Aller au contenu

krystal33380

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    31

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par krystal33380

  1. krystal33380
    Bonsoir à vous, Depuis hier, impossible d'ouvrir ma session. Soit ma souris ne marque rien, soit les petits ronds s'affichent seuls et bcp plus nombreux que le mdp initial ! je n'arrive pas à lancer le mode sans échec.... N'étant pas une experte de l'ordi, auriez-vous une solution pour m'aider ??? D'avance, merci
  2. krystal33380
    Merci beaucoup ! Ce sont les "Emtec" que j'avais repéré ! merci encore pour ta réponse et bonne journée
  3. krystal33380
    Bonjour à vous ! N'étant pas une pro du "high-tech", j'ai besoin de vos conseils avisés. j'aimerai trouver si possible, un disque dur multimédia qui puisse enregistrer la TV, de 2To (de préférence !^^) simple de fonctionnement...et pas trop cher ! Je demande peut-être beaucoup là !^^ Merci d'avance de votre aide Anniversaire de mariage le 13, (33 ans) St Valentin le 14.... c'est mon cadeau ! Helpppppppp
  4. krystal33380
    Encore un p'tit truc stp ! la langue de Shakespeare et moi on n'est pas copain, copain ! y'a pas les sites que tu m'as donné en VF ??? Merci !
  5. krystal33380
    j'ai installé IE8 mais au redémarrage, je n'avais plus l'icône de la corbeille et je ne la trouve plus ! je dois regarder dans quoi? je suis allée dans la barre de démarrage mais il ne me trouve rien !
  6. krystal33380
    Merci bcp pour tout falkra ! Comme je disais dans un de mes message, si tu n'avais pas été là, je ne voyais que le formatage et du coup, la perte des photos et derniers messages de mon fils ! je ne vous remercierai jamais assez ! vous êtes des "chefs" !!! Bisous à tous et longue vie à ce forum ! (d'ailleurs, c'est Anthony qui m'avait donné l'adresse de votre site pour télécharger les antivirus !) Je vais commencer les manip' mais je n'enverrai le compte rendu que tard ce soir, je dois me préparer et partir au boulot !
  7. krystal33380
    Hoooo que oui c'est plus propre ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:53:45, on 20/04/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18226) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Users\Floly\Videos\Hijack kristal33380.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader4.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate1c9af37af92a6c) (gupdate1c9af37af92a6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10200 bytes
  8. krystal33380
    ok, ok! toutes mes excuses,, m'sieur ! mais un grand merci à vous deux ! je réitère, vous êtes "super" ! vous m'avez enlevé une sacrée épine du pied, enfin de l'ordi ! xpdr ! merci les gars !
  9. krystal33380
    Merci Falkra ! je viens de désinstaller sweetim. Tu m'avais fait installer Malwarebyte donc, je viens de le passer et ..... super ! t'as tué mon virus ! vous êtes des mecs "super" ! ( petit à Apollo qui a pris ta relève hier !) je te mets le résultat ! et encore un éééééénorme merci ! bizzz Malwarebytes' Anti-Malware 1.36 Version de la base de données: 1993 Windows 6.0.6001 Service Pack 1 19/04/2009 21:00:04 mbam-log-2009-04-19 (21-00-04).txt Type de recherche: Examen rapide Eléments examinés: 64354 Temps écoulé: 3 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  10. krystal33380

    Merci bcp Falkra que l'éééénorme aide que tu m'as apporté ! Sans toi, c'était formatage assuré et la perte des photos de mon fils ! Encore un grand, grand merci ! Disponibilité, gentillesse et patience(surtout avec une ignarde comme moi !) .... je vous tire mon chapeau ! vous êtes géniaux !!! ;-) merci aussi à Apollo !

