys
2008-12-05 13:52 . 2001-08-17 20:13 37,961 --a--c--- c:\windows\system32\dllcache\tdk100b.sys
2008-12-05 13:52 . 2001-08-17 20:50 36,640 --a--c--- c:\windows\system32\dllcache\t2r4mini.sys
2008-12-05 13:52 . 2001-08-17 21:49 30,464 --a--c--- c:\windows\system32\dllcache\tbatm155.sys
2008-12-05 13:52 . 2001-08-17 20:13 17,129 --a--c--- c:\windows\system32\dllcache\tdkcd31.sys
2008-12-05 13:52 . 2001-08-17 21:52 7,040 --a--c--- c:\windows\system32\dllcache\tandqic.sys
2008-12-05 13:51 . 2001-08-23 17:46 172,768 --a--c--- c:\windows\system32\dllcache\t2r4disp.dll
2008-12-05 13:51 . 2001-08-17 22:07 32,640 --a--c--- c:\windows\system32\dllcache\symc8xx.sys
2008-12-05 13:51 . 2001-08-17 22:07 30,688 --a--c--- c:\windows\system32\dllcache\sym_u3.sys
2008-12-05 13:51 . 2001-08-17 22:07 28,384 --a--c--- c:\windows\system32\dllcache\sym_hi.sys
2008-12-05 13:51 . 2001-08-17 22:07 16,256 --a--c--- c:\windows\system32\dllcache\symc810.sys
2008-12-05 13:50 . 2001-08-17 21:50 103,936 --a--c--- c:\windows\system32\dllcache\sx.sys
2008-12-05 13:50 . 2001-08-23 17:47 94,293 --a--c--- c:\windows\system32\dllcache\sxports.dll
2008-12-05 13:50 . 2001-08-23 17:47 10,240 --a--c--- c:\windows\system32\dllcache\swpidflt.dll
2008-12-05 13:50 . 2001-08-17 22:02 3,968 --a--c--- c:\windows\system32\dllcache\swusbflt.sys
2008-12-05 13:49 . 2001-08-23 16:57 286,848 --a--c--- c:\windows\system32\dllcache\stlnata.sys
2008-12-05 13:49 . 2001-08-23 17:47 155,648 --a--c--- c:\windows\system32\dllcache\stlnprop.dll
2008-12-05 13:49 . 2001-08-23 17:47 53,760 --a--c--- c:\windows\system32\dllcache\sw_wheel.dll
2008-12-05 13:49 . 2001-08-23 17:47 53,248 --a--c--- c:\windows\system32\dllcache\stlncoin.dll
2008-12-05 13:49 . 2001-08-23 17:47 41,472 --a--c--- c:\windows\system32\dllcache\sw_effct.dll
2008-12-05 13:49 . 2008-04-13 11:46 15,232 --a--c--- c:\windows\system32\dllcache\streamip.sys
2008-12-05 13:49 . 2001-08-23 17:47 10,240 --a--c--- c:\windows\system32\dllcache\swpdflt2.dll
2008-12-05 13:48 . 2001-08-23 17:47 99,840 --a--c--- c:\windows\system32\dllcache\srusd.dll
2008-12-05 13:48 . 2001-08-17 20:11 48,736 --a--c--- c:\windows\system32\dllcache\srwlnd5.sys
2008-12-05 13:48 . 2001-08-23 17:47 24,660 --a--c--- c:\windows\system32\dllcache\spxupchk.dll
2008-12-05 13:48 . 2001-08-23 16:57 17,024 --a--c--- c:\windows\system32\dllcache\stcusb.sys
2008-12-05 13:47 . 2001-08-23 17:47 114,688 --a--c--- c:\windows\system32\dllcache\sonypi.dll
2008-12-05 13:47 . 2001-08-23 17:47 106,584 --a--c--- c:\windows\system32\dllcache\spdports.dll
2008-12-05 13:47 . 2001-08-17 21:51 61,824 --a--c--- c:\windows\system32\dllcache\speed.sys
2008-12-05 13:47 . 2001-08-17 20:51 37,040 --a--c--- c:\windows\system32\dllcache\sonypi.sys
2008-12-05 13:47 . 2001-08-17 22:07 19,072 --a--c--- c:\windows\system32\dllcache\sparrow.sys
2008-12-05 13:47 . 2001-08-17 21:56 7,552 --a--c--- c:\windows\system32\dllcache\sonypvu1.sys
2008-12-05 13:46 . 2001-08-17 20:51 58,368 --a--c--- c:\windows\system32\dllcache\smiminib.sys
2008-12-05 13:46 . 2001-08-17 20:51 20,752 --a--c--- c:\windows\system32\dllcache\sonync.sys
2008-12-05 13:46 . 2001-08-17 21:53 9,600 --a--c--- c:\windows\system32\dllcache\sonymc.sys
2008-12-05 13:46 . 2008-04-13 11:40 7,552 --a--c--- c:\windows\system32\dllcache\sonyait.sys
2008-12-05 13:46 . 2001-08-17 21:53 7,040 --a--c--- c:\windows\system32\dllcache\snyaitmc.sys
2008-12-05 13:45 . 2001-08-23 17:46 147,200 --a--c--- c:\windows\system32\dllcache\smidispb.dll
2008-12-05 13:45 . 2001-08-23 17:21 36,937 --a--c--- c:\windows\system32\dllcache\smcirda.sys
2008-12-05 13:45 . 2001-08-17 20:12 25,034 --a--c--- c:\windows\system32\dllcache\smcpwr2n.sys
2008-12-05 13:45 . 2001-08-17 20:12 24,576 --a--c--- c:\windows\system32\dllcache\smc8000n.sys
2008-12-05 13:45 . 2001-08-17 21:57 6,784 --a--c--- c:\windows\system32\dllcache\smbhc.sys
2008-12-05 13:44 . 2001-08-23 17:47 45,568 --a--c--- c:\windows\system32\dllcache\smb3w.dll
2008-12-05 13:44 . 2001-08-23 17:47 33,792 --a--c--- c:\windows\system32\dllcache\smb0w.dll
2008-12-05 13:44 . 2001-08-23 17:47 28,672 --a--c--- c:\windows\system32\dllcache\sma0w.dll
2008-12-05 13:44 . 2001-08-23 17:47 28,160 --a--c--- c:\windows\system32\dllcache\sm91w.dll
2008-12-05 13:44 . 2008-04-13 11:36 16,000 --a--c--- c:\windows\system32\dllcache\smbbatt.sys
2008-12-05 13:44 . 2008-04-13 11:36 6,912 --a--c--- c:\windows\system32\dllcache\smbclass.sys
2008-12-05 13:44 . 2008-04-13 11:36 5,888 --a--c--- c:\windows\system32\dllcache\smbali.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 08:09 --------- d-----w c:\program files\Wanadoo
2008-11-24 15:47 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-21 07:30 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-21 07:30 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-11-20 15:13 --------- d-----w c:\program files\JavaSoft
2008-11-20 15:13 --------- d-----w c:\program files\ECI Telecom
2008-11-20 15:12 --------- d-----w c:\program files\Messager Wanadoo
2008-11-20 14:50 --------- d-----w c:\program files\Fichiers communs\ACD Systems
2008-11-20 14:50 --------- d-----w c:\program files\ACD Systems
2008-11-20 14:50 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-11-20 14:49 9,856 ----a-w c:\windows\system32\drivers\pfc.sys
2008-11-20 14:38 --------- d-----w c:\program files\microsoft frontpage
2008-11-20 14:34 --------- d-----w c:\program files\Services en ligne
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WooCnxMon"="c:\progra~1\Wanadoo\CnxMon.exe" [2002-11-12 24576]
"Demon"="c:\progra~1\MESSAG~1\Demon.exe" [2002-09-03 40960]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2002-11-12 20480]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\TaskbarIcon.exe" [2002-11-12 45056]
"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2008-11-18 325768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HostManager"="c:\program files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe" [2006-09-26 50736]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-12-05 79224]
"GSICONEXE"="GSICON.EXE" [2002-01-22 c:\windows\system32\gsicon.exe]
"DSLAGENTEXE"="dslagent.exe" [2002-01-22 c:\windows\system32\dslagent.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\Usine\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\1227626313\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Documents and Settings\\Usine\\Bureau\\widget_rire.exe"=
R2 SPAMfighter Update Service;SPAMfighter Update Service;"c:\program files\SPAMfighter\sfus.exe" [2008-11-18 184968]
S1 aswSP;avast! Self Protection; []
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys []
S2 gafwload;ECI Telecom USB ADSL Loader;c:\windows\system32\DRIVERS\gafwload.sys [2008-11-20 26987]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2008-12-08 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-AOL Fast Start - c:\program files\AOL 9.0 VR\AOL.EXE
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
c:\windows\Downloaded Program Files\OberonGameHost.dll - O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
hxxp://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
c:\windows\Downloaded Program Files\OberonGameHost_dbg.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 09:09:00
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\AOL\acs\AOLacsd.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2008-12-08 9:11:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-08 08:11:52
Avant-CF: 12,037,279,744 octets libres
Après-CF: 12,009,816,064 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
676 --- E O F --- 2008-11-21 08:32:16
Voici le rapport :
ComboFix 08-12-06.06 - Usine 2008-12-08 9:03:59.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.373 [GMT 1:00]
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Usine\Application Data\m
c:\documents and settings\Usine\Application Data\m\flec006.exe
c:\documents and settings\Usine\Application Data\m\list.oct
c:\documents and settings\Usine\Application Data\m\shared\1-abc.net Startup Booster 1.03.zip
c:\documents and settings\Usine\Application Data\m\shared\1-Calc_2.1.zip
c:\documents and settings\Usine\Application Data\m\shared\1st German ExamCram 4.0.0.0.zip
