Gros probléme de virus RESOLU

Bonjour tout le monde et bonne anneé ,je m'apelle mickael et j'ai 14ans et hier soir un copain ma preter un jeu mais quand je l'ai installer mon ordinateur a redémmaré et maitenant il n'y a plus d'antivirus ni de msn et quand je veux installer quelque chose tu genre supréssion de logiciel malveillant ,virus trojan ... il ne s'installe pas et cela me dit win32 invalide.j'ai windows xp pro,ie8.

S'il vous plait est-ce-que vous pouver m'aider a suprimmer se virus ?

(Excuser moi pour les fautes d'ortographe)

Bonjour,Mickael,
On va essayer de t'aider en attendant qu'un helper vienne a ton aide
commençons par télécharger Navilog ici : http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/t(...)
Si tu es sous XP ne teiens pas compte de l'uac et du mode administrateur, suis bien les instructions et arrivée a la demande du choix de l'option choisis l'option 1 surtout pas la 2,3,ou 4 sans notre accord,une fois l'analyse terminée poste moi le rapport stp
A te lire

A vous deux,

Ca m'a tout l'air d'être une infection Bagle.

Rubised, tu peux utiliser FindyKill et Combofix ^^

Bon courage pour la désinfection

Salut Masterg,
merci tu as tout a fait raison ,j'avais sous le coude la procédure de FindyKil,j'aurais du la faire en premier
Mikoudu3
Télécharge ici FindyKill ici: http://www.malekal.com/tutorial_FindyKill.php
Ensuite on passera à combofix

re, voila mon raport Findykil
----------------- FindyKill V4.711 ------------------

* User : Lucien - MICKAEL
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 21:30:08 le 11/01/2009
* Windows XP - Internet Explorer 8.0.6001.18241

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\DOCUME~1\Lucien\APPLIC~1\cmstp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Lucien\Application Data\drivers\winupgro.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Processus infectieux stoppés ] ----------------


"C:\Documents and Settings\Lucien\Application Data\drivers\winupgro.exe" (2560)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [11/01/2009 13:11] - "C:\Muestras"
Found ! [11/01/2009 13:11] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\105875.EXE-2DA67199.pf
Found ! - C:\WINDOWS\prefetch\109781.EXE-113DF318.pf
Found ! - C:\WINDOWS\prefetch\118437.EXE-13223473.pf
Found ! - C:\WINDOWS\prefetch\122343.EXE-16EBD1D6.pf
Found ! - C:\WINDOWS\prefetch\129593.EXE-17A2A58B.pf
Found ! - C:\WINDOWS\prefetch\139609.EXE-0B7AC82F.pf
Found ! - C:\WINDOWS\prefetch\1839703.EXE-07050EEF.pf
Found ! - C:\WINDOWS\prefetch\235359.EXE-2AF62E0A.pf
Found ! - C:\WINDOWS\prefetch\238546.EXE-20F9C056.pf
Found ! - C:\WINDOWS\prefetch\242765.EXE-03FD60EA.pf
Found ! - C:\WINDOWS\prefetch\263859.EXE-170733D9.pf
Found ! - C:\WINDOWS\prefetch\268671.EXE-3708420C.pf
Found ! - C:\WINDOWS\prefetch\302343.EXE-0889C506.pf
Found ! - C:\WINDOWS\prefetch\36112750.EXE-05F10F99.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-3B9A0C28.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-27FC9276.pf
Found ! - C:\WINDOWS\Prefetch\PATCH.EXE-35DC8927.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

Found ! [11/01/2009 13:02] - C:\WINDOWS\system32\mdelk.exe
Found ! [11/01/2009 13:02] - C:\WINDOWS\system32\wintems.exe
Found ! [11/01/2009 21:24] - C:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Lucien\Application Data

Found ! [10/01/2009 20:24] - "C:\Documents and Settings\Lucien\Application Data\m\flec006.exe"
Found ! [11/01/2009 21:24] - "C:\Documents and Settings\Lucien\Application Data\m\list.oct"
Found ! [11/01/2009 21:24] - "C:\Documents and Settings\Lucien\Application Data\m\data.oct"
Found ! [11/01/2009 21:25] - "C:\Documents and Settings\Lucien\Application Data\m\srvlist.oct"
Found ! [11/01/2009 21:25] - "C:\Documents and Settings\Lucien\Application Data\m\shared"
Found ! [10/01/2009 20:24] - "C:\Documents and Settings\Lucien\Application Data\m"
Found ! [10/01/2009 19:59] - "C:\Documents and Settings\Lucien\Application Data\drivers"
Found ! [11/01/2009 21:24] - "C:\Documents and Settings\Lucien\Application Data\drivers\srosa.sys"
Found ! [11/01/2009 21:24] - "C:\Documents and Settings\Lucien\Application Data\drivers\srosa2.sys"
Found ! [15/01/2006 02:09] - "C:\Documents and Settings\Lucien\Application Data\drivers\winupgro.exe"
Found ! [11/01/2009 21:28] - "C:\Documents and Settings\Lucien\Application Data\drivers\downld"

»»»» Presence des fichiers dans C:\DOCUME~1\Lucien\LOCALS~1\Temp

Found ! - C:\DOCUME~1\Lucien\LOCALS~1\Temp\Rar$EX00.265\BATTLEFIELD.1942.MULITKEYGEN.EXE
Found ! - C:\DOCUME~1\Lucien\LOCALS~1\Temp\Rar$EX00.265\BATTLEFIELD.1942.MULITKEYGEN.TXT

»»»» Presence des fichiers dans C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5

Found ! [11/01/2009 13:03] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\5U07RAWR\b64_1[1].jpg
Found ! [11/01/2009 13:05] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\AYNBZNJD\b64_1[1].jpg
Found ! [11/01/2009 21:25] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\AYNBZNJD\b64_1[2].jpg
Found ! [11/01/2009 13:03] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\VE6H918R\b64[1].jpg
Found ! [11/01/2009 13:05] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\VE6H918R\b64_2[1].jpg
Found ! [11/01/2009 21:24] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\VE6H918R\file[1].txt
Found ! [11/01/2009 13:02] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\VE6H918R\mxd[1].jpg
Found ! [11/01/2009 21:25] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\YE51OAWJ\b64[1].jpg
Found ! [11/01/2009 13:02] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\YE51OAWJ\b64_3[1].jpg
Found ! [11/01/2009 21:24] - C:\Documents and Settings\Lucien\Local Settings\Temporary Internet Files\Content.IE5\YE51OAWJ\mxd[1].jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
SoundMan=SOUNDMAN.EXE
MSConfig=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

[HKEY_CURRENT_USER\software\local appwizard-generated applications\LG Contents Bank]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\msnmsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\playplus]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Registrar]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\setup]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\vscap]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\Local AppWizard-Generated Applications\msnmsgr
Found ! - HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\msnmsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR

/!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
/!\ Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

/!\ Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

/!\ Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

/!\ Mode sans echec non fonctionnel !!



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4


--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------

choisi cette fois ci l option 2 (suppression)

il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"

un rapport va s ouvrir, post le dans ta prochaine réponse stp

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

re, désolé mes cela na pas marcher des que j'ai lancer le nétoiyage un ecran bleu et apparue et cela a redémmaré

as tu bien suivis ces instructions ici : http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/t(...)
dis mois si cela a fonctionné et poste moi le rapport dans ce cas là

oui oui je vous assure mes quand j'ai lancer la supréssion ecran bleu il y avait marquer ceci "un probléme a éte detecter et windows a eté arreter ....
" est-ce-grave!?

non,as tu attendu apres cela si ton pc redémarrais ?
Bon sinon télécharge combofix ici : http://forum.pcastuces.com/combofix___renommer_au_telechargement-f31s22.htm

et suis bien le tuto poste moi ensuite le rapport stp
Avec mes excuses mais pour ce soir je vais aller me reposer car ,moi j'ai 4.8 fois ton âge,et oui,j'ai aussi un petit fils de 13 ans et lui aussi tiens le coup devant son pc ,a votre âge on traine plus faciement,je te dis donc a demain pour terminer tout cela
bonne nuit

merci mille fois "rubised" avec combo fix il n'y a plus une trace de virus et mon ordi tourne comme avant !!

voici le rapport au cas ou!

