Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Infection Bagle

Nangedechu
 Partager

Messages recommandés

Nangedechu Junior Member

Nangedechu

Posté(e)
Posté(e)

Bonjour,

 

j'ai un pc infecté par Bagle, j'ai donc fais un scan avec combofix et il me faudrais un coup de main pour interpréter le rapport s'il vous plait =)

Merci beaucoup

 

 

voici le Rapport :

 

ComboFix 10-03-13.03 - docteur micro 14/03/2010 17:43:10.1.2 - x86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.748 [GMT 1:00]

Lancé depuis: C:\Chris2406.exe

AV: avast! antivirus 4.8.1335 [VPS 100225-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

* Un nouveau point de restauration a été créé

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\All Users\Application Data\srcheng\srCHeng.dll

c:\documents and settings\docteur micro\Application Data\addon.dat

c:\documents and settings\docteur micro\Application Data\dllhst3g.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld

c:\documents and settings\docteur micro\Application Data\drivers\downld\570656.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\582390.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\603156.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\607593.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\618890.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\624375.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\628796.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\634343.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\685640.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\688531.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\690843.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\708296.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\719703.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\728281.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\730296.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\734953.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\749250.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\751750.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\755390.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\757015.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\770609.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\771640.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\774953.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\776671.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\791906.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\792718.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\795875.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\799500.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\813468.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\815718.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\818703.exe

c:\documents and settings\docteur micro\Application Data\drivers\downld\820468.exe

c:\documents and settings\docteur micro\Application Data\drivers\winupgro.exe

c:\documents and settings\docteur micro\Application Data\m

c:\documents and settings\docteur micro\Application Data\m\data.oct

c:\documents and settings\docteur micro\Application Data\m\flec006.exe

c:\documents and settings\docteur micro\Application Data\m\list.oct

c:\documents and settings\docteur micro\Application Data\m\shared\3D Exploration v1.5.3 Keyfile.zip

c:\documents and settings\docteur micro\Application Data\m\shared\3D Hard Core (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\3D Night Viper (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\A.I.O Cool Converter Products by FOFF.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Acoustica MP3 Audio Mixer v2.43 by TSRh.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Acronis True Image Enterprise Server v8.0.1143 Russian Incl Keymaker by ZWT.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ActiveFax Server 3.86.193 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Actual Search And Replace v2.6.31 Regged by UnderPl.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Add-Remove Plus! 2002 v3.0 by TNT.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Add-Remove Plus! 2002 v3.2 NEW.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Addendum Software Batch Print v4.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Advanced Fabrication 4.0 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Advanced Find and Replace v1.5 by SND.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Aesop GIF Creator 1.02.302 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Alba Extractor v0.3.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Alchemist 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Alive MP3 CD Burner v1.2.9.2 by UCF.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ALL APT Software Multikeygen by AT4RE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\All Video to VCD SVCD DVD Converter v1.0.0 by ViRiLiTY.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Allead DVD to iPod Converter 2.3.6.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Allok AVI to DVD SVCD VCD Converter v1.3.8 WinALL Incl Keygen by ViRiLiTY.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Apex RM RMVB Converter v5.72 by iNDUCT.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ArGoSoft Mail Server Pro 1.8.4.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\articuCAD DWG DXF to PDF Converter 3.5.3.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Ashampoo WinOptimizer v5.04 by AT4RE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Asp HTTP 2.5 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\ASPAccelerator NET 2.02.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ASPNetVideo 2.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ASSolutions Multi Browser 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\AutoTag 7.1.24.0 patch.zip

c:\documents and settings\docteur micro\Application Data\m\shared\BallSwapper v1.05.1 by ORiON.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Barcode Maker 3.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Batch FTP Upload Synchronizer v2008.0.1230.1047 by AHCU.zip

c:\documents and settings\docteur micro\Application Data\m\shared\BayGenie 3.3.1.8.zip

c:\documents and settings\docteur micro\Application Data\m\shared\BDB Developer Edition 3.0 keygen.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Bestel PSP Video Converter 3.1.2-key.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Birds of the Prairie 3D 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Black Hawk Down SAVEGAME.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Break Ball 2 Gold v1.55 by EMBRACE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Button Farm 2.4 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\C&C Generals v1.05 MP [ENGLISH] No-CD Fixed EXE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Caligari Truespace 5.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Canam Software XML Composer v2.3.0.105 WinALL Regged by BLiZZARD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\CaptureMAX v2.5.1062 WinALL by QUARTEX.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Cepstral Swifttalker with Frank v3.3.2 MacOSX Incl Keygen by BRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\CINEMA 4D Thinking Particles 8.0 for Mac.zip