c:\documents and settings\Usine\Application Data\m\shared\3D_World_Map_2.1_(KeyGen).zip
c:\documents and settings\Usine\Application Data\m\shared\4D Keeper 1.4.zip
c:\documents and settings\Usine\Application Data\m\shared\A.M.L. - Lite Edition
c:\documents and settings\Usine\Application Data\m\shared\Access_To_MySQL_2.zip
c:\documents and settings\Usine\Application Data\m\shared\Active_Privacy_Guardian_Washer_1.57.zip
c:\documents and settings\Usine\Application Data\m\shared\Advanced Desktop Shield 2.02 [Cracked].zip
c:\documents and settings\Usine\Application Data\m\shared\Albion_StopNow!_3.5.zip
c:\documents and settings\Usine\Application Data\m\shared\All-Secure Computer Locking Software 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Allok 3GP PSP MP4 iPod Video Converter 4.8.0310.zip
c:\documents and settings\Usine\Application Data\m\shared\AntiDuplicate_2.08.zip
c:\documents and settings\Usine\Application Data\m\shared\Application Manager 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Ashley Judd Screensaver.zip
c:\documents and settings\Usine\Application Data\m\shared\Asteroid_ES_0.8.zip
c:\documents and settings\Usine\Application Data\m\shared\AVG.Anti-Spyware.Plus.7.5.0.47.zip
c:\documents and settings\Usine\Application Data\m\shared\AVG.Internet.security.7.5.ITA..multilingual.+seriale.zip
c:\documents and settings\Usine\Application Data\m\shared\Battery Information 1.2b.zip
c:\documents and settings\Usine\Application Data\m\shared\Battlefield_1942_-_Mountain_Battle_map.zip
c:\documents and settings\Usine\Application Data\m\shared\Bowl_Bound_College_Football_1.11.zip
c:\documents and settings\Usine\Application Data\m\shared\Chaos_League_v1.04_patch.zip
c:\documents and settings\Usine\Application Data\m\shared\Chilibase for Outlook 1.5.4.138 (Cracked).zip
c:\documents and settings\Usine\Application Data\m\shared\CorrOpti 3.0 (Cracked).zip
c:\documents and settings\Usine\Application Data\m\shared\Counter Spy 2.5.1043.zip
c:\documents and settings\Usine\Application Data\m\shared\Crypt2002 1.1.zip
c:\documents and settings\Usine\Application Data\m\shared\CSC_Date_Calculator_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Destucto Beam Font 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Drempels 1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\DWF_Print_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\e-mix_Home_Edition_3.2.1.78_[Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\EasyPostCodes 1.0.0.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Elf_Bowling_3.zip
c:\documents and settings\Usine\Application Data\m\shared\eMail_Previewer_1.0_Crack.zip
c:\documents and settings\Usine\Application Data\m\shared\EMCO_MSI_Package_Builder_Professional_3.3.1.24.zip
c:\documents and settings\Usine\Application Data\m\shared\Excel File Size Reduce Software 7.0.zip
c:\documents and settings\Usine\Application Data\m\shared\EyeOnSite 1.7.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Flying Logic Reader 1.0.4.zip
c:\documents and settings\Usine\Application Data\m\shared\Folder_Security_2.5_[With_Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\Fomine LAN Chat 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\FontOpt_1.1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\FoxPro2MySQL Pro 1.2.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Funny_Faces_ScreenSaver_1.0_(KeyGen).zip
c:\documents and settings\Usine\Application Data\m\shared\GimmeFTP 1.0a.zip
c:\documents and settings\Usine\Application Data\m\shared\Goverlan_Remote_Administration_Suite_6.76.0200.zip
c:\documents and settings\Usine\Application Data\m\shared\HDC_Syslog_1.zip
c:\documents and settings\Usine\Application Data\m\shared\Hermetic File Search 2.25.zip
c:\documents and settings\Usine\Application Data\m\shared\HyperText Studio (Help Edition) 5.0.0.48.zip
c:\documents and settings\Usine\Application Data\m\shared\iCueMix_1.2.2.14_(Serial).zip
c:\documents and settings\Usine\Application Data\m\shared\Image2DXF_1.1_With_Crack.zip
c:\documents and settings\Usine\Application Data\m\shared\In the Chair 1.5.1.98.zip
c:\documents and settings\Usine\Application Data\m\shared\Intranet Sleuthhound Enterprise 1.4 [With Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\ItelPop 1.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Jagacy_VT_1.1.1_[KeyGen].zip
c:\documents and settings\Usine\Application Data\m\shared\Kaspersky_Anti-Virus_for_Windows_Workstations_5.zip
c:\documents and settings\Usine\Application Data\m\shared\LangPad_-_International_Characters_1.10_(With_Crack).zip
c:\documents and settings\Usine\Application Data\m\shared\Lavavo_CD_Ripper_5.0_[Patch].zip
c:\documents and settings\Usine\Application Data\m\shared\Led Pointers.zip
c:\documents and settings\Usine\Application Data\m\shared\LinCVS_XXL_1.6.0_[Patch].zip
c:\documents and settings\Usine\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Chinese Simplified 4.0.22.zip
c:\documents and settings\Usine\Application Data\m\shared\LingvoSoft Talking Dictionary 2007 German - Polish 4.0.22.zip
c:\documents and settings\Usine\Application Data\m\shared\LingvoSoft_Talking_Dictionary_2006_English_Spanish_3.1.41.zip
c:\documents and settings\Usine\Application Data\m\shared\ListWizard 1.5.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Living Rivers ScreenSaver 2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Magic of Morning 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\mbx2eml_0.68.zip
c:\documents and settings\Usine\Application Data\m\shared\MD5_Com_Component_1.00_(Patch).zip
c:\documents and settings\Usine\Application Data\m\shared\MITCalc_-_Shaft_connection_1.15.zip
c:\documents and settings\Usine\Application Data\m\shared\Mixed In Key 1.2.6.0.zip
c:\documents and settings\Usine\Application Data\m\shared\MSDict_Oxford_Concise_Medical_Dictionary_(Symbian_Series_80)_2.40.zip
c:\documents and settings\Usine\Application Data\m\shared\My_CPU_1.13g.zip
c:\documents and settings\Usine\Application Data\m\shared\Myspace Friend Finder 1.7.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Nawras Files Splitter 4.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Note Pilot 1.00.zip
c:\documents and settings\Usine\Application Data\m\shared\NumberBox_ActiveX_1.4.zip
c:\documents and settings\Usine\Application Data\m\shared\OrbitGraph_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Outlook_Tools_2.8.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Panda.Antivirus..Platinum.7.zip
c:\documents and settings\Usine\Application Data\m\shared\Paper Grains Collection 1.0.1.zip
c:\documents and settings\Usine\Application Data\m\shared\Patchwork_1.1_(With_Crack).zip
c:\documents and settings\Usine\Application Data\m\shared\PDF To Image Converter 2.1.zip
c:\documents and settings\Usine\Application Data\m\shared\PhoneTray_Dialup_2.27_[With_Crack].zip
c:\documents and settings\Usine\Application Data\m\shared\Picture2Web_2.3.1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Power_Audio_CD_Burner_1.01_[KeyGen].zip
c:\documents and settings\Usine\Application Data\m\shared\PractiCount Toolbar Standard for MS Office 1.4.zip
c:\documents and settings\Usine\Application Data\m\shared\Private Post Reader 4.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Protect Folder Plus 2.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Proxy_Tab_0.99.zip
c:\documents and settings\Usine\Application Data\m\shared\Pyramid_1.4.1.zip
c:\documents and settings\Usine\Application Data\m\shared\R9 Barebone MPEG Multiplexer SDK 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Radio Canada toolbar for IE 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\RAMDisk 2.0.100.zip
c:\documents and settings\Usine\Application Data\m\shared\Refined_Elliot_Trader_1.0.9.zip
c:\documents and settings\Usine\Application Data\m\shared\Registry_Remember_1.00.zip
c:\documents and settings\Usine\Application Data\m\shared\Retirement_Savings_Planner_Personal_2004.8g.zip
c:\documents and settings\Usine\Application Data\m\shared\RSS Czech News Gray Bar 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Scanner_Recorder_(Scanrec)_1.9.zip