ComboFix 09-01-10.03 - Lucien 2009-01-12 7:33:35.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1023.766 [GMT 1:00]
Lancé depuis: c:\documents and settings\Lucien\Bureau\fifou.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lucien\Application Data\drivers\downld
c:\documents and settings\Lucien\Application Data\drivers\downld\100140.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\100765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\100828.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\101156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\102406.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\102421.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\103156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\103625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\104125.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\104234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\105015.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1057968.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\105875.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1059500.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1060062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\106531.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\107578.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\107906.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\108140.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\109781.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\110593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\118437.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\121468.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\122156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\122343.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\122671.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\124843.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\129593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\130234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\133593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\134031.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\139015.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\139609.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\140062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\141625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\141640.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\143843.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\144328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\144343.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\147281.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\148187.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\148234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\153734.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\154968.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\155500.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\156343.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\157062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\157500.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\159312.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\159781.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\159796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\162953.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\164343.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\164843.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\165328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\165687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\165750.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\165765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\166078.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\166312.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\166921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\167359.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\167718.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\168171.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\168265.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\169109.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\169671.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\172109.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\173828.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\173875.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\174687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\174796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\175640.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\175703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\176062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\176140.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\176687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\176812.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\177250.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\177750.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\178468.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\178906.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\181796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\182046.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\183234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\183343.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1833875.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1834953.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\183546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\183859.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1839703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\183984.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\184625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\184781.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\185546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\185734.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\186078.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\186484.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\186859.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\187765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\187875.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\188234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\188796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1893453.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1894312.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1894625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\190109.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\190796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\191062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\191109.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\191406.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\191890.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\192296.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\193656.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\194140.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\195000.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\196437.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\197015.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1973312.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\1973859.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\199531.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\199593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\199625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\200375.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\200781.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\201578.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\202156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\203687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\203890.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\204531.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\205109.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\205453.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\205687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\205921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\206718.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\206812.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\207375.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\207562.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\207671.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\207984.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\209968.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\210812.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\211562.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\211906.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\212218.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\212640.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\213375.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\213437.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\214234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\214890.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\220656.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\221921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\222234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\224703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\225421.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\225546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\226093.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\226703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\227937.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\230671.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\231656.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\231953.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\234156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\235250.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\235359.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\235484.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\235703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\236265.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\236578.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\238546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\241734.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\242765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\243234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\243328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\243671.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\244406.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\245109.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\245125.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\245796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\246437.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\248750.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\249187.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\249250.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\250875.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\251546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\251734.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\257703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\258296.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\258359.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\267296.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\268015.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\268328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\268671.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\275921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\278343.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\279078.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\279250.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\287421.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\288718.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\289000.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\289625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\291093.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\291515.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\301156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\301531.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\301593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\304281.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\304859.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\304921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\313484.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\313890.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\313953.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\319812.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\321078.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\321531.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\322437.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\323593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\324093.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\329000.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\330812.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\330984.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\331593.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\332234.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\332468.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\347921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\349093.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\349515.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\358890.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\36106156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\36107625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\36112750.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\36141328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\36142578.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\36143015.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\399375.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\400843.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\401125.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\43031.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\43250.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\43843.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\44140.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\44265.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\44515.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\44968.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\44984.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\45171.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\45187.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\45453.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\45468.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\45812.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\45828.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\47171.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\48953.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\49078.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\49703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\49765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\49984.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\50000.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\50015.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\50906.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\52062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\52125.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\52750.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\54031.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\55828.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\55859.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\59203.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\64984.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\66156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\67000.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\67062.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\67656.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\67750.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\67921.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\68703.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\69312.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\704437.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\705390.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\705406.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\71515.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\72328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\72406.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\72765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\73093.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\731156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\73218.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\732281.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\732609.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\73609.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\73625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\73687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\73828.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\74625.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\747046.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\74843.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\75171.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\75328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\75562.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\76125.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\76156.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\76546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\76828.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\77218.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\77515.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\79656.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\80265.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\80484.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\80968.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\81453.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\81765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\819796.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\868453.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\869031.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\91046.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\928000.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\929765.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\930218.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\931046.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\932328.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\933140.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\94078.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\94609.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\94687.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\95546.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\956453.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\957562.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\958031.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\95859.exe
c:\documents and settings\Lucien\Application Data\drivers\downld\99562.exe
c:\documents and settings\Lucien\Application Data\drivers\srosa.sys
c:\documents and settings\Lucien\Application Data\drivers\srosa2.sys
c:\documents and settings\Lucien\Application Data\drivers\winupgro.exe
c:\documents and settings\Lucien\Application Data\m
c:\documents and settings\Lucien\Application Data\m\data.oct
c:\documents and settings\Lucien\Application Data\m\flec006.exe
c:\documents and settings\Lucien\Application Data\m\list.oct
c:\documents and settings\Lucien\Application Data\m\shared\.NET Communication Library 1.0.0.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\1CLICK DVD COPY PRO 3.2.9.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\1st English ExamCram 4.0.0.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\4nec2 5.7.4.zip
c:\documents and settings\Lucien\Application Data\m\shared\9L0-612 Practice Exam Testing Engine Software 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\A3DStitcher 1.2.zip
c:\documents and settings\Lucien\Application Data\m\shared\Absolute Packager 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\AddressBook 7.0 Release 9.02.zip
c:\documents and settings\Lucien\Application Data\m\shared\Advanced MP3 Converter 2.10.zip
c:\documents and settings\Lucien\Application Data\m\shared\AMSES Frame2D 2.02.zip
c:\documents and settings\Lucien\Application Data\m\shared\AS ALARM 2.2.zip
c:\documents and settings\Lucien\Application Data\m\shared\ASCII art generator 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\AssetWorX 3.00.0015.zip
c:\documents and settings\Lucien\Application Data\m\shared\Audio Mid Recorder 4.2.5 Build 2268.zip
c:\documents and settings\Lucien\Application Data\m\shared\Avaide DVD To MP4 Converter 1.00.zip
c:\documents and settings\Lucien\Application Data\m\shared\avec.le.crack.valable.indefiniment.zip
c:\documents and settings\Lucien\Application Data\m\shared\Backup Deluxe 2005 SE 1.4.0.685.zip
c:\documents and settings\Lucien\Application Data\m\shared\BarCodeWiz Barcode ActiveX Control 2.57.zip
c:\documents and settings\Lucien\Application Data\m\shared\Blazing Clock 2.90b.zip
c:\documents and settings\Lucien\Application Data\m\shared\BrucePlayer 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\BulkSMS Text Messenger 3.3.zip
c:\documents and settings\Lucien\Application Data\m\shared\Callout 0.3.2.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Casm2Basm 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\CD-Text Manager 1.07.0075.zip
c:\documents and settings\Lucien\Application Data\m\shared\CD to MP3 Maker 1.03.zip
c:\documents and settings\Lucien\Application Data\m\shared\CDSurf.Net 2006 1.6.0.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Ceramic Raw Materials 1.00.zip
c:\documents and settings\Lucien\Application Data\m\shared\Children Safer 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\ClearContext Information Management System Pro 3.0.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\CommitMonitor 1.3.0.329.zip
c:\documents and settings\Lucien\Application Data\m\shared\Context Free 2.1.14.zip
c:\documents and settings\Lucien\Application Data\m\shared\ContourCube 3.0.3.zip
c:\documents and settings\Lucien\Application Data\m\shared\Convert AutoCAD DWG to SVG 1.25.zip
c:\documents and settings\Lucien\Application Data\m\shared\DB Palette 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\DCmagic 2.07.zip
c:\documents and settings\Lucien\Application Data\m\shared\Delicious Address Book 2.1 build 4100.zip
c:\documents and settings\Lucien\Application Data\m\shared\DK+ 1.5.zip
c:\documents and settings\Lucien\Application Data\m\shared\DVD to Audio 3.28.zip
c:\documents and settings\Lucien\Application Data\m\shared\Enhanched Close 1.00.zip
c:\documents and settings\Lucien\Application Data\m\shared\Excel Insert Multiple Pictures Software 7.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\eXFileView Lite 3.0.0.3.4293.zip
c:\documents and settings\Lucien\Application Data\m\shared\FFGuard 2.01.zip
c:\documents and settings\Lucien\Application Data\m\shared\File Information Editor.zip
c:\documents and settings\Lucien\Application Data\m\shared\FlickrShop 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\FormatDesigner 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Free Spyware Vanisher 2.80.zip
c:\documents and settings\Lucien\Application Data\m\shared\FRS Time Tracker Pro 1.9.zip
c:\documents and settings\Lucien\Application Data\m\shared\fvSplitter 0.2.zip
c:\documents and settings\Lucien\Application Data\m\shared\Groove Migrator 1.zip
c:\documents and settings\Lucien\Application Data\m\shared\HDD Wipe Tool 2.35.1178.zip
c:\documents and settings\Lucien\Application Data\m\shared\Hero DVD Player 3.0.8.zip
c:\documents and settings\Lucien\Application Data\m\shared\HidesFiles 1.3.zip
c:\documents and settings\Lucien\Application Data\m\shared\HierarchyTree 1.04a.zip
c:\documents and settings\Lucien\Application Data\m\shared\Hitman Screensaver 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\iFeeds 1.0.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\imageApp 1.01.zip
c:\documents and settings\Lucien\Application Data\m\shared\ImageMagick 6.4.1-3.zip
c:\documents and settings\Lucien\Application Data\m\shared\iPod Access for Windows 4.2.5.zip
c:\documents and settings\Lucien\Application Data\m\shared\iSimplyScale 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\IT Outsourcing Toolkit 3.1 3.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Jase 0.93.zip
c:\documents and settings\Lucien\Application Data\m\shared\javaSTM 5.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Kaspersky.Intenet.Security.V.6.0.1.411.New.Key.2008.zip
c:\documents and settings\Lucien\Application Data\m\shared\KASPERSKY_.6.0.0.303_esp.zip
c:\documents and settings\Lucien\Application Data\m\shared\Latin Before You Know It Lite 3.6.53.zip
c:\documents and settings\Lucien\Application Data\m\shared\Leithauser Research EBook Reader - The Count of Monte Cristo 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Lets PHOTO Express 1.00.00.11.zip
c:\documents and settings\Lucien\Application Data\m\shared\LifeBuoy 2008 1.01.03.zip
c:\documents and settings\Lucien\Application Data\m\shared\LingvoSoft Learning PhraseBook 2008 German - Latvian 2.3.86.zip
c:\documents and settings\Lucien\Application Data\m\shared\Love Potion Number 9 Screensaver 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Mcafee.Ent80Setup.zip
c:\documents and settings\Lucien\Application Data\m\shared\Mcafee.Viruscan.2005.Ita.zip
c:\documents and settings\Lucien\Application Data\m\shared\Merge Tables Wizard for Microsoft Excel 1.7.1.180.zip
c:\documents and settings\Lucien\Application Data\m\shared\mini Orkut 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\miniSipServer 2.3.2.zip
c:\documents and settings\Lucien\Application Data\m\shared\MoonBuggy by Funtactix 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Motion Sharpen 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\MP3Tag Laboratory 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\My Simple Friend 1.0 build 13.zip
c:\documents and settings\Lucien\Application Data\m\shared\Nepal Screensaver 2.3.zip
c:\documents and settings\Lucien\Application Data\m\shared\Net Radio Rip or Play 4.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\NetTime 2.0 b7.zip
c:\documents and settings\Lucien\Application Data\m\shared\OfficeView Pro 4.3.zip
c:\documents and settings\Lucien\Application Data\m\shared\Orkut Cute 9.4.27.zip
c:\documents and settings\Lucien\Application Data\m\shared\Peer to Peer Networking Tips and Tricks.zip
c:\documents and settings\Lucien\Application Data\m\shared\PicturePlus 6.13.zip
c:\documents and settings\Lucien\Application Data\m\shared\Piedmont Triad Traffic Cam 2.5.zip
c:\documents and settings\Lucien\Application Data\m\shared\Portable DevProject Manager 1.6.4.zip
c:\documents and settings\Lucien\Application Data\m\shared\PSP Video 9 4.04.zip
c:\documents and settings\Lucien\Application Data\m\shared\Quake & Shake 1.zip
c:\documents and settings\Lucien\Application Data\m\shared\QuoteDownload 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Redbox 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Reservation Master 4.00-R1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Reunite 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Screen Scavenger 1.0.27.zip
c:\documents and settings\Lucien\Application Data\m\shared\SecureWorld 0.9.101 beta.zip
c:\documents and settings\Lucien\Application Data\m\shared\shortText 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Simple Web Browser 3.0.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\SkypeTools 0.1 b.zip
c:\documents and settings\Lucien\Application Data\m\shared\Smart HTML Editor 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Sound Association 3.02.zip
c:\documents and settings\Lucien\Application Data\m\shared\Spectran 2.0 Build 216.zip
c:\documents and settings\Lucien\Application Data\m\shared\Star Night Lake Demo Screensaver 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Sticky Notes 2.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Sunken Pirate Ship 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Super Magnifier 1.0.4.zip
c:\documents and settings\Lucien\Application Data\m\shared\SYMANTEC.NORTON.INTERNET.SECURITY.2005.ANTISPYWARE.EDITION.zip
c:\documents and settings\Lucien\Application Data\m\shared\Symantec.Recovery.Disk.zip
c:\documents and settings\Lucien\Application Data\m\shared\Synopsis 0.8.zip
c:\documents and settings\Lucien\Application Data\m\shared\TAdware 2.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Tech 1.04.zip
c:\documents and settings\Lucien\Application Data\m\shared\TerminatorX Site License 2.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\The Bat! Beta 4.0.39.34 Alpha.zip
c:\documents and settings\Lucien\Application Data\m\shared\The Freshest Flowers Screensaver 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\Thumbs 5.41.zip
c:\documents and settings\Lucien\Application Data\m\shared\tOGGer 0.0.17.zip
c:\documents and settings\Lucien\Application Data\m\shared\VIP Privacy 1.2.zip
c:\documents and settings\Lucien\Application Data\m\shared\WhenFinder 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\Windows Audio Recorder Professional 4.50.zip
c:\documents and settings\Lucien\Application Data\m\shared\winMd5Sum Portable 1.0.1.55 Revision 2.zip
c:\documents and settings\Lucien\Application Data\m\shared\WireFusion Video 1.01.zip
c:\documents and settings\Lucien\Application Data\m\shared\Wiz2Use Backup 1.0.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\WordSecretary English 1.1.zip
c:\documents and settings\Lucien\Application Data\m\shared\XDenSer Image Shrink 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\XMenuImage 1.0.zip
c:\documents and settings\Lucien\Application Data\m\shared\ZenThumber 1.5.0.17.zip
c:\documents and settings\Lucien\Application Data\m\srvlist.oct
C:\InfoSat.txt
c:\program files\Windows Live\Messenger\msnmsgr.exe
c:\windows\Fonts\a.zip
c:\windows\msnimport.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\install.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\mhsfnccc.ini
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\wintems.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_BOONTY_GAMES
-------\Legacy_SK9OU0S
-------\Legacy_TDIDRV32.SYS
-------\Service_Boonty Games
-------\Service_sK9Ou0s