c:\documents and settings\docteur micro\Application Data\m\shared\CinePlayer Editor 1.4.5 Trial by Koja.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ClockDummy! 2.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ColorImpact v2.8.1.378 by DiGERATi.zip

c:\documents and settings\docteur micro\Application Data\m\shared\CompreXX mark 2 HEROISM Release 4.1.2003.7652 SP13 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\CompuPic Pro 6.22.1315 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\ConceptDraw Mindmap Professional v5.12.zip

c:\documents and settings\docteur micro\Application Data\m\shared\CooTek TouchPal v3.5 Retail for PocketPC by RLYEH.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Corel Draw 6.0 for Mac.zip

c:\documents and settings\docteur micro\Application Data\m\shared\CPUID HWMonitor Pro v1.05 by CORE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Cute 3GP Video Converter v1.40 Keygen by PGTeam.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Das Schwarze Auge Drakensang v1.0 [GERMAN] Fixed EXE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\DialogBlocks v2.07 ANSI Linux Incl Keymaker by AGAiN.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Digital Anarchy Backdrop Designer v1.2.2 for Adobe Photoshop.zip

c:\documents and settings\docteur micro\Application Data\m\shared\DiskSpaceFree v7.1 WinALL CrackedOMS.zip

c:\documents and settings\docteur micro\Application Data\m\shared\DivX Pro Video Bundle v5.0 by Nuno Almeida.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Dot Matrix Pilot 2.18 (crack).zip

c:\documents and settings\docteur micro\Application Data\m\shared\dtNotes v2.4.zip

c:\documents and settings\docteur micro\Application Data\m\shared\DVD to VCD Converter Plus 2.00.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Easy Disk Drive Safeguard v2.01.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Ecard Magic v2.0 by CAT.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Elite Software ECA v4.0.13 Keyfilemaker Only by AGAiN.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Email Extractor 3.0.2 for Mac (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Evidence Exterminator v2.6 by iNFECTiON.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ExcelCube 4.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\F-Secure SSH Client 4.1 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Film Tracker 2.1 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Fine Print Enterprise Edition v5.30 by FRENCH-BS.zip

c:\documents and settings\docteur micro\Application Data\m\shared\FinePrint pdfFactory 1.57 Slovak.zip

c:\documents and settings\docteur micro\Application Data\m\shared\FireStorm-DAO Standard Edition v2.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Fix Registry Errors 3.0.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Focus Photoeditor v4.4.0.11 Incl Keymaker by ACME.zip

c:\documents and settings\docteur micro\Application Data\m\shared\FolderMatch v3.3.5.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Fractopia ScreenSaver v1.0.05B.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Frogmore Computer Services Mail Print v2.1.2286 Professional Edition by CRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\FRx Financial Reporter for Microsoft Great Plains Dynamics 6.5 Retail (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\FunMemo 1.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Gameloft Midnight Darts v1.0.5 Retail for SymbianOS S40 JAVA 128x160 by RLYEH.zip

c:\documents and settings\docteur micro\Application Data\m\shared\GdTwain Pro SDK Twain ActiveX Control 2.1.4.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Gear 3.22 for OS-2 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Giant Disc Cleaner v1.9.8 by SND.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Global Mapper v4.56.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Global Operations.zip

c:\documents and settings\docteur micro\Application Data\m\shared\GlobFX Composer 1.0.9.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Graffix Trackplan Tools v10.0.5 for Illustrator by SCOTCH.zip

c:\documents and settings\docteur micro\Application Data\m\shared\GREmailRobot v1.5.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Hotkey Master 1.5 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\HTML Batch Editor Professional 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\IC Capture 2.0.1.485.zip

c:\documents and settings\docteur micro\Application Data\m\shared\IceXX 2.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\IconCool Editor v3.4 build 21126.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ICUII Video Chat 6.02 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\ID Devices Lock v1.2 WinAll Cracked by CRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ID Install Watch v1.2 Crack.zip

c:\documents and settings\docteur micro\Application Data\m\shared\IDAutomation Universal Barcode Font 8.4.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Image Thumbnailer and Converter 2.23 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\ImportER Scripts for DeZign 1.3.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Intaglio 1.9.1 for Mac.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Intergraph RIS NT DB2 Data Server.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Internet Velocity v1.5.00 Serial.zip

c:\documents and settings\docteur micro\Application Data\m\shared\InterVideo WinDVD Platinum v5.3.5.22.zip