c:\documents and settings\Usine\Application Data\m\shared\Share360_Sync_for_Palm_OS_2.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Sigblaster 1.03.zip
c:\documents and settings\Usine\Application Data\m\shared\Sleep Player 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\SmartVersion 1.15 RC beta.zip
c:\documents and settings\Usine\Application Data\m\shared\SoftMirrorCopy_1.zip
c:\documents and settings\Usine\Application Data\m\shared\Solsoft NetfilterOne 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Spb_Imageer_Plus_1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\SpeakToText_2.35_build_25.zip
c:\documents and settings\Usine\Application Data\m\shared\Spelling_Tutor_6.7_[Serial].zip
c:\documents and settings\Usine\Application Data\m\shared\SQL Effects Clarity 1.3.6.zip
c:\documents and settings\Usine\Application Data\m\shared\SQL Server Data Access Components 4.00.zip
c:\documents and settings\Usine\Application Data\m\shared\Star_Trek_Voyager_-_Elite_Force_R.M.S._Titanic_map.zip
c:\documents and settings\Usine\Application Data\m\shared\SubCrawler 1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\TED for MSN Messenger 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\TopMail 2.0 With Crack.zip
c:\documents and settings\Usine\Application Data\m\shared\TracePlus_Web_Detective_(eBusiness_Edition)_4.20.zip
c:\documents and settings\Usine\Application Data\m\shared\TuneBar 1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\TYPO3 4.1.5.zip
c:\documents and settings\Usine\Application Data\m\shared\Universal_Unit_Convertor_1.0.zip
c:\documents and settings\Usine\Application Data\m\shared\Visual_Zip_Password_Recovery_Processor_6.2.zip
c:\documents and settings\Usine\Application Data\m\shared\Web_Dumper_2.2.3.zip
c:\documents and settings\Usine\Application Data\m\shared\Web_Form_Plugin_1.0_Serial.zip
c:\documents and settings\Usine\Application Data\m\shared\WebPad_2.6.1_(Key).zip
c:\documents and settings\Usine\Application Data\m\shared\WhatNext 1.17.11.21.zip
c:\documents and settings\Usine\Application Data\m\shared\Wild_Wild_West_demo.zip
c:\documents and settings\Usine\Application Data\m\shared\WinBit 1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\WinRAR_3.70_Final.zip
c:\documents and settings\Usine\Application Data\m\shared\WMV-9_Export_Component_for_Quicktime_2.zip
c:\documents and settings\Usine\Application Data\m\shared\WorldMerge_4.3_KeyGen.zip
c:\documents and settings\Usine\Application Data\m\shared\WSQ viewer 2.7.zip
c:\documents and settings\Usine\Application Data\m\shared\XP_Medic_1.2.zip
c:\documents and settings\Usine\Application Data\m\shared\YASA_DVD_to_VCD_Converter_3.2_build_036_(Serial).zip
c:\documents and settings\Usine\Application Data\m\srvlist.oct
c:\program files\AOL 9.0 VR\AOL.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\downld
c:\windows\system32\drivers\downld\102547562.exe
c:\windows\system32\drivers\downld\102550156.exe
c:\windows\system32\drivers\downld\102566781.exe
c:\windows\system32\drivers\downld\102567890.exe
c:\windows\system32\drivers\downld\102590281.exe
c:\windows\system32\drivers\downld\102594093.exe
c:\windows\system32\drivers\downld\102601296.exe
c:\windows\system32\drivers\downld\102621234.exe
c:\windows\system32\drivers\downld\102654296.exe
c:\windows\system32\drivers\downld\102673265.exe
c:\windows\system32\drivers\downld\102674750.exe
c:\windows\system32\drivers\downld\102680343.exe
c:\windows\system32\drivers\downld\102713625.exe
c:\windows\system32\drivers\downld\102739109.exe
c:\windows\system32\drivers\downld\117171750.exe
c:\windows\system32\drivers\downld\117183328.exe
c:\windows\system32\drivers\downld\117185046.exe
c:\windows\system32\drivers\downld\117202281.exe
c:\windows\system32\drivers\downld\117226859.exe
c:\windows\system32\drivers\downld\117268734.exe
c:\windows\system32\drivers\downld\117273531.exe
c:\windows\system32\drivers\downld\117305421.exe
c:\windows\system32\drivers\downld\117323875.exe
c:\windows\system32\drivers\downld\131750093.exe
c:\windows\system32\drivers\downld\131761031.exe
c:\windows\system32\drivers\downld\131763187.exe
c:\windows\system32\drivers\downld\131775687.exe
c:\windows\system32\drivers\downld\131801734.exe
c:\windows\system32\drivers\downld\131855984.exe
c:\windows\system32\drivers\downld\131862765.exe
c:\windows\system32\drivers\downld\131897843.exe
c:\windows\system32\drivers\downld\131909375.exe
c:\windows\system32\drivers\downld\146329156.exe
c:\windows\system32\drivers\downld\146330062.exe
c:\windows\system32\drivers\downld\146331468.exe
c:\windows\system32\drivers\downld\146349781.exe
c:\windows\system32\drivers\downld\146350890.exe
c:\windows\system32\drivers\downld\146357281.exe
c:\windows\system32\drivers\downld\146362859.exe
c:\windows\system32\drivers\downld\146367031.exe
c:\windows\system32\drivers\downld\146379765.exe
c:\windows\system32\drivers\downld\146408796.exe
c:\windows\system32\drivers\downld\146426203.exe
c:\windows\system32\drivers\downld\146431562.exe
c:\windows\system32\drivers\downld\146465671.exe
c:\windows\system32\drivers\downld\146475453.exe
c:\windows\system32\drivers\downld\14985328.exe
c:\windows\system32\drivers\downld\14988640.exe
c:\windows\system32\drivers\downld\15002968.exe
c:\windows\system32\drivers\downld\15004718.exe
c:\windows\system32\drivers\downld\15026703.exe
c:\windows\system32\drivers\downld\15049421.exe
c:\windows\system32\drivers\downld\15083343.exe
c:\windows\system32\drivers\downld\15101171.exe
c:\windows\system32\drivers\downld\15102640.exe
c:\windows\system32\drivers\downld\15107531.exe
c:\windows\system32\drivers\downld\15141734.exe
c:\windows\system32\drivers\downld\15156750.exe
c:\windows\system32\drivers\downld\160888750.exe
c:\windows\system32\drivers\downld\160895250.exe
c:\windows\system32\drivers\downld\160896531.exe
c:\windows\system32\drivers\downld\160906531.exe
c:\windows\system32\drivers\downld\160910515.exe
c:\windows\system32\drivers\downld\160924296.exe
c:\windows\system32\drivers\downld\160963750.exe
c:\windows\system32\drivers\downld\160968296.exe
c:\windows\system32\drivers\downld\161000234.exe
c:\windows\system32\drivers\downld\161010265.exe
c:\windows\system32\drivers\downld\162765.exe
c:\windows\system32\drivers\downld\163328.exe
c:\windows\system32\drivers\downld\174390.exe
c:\windows\system32\drivers\downld\175424687.exe
c:\windows\system32\drivers\downld\175427750.exe
c:\windows\system32\drivers\downld\175446687.exe
c:\windows\system32\drivers\downld\175447968.exe
c:\windows\system32\drivers\downld\175469937.exe
c:\windows\system32\drivers\downld\175496984.exe
c:\windows\system32\drivers\downld\175512656.exe
c:\windows\system32\drivers\downld\175523156.exe
c:\windows\system32\drivers\downld\175557921.exe
c:\windows\system32\drivers\downld\175570921.exe
c:\windows\system32\drivers\downld\176156.exe
c:\windows\system32\drivers\downld\183390.exe
c:\windows\system32\drivers\downld\189015.exe
c:\windows\system32\drivers\downld\189988093.exe
c:\windows\system32\drivers\downld\189996109.exe
c:\windows\system32\drivers\downld\189997156.exe
c:\windows\system32\drivers\downld\190014156.exe
c:\windows\system32\drivers\downld\190024546.exe
c:\windows\system32\drivers\downld\190043375.exe
c:\windows\system32\drivers\downld\190071171.exe
c:\windows\system32\drivers\downld\190086437.exe
c:\windows\system32\drivers\downld\190092000.exe
c:\windows\system32\drivers\downld\190124281.exe
c:\windows\system32\drivers\downld\190140546.exe
c:\windows\system32\drivers\downld\200421.exe
c:\windows\system32\drivers\downld\203640.exe
c:\windows\system32\drivers\downld\204564468.exe
c:\windows\system32\drivers\downld\204597562.exe
c:\windows\system32\drivers\downld\204599453.exe
c:\windows\system32\drivers\downld\204622890.exe
c:\windows\system32\drivers\downld\204628937.exe
c:\windows\system32\drivers\downld\204643125.exe
c:\windows\system32\drivers\downld\204684140.exe
c:\windows\system32\drivers\downld\204688937.exe
c:\windows\system32\drivers\downld\204723312.exe
c:\windows\system32\drivers\downld\204749890.exe
c:\windows\system32\drivers\downld\219166328.exe
c:\windows\system32\drivers\downld\219173468.exe