((((((((((((((((((((((((((((( Fichiers créés du 2008-12-12 au 2009-01-12 ))))))))))))))))))))))))))))))))))))
.

2009-01-11 13:11 . 2009-01-11 13:11 <REP> d-------- C:\Muestras
2009-01-11 12:29 . 2009-01-11 12:29 <REP> d-------- c:\windows\system32\Kaspersky Lab
2009-01-11 10:01 . 2008-10-22 08:41 81,920 --a------ c:\windows\system\cisvc.exe
2009-01-11 09:58 . 2009-01-11 09:58 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2009-01-11 09:37 . 2009-01-11 09:37 1,374 --a------ c:\windows\imsins.BAK
2009-01-10 21:21 . 2009-01-11 21:49 <REP> d-------- c:\program files\FindyKill
2009-01-10 20:57 . 2009-01-12 07:32 <REP> d-------- c:\documents and settings\Lucien\.housecall6.6
2009-01-10 20:28 . 2008-10-22 08:41 81,920 --a------ c:\windows\cmstp.exe
2009-01-10 19:58 . 2009-01-12 07:35 <REP> d--h----- c:\documents and settings\Lucien\Application Data\drivers
2009-01-10 11:37 . 2009-01-10 11:37 <REP> d-------- c:\program files\Shareaza
2009-01-07 09:08 . 2009-01-07 09:08 <REP> d-------- c:\program files\pspvideo9
2009-01-06 18:00 . 2009-01-06 18:00 <REP> d-------- c:\program files\Astonsoft
2009-01-06 18:00 . 2009-01-06 18:01 <REP> d-------- c:\documents and settings\Lucien\Application Data\DeepBurner
2009-01-05 18:54 . 2009-01-09 10:45 <REP> d-------- c:\program files\GameSpy Arcade
2009-01-02 10:18 . 2009-01-02 10:18 <REP> d-------- c:\program files\Real
2009-01-02 10:18 . 2009-01-02 10:26 <REP> d-------- c:\program files\Fichiers communs\Real
2009-01-02 10:16 . 2009-01-02 15:33 <REP> d-------- c:\program files\Google
2009-01-01 13:00 . 2009-01-01 13:00 <REP> d-------- c:\documents and settings\Lucien\Application Data\Gearbox Software
2009-01-01 12:59 . 2005-04-11 14:07 89,360 --a------ c:\windows\system32\VB5DB.DLL
2009-01-01 12:59 . 2005-04-11 14:07 69,632 --a------ c:\windows\system32\xmltok.dll
2009-01-01 12:59 . 2005-04-11 14:07 36,864 --a------ c:\windows\system32\xmlparse.dll
2009-01-01 12:59 . 2005-04-11 14:07 35,840 --a------ c:\windows\system32\comdlg32.oca
2009-01-01 12:59 . 2005-04-11 14:07 26,064 --a------ c:\windows\system32\xmlinst.exe
2008-12-30 19:10 . 2008-12-30 19:10 <REP> d-------- c:\documents and settings\Lucien\Application Data\Canon
2008-12-29 19:52 . 2009-01-10 17:33 <REP> d-------- c:\program files\Call of Duty Single Player Demo
2008-12-29 16:57 . 2008-12-29 16:57 <REP> d-------- c:\documents and settings\Lucien\Application Data\Blender Foundation
2008-12-28 15:07 . 2008-12-28 15:08 <REP> d-------- c:\documents and settings\Lucien\Application Data\GetRightToGo
2008-12-27 11:13 . 2005-03-09 20:50 46,592 --a------ c:\windows\system32\libusb0.dll
2008-12-27 11:13 . 2005-03-09 20:50 33,792 --a------ c:\windows\system32\drivers\libusb0.sys
2008-12-26 19:06 . 2009-01-02 10:22 <REP> d-------- c:\program files\Ubisoft
2008-12-26 18:04 . 2008-12-26 18:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2008-12-25 16:22 . 2008-12-25 16:22 <REP> d-------- c:\windows\ie8updates
2008-12-25 16:08 . 2008-12-25 16:08 <REP> d-------- c:\program files\Trymedia
2008-12-24 16:12 . 2008-12-24 16:12 <REP> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2008-12-24 16:11 . 2008-02-25 20:00 230,912 --a------ c:\windows\system32\CNMLM9I.DLL
2008-12-24 16:11 . 2008-04-13 20:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2008-12-24 16:11 . 2008-04-13 20:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2008-12-24 16:09 . 2008-04-13 20:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-24 16:09 . 2008-04-13 20:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-12-24 12:12 . 2008-12-24 12:12 682,280 --a------ c:\windows\system32\pbsvc.exe
2008-12-24 12:12 . 2008-12-24 12:12 22,328 --a------ c:\documents and settings\Lucien\Application Data\PnkBstrK.sys
2008-12-24 10:37 . 2008-12-24 10:37 <REP> d--hs---- c:\documents and settings\Lucien\PrivacIE
2008-12-24 10:33 . 2008-12-24 10:33 <REP> d--h-c--- c:\windows\ie8
2008-12-23 17:55 . 2009-01-02 10:27 <REP> d-------- c:\program files\EasySearch
2008-12-23 10:07 . 2008-12-23 12:57 <REP> d-------- c:\program files\Blue Coat K9 Web Protection
2008-12-23 09:20 . 2008-10-22 08:41 81,920 --a------ c:\windows\system\mstsc.exe
2008-12-23 09:20 . 2008-10-22 08:41 81,920 --a------ c:\windows\dllhst3g.exe
2008-12-22 17:03 . 2008-10-22 08:41 81,920 --a------ c:\windows\system32\drivers\rsvp.exe
2008-12-22 13:43 . 2008-10-22 08:41 81,920 --a------ c:\windows\clipsrv.exe
2008-12-22 11:15 . 2008-12-27 18:22 201,440 --a------ c:\windows\system32\PnkBstrB.exe
2008-12-22 11:15 . 2008-12-27 18:23 138,512 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2008-12-22 11:15 . 2008-12-24 12:12 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2008-12-22 11:05 . 2009-01-10 21:03 <REP> d-------- c:\program files\Wolfenstein - Enemy Territory
2008-12-21 18:04 . 2008-12-24 12:27 <REP> d-------- c:\program files\Call of Duty United Offensive Single Player Demo
2008-12-21 16:11 . 2008-12-21 16:11 <REP> d-------- c:\program files\OpenAL
2008-12-21 16:11 . 2008-12-21 16:11 <REP> d-------- c:\program files\AssaultCube_v1.0
2008-12-21 08:52 . 2009-01-10 11:35 <REP> d-------- c:\program files\eMule
2008-12-20 21:34 . 2008-12-20 21:34 <REP> d-------- c:\documents and settings\Lucien\Application Data\OpenOffice.org
2008-12-20 21:33 . 2008-12-25 10:07 <REP> d-------- c:\program files\OpenOffice.org 3
2008-12-20 19:35 . 2008-12-20 19:35 <REP> d-------- c:\windows\Patch Darluok
2008-12-20 18:55 . 2008-12-20 18:55 <REP> d-------- c:\windows\system32\NtmsData
2008-12-20 18:55 . 2001-08-17 21:52 12,032 --a------ c:\windows\system32\drivers\amsint.sys
2008-12-20 18:55 . 2001-08-17 21:52 12,032 --a--c--- c:\windows\system32\dllcache\amsint.sys
2008-12-20 18:44 . 2009-01-12 07:36 27,936 --a------ c:\windows\system32\OODBS.lor
2008-12-20 18:42 . 2008-12-20 18:42 <REP> d-------- C:\NVIDIA
2008-12-20 18:42 . 2008-07-29 13:33 446,464 --a------ c:\windows\system32\nvunrm.exe
2008-12-20 18:42 . 2008-07-10 04:07 7,143 --a------ c:\windows\system32\nvide.nvu
2008-12-20 18:42 . 2008-07-29 13:30 6,045 --a------ c:\windows\system32\nvnrm.nvu
2008-12-20 18:42 . 2008-07-08 01:45 4,984 --a------ c:\windows\system32\drivers\nvphy.bin
2008-12-20 18:34 . 2004-08-14 02:56 5,810 --a------ c:\windows\system32\drivers\ASACPI.sys
2008-12-20 18:31 . 2008-12-20 18:31 <REP> d-------- c:\program files\AMD
2008-12-20 18:31 . 2006-07-01 22:42 43,520 --a------ c:\windows\system32\drivers\AmdK8.sys
2008-12-20 18:30 . 2008-12-20 18:30 <REP> d-------- c:\documents and settings\Lucien\Application Data\InstallShield
2008-12-20 18:16 . 2008-12-20 18:16 <REP> d-------- c:\program files\Realtek AC97
2008-12-20 17:19 . 2008-12-20 17:19 <REP> d-------- c:\program files\OO Software
2008-12-20 17:12 . 2009-01-12 07:37 205,483 --a------ c:\windows\system32\nvapps.xml
2008-12-20 17:11 . 2008-12-20 17:11 <REP> d-------- c:\windows\nview
2008-12-20 17:11 . 2008-12-02 10:13 453,152 --a------ c:\windows\system32\NVUNINST.EXE
2008-12-20 17:11 . 2008-12-02 23:11 453,152 --a------ c:\windows\system32\nvudisp.exe
2008-12-20 17:11 . 2008-12-02 23:11 18,696 --a------ c:\windows\system32\nvdisp.nvu
2008-12-20 17:06 . 2008-12-21 12:19 <REP> d-------- c:\program files\ma-config.com
2008-12-20 16:29 . 2008-04-13 20:46 61,696 --a------ c:\windows\system32\drivers\ohci1394.sys
2008-12-20 16:29 . 2008-04-13 20:46 61,696 --a--c--- c:\windows\system32\dllcache\ohci1394.sys
2008-12-20 16:29 . 2008-04-13 20:46 53,376 --a------ c:\windows\system32\drivers\1394bus.sys
2008-12-20 16:29 . 2008-04-13 20:46 53,376 --a--c--- c:\windows\system32\dllcache\1394bus.sys
2008-12-20 16:29 . 2001-08-17 21:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys
2008-12-20 16:29 . 2001-08-17 21:46 6,400 --a--c--- c:\windows\system32\dllcache\enum1394.sys
2008-12-20 16:22 . 2001-08-17 22:00 2,944 --a------ c:\windows\system32\drivers\msmpu401.sys
2008-12-20 16:22 . 2001-08-17 22:00 2,944 --a--c--- c:\windows\system32\dllcache\msmpu401.sys
2008-12-18 19:04 . 2009-01-10 20:50 <REP> d-------- C:\Logs