c:\documents and settings\docteur micro\Application Data\m\shared\InterVocative Soft DVD Profiler.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ISS BlackICE Server Protection v3.6 cpe Incl Keymaker by Core.zip

c:\documents and settings\docteur micro\Application Data\m\shared\jgui phone profiles second edition 7.0 pocketpc serial by TSRh.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Joboshare DVD to WMV Converter 2.6.3.0609.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Juiced v1.0 +2 TRAINER.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Karaoke Dream 1.24.zip

c:\documents and settings\docteur micro\Application Data\m\shared\KC Softwares KML v3.34.353 by BRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Keno 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Keycorder 1.00.zip

c:\documents and settings\docteur micro\Application Data\m\shared\KeyloggerPro v1.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\KLS Backup 2006 Professional v2.0.0.2 by ViRiLiTY.zip

c:\documents and settings\docteur micro\Application Data\m\shared\LabDevTools 1.9 CrAcKed.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Lavalys EVEREST Corporate Edition v3.00.626 Incl KeyfileMaker by DVT.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Lettra v2.10.0610 by FALLEN.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Lock For File v1.5 Russian Regged WinAll by CPHV.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Lotto007 XP 2005 v3.7 WinALL by BRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Magix Cleaning Lab E-Version German by MP2K.zip

c:\documents and settings\docteur micro\Application Data\m\shared\MailBell 2.08 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Margin Analysis 1.0.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\MED Text Editor v2.20.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Media Force M3 Ringtones v1.0.2 HAPPY HALLOWEEN by CRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Menu Creator v4.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Message Box Maker 1.1.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\MicroCalendar 2.0.1.19 crack.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Microsoft Business Portal v2.5 for Great Plains v8.0 REPACK by tDk.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Microviet Real Time Downloader 4.0 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Midi to MP3 Maker 3.0.65 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\MightyFax v3.35 by ViRiLiTY.zip

c:\documents and settings\docteur micro\Application Data\m\shared\MobiMate 3.1 for PalmOS (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\MP3 CD Extractor v1.02 by SND.zip

c:\documents and settings\docteur micro\Application Data\m\shared\MSC Dytran 2005 Linux by AGAiN.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Nature One Special Edition 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\NCH Express Burn v1.07 Keygen Only by ORiON.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Need forSpeed 5 (Porsche Unleased) (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\NetDL 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Neusciences Neuframe 4.0.1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\NewName Pro 1.54.zip

c:\documents and settings\docteur micro\Application Data\m\shared\NoaXs 2.6.9.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Nucleus Kernel MS Publisher Recovery v4.04.01 Incl Keygen by Lz0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Offline Explorer v2.1 build 753 by UOG.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Online TV Player v2.6 WinALL Cracked by DVT.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Operation Sting Retail for SymbianOS S60v1 JAVA by RLYEH.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Outlook Extract Email Data Software 7.0 keygen.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PageView PCL5e 2.8.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Passware WordPerfect Password Recovery Key 6.3.785 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\PasteMaster v2.00.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PayRoll 2004 v8.0.1.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PCIScope v3.00.002 by DiGERATi.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PCQ Assistant v1.0.37 Incl Keygen by UCF.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PDF Converter v3.6 by EPS.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PieceOfCake 2.2.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PNG MNG Construction Set v2.0a 34 by AGAiN.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Polystyle 3.3u.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PolyView 2.90.3 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Potion Factory Tangerine v1.1 Mac OSX PPC Regged by CRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Power Edit v2.12.zip

c:\documents and settings\docteur micro\Application Data\m\shared\PowerDVD 6 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\PRIME Doc Launcher 1.00.0025 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\PTZ Controller v2.0.105 by TOaO.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Puppet Master (PuppetMaster) Retail for Pocket PC and PC Full by RLYEH.zip

c:\documents and settings\docteur micro\Application Data\m\shared\RA 5 Card Dash (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\RealNetworks RealPlayer SP v1.0 Crack 2 by BetaMaster.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Reset v5.02.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SB Log 1.8.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Secret Barcoder Ring v2.1.7 WinAll Incl Keygen by HS.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Section 8 v1.0 +7 TRAINER.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ServiceQuery 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Simone 2.1 X for Mac.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SiSoft Sandra Standard 2000 v7.6.4.9 by Skywalker.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SlimFTPd 3.0 Beta 6 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\smart movie converter 2.63 for Symbian.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Smasher 2.9.58 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Snow In The Park Demo Screensaver 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SoftTidier 1.1.0.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Soldier of Fortune 2 CD-2-DVD CONVERSION.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SourcePublisher for C Plus Plus v1.4.356b Incl Keygen by Lz0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SpamGunner 1.00.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SpiceLink 1.00.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Spy Emergency 2005 v2.0.300 by BRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\StayAlive v2.1.zip