c:\windows\system32\drivers\downld\219174453.exe
c:\windows\system32\drivers\downld\219180750.exe
c:\windows\system32\drivers\downld\219202921.exe
c:\windows\system32\drivers\downld\219206828.exe
c:\windows\system32\drivers\downld\219234062.exe
c:\windows\system32\drivers\downld\219253312.exe
c:\windows\system32\drivers\downld\219261625.exe
c:\windows\system32\drivers\downld\219294828.exe
c:\windows\system32\drivers\downld\219305562.exe
c:\windows\system32\drivers\downld\221031.exe
c:\windows\system32\drivers\downld\225953.exe
c:\windows\system32\drivers\downld\228187.exe
c:\windows\system32\drivers\downld\229031.exe
c:\windows\system32\drivers\downld\233721328.exe
c:\windows\system32\drivers\downld\233725140.exe
c:\windows\system32\drivers\downld\233744515.exe
c:\windows\system32\drivers\downld\233745546.exe
c:\windows\system32\drivers\downld\233759437.exe
c:\windows\system32\drivers\downld\233771781.exe
c:\windows\system32\drivers\downld\233799625.exe
c:\windows\system32\drivers\downld\233814609.exe
c:\windows\system32\drivers\downld\233821343.exe
c:\windows\system32\drivers\downld\233854562.exe
c:\windows\system32\drivers\downld\233865546.exe
c:\windows\system32\drivers\downld\237734.exe
c:\windows\system32\drivers\downld\248281234.exe
c:\windows\system32\drivers\downld\248283625.exe
c:\windows\system32\drivers\downld\248302078.exe
c:\windows\system32\drivers\downld\248303437.exe
c:\windows\system32\drivers\downld\248316093.exe
c:\windows\system32\drivers\downld\248331250.exe
c:\windows\system32\drivers\downld\248360296.exe
c:\windows\system32\drivers\downld\248376515.exe
c:\windows\system32\drivers\downld\248382406.exe
c:\windows\system32\drivers\downld\248417296.exe
c:\windows\system32\drivers\downld\248429468.exe
c:\windows\system32\drivers\downld\250250.exe
c:\windows\system32\drivers\downld\260406.exe
c:\windows\system32\drivers\downld\267078.exe
c:\windows\system32\drivers\downld\269218.exe
c:\windows\system32\drivers\downld\275390.exe
c:\windows\system32\drivers\downld\277531.exe
c:\windows\system32\drivers\downld\280812.exe
c:\windows\system32\drivers\downld\292546.exe
c:\windows\system32\drivers\downld\292593.exe
c:\windows\system32\drivers\downld\29635765.exe
c:\windows\system32\drivers\downld\29654046.exe
c:\windows\system32\drivers\downld\29668312.exe
c:\windows\system32\drivers\downld\29670312.exe
c:\windows\system32\drivers\downld\29698359.exe
c:\windows\system32\drivers\downld\297000.exe
c:\windows\system32\drivers\downld\29713875.exe
c:\windows\system32\drivers\downld\29759781.exe
c:\windows\system32\drivers\downld\29761500.exe
c:\windows\system32\drivers\downld\29766781.exe
c:\windows\system32\drivers\downld\29801968.exe
c:\windows\system32\drivers\downld\29818875.exe
c:\windows\system32\drivers\downld\302812.exe
c:\windows\system32\drivers\downld\310562.exe
c:\windows\system32\drivers\downld\311468.exe
c:\windows\system32\drivers\downld\318296.exe
c:\windows\system32\drivers\downld\324421.exe
c:\windows\system32\drivers\downld\327046.exe
c:\windows\system32\drivers\downld\3283281.exe
c:\windows\system32\drivers\downld\3289109.exe
c:\windows\system32\drivers\downld\3305328.exe
c:\windows\system32\drivers\downld\3306859.exe
c:\windows\system32\drivers\downld\3321171.exe
c:\windows\system32\drivers\downld\3326703.exe
c:\windows\system32\drivers\downld\3345171.exe
c:\windows\system32\drivers\downld\3350421.exe
c:\windows\system32\drivers\downld\3390593.exe
c:\windows\system32\drivers\downld\3420578.exe
c:\windows\system32\drivers\downld\3422375.exe
c:\windows\system32\drivers\downld\3428343.exe
c:\windows\system32\drivers\downld\345812.exe
c:\windows\system32\drivers\downld\351031.exe
c:\windows\system32\drivers\downld\354390.exe
c:\windows\system32\drivers\downld\359140.exe
c:\windows\system32\drivers\downld\365046.exe
c:\windows\system32\drivers\downld\367875.exe
c:\windows\system32\drivers\downld\368968.exe
c:\windows\system32\drivers\downld\375171.exe
c:\windows\system32\drivers\downld\375593.exe
c:\windows\system32\drivers\downld\380843.exe
c:\windows\system32\drivers\downld\382187.exe
c:\windows\system32\drivers\downld\388578.exe
c:\windows\system32\drivers\downld\396828.exe
c:\windows\system32\drivers\downld\399500.exe
c:\windows\system32\drivers\downld\402484.exe
c:\windows\system32\drivers\downld\412156.exe
c:\windows\system32\drivers\downld\414593.exe
c:\windows\system32\drivers\downld\436328.exe
c:\windows\system32\drivers\downld\44248328.exe
c:\windows\system32\drivers\downld\44252000.exe
c:\windows\system32\drivers\downld\44266546.exe
c:\windows\system32\drivers\downld\44268562.exe
c:\windows\system32\drivers\downld\44277375.exe
c:\windows\system32\drivers\downld\44282312.exe
c:\windows\system32\drivers\downld\44289718.exe
c:\windows\system32\drivers\downld\44309187.exe
c:\windows\system32\drivers\downld\44359906.exe
c:\windows\system32\drivers\downld\44361859.exe
c:\windows\system32\drivers\downld\44367187.exe
c:\windows\system32\drivers\downld\44404000.exe
c:\windows\system32\drivers\downld\44416890.exe
c:\windows\system32\drivers\downld\449859.exe
c:\windows\system32\drivers\downld\450593.exe
c:\windows\system32\drivers\downld\453359.exe
c:\windows\system32\drivers\downld\453468.exe
c:\windows\system32\drivers\downld\471453.exe
c:\windows\system32\drivers\downld\472765.exe
c:\windows\system32\drivers\downld\473578.exe
c:\windows\system32\drivers\downld\474421.exe
c:\windows\system32\drivers\downld\479265.exe
c:\windows\system32\drivers\downld\480578.exe
c:\windows\system32\drivers\downld\483421.exe
c:\windows\system32\drivers\downld\484734.exe
c:\windows\system32\drivers\downld\485031.exe
c:\windows\system32\drivers\downld\490703.exe
c:\windows\system32\drivers\downld\512234.exe
c:\windows\system32\drivers\downld\512578.exe
c:\windows\system32\drivers\downld\514218.exe
c:\windows\system32\drivers\downld\521593.exe
c:\windows\system32\drivers\downld\525062.exe
c:\windows\system32\drivers\downld\531609.exe
c:\windows\system32\drivers\downld\538046.exe
c:\windows\system32\drivers\downld\561734.exe
c:\windows\system32\drivers\downld\573406.exe
c:\windows\system32\drivers\downld\588531.exe
c:\windows\system32\drivers\downld\58856968.exe
c:\windows\system32\drivers\downld\58866531.exe
c:\windows\system32\drivers\downld\58867718.exe
c:\windows\system32\drivers\downld\58880750.exe
c:\windows\system32\drivers\downld\58897906.exe
c:\windows\system32\drivers\downld\58943296.exe
c:\windows\system32\drivers\downld\58945281.exe
c:\windows\system32\drivers\downld\58949828.exe
c:\windows\system32\drivers\downld\58983406.exe
c:\windows\system32\drivers\downld\58995375.exe
c:\windows\system32\drivers\downld\602687.exe
c:\windows\system32\drivers\downld\73412718.exe
c:\windows\system32\drivers\downld\73414203.exe
c:\windows\system32\drivers\downld\73436390.exe
c:\windows\system32\drivers\downld\73437640.exe
c:\windows\system32\drivers\downld\73443593.exe
c:\windows\system32\drivers\downld\73450906.exe
c:\windows\system32\drivers\downld\73464203.exe
c:\windows\system32\drivers\downld\73493078.exe
c:\windows\system32\drivers\downld\73509500.exe
c:\windows\system32\drivers\downld\73510937.exe
c:\windows\system32\drivers\downld\73515609.exe
c:\windows\system32\drivers\downld\73552031.exe
c:\windows\system32\drivers\downld\73562187.exe
c:\windows\system32\drivers\downld\87979968.exe
c:\windows\system32\drivers\downld\87984296.exe
c:\windows\system32\drivers\downld\87996375.exe
c:\windows\system32\drivers\downld\87997296.exe
c:\windows\system32\drivers\downld\88009937.exe
c:\windows\system32\drivers\downld\88014046.exe
c:\windows\system32\drivers\downld\88035046.exe
c:\windows\system32\drivers\downld\88062140.exe
c:\windows\system32\drivers\downld\88078031.exe
c:\windows\system32\drivers\downld\88079734.exe
c:\windows\system32\drivers\downld\88083625.exe
c:\windows\system32\drivers\downld\88115359.exe
c:\windows\system32\drivers\downld\88125078.exe
c:\windows\system32\drivers\srosa.sys
c:\windows\system32\drivers\srosa2.sys
c:\windows\system32\drivers\winfilse.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-08 au 2008-12-08 ))))))))))))))))))))))))))))))))))))
.