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 12:29 --------- d-----w c:\program files\Windows Live Safety Center
2009-01-11 09:18 --------- d-----w c:\documents and settings\Lucien\Application Data\OpenOffice.org2
2009-01-10 10:37 --------- d-----w c:\documents and settings\Lucien\Application Data\Shareaza
2009-01-09 20:04 --------- d-----w c:\documents and settings\Lucien\Application Data\LimeWire
2009-01-07 08:08 --------- d-----w c:\program files\AviSynth 2.5
2009-01-05 18:19 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-02 09:27 --------- d-----w c:\program files\Creative
2009-01-02 09:27 --------- d-----w c:\program files\CCleaner
2008-12-26 12:26 --------- d-----w c:\program files\PhotoFiltre Studio
2008-12-25 09:12 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-12-24 11:26 --------- d-----w c:\program files\Activision
2008-12-22 17:55 --------- d-----w c:\program files\Pinnacle
2008-12-21 17:26 --------- d-----w c:\program files\Messenger Plus! Live
2008-12-21 11:19 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2008-12-20 20:55 --------- d-----w c:\program files\Windows Live
2008-12-20 20:55 --------- d-----w c:\program files\Lavalys
2008-12-20 20:55 --------- d-----w c:\program files\CDBurnerXP
2008-12-02 22:11 6,209,536 ----a-w c:\windows\system32\drivers\nv4_mini.sys
2008-11-23 10:25 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-22 17:49 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle VideoSpin
2008-11-22 17:47 --------- d-----w c:\documents and settings\All Users\Application Data\VideoSpin
2008-11-22 17:45 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle
2008-11-18 20:27 --------- d-----w c:\program files\Fichiers communs\AVSMedia
2008-11-18 20:27 --------- d-----w c:\program files\AVS4YOU
2008-11-18 20:26 --------- d-----w c:\documents and settings\All Users\Application Data\River Past G5
2008-11-18 17:55 --------- d-----w c:\documents and settings\Lucien\Application Data\AVS4YOU
2008-11-18 17:03 --------- d-----w c:\program files\Ripp-it_AM
2008-11-15 19:46 --------- d-----w c:\documents and settings\Lucien\Application Data\River Past G5
2008-10-22 07:41 81,920 ----a-w c:\windows\cisvc.exe
2008-10-22 07:41 81,920 ----a-w c:\documents and settings\Lucien\Application Data\mstsc.exe
2008-10-22 07:41 81,920 ----a-w c:\documents and settings\Lucien\Application Data\cmstp.exe
2008-10-19 09:58 49,152 ----a-w c:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2008-10-08 12:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092920081006\index.dat
2008-10-08 13:36 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008100820081009\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 86016]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-14 172544]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"CmSTP"="c:\docume~1\Lucien\APPLIC~1\cmstp.exe" [2008-10-22 81920]

[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Logman"="c:\docume~1\Lucien\LOCALS~1\Temp\logman.exe" [2008-10-22 81920]

[HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
"IEudinit"="c:\docume~1\Lucien\LOCALS~1\APPLIC~1\MICROS~1\ieudinit.exe" [2008-10-22 81920]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=c:\windows\System32\drivers\dllhst3g.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Lucien^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk]
path=c:\documents and settings\Lucien\Menu Démarrer\Programmes\Démarrage\Outil de notification Live Search.lnk
backup=c:\windows\pss\Outil de notification Live Search.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lucien^Menu Démarrer^Programmes^Démarrage^Ubisoft register.lnk]
path=c:\documents and settings\Lucien\Menu Démarrer\Programmes\Démarrage\Ubisoft register.lnk
backup=c:\windows\pss\Ubisoft register.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 10:25 6731312 c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
--a------ 2008-10-22 08:41 81920 c:\windows\system32\drivers\mqtgsvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
--a------ 2008-04-14 03:34 172544 c:\windows\pchealth\helpctr\binaries\msconfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2006-09-19 08:07 827392 c:\windows\vsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-01 14:23 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-12-02 23:11 1657376 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2007-04-16 15:28 577536 c:\windows\soundman.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\EA GAMES\\Medal of Honor Batailles du Pacifique(tm)\\mohpa.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Lucien\\Mes documents\\EA Games\\BF1942.exe"=
"c:\\Documents and Settings\\Lucien\\Mes documents\\EA Games\\BF1942_w32ded.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800
"80:TCP"= 80:TCP:@xpsp2res.dll,-22004
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [2008-08-04 52480]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [2008-08-04 45056]
R1 cwmtdi;cwmtdi;c:\windows\system32\drivers\cwmtdi.sys [2007-05-15 48640]
R4 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
S3 AC97ALI;Service for AC'97 Driver (WDM);c:\windows\system32\drivers\ali55wdm.sys [2008-08-04 63488]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-12-27 33792]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-12-19 195752]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-10-08 38528]
.
Contenu du dossier 'Tâches planifiées'