c:\documents and settings\docteur micro\Application Data\m\shared\StockPoint 1.2 Build 1.2.2.8.zip

c:\documents and settings\docteur micro\Application Data\m\shared\StopCop Popup Blocker 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\SureType 2.5.zip

c:\documents and settings\docteur micro\Application Data\m\shared\System Mechanic v3.6e Industrial.zip

c:\documents and settings\docteur micro\Application Data\m\shared\System Mechanics 5 5 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Tansee iPod Transfer 5.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Teleport Pro 1.29 Build 2020.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Text Studio 1.1 by EVC.zip

c:\documents and settings\docteur micro\Application Data\m\shared\TextDB 3.01 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\The Matrix Path Of Neo SAVEGAME [100%].zip

c:\documents and settings\docteur micro\Application Data\m\shared\The Ultimate Screen Clock v2.0a 30 Incl Keymaker by AGAiN.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Thesaurus Desktop .NET 1.1.1.zip

c:\documents and settings\docteur micro\Application Data\m\shared\ThumbsUp v2.7 by FHCF.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Tordex Wheel 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Tyco PrintEasySuite v3.6.5 MultiLanguage WinALL Incl Keygen by BLiZZARD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\TypeTool 2.0-key.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Ultra WinCleaner AntiVirus 2003.6.09.zip

c:\documents and settings\docteur micro\Application Data\m\shared\UltraISO v6.56.655.zip

c:\documents and settings\docteur micro\Application Data\m\shared\User Control 2009 6.195.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Ventura Color Pro.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Version Control Pro v4.7 by AT4RE.zip

c:\documents and settings\docteur micro\Application Data\m\shared\VideoMach v3.1.5.zip

c:\documents and settings\docteur micro\Application Data\m\shared\VIP Simple To Do List v2.7.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Vista White Hardware Icons 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\VMware Server 1.0.3-44356 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\VSE Web Site Turbo 3.1 for Mac.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Warkanoid v1.8 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Wealth Builder 3.0 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Web Table 1.9.41 (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Web Translator v5.00.5100 Multilingual WinALL Incl Keygen by ViRiLiTY.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Webcam Desktop Theater v1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\WebGalleryEasy v2.9.9.zip

c:\documents and settings\docteur micro\Application Data\m\shared\WinAudio Basic v1.18.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Window Washer v3.1 Patch.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Windows XP Professional x64 RTM (Serial).zip

c:\documents and settings\docteur micro\Application Data\m\shared\Womble MPEG Video Wizard v06.2006 German by BLiZZARD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Wondershare Audio Converter Pack 4.2.0.57.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Zealot All Video to VCD SVCD DVD Creator and Burner v2.2 by BRD.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Zebradoc DJVU Converter 1.0.zip

c:\documents and settings\docteur micro\Application Data\m\shared\Zoom v1.2 by Laxity.zip