2008-12-08 08:37 . 2008-12-08 08:37 <REP> d-------- c:\program files\Panda Security
2008-12-08 08:33 . 2008-12-08 08:33 <REP> d-------- c:\windows\BDOSCAN8
2008-12-05 14:05 . 2008-04-13 19:33 116,736 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-05 14:05 . 2001-08-23 17:47 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe
2008-12-05 14:05 . 2001-08-23 17:47 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe
2008-12-05 14:05 . 2001-08-23 17:47 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-05 14:05 . 2008-04-13 19:33 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll
2008-12-05 14:05 . 2001-08-23 17:47 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe
2008-12-05 14:04 . 2008-04-13 09:35 154,624 --a--c--- c:\windows\system32\dllcache\wlluc48.sys
2008-12-05 14:04 . 2001-08-23 17:05 35,402 --a--c--- c:\windows\system32\dllcache\wlandrv2.sys
2008-12-05 14:04 . 2008-04-13 09:34 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys
2008-12-05 14:04 . 2008-04-13 11:46 19,200 --a--c--- c:\windows\system32\dllcache\wstcodec.sys
2008-12-05 14:04 . 2001-08-17 20:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys
2008-12-05 14:04 . 2008-04-13 09:34 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys
2008-12-05 14:04 . 2008-04-13 11:36 8,832 --a--c--- c:\windows\system32\dllcache\wmiacpi.sys
2008-12-05 14:04 . 2008-04-13 19:33 8,192 --a--c--- c:\windows\system32\dllcache\wshirda.dll
2008-12-05 14:03 . 2001-08-17 21:28 771,581 --a--c--- c:\windows\system32\dllcache\winacisa.sys
2008-12-05 14:03 . 2001-08-17 21:28 701,386 --a--c--- c:\windows\system32\dllcache\wdhaalba.sys
2008-12-05 14:03 . 2001-08-23 17:47 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll
2008-12-05 14:03 . 2001-08-23 17:47 54,272 --a--c--- c:\windows\system32\dllcache\wiamsmud.dll
2008-12-05 14:03 . 2008-04-13 09:34 23,615 --a--c--- c:\windows\system32\dllcache\wch7xxnt.sys
2008-12-05 14:01 . 2001-08-17 21:28 604,253 --a--c--- c:\windows\system32\dllcache\vmodem.sys
2008-12-05 14:01 . 2001-08-17 21:28 397,502 --a--c--- c:\windows\system32\dllcache\vpctcom.sys
2008-12-05 14:01 . 2001-08-17 21:28 64,605 --a--c--- c:\windows\system32\dllcache\vvoice.sys
2008-12-05 14:01 . 2001-08-17 20:13 19,528 --a--c--- c:\windows\system32\dllcache\w840nd.sys
2008-12-05 14:00 . 2001-08-17 21:28 765,884 --a--c--- c:\windows\system32\dllcache\usrti.sys
2008-12-05 14:00 . 2001-08-17 21:28 687,999 --a--c--- c:\windows\system32\dllcache\usrwdxjs.sys
2008-12-05 14:00 . 2001-08-17 20:14 249,402 --a--c--- c:\windows\system32\dllcache\vinwm.sys
2008-12-05 14:00 . 2001-08-17 21:28 113,762 --a--c--- c:\windows\system32\dllcache\usrpda.sys
2008-12-05 14:00 . 2008-04-13 19:33 54,784 --a--c--- c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-05 14:00 . 2008-04-13 19:34 28,672 --a--c--- c:\windows\system32\dllcache\vidcap.ax
2008-12-05 14:00 . 2001-08-17 21:49 24,576 --a--c--- c:\windows\system32\dllcache\viairda.sys
2008-12-05 14:00 . 2008-04-13 19:33 11,325 --a--c--- c:\windows\system32\dllcache\vchnt5.dll
2008-12-05 13:59 . 2001-08-17 21:28 794,654 --a--c--- c:\windows\system32\dllcache\usr1801.sys
2008-12-05 13:59 . 2001-08-17 21:28 794,399 --a--c--- c:\windows\system32\dllcache\usr1806v.sys
2008-12-05 13:59 . 2001-08-17 21:28 793,598 --a--c--- c:\windows\system32\dllcache\usr1806.sys
2008-12-05 13:59 . 2001-08-17 21:28 224,802 --a--c--- c:\windows\system32\dllcache\usr1807a.sys
2008-12-05 13:59 . 2001-08-17 21:28 7,556 --a--c--- c:\windows\system32\dllcache\usroslba.sys
2008-12-05 13:58 . 2008-04-13 11:46 121,984 --a--c--- c:\windows\system32\dllcache\usbvideo.sys
2008-12-05 13:58 . 2001-08-23 17:47 94,720 --a--c--- c:\windows\system32\dllcache\umaxud32.dll
2008-12-05 13:58 . 2008-04-13 11:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2008-12-05 13:58 . 2008-04-13 18:55 32,384 --a--c--- c:\windows\system32\dllcache\usb101et.sys
2008-12-05 13:58 . 2008-04-13 11:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2008-12-05 13:58 . 2001-08-23 17:47 28,672 --a--c--- c:\windows\system32\dllcache\umaxu40.dll
2008-12-05 13:58 . 2001-08-23 17:47 27,136 --a--c--- c:\windows\system32\dllcache\umaxu22.dll
2008-12-05 13:58 . 2008-04-13 11:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2008-12-05 13:58 . 2008-04-13 11:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-12-05 13:58 . 2008-04-13 11:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2008-12-05 13:58 . 2008-04-13 11:56 12,800 --a--c--- c:\windows\system32\dllcache\usb8023x.sys
2008-12-05 13:57 . 2001-08-23 17:47 70,144 --a--c--- c:\windows\system32\dllcache\umaxu12.dll
2008-12-05 13:57 . 2001-08-23 17:47 50,688 --a--c--- c:\windows\system32\dllcache\umaxscan.dll
2008-12-05 13:57 . 2001-08-23 17:47 50,688 --a--c--- c:\windows\system32\dllcache\umaxp60.dll
2008-12-05 13:57 . 2001-08-23 17:47 47,616 --a--c--- c:\windows\system32\dllcache\umaxcam.dll
2008-12-05 13:57 . 2001-08-17 21:58 22,912 --a--c--- c:\windows\system32\dllcache\umaxpcls.sys
2008-12-05 13:56 . 2001-08-23 17:47 216,576 --a--c--- c:\windows\system32\dllcache\um34scan.dll
2008-12-05 13:56 . 2001-08-23 17:47 212,480 --a--c--- c:\windows\system32\dllcache\um54scan.dll
2008-12-05 13:56 . 2001-08-17 20:51 166,784 --a--c--- c:\windows\system32\dllcache\tridxpm.sys
2008-12-05 13:56 . 2008-04-13 11:36 44,672 --a--c--- c:\windows\system32\dllcache\uagp35.sys
2008-12-05 13:56 . 2001-08-17 21:52 36,736 --a--c--- c:\windows\system32\dllcache\ultra.sys
2008-12-05 13:56 . 2001-08-17 21:48 11,520 --a--c--- c:\windows\system32\dllcache\twotrack.sys
2008-12-05 13:55 . 2001-08-23 17:47 525,568 --a--c--- c:\windows\system32\dllcache\tridxp.dll
2008-12-05 13:55 . 2001-08-23 17:46 440,576 --a--c--- c:\windows\system32\dllcache\tridkb.dll
2008-12-05 13:55 . 2001-08-23 17:46 315,520 --a--c--- c:\windows\system32\dllcache\trid3d.dll
2008-12-05 13:55 . 2001-08-17 20:51 222,336 --a--c--- c:\windows\system32\dllcache\trid3dm.sys
2008-12-05 13:55 . 2001-08-17 20:51 159,232 --a--c--- c:\windows\system32\dllcache\tridkbm.sys
2008-12-05 13:54 . 2001-08-17 22:02 230,912 --a--c--- c:\windows\system32\dllcache\tosdvd03.sys
2008-12-05 13:54 . 2008-04-13 19:34 82,944 --a--c--- c:\windows\system32\dllcache\tp4mon.exe
2008-12-05 13:54 . 2001-08-23 17:46 43,520 --a--c--- c:\windows\system32\dllcache\tp4res.dll
2008-12-05 13:54 . 2001-08-17 20:12 34,375 --a--c--- c:\windows\system32\dllcache\tpro4.sys
2008-12-05 13:54 . 2001-08-23 17:47 31,744 --a--c--- c:\windows\system32\dllcache\tp4.dll
2008-12-05 13:54 . 2001-08-23 17:00 4,992 --a--c--- c:\windows\system32\dllcache\toside.sys
2008-12-05 13:53 . 2001-08-17 22:01 241,664 --a--c--- c:\windows\system32\dllcache\tosdvd02.sys
2008-12-05 13:53 . 2001-08-17 20:51 138,528 --a--c--- c:\windows\system32\dllcache\tgiulnt5.sys
2008-12-05 13:53 . 2001-08-17 20:14 123,995 --a--c--- c:\windows\system32\dllcache\tjisdn.sys
2008-12-05 13:53 . 2001-08-23 17:46 81,408 --a--c--- c:\windows\system32\dllcache\tgiul50.dll
2008-12-05 13:53 . 2001-08-17 20:10 28,232 --a--c--- c:\windows\system32\dllcache\tos4mo.sys
2008-12-05 13:52 . 2008-04-13 11:40 149,376 --a--c--- c:\windows\system32\dllcache\tffsport.sys
2008-12-05 13:52 . 2001-08-17 20:13 37,961 --a--c--- c:\windows\system32\dllcache\tdk100b.sys
2008-12-05 13:52 . 2001-08-17 20:50 36,640 --a--c--- c:\windows\system32\dllcache\t2r4mini.sys
2008-12-05 13:52 . 2001-08-17 21:49 30,464 --a--c--- c:\windows\system32\dllcache\tbatm155.sys
2008-12-05 13:52 . 2001-08-17 20:13 17,129 --a--c--- c:\windows\system32\dllcache\tdkcd31.sys
2008-12-05 13:52 . 2001-08-17 21:52 7,040 --a--c--- c:\windows\system32\dllcache\tandqic.sys
2008-12-05 13:51 . 2001-08-23 17:46 172,768 --a--c--- c:\windows\system32\dllcache\t2r4disp.dll
2008-12-05 13:51 . 2001-08-17 22:07 32,640 --a--c--- c:\windows\system32\dllcache\symc8xx.sys
2008-12-05 13:51 . 2001-08-17 22:07 30,688 --a--c--- c:\windows\system32\dllcache\sym_u3.sys
2008-12-05 13:51 . 2001-08-17 22:07 28,384 --a--c--- c:\windows\system32\dllcache\sym_hi.sys