2008-09-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-01-12 c:\windows\Tasks\User_Feed_Synchronization-{C86FA902-D40C-4125-94E3-7D3878CEE2CE}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-{4516441E-853A-4B41-9263-676281A853AE} - (no file)
WebBrowser-{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
HKLM-Explorer_Run-1yqmlxBdDp - c:\documents and settings\All Users\Application Data\snqtgpsj\kfijifqt.exe
MSConfigStartUp-Acronis Scheduler2 Service - c:\program files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
MSConfigStartUp-AcronisTimounterMonitor - c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
MSConfigStartUp-Alt+Q Hotkey Tool - c:\windows\Alt+Q Hotkey.exe
MSConfigStartUp-ANTIVIRUS - c:\program files\MicroAV\MicroAV.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-dcf53d55 - c:\windows\system32\pbxxjpwd.dll
MSConfigStartUp-Host Process - c:\windows\Fonts\svchost.exe
MSConfigStartUp-InCD - c:\program files\Nero\Nero 7\InCD\InCD.exe
MSConfigStartUp-LClock - c:\program files\LClock\LClock.exe
MSConfigStartUp-Magentic - c:\progra~1\Magentic\bin\Magentic.exe
MSConfigStartUp-msnlivesearch - c:\program files\Windows Live\MessengerSearchAddon\msgrsrch.exe
MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-OPTENET_GUI - c:\progra~1\CONTRO~1\bin\optgui.exe
MSConfigStartUp-OrangePlayer - c:\program files\orange\player orange\Orange Player.exe
MSConfigStartUp-Patch - c:\windows\Patch.exe
MSConfigStartUp-RK Launcher - c:\program files\RK Launcher\RKLauncher.exe
MSConfigStartUp-SecurDisc - c:\program files\Nero\Nero 7\InCD\NBHGui.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
MSConfigStartUp-System Files Updater - c:\windows\FlyakiteOSX\Tools\System Files Updater.exe
MSConfigStartUp-TrueImageMonitor - c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
MSConfigStartUp-UberIcon - c:\program files\UberIcon\UberIcon Manager.exe
MSConfigStartUp-ViOrb - c:\program files\ViOrb\ViOrb.exe
MSConfigStartUp-Vista Sidebar - c:\program files\Vista Sidebar\sidebar.exe
MSConfigStartUp-ViStart - c:\program files\ViStart\ViStart.exe
MSConfigStartUp-viwc - c:\windows\system32\viwc.exe
MSConfigStartUp-WinRoll - c:\program files\WinRoll\winroll.exe
MSConfigStartUp-Yz Shadow - c:\program files\YzShadow\YzShadow.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {B2138BBF-E272-4F25-899A-25027F725427} = 192.168.1.1

O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...)
c:\windows\Downloaded Program Files\hardwaredetection.inf
FF - ProfilePath - c:\documents and settings\Lucien\Application Data\Mozilla\Firefox\Profiles\06o0wotx.default\
FF - prefs.js: browser.search.selectedEngine - Google Search Community
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://mystart.magentic.com/?loc=FF_Magentic_AddressBar&search=
FF - component: c:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-12 07:37:28
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-1214440339-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b1,cf,75,23,46,79,9c,1c,32,d4,95,67,6a,ce,dd,fb,d4,1f,fb,f8,ee,8a,48,
30,de,18,d9,e8,c6,53,c1,6d,7e,ea,f6,2b,ea,74,2d,16,fd,41,b1,a5,f9,47,99,82,\
"??"=hex:f6,39,70,7c,32,af,c8,7a,5e,f3,e3,b8,3f,c5,4d,1c

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,c6,86,b7,91,22,
45,2f,9e,c8,28,51,af,b0,29,a3,98,2b,21,6c,d8,22,6a,8c,92,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,75,24,f7,25,2f,
71,a2,8a,71,3b,04,66,8b,46,0d,96,98,48,20,84,22,07,e6,c4,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,ec,48,07,7b,ae,
f0,8b,55,25,da,ec,7e,55,20,c9,26,74,af,9b,02,87,b6,1f,a9,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,af,7b,e5,78,8f,
93,91,f3,3e,1e,9e,e0,57,5a,93,61,f1,a0,c8,07,95,58,39,35,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,1e,ea,12,74,15,
90,fa,4d,cd,44,cd,b9,a6,33,6c,cd,89,59,33,a2,4d,70,b5,79,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,61,cf,0d,e2,fa,
d6,0c,7d,b0,18,ed,a7,3f,8d,37,a4,56,7a,cc,8d,8d,49,90,b0,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,ab,db,cb,1f,d1,
35,7f,af,31,77,e1,ba,b1,f8,68,02,66,26,82,1e,2d,55,95,25,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,19,b8,b4,ff,8b,
84,67,f9,83,6c,56,8b,a0,85,96,ab,fa,a4,29,b2,60,10,66,37,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,f3,ce,23,e8,06,
ec,dd,e2,51,fa,6e,91,28,9e,14,cc,b0,7a,7d,98,74,f3,9f,12,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,55,e9,0c,58,47,
3b,15,03,b1,cd,45,5a,a8,c4,f8,b9,4a,16,58,5b,6d,dc,57,c7,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,1a,64,88,a6,57,
06,a6,6b,e3,0e,66,d5,eb,bc,2f,6b,c2,a4,8b,b7,bd,85,c3,ee,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,e6,74,bf,b2,c5,
66,da,6f,fa,ea,66,7f,d4,3b,6b,70,cd,ba,b0,e6,c4,ff,65,e7,6c,43,2d,1e,aa,22,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="CF6663AD313AF6D16DA389238367CCC02D4CD67B79D8A364EF0AD09BF69D8CAA10F5BB03A83ADE7CFB3ABCD65341C59FA7BFD08A639597184E678F8F5EA88A2C01E0419613D42A680B84C06628C125B91D40B238F45E6F9CD09988B1A2E1A7D57BBBD65F2E6A543AC894F4CE2899780DAE83792B565263E8B117F67214FDE6366CDE93370E5F52BEF6C5EFF

Bonjor Mickael,si je puis me permettre,?
Une question tu t'es fais infecté par un jeu qu'un copain t'a pretté ,ce jeux est sur un dvd acheté ou sur un dvd copié sur du P2p ?? j'aimerais le savoir
Maintenant par curiosité fais une analyse en ligne avec bit defender ici :
http://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s2.htm

ceci afin de voir s'il ne reste plus rien tu suis a la lettre les instructions et une fois terminé poste moi le rapport stp ,surtout fais le
et ensuite seulement
Si tout va bien rélécharge ceci : http://www.commentcamarche.net/telecharger/telechargement-34055291-toolsclean(...)
Suis les instruction ici tuto : http://www.bibou0007.com/outils-specifiques-f78/tutorial-toolscleaner-2-t375.(...)
Télécharge ToolsCleaner (par A.Rothstein et dj QUIOU) sur ton bureau.
• Clique sur Recherche et laisse le scan agir ...
• Clique sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options facultatives.
• Clique sur Quitter pour obtenir le rapport.
• Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

******
Puis, si tu estimes que ton problème est réglé,
replaces-toi sur ton 1er message et clique sur petit v gris dans rond gris (éditer le message) et dans ton message qui apparait ajoute dans son titre (Résolu) et envoie.

Quelques conseils ...
http://www.malekal.com/securiser_ordinateur.html
et aussi ...
http://www.malekal.com/securiser_internet_explorer.html

De plus si tu as installé des toolbarre supprime les par panneau de configuration ajout/suppression de programmes sauf la toolbarre de google
Vas dans Démarrer/panneau de configuration/options internet
- onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
ooo <<Favorit>>
Favorit

Tu les suppriment. ainsi que tout ce qui a trait àEorezo
tel que
eorezo
eoWeather
eoEngine (3.4),redémarre ton pc supprimer s'ils existent ncoreles répertoirs résiduels
C:\Program Files\eoRezo
C:\ Documents and Settings\Noms\Application Data\EoRezo

Quas tu comme anti virus et autres protections stp

Salut à vous deux,


Normalement il y a des restes su tu regardes bien le log de Combofix

bonjour excuzer moi mais j'etait en cour et je mange a la cantine mes vous penser qu'il en reste encore parce que la l'ordinateur tourne trész trés bien

Bonsoir Mickael,il ya en effet des restes va donc ici : http://www.assistepc.com/forum/lop-s-d-nettoyer-les-infections-de-l-adware-lo(...)
Choisis l-option 1 et lance la recherche et poste le rapport stp

Je pense que tu n'a pas du y aller de main morte pendant plusieurs années car l'infection Bagle n'est pas la seule.
On peut trouver ici et là des morceaux de trojans ou des Malwares. tu dois télécharger et installer des programmes
sans vérifier si ils sont dangereux ou non. De plus, la présence de plusieurs logiciels de peer-to-peer montre le
manque de prudence dont tu fais preuve :P (il a même le jeu World of Warcraft cracké)
De plus java n'est pas a jour en fin de désinfection je te donnerais quelque conseils afin d'éviter tout cela
Logiciels a conserver ,logiciel d'entretien et de mise à jour de tes programmes ,car logiciels et programmes pas a jour= porte ouverte aux infections
A te lire

merci encore de m'aider voici mon raport --------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Lucien ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)
C:\ (Local Disk) - NTFS - Total:186 Go (Free:126 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 12/01/2009|18:38 )

--------------------\\ Listing des dossiers dans APPLIC~1


[08/10/2008|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[05/08/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[15/09/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/09/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/10/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[12/01/2009|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[07/09/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[07/08/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[26/12/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[08/08/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[24/12/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[02/01/2009|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[11/01/2009|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[23/10/2008|06:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[23/10/2008|06:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[07/08/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[21/12/2008|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[30/09/2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[09/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/12/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/11/2008|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[22/11/2008|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[22/11/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[18/11/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[08/08/2008|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RTL Winter Sports 2008
[28/09/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\snqtgpsj
[17/10/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[22/11/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[08/08/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
[04/08/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/11/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller


[23/09/2008|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/08/2008|13:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/11/2008|19:06] C:\DOCUME~1\Lucien\APPLIC~1\Adobe
[05/08/2008|15:04] C:\DOCUME~1\Lucien\APPLIC~1\ATI
[18/11/2008|18:55] C:\DOCUME~1\Lucien\APPLIC~1\AVS4YOU
[29/12/2008|16:57] C:\DOCUME~1\Lucien\APPLIC~1\Blender Foundation
[30/12/2008|19:10] C:\DOCUME~1\Lucien\APPLIC~1\Canon
[06/01/2009|18:01] C:\DOCUME~1\Lucien\APPLIC~1\DeepBurner
[23/10/2008|17:15] C:\DOCUME~1\Lucien\APPLIC~1\Desktopicon
[12/01/2009|07:35] C:\DOCUME~1\Lucien\APPLIC~1\drivers
[01/01/2009|13:00] C:\DOCUME~1\Lucien\APPLIC~1\Gearbox Software
[28/12/2008|15:08] C:\DOCUME~1\Lucien\APPLIC~1\GetRightToGo
[02/01/2009|10:19] C:\DOCUME~1\Lucien\APPLIC~1\Google
[20/12/2008|18:30] C:\DOCUME~1\Lucien\APPLIC~1\InstallShield
[09/01/2009|21:04] C:\DOCUME~1\Lucien\APPLIC~1\LimeWire
[05/08/2008|13:51] C:\DOCUME~1\Lucien\APPLIC~1\Macromedia
[30/09/2008|16:32] C:\DOCUME~1\Lucien\APPLIC~1\Malwarebytes
[06/08/2008|12:35] C:\DOCUME~1\Lucien\APPLIC~1\Media Player Classic
[02/01/2009|10:29] C:\DOCUME~1\Lucien\APPLIC~1\Microsoft
[08/09/2008|06:35] C:\DOCUME~1\Lucien\APPLIC~1\Mozilla
[06/08/2008|13:47] C:\DOCUME~1\Lucien\APPLIC~1\MSNInstaller
[18/08/2008|19:34] C:\DOCUME~1\Lucien\APPLIC~1\NetMedia Providers
[20/12/2008|21:34] C:\DOCUME~1\Lucien\APPLIC~1\OpenOffice.org
[11/01/2009|10:18] C:\DOCUME~1\Lucien\APPLIC~1\OpenOffice.org2
[02/01/2009|10:26] C:\DOCUME~1\Lucien\APPLIC~1\Real
[14/09/2008|14:25] C:\DOCUME~1\Lucien\APPLIC~1\Reallusion
[15/11/2008|20:46] C:\DOCUME~1\Lucien\APPLIC~1\River Past G5
[09/08/2008|09:37] C:\DOCUME~1\Lucien\APPLIC~1\SecuROM
[10/01/2009|11:37] C:\DOCUME~1\Lucien\APPLIC~1\Shareaza
[06/08/2008|13:15] C:\DOCUME~1\Lucien\APPLIC~1\Sun
[05/08/2008|09:41] C:\DOCUME~1\Lucien\APPLIC~1\Windows Desktop Search
[05/08/2008|11:24] C:\DOCUME~1\Lucien\APPLIC~1\Windows Search
[05/08/2008|14:15] C:\DOCUME~1\Lucien\APPLIC~1\WinRAR
[25/10/2008|10:57] C:\DOCUME~1\Lucien\APPLIC~1\Xilisoft Corporation

[24/07/2008|16:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/08/2008|18:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/01/2009 16:09][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{C86FA902-D40C-4125-94E3-7D3878CEE2CE}.job
[15/09/2008 17:52][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/01/2009 16:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[24/12/2008|12:26] C:\Program Files\Activision
[29/10/2008|10:02] C:\Program Files\Adobe
[20/12/2008|18:31] C:\Program Files\AMD
[21/12/2008|16:11] C:\Program Files\AssaultCube_v1.0
[06/01/2009|18:00] C:\Program Files\Astonsoft
[08/10/2008|17:18] C:\Program Files\ATI Technologies
[12/01/2009|07:45] C:\Program Files\Avira
[12/01/2009|17:18] C:\Program Files\AviSynth 2.5
[18/11/2008|21:27] C:\Program Files\AVS4YOU
[23/12/2008|12:57] C:\Program Files\Blue Coat K9 Web Protection
[12/01/2009|17:18] C:\Program Files\Call of Duty Single Player Demo
[24/12/2008|12:27] C:\Program Files\Call of Duty United Offensive Single Player Demo
[02/01/2009|10:27] C:\Program Files\CCleaner
[20/12/2008|21:55] C:\Program Files\CDBurnerXP
[02/01/2009|10:27] C:\Program Files\Creative
[18/08/2008|09:58] C:\Program Files\EA GAMES
[02/01/2009|10:27] C:\Program Files\EasySearch
[10/10/2008|15:40] C:\Program Files\Eidos Interactive
[10/01/2009|11:35] C:\Program Files\eMule
[12/01/2009|07:35] C:\Program Files\Fichiers communs
[12/01/2009|07:47] C:\Program Files\FindyKill
[09/01/2009|10:45] C:\Program Files\GameSpy Arcade
[02/01/2009|15:33] C:\Program Files\Google
[11/01/2009|09:58] C:\Program Files\Grisoft
[05/01/2009|19:19] C:\Program Files\InstallShield Installation Information
[28/10/2008|19:41] C:\Program Files\Intel Desktop Board
[11/01/2009|09:46] C:\Program Files\Internet Explorer
[02/11/2008|18:54] C:\Program Files\IVCsoft
[03/09/2008|12:48] C:\Program Files\Java
[20/12/2008|21:55] C:\Program Files\Lavalys
[21/12/2008|12:19] C:\Program Files\ma-config.com
[08/10/2008|17:11] C:\Program Files\Malwarebytes' Anti-Malware
[24/08/2008|17:43] C:\Program Files\Managed DirectX (0901)
[21/12/2008|18:26] C:\Program Files\Messenger Plus! Live
[24/07/2008|16:06] C:\Program Files\microsoft frontpage
[22/10/2008|08:15] C:\Program Files\Microsoft Silverlight
[26/10/2008|19:37] C:\Program Files\Movie Maker
[12/01/2009|16:05] C:\Program Files\Mozilla Firefox
[12/08/2008|14:06] C:\Program Files\mp3DirectCut
[06/08/2008|17:11] C:\Program Files\MSN
[24/07/2008|16:01] C:\Program Files\MSN Gaming Zone
[12/01/2009|17:19] C:\Program Files\MSN Messenger
[06/08/2008|02:00] C:\Program Files\MSXML 4.0
[04/08/2008|10:51] C:\Program Files\NetMeeting
[20/12/2008|17:19] C:\Program Files\OO Software
[21/12/2008|16:11] C:\Program Files\OpenAL
[25/12/2008|10:12] C:\Program Files\OpenOffice.org 2.4
[25/12/2008|10:07] C:\Program Files\OpenOffice.org 3
[14/10/2008|19:05] C:\Program Files\Outlook Express
[26/12/2008|13:26] C:\Program Files\PhotoFiltre Studio
[22/12/2008|18:55] C:\Program Files\Pinnacle
[02/01/2009|10:18] C:\Program Files\Real
[04/08/2008|10:27] C:\Program Files\Realtek
[20/12/2008|18:16] C:\Program Files\Realtek AC97
[18/11/2008|18:03] C:\Program Files\Ripp-it_AM
[20/09/2008|13:04] C:\Program Files\Rockstar Games
[06/08/2008|17:27] C:\Program Files\Screamer Radio
[24/07/2008|16:04] C:\Program Files\Services en ligne
[10/01/2009|11:37] C:\Program Files\Shareaza
[25/12/2008|16:08] C:\Program Files\Trymedia
[02/01/2009|10:22] C:\Program Files\Ubisoft
[24/07/2008|16:13] C:\Program Files\Uninstall Information
[23/10/2008|17:16] C:\Program Files\VDOWNLOADER
[04/09/2008|19:27] C:\Program Files\Wanadoo
[05/08/2008|09:41] C:\Program Files\Windows Desktop Search
[20/12/2008|21:55] C:\Program Files\Windows Live
[11/01/2009|13:29] C:\Program Files\Windows Live Safety Center
[15/09/2008|17:30] C:\Program Files\Windows Media Connect 2
[17/12/2008|21:41] C:\Program Files\Windows Media Player
[28/09/2008|16:37] C:\Program Files\Windows NT
[24/07/2008|16:04] C:\Program Files\WindowsUpdate
[15/09/2008|17:30] C:\Program Files\WinFlip
[08/10/2008|11:07] C:\Program Files\WinRAR
[17/09/2008|20:23] C:\Program Files\WinXMedia
[10/01/2009|21:03] C:\Program Files\Wolfenstein - Enemy Territory
[24/07/2008|16:06] C:\Program Files\xerox
[25/10/2008|10:58] C:\Program Files\Xilisoft