c:\documents and settings\docteur micro\Application Data\m\srvlist.oct

c:\documents and settings\docteur micro\Application Data\QUAD Backups

C:\install.exe

c:\program files\AskSearch\bin\DeFAultsearch.dll

c:\program files\FunWebProducts

c:\program files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL

c:\program files\FunWebProducts\Installr\2.bin\F3EZSETP.DLL

c:\program files\FunWebProducts\Installr\Cache\00C848D3.exe

c:\program files\FunWebProducts\Installr\Cache\files.ini

c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html

c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html

c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

c:\program files\MyWebSearch

c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG

c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL

c:\program files\MyWebSearch\bar\1.bin\F3DTactl.dll

c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL

c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL

c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll

c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL

c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL

c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR

c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL

c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL

c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL

c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE

c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll

c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV

c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT

c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL

c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG

c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL

c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL

c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE

c:\program files\MyWebSearch\bar\1.bin\M3HTml.dll

c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL

c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE

c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE

c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll

c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll

c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL

c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL

c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE

c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE

c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE

c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL

c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE

c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL

c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL

c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL

c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE

c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S

c:\program files\MyWebSearch\bar\Cache\00025922

c:\program files\MyWebSearch\bar\Cache\005DB522

c:\program files\MyWebSearch\bar\Cache\00CE55E6

c:\program files\MyWebSearch\bar\Cache\00CE5960.bin

c:\program files\MyWebSearch\bar\Cache\00CE5B16.bin

c:\program files\MyWebSearch\bar\Cache\00CE5C6E.bin

c:\program files\MyWebSearch\bar\Cache\00CE5E42.bin

c:\program files\MyWebSearch\bar\Cache\00CE6036.bin

c:\program files\MyWebSearch\bar\Cache\04F82B89

c:\program files\MyWebSearch\bar\Cache\07662DCA

c:\program files\MyWebSearch\bar\Cache\files.ini

c:\program files\MyWebSearch\bar\firefox\CHROME.MANIFEST

c:\program files\MyWebSearch\bar\firefox\chrome\M3FFXTBR.JAR

c:\program files\MyWebSearch\bar\firefox\INSTALL.RDF

c:\program files\MyWebSearch\bar\firefox\NPMYWEBS.DLL

c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S

c:\program files\MyWebSearch\bar\Game\CHESS.F3S

c:\program files\MyWebSearch\bar\Game\REVERSI.F3S

c:\program files\MyWebSearch\bar\History\search3

c:\program files\MyWebSearch\bar\icons\CM.ICO

c:\program files\MyWebSearch\bar\icons\MFC.ICO

c:\program files\MyWebSearch\bar\icons\PSS.ICO

c:\program files\MyWebSearch\bar\icons\SMILEY.ICO

c:\program files\MyWebSearch\bar\icons\WB.ICO

c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO

c:\program files\MyWebSearch\bar\Message\COMMON.F3S

c:\program files\MyWebSearch\bar\Message\COMMON\8_step1.gif

c:\program files\MyWebSearch\bar\Message\COMMON\ask_logo.gif

c:\program files\MyWebSearch\bar\Message\COMMON\autoup.gif

c:\program files\MyWebSearch\bar\Message\COMMON\autoup.htm

c:\program files\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg

c:\program files\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg

c:\program files\MyWebSearch\bar\Message\COMMON\blubtn2d.png

c:\program files\MyWebSearch\bar\Message\COMMON\blubtn2r.png

c:\program files\MyWebSearch\bar\Message\COMMON\blubtn3d.png

c:\program files\MyWebSearch\bar\Message\COMMON\blubtn3r.png

c:\program files\MyWebSearch\bar\Message\COMMON\center.htm

c:\program files\MyWebSearch\bar\Message\COMMON\index.htm

c:\program files\MyWebSearch\bar\Message\COMMON\logo_ZJ.png

c:\program files\MyWebSearch\bar\Message\COMMON\logo_ZR.png

c:\program files\MyWebSearch\bar\Message\COMMON\mid_dots.gif

c:\program files\MyWebSearch\bar\Message\COMMON\mws_logo.gif

c:\program files\MyWebSearch\bar\Message\COMMON\protect.htm

c:\program files\MyWebSearch\bar\Message\COMMON\reb_bg.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebbtnbg.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebbtnn1.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebbtnn2.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebbtny1.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebbtny2.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebclose.png