2008-12-05 13:51 . 2001-08-17 22:07 16,256 --a--c--- c:\windows\system32\dllcache\symc810.sys
2008-12-05 13:50 . 2001-08-17 21:50 103,936 --a--c--- c:\windows\system32\dllcache\sx.sys
2008-12-05 13:50 . 2001-08-23 17:47 94,293 --a--c--- c:\windows\system32\dllcache\sxports.dll
2008-12-05 13:50 . 2001-08-23 17:47 10,240 --a--c--- c:\windows\system32\dllcache\swpidflt.dll
2008-12-05 13:50 . 2001-08-17 22:02 3,968 --a--c--- c:\windows\system32\dllcache\swusbflt.sys
2008-12-05 13:49 . 2001-08-23 16:57 286,848 --a--c--- c:\windows\system32\dllcache\stlnata.sys
2008-12-05 13:49 . 2001-08-23 17:47 155,648 --a--c--- c:\windows\system32\dllcache\stlnprop.dll
2008-12-05 13:49 . 2001-08-23 17:47 53,760 --a--c--- c:\windows\system32\dllcache\sw_wheel.dll
2008-12-05 13:49 . 2001-08-23 17:47 53,248 --a--c--- c:\windows\system32\dllcache\stlncoin.dll
2008-12-05 13:49 . 2001-08-23 17:47 41,472 --a--c--- c:\windows\system32\dllcache\sw_effct.dll
2008-12-05 13:49 . 2008-04-13 11:46 15,232 --a--c--- c:\windows\system32\dllcache\streamip.sys
2008-12-05 13:49 . 2001-08-23 17:47 10,240 --a--c--- c:\windows\system32\dllcache\swpdflt2.dll
2008-12-05 13:48 . 2001-08-23 17:47 99,840 --a--c--- c:\windows\system32\dllcache\srusd.dll
2008-12-05 13:48 . 2001-08-17 20:11 48,736 --a--c--- c:\windows\system32\dllcache\srwlnd5.sys
2008-12-05 13:48 . 2001-08-23 17:47 24,660 --a--c--- c:\windows\system32\dllcache\spxupchk.dll
2008-12-05 13:48 . 2001-08-23 16:57 17,024 --a--c--- c:\windows\system32\dllcache\stcusb.sys
2008-12-05 13:47 . 2001-08-23 17:47 114,688 --a--c--- c:\windows\system32\dllcache\sonypi.dll
2008-12-05 13:47 . 2001-08-23 17:47 106,584 --a--c--- c:\windows\system32\dllcache\spdports.dll
2008-12-05 13:47 . 2001-08-17 21:51 61,824 --a--c--- c:\windows\system32\dllcache\speed.sys
2008-12-05 13:47 . 2001-08-17 20:51 37,040 --a--c--- c:\windows\system32\dllcache\sonypi.sys
2008-12-05 13:47 . 2001-08-17 22:07 19,072 --a--c--- c:\windows\system32\dllcache\sparrow.sys
2008-12-05 13:47 . 2001-08-17 21:56 7,552 --a--c--- c:\windows\system32\dllcache\sonypvu1.sys
2008-12-05 13:46 . 2001-08-17 20:51 58,368 --a--c--- c:\windows\system32\dllcache\smiminib.sys
2008-12-05 13:46 . 2001-08-17 20:51 20,752 --a--c--- c:\windows\system32\dllcache\sonync.sys
2008-12-05 13:46 . 2001-08-17 21:53 9,600 --a--c--- c:\windows\system32\dllcache\sonymc.sys
2008-12-05 13:46 . 2008-04-13 11:40 7,552 --a--c--- c:\windows\system32\dllcache\sonyait.sys
2008-12-05 13:46 . 2001-08-17 21:53 7,040 --a--c--- c:\windows\system32\dllcache\snyaitmc.sys
2008-12-05 13:45 . 2001-08-23 17:46 147,200 --a--c--- c:\windows\system32\dllcache\smidispb.dll
2008-12-05 13:45 . 2001-08-23 17:21 36,937 --a--c--- c:\windows\system32\dllcache\smcirda.sys
2008-12-05 13:45 . 2001-08-17 20:12 25,034 --a--c--- c:\windows\system32\dllcache\smcpwr2n.sys
2008-12-05 13:45 . 2001-08-17 20:12 24,576 --a--c--- c:\windows\system32\dllcache\smc8000n.sys
2008-12-05 13:45 . 2001-08-17 21:57 6,784 --a--c--- c:\windows\system32\dllcache\smbhc.sys
2008-12-05 13:44 . 2001-08-23 17:47 45,568 --a--c--- c:\windows\system32\dllcache\smb3w.dll
2008-12-05 13:44 . 2001-08-23 17:47 33,792 --a--c--- c:\windows\system32\dllcache\smb0w.dll
2008-12-05 13:44 . 2001-08-23 17:47 28,672 --a--c--- c:\windows\system32\dllcache\sma0w.dll
2008-12-05 13:44 . 2001-08-23 17:47 28,160 --a--c--- c:\windows\system32\dllcache\sm91w.dll
2008-12-05 13:44 . 2008-04-13 11:36 16,000 --a--c--- c:\windows\system32\dllcache\smbbatt.sys
2008-12-05 13:44 . 2008-04-13 11:36 6,912 --a--c--- c:\windows\system32\dllcache\smbclass.sys
2008-12-05 13:44 . 2008-04-13 11:36 5,888 --a--c--- c:\windows\system32\dllcache\smbali.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 08:09 --------- d-----w c:\program files\Wanadoo
2008-11-24 15:47 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-21 07:30 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-21 07:30 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-11-20 15:13 --------- d-----w c:\program files\JavaSoft
2008-11-20 15:13 --------- d-----w c:\program files\ECI Telecom
2008-11-20 15:12 --------- d-----w c:\program files\Messager Wanadoo
2008-11-20 14:50 --------- d-----w c:\program files\Fichiers communs\ACD Systems
2008-11-20 14:50 --------- d-----w c:\program files\ACD Systems
2008-11-20 14:50 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-11-20 14:49 9,856 ----a-w c:\windows\system32\drivers\pfc.sys
2008-11-20 14:38 --------- d-----w c:\program files\microsoft frontpage
2008-11-20 14:34 --------- d-----w c:\program files\Services en ligne
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WooCnxMon"="c:\progra~1\Wanadoo\CnxMon.exe" [2002-11-12 24576]
"Demon"="c:\progra~1\MESSAG~1\Demon.exe" [2002-09-03 40960]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2002-11-12 20480]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\TaskbarIcon.exe" [2002-11-12 45056]
"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2008-11-18 325768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HostManager"="c:\program files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe" [2006-09-26 50736]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-12-05 79224]
"GSICONEXE"="GSICON.EXE" [2002-01-22 c:\windows\system32\gsicon.exe]
"DSLAGENTEXE"="dslagent.exe" [2002-01-22 c:\windows\system32\dslagent.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\Usine\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\1227626313\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Documents and Settings\\Usine\\Bureau\\widget_rire.exe"=
R2 SPAMfighter Update Service;SPAMfighter Update Service;"c:\program files\SPAMfighter\sfus.exe" [2008-11-18 184968]
S1 aswSP;avast! Self Protection; []
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys []
S2 gafwload;ECI Telecom USB ADSL Loader;c:\windows\system32\DRIVERS\gafwload.sys [2008-11-20 26987]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2008-12-08 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-AOL Fast Start - c:\program files\AOL 9.0 VR\AOL.EXE
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
c:\windows\Downloaded Program Files\OberonGameHost.dll - O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
hxxp://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
c:\windows\Downloaded Program Files\OberonGameHost_dbg.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 09:09:00
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\AOL\acs\AOLacsd.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2008-12-08 9:11:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-08 08:11:52
Avant-CF: 12,037,279,744 octets libres
Après-CF: 12,009,816,064 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
676 --- E O F --- 2008-11-21 08:32:16
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 09:19
8 déc. 2008 à 09:19
fais le message 1
J'ai fai le ccleaner voici rapport FindyKill :
----------------- FindyKill V4.707 ------------------
* User : Usine - ATELIER
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 06/12/08 par Chiquitine29
* Recherche effectuée à 9:24:22 le 08/12/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SPAMfighter\sfus.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\Demon.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\183390.EXE-1450E5FB.pf
Found ! - C:\WINDOWS\prefetch\189015.EXE-3AC22A14.pf
Found ! - C:\WINDOWS\prefetch\200421.EXE-1A5009AD.pf
Found ! - C:\WINDOWS\prefetch\292546.EXE-2BF24462.pf
Found ! - C:\WINDOWS\prefetch\297000.EXE-0874A76E.pf
Found ! - C:\WINDOWS\prefetch\345812.EXE-180C74C7.pf
Found ! - C:\WINDOWS\prefetch\359140.EXE-1477ED2A.pf
Found ! - C:\WINDOWS\prefetch\375171.EXE-23FF45F5.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0EF758ED.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SERIAL.EXE-22D4C7BD.pf
Found ! - C:\WINDOWS\Prefetch\SOLID CONVERTER PDF V2.2 KEYG-21225B31.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Usine\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\Usine\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Usine\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