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/10/2008|10:03] C:\Program Files\Fichiers communs\Adobe
[18/11/2008|21:27] C:\Program Files\Fichiers communs\AVSMedia
[08/08/2008|19:47] C:\Program Files\Fichiers communs\BOONTY Shared
[10/10/2008|15:39] C:\Program Files\Fichiers communs\InstallShield
[06/08/2008|13:14] C:\Program Files\Fichiers communs\Java
[12/01/2009|17:11] C:\Program Files\Fichiers communs\Microsoft Shared
[24/07/2008|16:03] C:\Program Files\Fichiers communs\MSSoap
[24/07/2008|17:54] C:\Program Files\Fichiers communs\ODBC
[02/01/2009|10:26] C:\Program Files\Fichiers communs\Real
[24/07/2008|16:03] C:\Program Files\Fichiers communs\Services
[09/10/2008|17:11] C:\Program Files\Fichiers communs\Softwin
[24/07/2008|17:54] C:\Program Files\Fichiers communs\SpeechEngines
[23/11/2008|11:23] C:\Program Files\Fichiers communs\System
[06/08/2008|14:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 41 Processes )

iexplore.exe ~ [PID:1548]
iexplore.exe ~ [PID:3372]
iexplore.exe ~ [PID:3024]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Lucien\Cookies\lucien@advertstream[2].txt
C:\DOCUME~1\Lucien\Cookies\lucien@advertising[1].txt
C:\DOCUME~1\Lucien\Cookies\lucien@advertising[3].txt
C:\DOCUME~1\Lucien\Cookies\lucien@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-12 18:39:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Lucien\Application Data\Shareaza\Torrents\[PC GAME] Assassins Creed (Full) + CRACK.torrent
C:\DOCUME~1\Lucien\Mes documents\LimeWire\Incomplete\T-4742424-Call Of Duty 4 Crack NoCD+Crack - Activation Multilanguage - certified -.rar


[F:25][D:6]-> C:\DOCUME~1\Lucien\LOCALS~1\Temp
[F:141][D:0]-> C:\DOCUME~1\Lucien\Cookies
[F:2173][D:4]-> C:\DOCUME~1\Lucien\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/01/2009|18:40 - Option : [1]

--------------------\\ Fin du rapport a 18:40:05

Maintenant lance l'option 2 stp et poste le rapport stp

voila le rapport :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Lucien ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)
C:\ (Local Disk) - NTFS - Total:186 Go (Free:126 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 12/01/2009|19:35 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Lucien\Cookies\lucien@advertstream[1].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1


[08/10/2008|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[05/08/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[15/09/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/09/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/10/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[12/01/2009|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[07/09/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[07/08/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[26/12/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[08/08/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[24/12/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[02/01/2009|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[11/01/2009|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[23/10/2008|06:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[23/10/2008|06:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[07/08/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[21/12/2008|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[30/09/2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[09/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/12/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/11/2008|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[22/11/2008|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[22/11/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle VideoSpin
[18/11/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[08/08/2008|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RTL Winter Sports 2008
[28/09/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\snqtgpsj
[17/10/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[22/11/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VideoSpin
[08/08/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
[04/08/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/11/2008|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller


[23/09/2008|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/08/2008|13:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/11/2008|19:06] C:\DOCUME~1\Lucien\APPLIC~1\Adobe
[05/08/2008|15:04] C:\DOCUME~1\Lucien\APPLIC~1\ATI
[18/11/2008|18:55] C:\DOCUME~1\Lucien\APPLIC~1\AVS4YOU
[29/12/2008|16:57] C:\DOCUME~1\Lucien\APPLIC~1\Blender Foundation
[30/12/2008|19:10] C:\DOCUME~1\Lucien\APPLIC~1\Canon
[06/01/2009|18:01] C:\DOCUME~1\Lucien\APPLIC~1\DeepBurner
[23/10/2008|17:15] C:\DOCUME~1\Lucien\APPLIC~1\Desktopicon
[12/01/2009|07:35] C:\DOCUME~1\Lucien\APPLIC~1\drivers
[01/01/2009|13:00] C:\DOCUME~1\Lucien\APPLIC~1\Gearbox Software
[28/12/2008|15:08] C:\DOCUME~1\Lucien\APPLIC~1\GetRightToGo
[02/01/2009|10:19] C:\DOCUME~1\Lucien\APPLIC~1\Google
[20/12/2008|18:30] C:\DOCUME~1\Lucien\APPLIC~1\InstallShield
[09/01/2009|21:04] C:\DOCUME~1\Lucien\APPLIC~1\LimeWire
[05/08/2008|13:51] C:\DOCUME~1\Lucien\APPLIC~1\Macromedia
[30/09/2008|16:32] C:\DOCUME~1\Lucien\APPLIC~1\Malwarebytes
[06/08/2008|12:35] C:\DOCUME~1\Lucien\APPLIC~1\Media Player Classic
[02/01/2009|10:29] C:\DOCUME~1\Lucien\APPLIC~1\Microsoft
[08/09/2008|06:35] C:\DOCUME~1\Lucien\APPLIC~1\Mozilla
[06/08/2008|13:47] C:\DOCUME~1\Lucien\APPLIC~1\MSNInstaller
[18/08/2008|19:34] C:\DOCUME~1\Lucien\APPLIC~1\NetMedia Providers
[20/12/2008|21:34] C:\DOCUME~1\Lucien\APPLIC~1\OpenOffice.org
[11/01/2009|10:18] C:\DOCUME~1\Lucien\APPLIC~1\OpenOffice.org2
[02/01/2009|10:26] C:\DOCUME~1\Lucien\APPLIC~1\Real
[14/09/2008|14:25] C:\DOCUME~1\Lucien\APPLIC~1\Reallusion
[15/11/2008|20:46] C:\DOCUME~1\Lucien\APPLIC~1\River Past G5
[09/08/2008|09:37] C:\DOCUME~1\Lucien\APPLIC~1\SecuROM
[10/01/2009|11:37] C:\DOCUME~1\Lucien\APPLIC~1\Shareaza
[06/08/2008|13:15] C:\DOCUME~1\Lucien\APPLIC~1\Sun
[05/08/2008|09:41] C:\DOCUME~1\Lucien\APPLIC~1\Windows Desktop Search
[05/08/2008|11:24] C:\DOCUME~1\Lucien\APPLIC~1\Windows Search
[05/08/2008|14:15] C:\DOCUME~1\Lucien\APPLIC~1\WinRAR
[25/10/2008|10:57] C:\DOCUME~1\Lucien\APPLIC~1\Xilisoft Corporation

[24/07/2008|16:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/08/2008|18:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/01/2009 16:09][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{C86FA902-D40C-4125-94E3-7D3878CEE2CE}.job
[15/09/2008 17:52][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/01/2009 16:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[24/12/2008|12:26] C:\Program Files\Activision
[29/10/2008|10:02] C:\Program Files\Adobe
[20/12/2008|18:31] C:\Program Files\AMD
[21/12/2008|16:11] C:\Program Files\AssaultCube_v1.0
[06/01/2009|18:00] C:\Program Files\Astonsoft
[08/10/2008|17:18] C:\Program Files\ATI Technologies
[12/01/2009|07:45] C:\Program Files\Avira
[12/01/2009|17:18] C:\Program Files\AviSynth 2.5
[18/11/2008|21:27] C:\Program Files\AVS4YOU
[23/12/2008|12:57] C:\Program Files\Blue Coat K9 Web Protection
[12/01/2009|17:18] C:\Program Files\Call of Duty Single Player Demo
[24/12/2008|12:27] C:\Program Files\Call of Duty United Offensive Single Player Demo
[02/01/2009|10:27] C:\Program Files\CCleaner
[20/12/2008|21:55] C:\Program Files\CDBurnerXP
[02/01/2009|10:27] C:\Program Files\Creative
[18/08/2008|09:58] C:\Program Files\EA GAMES
[02/01/2009|10:27] C:\Program Files\EasySearch
[10/10/2008|15:40] C:\Program Files\Eidos Interactive
[10/01/2009|11:35] C:\Program Files\eMule
[12/01/2009|07:35] C:\Program Files\Fichiers communs
[12/01/2009|07:47] C:\Program Files\FindyKill
[09/01/2009|10:45] C:\Program Files\GameSpy Arcade
[02/01/2009|15:33] C:\Program Files\Google
[11/01/2009|09:58] C:\Program Files\Grisoft
[05/01/2009|19:19] C:\Program Files\InstallShield Installation Information
[28/10/2008|19:41] C:\Program Files\Intel Desktop Board
[11/01/2009|09:46] C:\Program Files\Internet Explorer
[02/11/2008|18:54] C:\Program Files\IVCsoft
[03/09/2008|12:48] C:\Program Files\Java
[20/12/2008|21:55] C:\Program Files\Lavalys
[21/12/2008|12:19] C:\Program Files\ma-config.com
[08/10/2008|17:11] C:\Program Files\Malwarebytes' Anti-Malware
[24/08/2008|17:43] C:\Program Files\Managed DirectX (0901)
[21/12/2008|18:26] C:\Program Files\Messenger Plus! Live
[24/07/2008|16:06] C:\Program Files\microsoft frontpage
[22/10/2008|08:15] C:\Program Files\Microsoft Silverlight
[26/10/2008|19:37] C:\Program Files\Movie Maker
[12/01/2009|18:48] C:\Program Files\Mozilla Firefox
[12/08/2008|14:06] C:\Program Files\mp3DirectCut
[06/08/2008|17:11] C:\Program Files\MSN
[24/07/2008|16:01] C:\Program Files\MSN Gaming Zone
[12/01/2009|17:19] C:\Program Files\MSN Messenger
[06/08/2008|02:00] C:\Program Files\MSXML 4.0
[04/08/2008|10:51] C:\Program Files\NetMeeting
[20/12/2008|17:19] C:\Program Files\OO Software
[21/12/2008|16:11] C:\Program Files\OpenAL
[25/12/2008|10:12] C:\Program Files\OpenOffice.org 2.4
[25/12/2008|10:07] C:\Program Files\OpenOffice.org 3
[14/10/2008|19:05] C:\Program Files\Outlook Express
[26/12/2008|13:26] C:\Program Files\PhotoFiltre Studio
[22/12/2008|18:55] C:\Program Files\Pinnacle
[02/01/2009|10:18] C:\Program Files\Real
[04/08/2008|10:27] C:\Program Files\Realtek
[20/12/2008|18:16] C:\Program Files\Realtek AC97
[18/11/2008|18:03] C:\Program Files\Ripp-it_AM
[20/09/2008|13:04] C:\Program Files\Rockstar Games
[06/08/2008|17:27] C:\Program Files\Screamer Radio
[24/07/2008|16:04] C:\Program Files\Services en ligne
[10/01/2009|11:37] C:\Program Files\Shareaza
[25/12/2008|16:08] C:\Program Files\Trymedia
[02/01/2009|10:22] C:\Program Files\Ubisoft
[24/07/2008|16:13] C:\Program Files\Uninstall Information
[23/10/2008|17:16] C:\Program Files\VDOWNLOADER
[04/09/2008|19:27] C:\Program Files\Wanadoo
[05/08/2008|09:41] C:\Program Files\Windows Desktop Search
[20/12/2008|21:55] C:\Program Files\Windows Live
[11/01/2009|13:29] C:\Program Files\Windows Live Safety Center
[15/09/2008|17:30] C:\Program Files\Windows Media Connect 2
[17/12/2008|21:41] C:\Program Files\Windows Media Player
[28/09/2008|16:37] C:\Program Files\Windows NT
[24/07/2008|16:04] C:\Program Files\WindowsUpdate
[15/09/2008|17:30] C:\Program Files\WinFlip
[08/10/2008|11:07] C:\Program Files\WinRAR
[17/09/2008|20:23] C:\Program Files\WinXMedia
[10/01/2009|21:03] C:\Program Files\Wolfenstein - Enemy Territory
[24/07/2008|16:06] C:\Program Files\xerox
[25/10/2008|10:58] C:\Program Files\Xilisoft