c:\program files\MyWebSearch\bar\Message\COMMON\rebut.htm

c:\program files\MyWebSearch\bar\Message\COMMON\rebut2.htm

c:\program files\MyWebSearch\bar\Message\COMMON\rebut3.htm

c:\program files\MyWebSearch\bar\Message\COMMON\rebut3b.htm

c:\program files\MyWebSearch\bar\Message\COMMON\repmidsm.png

c:\program files\MyWebSearch\bar\Message\COMMON\shield.png

c:\program files\MyWebSearch\bar\Message\COMMON\shocked.gif

c:\program files\MyWebSearch\bar\Message\COMMON\stop.gif

c:\program files\MyWebSearch\bar\Message\COMMON\systray.htm

c:\program files\MyWebSearch\bar\Message\COMMON\systrayp.htm

c:\program files\MyWebSearch\bar\Message\COMMON\tp_grad.gif

c:\program files\MyWebSearch\bar\Message\COMMON\warn.gif

c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S

c:\program files\MyWebSearch\bar\Notifier\DOG.F3S

c:\program files\MyWebSearch\bar\Notifier\FISH.F3S

c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S

c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S

c:\program files\MyWebSearch\bar\Notifier\MAID.F3S

c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S

c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S

c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S

c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S

c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S

c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm

c:\program files\MyWebSearch\bar\Settings\s_pid.dat

c:\program files\MyWebSearch\bar\Settings\setting2.htm

c:\program files\MyWebSearch\bar\Settings\settings.dat

c:\program files\QUAD Utilities

c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll

c:\recycler\S-1-5-21-1012119198-3164399779-567860722-1003

c:\recycler\S-1-5-21-1146900292-2107863965-2184001931-1003

c:\recycler\S-1-5-21-1285452189-2897731831-869995530-1003

c:\recycler\S-1-5-21-1715567821-823518204-527237240-1003

c:\recycler\S-1-5-21-2197382014-3481631284-2562751692-1003

c:\recycler\S-1-5-21-2245493125-2027700850-2773855886-1003

c:\recycler\S-1-5-21-2510172619-2115415327-310082141-1003

c:\recycler\S-1-5-21-2603331843-2404986054-1169036203-1003

c:\recycler\S-1-5-21-2711207617-3665269759-3511543751-1003

c:\recycler\S-1-5-21-3346738352-1632741720-2677954562-1003

c:\recycler\S-1-5-21-375701286-520863373-3602185834-1003

c:\recycler\S-1-5-21-3881886158-3613839562-3649262194-1003

c:\recycler\S-1-5-21-3991674429-1502234657-2308447467-1003

c:\recycler\S-1-5-21-964652166-2484417911-145158100-1003

c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf

c:\windows\eSellerateEngine.dll

c:\windows\mdelk.exe

c:\windows\mqtgsvc.exe

c:\windows\spoolsv.exe

c:\windows\system\mqtgsvc.exe

c:\windows\system32\drivers\sessmgr.exe

c:\windows\system32\f3PSSavr.scr

c:\windows\system32\keylog.txt

c:\windows\system32\srosa2.sys

c:\windows\system32\system32

c:\windows\system32\system32\logg.dat

c:\windows\system32\Thumbs.db

c:\windows\system32\wfsintwq.sys

c:\windows\wintems.exe

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_SROSA

-------\Legacy_SROSA

-------\Legacy_MYWEBSEARCHSERVICE

-------\Legacy_SK9OU0S

-------\Service_MyWebSearchService

-------\Service_sK9Ou0s

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2010-02-14 au 2010-03-14 ))))))))))))))))))))))))))))))))))))

.

 

2010-03-14 16:15 . 2010-03-14 16:26 3889075 ----a-r- C:\Chris2406.exe

2010-03-14 15:54 . 2010-03-14 16:05 -------- d-----w- c:\documents and settings\docteur micro\Application Data\QuickScan

2010-03-08 11:29 . 2010-03-08 11:29 -------- d-----w- c:\documents and settings\docteur micro\Application Data\Smart PC Solutions

2010-03-08 11:29 . 2010-03-08 11:29 -------- d-----w- c:\program files\Smart PC Solutions

2010-03-07 12:46 . 2010-03-07 12:46 -------- d-----w- c:\documents and settings\docteur micro\Application Data\Yahoo!

2010-03-07 12:46 . 2010-03-07 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion

2010-03-07 12:46 . 2010-03-07 12:46 -------- d-----w- c:\program files\Yahoo!

2010-03-07 12:46 . 2010-03-07 12:46 -------- d-----w- c:\program files\CCleaner

2010-03-07 11:57 . 2010-03-07 11:57 -------- d-----w- c:\windows\system32\systeme

2010-03-07 11:54 . 2010-03-07 11:54 -------- d-----w- c:\program files\NortonInstaller

2010-03-07 11:54 . 2010-03-07 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

2010-03-06 18:25 . 2010-03-06 18:25 299008 ----a-w- c:\documents and settings\docteur micro\Application Data\Up The\math bore title.exe

2010-03-06 18:25 . 2010-03-14 16:57 758784 ----a-w- c:\documents and settings\All Users\Application Data\dumb tray 16 test\platform hide.exe

2010-03-06 18:25 . 2010-03-06 18:25 757760 ----a-w- c:\documents and settings\docteur micro\Application Data\Up The\ffalfmza.exe

2010-03-06 18:25 . 2010-03-06 18:25 -------- d-----w- c:\documents and settings\All Users\Application Data\dumb tray 16 test

2010-03-06 18:25 . 2010-03-06 18:25 -------- d-----w- c:\program files\Up The

2010-03-06 18:25 . 2010-03-06 18:25 -------- d-----w- c:\documents and settings\docteur micro\Application Data\Up The

2010-03-06 18:25 . 2010-03-06 18:25 494080 ----a-w- c:\documents and settings\docteur micro\Application Data\Up The\bend first size.exe

2010-03-06 18:25 . 2010-03-06 18:25 -------- d-----w- c:\program files\Ask Search Assistant

2010-03-05 13:09 . 2001-08-23 16:47 5632 ----a-w- c:\windows\system32\ptpusb.dll

2010-03-05 13:08 . 2008-04-13 18:33 159232 ----a-w- c:\windows\system32\ptpusd.dll