WooCnxMon=C:\PROGRA~1\Wanadoo\CnxMon.exe
Demon=C:\PROGRA~1\MESSAG~1\Demon.exe
GSICONEXE=GSICON.EXE
DSLAGENTEXE=dslagent.exe USB
WOOWATCH=C:\PROGRA~1\Wanadoo\Watch.exe
WOOTASKBARICON=C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
SPAMfighter Agent="C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HostManager=C:\Program Files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=
[HKEY_CURRENT_USER\software\local appwizard-generated applications\AOL]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\serial]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
EapHost - Type de démarrage = 3
/!\ Ip6Fw - Type de démarrage = 4
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
----------------- FindyKill V4.707 ------------------
* User : Usine - ATELIER
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 06/12/08 par Chiquitine29
* Recherche effectuée à 9:24:22 le 08/12/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SPAMfighter\sfus.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\Demon.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\183390.EXE-1450E5FB.pf
Found ! - C:\WINDOWS\prefetch\189015.EXE-3AC22A14.pf
Found ! - C:\WINDOWS\prefetch\200421.EXE-1A5009AD.pf
Found ! - C:\WINDOWS\prefetch\292546.EXE-2BF24462.pf
Found ! - C:\WINDOWS\prefetch\297000.EXE-0874A76E.pf
Found ! - C:\WINDOWS\prefetch\345812.EXE-180C74C7.pf
Found ! - C:\WINDOWS\prefetch\359140.EXE-1477ED2A.pf
Found ! - C:\WINDOWS\prefetch\375171.EXE-23FF45F5.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0EF758ED.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\SERIAL.EXE-22D4C7BD.pf
Found ! - C:\WINDOWS\Prefetch\SOLID CONVERTER PDF V2.2 KEYG-21225B31.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Usine\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\Usine\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Usine\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
WooCnxMon=C:\PROGRA~1\Wanadoo\CnxMon.exe
Demon=C:\PROGRA~1\MESSAG~1\Demon.exe
GSICONEXE=GSICON.EXE
DSLAGENTEXE=dslagent.exe USB
WOOWATCH=C:\PROGRA~1\Wanadoo\Watch.exe
WOOTASKBARICON=C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
SPAMfighter Agent="C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HostManager=C:\Program Files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=
[HKEY_CURRENT_USER\software\local appwizard-generated applications\AOL]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\serial]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winfilse]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
EapHost - Type de démarrage = 3
/!\ Ip6Fw - Type de démarrage = 4
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 09:34
8 déc. 2008 à 09:34
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
________________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
________________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 09:44
8 déc. 2008 à 09:44
----------------- FindyKill V4.707 ------------------
* User : Usine - ATELIER
* executed from : C:\Program Files\FindyKill
* Update on 06/12/08 par Chiquitine29
* Start at 9:41:26 the 08/12/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\SPAMfighter\sfus.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\183390.EXE-1450E5FB.pf
Deleted ! - C:\WINDOWS\prefetch\189015.EXE-3AC22A14.pf
Deleted ! - C:\WINDOWS\prefetch\200421.EXE-1A5009AD.pf
Deleted ! - C:\WINDOWS\prefetch\292546.EXE-2BF24462.pf
Deleted ! - C:\WINDOWS\prefetch\297000.EXE-0874A76E.pf
Deleted ! - C:\WINDOWS\prefetch\345812.EXE-180C74C7.pf
Deleted ! - C:\WINDOWS\prefetch\359140.EXE-1477ED2A.pf
Deleted ! - C:\WINDOWS\prefetch\375171.EXE-23FF45F5.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-0EF758ED.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\SERIAL.EXE-22D4C7BD.pf
Deleted ! - C:\WINDOWS\prefetch\SOLID CONVERTER PDF V2.2 KEYG-21225B31.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Usine\Application Data
»»»» Supression files in C:\DOCUME~1\Usine\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Usine\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\winfilse
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\Usine\Favoris\Antivirus\[RS] Kaspersky Internet Security v7.0.2.407 [ FiNaL ] + Crack ¯ Movizdb.com (Films,E-book,Logiciel,livre) avec [RS][MU][FREE][F.url
---------------- ! End of report ! ------------------
* User : Usine - ATELIER
* executed from : C:\Program Files\FindyKill
* Update on 06/12/08 par Chiquitine29
* Start at 9:41:26 the 08/12/2008
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\SPAMfighter\sfus.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\183390.EXE-1450E5FB.pf
Deleted ! - C:\WINDOWS\prefetch\189015.EXE-3AC22A14.pf
Deleted ! - C:\WINDOWS\prefetch\200421.EXE-1A5009AD.pf
Deleted ! - C:\WINDOWS\prefetch\292546.EXE-2BF24462.pf
Deleted ! - C:\WINDOWS\prefetch\297000.EXE-0874A76E.pf
Deleted ! - C:\WINDOWS\prefetch\345812.EXE-180C74C7.pf
Deleted ! - C:\WINDOWS\prefetch\359140.EXE-1477ED2A.pf
Deleted ! - C:\WINDOWS\prefetch\375171.EXE-23FF45F5.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-0EF758ED.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\SERIAL.EXE-22D4C7BD.pf
Deleted ! - C:\WINDOWS\prefetch\SOLID CONVERTER PDF V2.2 KEYG-21225B31.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Usine\Application Data
»»»» Supression files in C:\DOCUME~1\Usine\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Usine\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\serial
Deleted ! - HKEY_USERS\S-1-5-21-583907252-1958367476-1417001333-1003\Software\Local AppWizard-Generated Applications\winfilse
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Cracks / Keygen ] ----------------
C:\Documents and Settings\Usine\Favoris\Antivirus\[RS] Kaspersky Internet Security v7.0.2.407 [ FiNaL ] + Crack ¯ Movizdb.com (Films,E-book,Logiciel,livre) avec [RS][MU][FREE][F.url
---------------- ! End of report ! ------------------
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 09:46
8 déc. 2008 à 09:46
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:46:23, on 08/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12659650-C08B-477E-A96C-3EFA4AD373C4}: NameServer = 80.10.246.130 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{12659650-C08B-477E-A96C-3EFA4AD373C4}: NameServer = 80.10.246.130 81.253.149.10
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Scan saved at 09:46:23, on 08/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\MESSAG~1\Demon.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1227626313\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12659650-C08B-477E-A96C-3EFA4AD373C4}: NameServer = 80.10.246.130 81.253.149.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{12659650-C08B-477E-A96C-3EFA4AD373C4}: NameServer = 80.10.246.130 81.253.149.10
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 09:48
8 déc. 2008 à 09:48
vire ce crack:
C:\Documents and Settings\Usine\Favoris\Antivirus\[RS] Kaspersky Internet Security v7.0.2.407 [ FiNaL ] + Crack ¯ Movizdb.com (Films,E-book,Logiciel,livre) avec [RS][MU][FREE][F.url
_________________
scan avec
MalwareByte's Anti-Malware en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
___________________
colle le rapport d'un scan en ligne
avec un des suivants:
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
C:\Documents and Settings\Usine\Favoris\Antivirus\[RS] Kaspersky Internet Security v7.0.2.407 [ FiNaL ] + Crack ¯ Movizdb.com (Films,E-book,Logiciel,livre) avec [RS][MU][FREE][F.url
_________________
scan avec
MalwareByte's Anti-Malware en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
___________________
colle le rapport d'un scan en ligne
avec un des suivants:
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 09:57
8 déc. 2008 à 09:57
Il n'y a pas de crack kaspersky mon antiirus est avast sa c un lien sur une parge internet je sais pas pk c la!!