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/10/2008|10:03] C:\Program Files\Fichiers communs\Adobe
[18/11/2008|21:27] C:\Program Files\Fichiers communs\AVSMedia
[08/08/2008|19:47] C:\Program Files\Fichiers communs\BOONTY Shared
[10/10/2008|15:39] C:\Program Files\Fichiers communs\InstallShield
[06/08/2008|13:14] C:\Program Files\Fichiers communs\Java
[12/01/2009|17:11] C:\Program Files\Fichiers communs\Microsoft Shared
[24/07/2008|16:03] C:\Program Files\Fichiers communs\MSSoap
[24/07/2008|17:54] C:\Program Files\Fichiers communs\ODBC
[02/01/2009|10:26] C:\Program Files\Fichiers communs\Real
[24/07/2008|16:03] C:\Program Files\Fichiers communs\Services
[09/10/2008|17:11] C:\Program Files\Fichiers communs\Softwin
[24/07/2008|17:54] C:\Program Files\Fichiers communs\SpeechEngines
[23/11/2008|11:23] C:\Program Files\Fichiers communs\System
[06/08/2008|14:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 34 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-12 19:35:54
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Lucien\Application Data\Shareaza\Torrents\[PC GAME] Assassins Creed (Full) + CRACK.torrent
C:\DOCUME~1\Lucien\Mes documents\LimeWire\Incomplete\T-4742424-Call Of Duty 4 Crack NoCD+Crack - Activation Multilanguage - certified -.rar


[F:28][D:6]-> C:\DOCUME~1\Lucien\LOCALS~1\Temp
[F:144][D:0]-> C:\DOCUME~1\Lucien\Cookies
[F:2920][D:4]-> C:\DOCUME~1\Lucien\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/01/2009|18:40 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 12/01/2009|19:34 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 12/01/2009|19:36 - Option : [2]

--------------------\\ Fin du rapport a 19:36:31

Salut à vous deux,

[08/08/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY

Ca c'est méchant

pourquoi est-ce-mechant?

Bonsoir,

Il s'agit d'un dossier lié à un programme généralement installé pour faire fonctionner une série de jeux.
Le souci est qu'il s'installe avec un tas de bidules à côté (un service notamment) qui peuvent ralentir le PC ou le rendre plus vulnérable.

Bonjour
Mickael,
Il faut que tu supprime manuellement en allant dans c/
ce qui suit
08/08/2008|19:47] C:\Program Files\Fichiers communs\BOONTY Shared
Et ceci
C:\DOCUME~1\Lucien\Application Data\Shareaza\Torrents\[PC GAME] Assassins Creed (Full) + CRACK.torrent
C:\DOCUME~1\Lucien\Mes documents\LimeWire\Incomplete\T-4742424-Call Of Duty 4 Crack NoCD+Crack - Activation Multilanguage - certified -.rar

Puis tu vide ta corbeille ,sinon tu auras encore des problèmes un jour ou l'autre
Duis moi des que cela est fait
et ensuite tu feras ce qui suivra avec quelques conseils de navigation sur internet
A te lire

merci voila ses fait tout et supprimer

Bonsoir,
pour information n'aurais tu pas eu avant antivir l'antivirus Norton ?
dis le moi stp

Ensuite suivant ta réponse il nous restera a faire le nettoyage des outuils utilisés pour ta désinfection

non non j'ai toujours eu avira antivir personnal edition et celon mon patron de stage dans une entreprise de réparation d'ordi ben il protégerai bien

Ok antivir d'avira tres bien
Comment va ton pc maintenant ??
Si tout va bien rélécharge ceci : http://www.commentcamarche.net/telecharger/telechargement-34055291-toolsclean(...)
Suis les instruction ici tuto : http://www.bibou0007.com/outils-specifiques-f78/tutorial-toolscleaner-2-t375.(...)
Télécharge ToolsCleaner (par A.Rothstein et dj QUIOU) sur ton bureau.
• Clique sur Recherche et laisse le scan agir ...
• Clique sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options facultatives.
• Clique sur Quitter pour obtenir le rapport.
• Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

******
Puis, si tu estimes que ton problème est réglé,
replaces-toi sur ton 1er message et clique sur petit v gris dans rond gris (éditer le message) et dans ton message qui apparait ajoute dans son titre (Résolu) et envoie.

Quelques conseils ...
http://www.malekal.com/securiser_ordinateur.html
et aussi ...
http://www.malekal.com/securiser_internet_explorer.html

De plus si tu as installé des toolbarre supprime les par panneau de configuration ajout/suppression de programmes sauf la toolbarre de google
Vas dans Démarrer/panneau de configuration/options internet
- onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
ooo <<Favorit>>
Favorit

Tu les suppriment. ainsi que tout ce qui a trait àEorezo
tel que
eorezo
eoWeather
eoEngine (3.4),redémarre ton pc supprimer s'ils existent ncoreles répertoirs résiduels
C:\Program Files\eoRezo
C:\ Documents and Settings\Noms\Application Data\EoRezo
aintenant
A te lire

non je pense que mon ordi tourne trés bien merci encore pour se service car j'aurais pas pue le faire tout seul en plus vous éte trés fort

Mickael ,
attention il faut absolument faire Toolscleaner por supprimer les outuils de désinfection que je t'ai fais utiliser car mal utilisés ils peuvent êtres nuisible pour ton pc
par contre merci d'avoir mis résolu
Et dans l'attente de ton rapport de Toolscleaner
Bone continuation dans tes études

voila mon rapport tools[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\avenger: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\Program Files\FindyKill: trouvé !

Bien mais tu ne les as pas supprimé,il faut le faire stp et une fois fait poste moi le rapport
merci
Tu peut aussi faire les autres options proposées

voila le rapport :
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\avenger: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\Program Files\FindyKill: trouvé !

---------------------------------
-->- Suppression:

C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\avenger: supprimé !
C:\SDFIX: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\Program Files\FindyKill: supprimé !

ah excuser moi encore mon antivirus vien de detecter ceci=>
C:\System Volume Information\_restore{EBB4655F-96CC-4256-BE05-A634B1E69857}\RP111\A0096001.sys
dernier logiciel malveillant trouver :RKIT/Bagle.12313

Bonsoir,

Il reste des éléments infectieux.


rubised

Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche --> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».

Relance un scan Antivir et poste le rapport.

Remet les fichiers et dossiers cachés comme tu les as trouvés !
Puis tu as une infection dans la restauration
C:\System Volume Information\restore..., etc ...

restore, c' est la restauration du système ...

Ce message indique que Windows a inclus le virus dans l’ un de ses points
de restauration du système. Or, ton antivirus ne peut pas modifier ces fichiers
pour les désinfecter : Windows le lui interdit !
En effet, les spywares mais aussi les virus sont assez malins pour aller se greffer
dans les points de restauration.
Ainsi, alors que tu penses avoir supprimé un spyware, celui-ci est, en fait, encore
sur ton PC, caché dans un point de restauration.
C'est pour cette raison que l’ on recommande chaque fois de purger la restauration
du système après chaque suppression d'un virus ou d'un spyware.
Justement pour éviter d'être à nouveau infecté après une restauration du système.

Pour éliminer définitivement tout risque, il faut donc purger ces fichiers en
supprimant tous les points de restauration. Voici comment :

Dans le menu Démarrer, clique droit sur l'icône Poste de travail.
Dans le menu contextuel qui s'affiche, clique sur Propriétés .
Dans l'onglet Restauration du système de la fenêtre qui suit, coche la
case Désactiver la Restauration du système sur tous les lecteurs, clique sur
Appliquer et, quand un message te le demande, confirme la désactivation.
Après quelques secondes d'attente (ou après avoir redémarré le PC), réactive la
Restauration du système en suivant la même procédure que précédemment, mais,
cette fois, en décochant la case Désactiver la Restauration du système sur
tous les lecteurs. Clique sur OK.

Ensuite, ...

relance un scan Antivir pour voir.
Sur ton bureau, télécharge GenProc (de narco4 & jean-chretien1)

Dézippe le dossier ; double-clique sur GenProc.bat … et poste
le contenu (quelqu’ il soit) du rapport qui s'ouvre.

DSL

dsl