2010-03-01 09:06 . 2010-03-01 09:06 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2010-03-01 09:06 . 2010-03-01 09:06 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple

2010-02-27 14:23 . 2010-03-05 13:11 -------- d-----w- c:\documents and settings\docteur micro\Application Data\Apple Computer

2010-02-27 14:23 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2010-02-27 14:23 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll

2010-02-27 14:21 . 2010-02-27 14:21 -------- d-----w- c:\program files\iPod

2010-02-27 14:21 . 2010-02-27 14:23 -------- d-----w- c:\program files\iTunes

2010-02-27 14:21 . 2010-02-27 14:23 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2010-02-27 14:21 . 2010-02-27 14:21 -------- d-----w- c:\program files\Bonjour

2010-02-27 14:19 . 2010-02-27 14:20 -------- d-----w- c:\program files\QuickTime

2010-02-27 14:19 . 2010-02-27 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2010-02-27 14:19 . 2010-02-27 14:19 -------- d-----w- c:\documents and settings\docteur micro\Local Settings\Application Data\Apple

2010-02-27 14:19 . 2010-02-27 14:19 -------- d-----w- c:\program files\Apple Software Update

2010-02-27 14:19 . 2009-08-28 18:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2010-02-27 14:19 . 2009-08-28 18:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll

2010-02-27 14:17 . 2010-03-05 13:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple

2010-02-27 14:17 . 2010-02-27 14:21 -------- d-----w- c:\program files\Fichiers communs\Apple

2010-02-27 14:17 . 2010-03-10 11:18 -------- d-----w- c:\documents and settings\docteur micro\Local Settings\Application Data\Apple Computer

2010-02-27 10:47 . 2010-02-27 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters

2010-02-26 09:58 . 2010-03-14 16:51 -------- d--h--w- c:\documents and settings\docteur micro\Application Data\drivers

2010-02-15 17:41 . 2010-02-15 17:41 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe

2010-02-15 13:39 . 2010-02-15 13:39 -------- d-----w- c:\documents and settings\docteur micro\Application Data\Uniblue

2010-02-15 08:10 . 2010-02-15 08:10 -------- d-----w- c:\documents and settings\docteur micro\Application Data\dvdcss

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-03-14 16:49 . 2010-01-23 17:05 -------- d-----w- c:\documents and settings\All Users\Application Data\srcheng

2010-03-14 16:46 . 2008-08-07 14:12 93168 ----a-w- c:\windows\system32\perfc00C.dat

2010-03-14 16:46 . 2008-08-07 14:12 525456 ----a-w- c:\windows\system32\perfh00C.dat

2010-03-14 15:58 . 2008-06-27 15:24 467028 ----a-w- c:\windows\system32\acs.exe

2010-03-12 11:24 . 2010-01-03 17:52 -------- d-----w- c:\program files\MAGIX

2010-03-12 11:23 . 2010-01-03 17:52 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX

2010-03-12 11:21 . 2009-12-17 17:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-03-11 09:08 . 2009-12-24 11:58 -------- d-----w- c:\documents and settings\docteur micro\Application Data\BitTorrent

2010-03-11 09:08 . 2010-01-02 21:41 -------- d-----w- c:\documents and settings\docteur micro\Application Data\vlc

2010-03-08 18:45 . 2010-01-24 10:57 -------- d-----w- c:\program files\triturf

2010-03-08 14:11 . 2009-12-24 11:57 -------- d-----w- c:\program files\BitTorrent

2010-02-27 10:47 . 2009-12-17 17:42 -------- d-----w- c:\documents and settings\docteur micro\Application Data\PCAnonyme4

2010-02-12 00:18 . 2009-11-11 11:58 -------- d-----w- c:\program files\eMule

2010-01-28 10:50 . 2010-01-16 11:55 -------- d-----w- c:\documents and settings\docteur micro\Application Data\GrabIt

2010-01-26 09:36 . 2008-12-15 17:37 1582 ----a-w- c:\documents and settings\docteur micro\Application Data\wklnhst.dat

2010-01-23 17:05 . 2010-01-23 17:05 -------- d-----w- c:\program files\EasyPrediction

2010-01-23 16:23 . 2010-01-23 16:23 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM

2010-01-23 16:23 . 2010-01-23 16:23 -------- d-----w- c:\program files\SweetIM

2009-12-31 16:50 . 2008-08-07 14:12 353792 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-21 19:07 . 2008-08-07 14:12 916480 ----a-w- c:\windows\system32\wininet.dll

2009-12-17 17:41 . 2009-12-17 17:41 1956528 -c--a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe

2009-12-17 17:05 . 2008-11-28 16:53 37600 -c--a-w- c:\documents and settings\docteur micro\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-12-17 07:41 . 2008-08-07 12:24 347648 ----a-w- c:\windows\system32\mspaint.exe

2008-05-07 14:34 . 2008-08-07 13:55 15523560 -c--a-w- c:\program files\U1 Setup.exe

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

 

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

 

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

 

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"amokjump"="c:\docume~1\DOCTEU~1\APPLIC~1\UPTHE~1\bend first size.exe" [2010-03-06 494080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"rkfree"="c:\program files\rkfree\rkfree.exe" [2010-01-04 71168]

"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]

"16 test dupe acid"="c:\documents and settings\All Users\Application Data\dumb tray 16 test\platform hide.exe" [2010-03-14 758784]

"N360"="c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.5.2.11\InstStub.exe" [2010-03-07 714080]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2008-02-12 18:08 21898024 ----a-r- c:\program files\Skype\Phone\Skype.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\BitTorrent\\bittorrent.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

 

R2 StealthInjectorService;Stealth Service Helper;c:\program files\Micro Application\PC Anonyme\IJStealth4Svc.exe [17/12/2009 18:05 148992]

R3 BTCOMM;BTCOMM;c:\windows\system32\drivers\Btcomm.sys [10/02/2009 18:47 57512]

R3 BTKRNBDG;Bluetooth COM Bridge;c:\windows\system32\drivers\BtKrnBdg.sys [10/02/2009 18:47 15876]

R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [01/10/2008 16:45 57440]

R3 vad_multi;Windigo Virtual Audio Device (WDM);c:\windows\system32\drivers\vadmulti.sys [10/02/2009 18:47 19840]

S1 aswSP;avast! Self Protection; [x]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]

S2 gupdate1ca8c7199444824;Service Google Update (gupdate1ca8c7199444824);c:\program files\Google\Update\GoogleUpdate.exe [03/01/2010 13:38 133104]

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [24/07/2003 12:10 17149]

S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [27/02/2008 11:54 360547]

S3 mvvideodemo;MaxiVista Virtual Video Demo;c:\windows\system32\DRIVERS\mvvideodemo.sys --> c:\windows\system32\DRIVERS\mvvideodemo.sys [?]

S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [07/08/2008 14:20 625024]

S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\drivers\WN111v2.sys [14/01/2009 02:23 458752]

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}]

2010-03-14 16:39 2792568 ----a-w- c:\windows\system32\systeme\msgr.exe

.

Contenu du dossier 'Tâches planifiées'

 

2010-03-14 c:\windows\Tasks\A8FD177790028987.job

- c:\docume~1\docteu~1\applic~1\upthe~1\math bore title.exe [2010-03-06 18:25]

 

2010-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

 

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 12:37]

 

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 12:37]

 

2010-03-14 c:\windows\Tasks\User_Feed_Synchronization-{01470AD9-7E10-47BF-B651-EA9233B9BCF5}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

 

2010-03-14 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www2.iesearch.com/

mStart Page = hxxp://home.sweetim.com

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

- - - - ORPHELINS SUPPRIMES - - - -

 

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)

Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

HKCU-Run-msnmsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe

HKLM-Explorer_Run-SessMgr - c:\windows\System32\drivers\sessmgr.exe

HKU-Default-Explorer_Run-MqtgSVC - c:\windows\mqtgsvc.exe

ActiveSetup-{9D71D88C-C598-4935-C5D1-43AA4DB90836} - c:\windows\system32\system32\system.exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-03-14 17:56

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

c:\program files\Internet Explorer\iexplore.exe [1592] 0x856E66A0

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'explorer.exe'(3136)

c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll

c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll

c:\program files\eee storage\xpclient.dll

c:\program files\eee storage\logicnp.eznamespaceextensions.dll

c:\windows\system32\eappprxy.dll

c:\windows\system32\webcheck.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\System32\vssvc.exe

c:\program files\Microsoft ActiveSync\wcescomm.exe

c:\progra~1\MI3AA1~1\rapimgr.exe

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Heure de fin: 2010-03-14 18:06:58 - La machine a redémarré

ComboFix-quarantined-files.txt 2010-03-14 17:06

 

Avant-CF: 44 706 017 280 octets libres

Après-CF: 44 706 222 080 octets libres

 

- - End Of File - - 4F279260488E83EEE4C9A263D98BE164

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

Téléchargez AD-Remover( de Cyrildu17 / C_XX ) sur le bureau

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Lancer pour Nettoyer

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...