Sinon mode normal c rapide? ou complet?
J'ai lancer un examen complet
Sinon mode normal c rapide? ou complet?
J'ai lancer un examen complet
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 10:23
8 déc. 2008 à 10:23
oui complet
et vire dans ce cas par la suite avast si tu paye kaspersky comme ceci
https://www.avast.com/fr-fr/uninstall-utility
et vire dans ce cas par la suite avast si tu paye kaspersky comme ceci
https://www.avast.com/fr-fr/uninstall-utility
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 10:34
8 déc. 2008 à 10:34
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1474
Windows 5.1.2600 Service Pack 3
08/12/2008 10:34:08
mbam-log-2008-12-08 (10-34-08).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 98779
Temps écoulé: 30 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 12
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\srosa2.sys.vir (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014586.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014612.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014765.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014653.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014792.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015848.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016651.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016658.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016665.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021308.sys (Worm.Bagel) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP29\A0012326.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Version de la base de données: 1474
Windows 5.1.2600 Service Pack 3
08/12/2008 10:34:08
mbam-log-2008-12-08 (10-34-08).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 98779
Temps écoulé: 30 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 12
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\srosa2.sys.vir (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014586.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014612.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014765.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014653.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014792.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015848.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016651.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016658.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016665.sys (Worm.Bagel) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021308.sys (Worm.Bagel) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP29\A0012326.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 10:38
8 déc. 2008 à 10:38
ok j'attends le scan en ligne
par la suite:
vire ce qui est dans le dossier quarantine en allant dans poste de travail puis
C:\Qoobox\Quarantine\
et vire dans ce cas par la suite avast si tu paye kaspersky comme ceci
https://www.avast.com/fr-fr/uninstall-utility
par la suite:
vire ce qui est dans le dossier quarantine en allant dans poste de travail puis
C:\Qoobox\Quarantine\
et vire dans ce cas par la suite avast si tu paye kaspersky comme ceci
https://www.avast.com/fr-fr/uninstall-utility
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 10:42
8 déc. 2008 à 10:42
Je n'ai pas kaspersky et je ne le paye pas c avast qui est installer je l'ai virer je le reinstallerai apres
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 10:45
8 déc. 2008 à 10:45
ok dans ce cas tu vire le crack et avast aussi pour le remettre après
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 10:50
8 déc. 2008 à 10:50
Sa en est a 27% deja 14 fichiers infectés
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 10:54
8 déc. 2008 à 10:54
ok
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 11:23
8 déc. 2008 à 11:23
30% 112 fichiers infectés.
Je part a midi je revien a 13h30 je laisse tourné en attendant
Je part a midi je revien a 13h30 je laisse tourné en attendant
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 11:26
8 déc. 2008 à 11:26
ok
estevecig
Messages postés
124
Date d'inscription
samedi 26 novembre 2005
Statut
Membre
Dernière intervention
17 décembre 2016
2
8 déc. 2008 à 13:38
8 déc. 2008 à 13:38
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-12-08 13:34:17
PROTECTIONS: 0
MALWARE: 20
SUSPECTS: 2
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00123310 HackTool/SRunner.B HackTools No 0 Yes No E:\Sannier\Westerstrand\Wint logiciel synchro pc\SERVICE.ZIP[instsrv.exe]
00123310 HackTool/SRunner.B HackTools No 0 Yes No E:\Sannier\Westerstrand\D7 Synchro PC\W95W98NT\SERVICE.ZIP[instsrv.exe]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@doubleclick[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@tradedoubler[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@mediaplex[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@xiti[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@apmebf[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@weborama[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@weborama[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@advertising[1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@statse.webtrendslive[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@smartadserver[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@smartadserver[1].txt
00452915 W32/Bagle.TO.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021247.exe
00452915 W32/Bagle.TO.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021210.exe
00452915 W32/Bagle.TO.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021229.exe
00462995 Trj/Passtealer.HV Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021167.exe
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021333.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021318.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0020335.sys
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021310.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015856.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015857.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021302.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021300.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021299.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016930.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016931.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016932.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014804.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021289.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021036.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021037.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021038.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021040.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021049.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021058.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021287.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021069.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021070.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021311.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021073.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021286.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021082.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021084.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021093.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021094.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021274.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021312.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021114.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021115.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021119.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021120.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021122.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014599.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021132.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021133.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021142.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021145.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021258.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021158.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021160.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021249.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021071.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021170.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021172.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021248.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021185.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014598.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021190.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021240.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021199.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021239.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021208.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021209.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014597.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021212.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021216.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021238.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021219.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021233.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021223.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021224.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021227.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021228.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021108.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021127.exe
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014613.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014654.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014766.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014793.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015849.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016652.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016659.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016666.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014587.sys
02913360 W32/Bagle.SP.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021184.exe
03919043 Generic Malware Virus/Trojan No 0 Yes No D:\Logiciels\ACD 6.0 powerpack\SetupPowerpackRetail\Files\KEYGEN.EXE
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021104.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021033.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021296.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021155.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021165.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021079.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021187.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021191.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021205.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021218.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021235.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021283.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021066.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021220.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location ]
;===================================================================================================================================================================================
No C:\Documents and Settings\Usine\Bureau\Maintenance et Antivirus\Combo-1Fix.exe ] ]
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description ]
;===================================================================================================================================================================================
;===================================================================================================================================================================================
ANALYSIS: 2008-12-08 13:34:17
PROTECTIONS: 0
MALWARE: 20
SUSPECTS: 2
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00123310 HackTool/SRunner.B HackTools No 0 Yes No E:\Sannier\Westerstrand\Wint logiciel synchro pc\SERVICE.ZIP[instsrv.exe]
00123310 HackTool/SRunner.B HackTools No 0 Yes No E:\Sannier\Westerstrand\D7 Synchro PC\W95W98NT\SERVICE.ZIP[instsrv.exe]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@doubleclick[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@tradedoubler[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@mediaplex[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@xiti[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@apmebf[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@weborama[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@weborama[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@advertising[1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@statse.webtrendslive[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@smartadserver[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Usine\Cookies\usine@smartadserver[1].txt
00452915 W32/Bagle.TO.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021247.exe
00452915 W32/Bagle.TO.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021210.exe
00452915 W32/Bagle.TO.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021229.exe
00462995 Trj/Passtealer.HV Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021167.exe
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021333.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021318.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0020335.sys
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021310.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015856.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015857.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021302.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021300.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021299.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016930.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016931.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016932.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014804.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021289.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021036.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021037.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021038.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021040.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021049.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021058.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021287.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021069.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021070.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021311.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021073.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021286.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021082.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021084.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021093.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021094.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021274.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021312.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021114.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021115.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021119.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021120.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021122.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014599.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021132.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021133.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021142.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021145.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021258.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021158.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021160.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021249.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021071.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021170.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021172.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021248.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021185.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014598.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021190.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021240.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021199.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021239.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021208.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021209.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014597.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021212.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021216.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021238.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021219.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021233.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021223.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021224.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021227.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021228.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021108.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021127.exe
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014613.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014654.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014766.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014793.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0015849.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016652.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016659.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0016666.sys
02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP42\A0014587.sys
02913360 W32/Bagle.SP.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021184.exe
03919043 Generic Malware Virus/Trojan No 0 Yes No D:\Logiciels\ACD 6.0 powerpack\SetupPowerpackRetail\Files\KEYGEN.EXE
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021104.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021033.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021296.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021155.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021165.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021079.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021187.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021191.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021205.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021218.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021235.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021283.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021066.exe
04150964 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C593EEEE-7F5F-4990-89E1-46C9E78C3538}\RP43\A0021220.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location ]
;===================================================================================================================================================================================
No C:\Documents and Settings\Usine\Bureau\Maintenance et Antivirus\Combo-1Fix.exe ] ]
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description ]
;===================================================================================================================================================================================
;===================================================================================================================================================================================
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 déc. 2008 à 13:40
8 déc. 2008 à 13:40
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)
:files
E:\Sannier\Westerstrand\Wint logiciel synchro pc\SERVICE.ZIP
E:\Sannier\Westerstrand\D7 Synchro PC\W95W98NT\SERVICE.ZIP
D:\Logiciels\ACD 6.0 powerpack\SetupPowerpackRetail\Files\KEYGEN.EXE
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)
:files
E:\Sannier\Westerstrand\Wint logiciel synchro pc\SERVICE.ZIP
E:\Sannier\Westerstrand\D7 Synchro PC\W95W98NT\SERVICE.ZIP
D:\Logiciels\ACD 6.0 powerpack\SetupPowerpackRetail\Files\KEYGEN.EXE
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.