  11. krystal33380
    Merci Apollo ! dsl j'ai du monde à la maison et que qq minutes ! j'ai encore "bagle" sur l'ordi ! je vous envoie le copier ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:53:32, on 19/04/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18226) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Floly\Videos\Hijack kristal33380.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader4.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate1c9af37af92a6c) (gupdate1c9af37af92a6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10711 bytes
  12. krystal33380
    Merci Falkra ! Encore une petite question ! j'ai vu que vous préfériez Antivir à Avast. Je l'avais téléchargé mais biensur en Anglais ! Laquelle dois-je prendre pour être sure de l'avoir dans ma langue maternelle ? ^^
  13. krystal33380
    je veux bien désinstaller "sweetim" mais c'est quoi???? j'ai enlevé navilog mais j'ai encore l'icone sur le bureau, c'est normal ?
  14. krystal33380
    ComboFix 09-04-15.08 - Floly 17/04/2009 22:09.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3070.2092 [GMT 2:00] Lancé depuis: c:\users\Floly\Desktop\pouet.exe Commutateurs utilisés :: c:\users\Floly\Desktop\CFscript.txt * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\ComboFixkrystal c:\combofixkrystal\023.dat c:\combofixkrystal\023v.dat c:\combofixkrystal\appinit.bad c:\combofixkrystal\Assoc.cmd c:\combofixkrystal\Attrib.cfexe c:\combofixkrystal\Auto-RC.cmd c:\combofixkrystal\av.cmd c:\combofixkrystal\av.vbs c:\combofixkrystal\AWF.cmd c:\combofixkrystal\badclsid.c c:\combofixkrystal\Boot-Rk.cmd c:\combofixkrystal\Boot.bat c:\combofixkrystal\BootSect c:\combofixkrystal\c.bat c:\combofixkrystal\Catch-sub.cmd c:\combofixkrystal\catchme.cfexe c:\combofixkrystal\CCS.bat c:\combofixkrystal\CF-Script.cmd c:\combofixkrystal\CHCP.bat c:\combofixkrystal\clsid.c c:\combofixkrystal\Combobatch.bat c:\combofixkrystal\ComboFix-Download.cfexe c:\combofixkrystal\Create.cmd c:\combofixkrystal\Creg.dat c:\combofixkrystal\CregC.cmd c:\combofixkrystal\CregC.dat c:\combofixkrystal\CSet.cmd c:\combofixkrystal\dd.cfexe c:\combofixkrystal\ddsDo.sed c:\combofixkrystal\DelClsid.bat c:\combofixkrystal\DPF.str c:\combofixkrystal\dumphive.cfexe c:\combofixkrystal\embedded.sed c:\combofixkrystal\ERDNT.e_e c:\combofixkrystal\ERDNTDOS.LOC c:\combofixkrystal\ERDNTWIN.LOC c:\combofixkrystal\ERUNT.cfexe c:\combofixkrystal\erunt.dat c:\combofixkrystal\ERUNT.LOC c:\combofixkrystal\Exe.reg c:\combofixkrystal\extract.cfexe c:\combofixkrystal\FD-SV.cmd c:\combofixkrystal\ffdefstr.dll c:\combofixkrystal\Fin.dat c:\combofixkrystal\FIND3M.bat c:\combofixkrystal\FINDSTR.cfexe c:\combofixkrystal\FIXLSP.bat c:\combofixkrystal\FKMGen.cmd c:\combofixkrystal\ForeignWht c:\combofixkrystal\FProps.vbs c:\combofixkrystal\GetHive.cmd c:\combofixkrystal\grep.cfexe c:\combofixkrystal\gsar.cfexe c:\combofixkrystal\handle.cfexe c:\combofixkrystal\hidec.exe c:\combofixkrystal\history.bat c:\combofixkrystal\image001.gif c:\combofixkrystal\Install-RC.cmd c:\combofixkrystal\katch.cmd c:\combofixkrystal\Kill-All.cmd c:\combofixkrystal\kmd.dat c:\combofixkrystal\Lang.bat c:\combofixkrystal\List-B.bat c:\combofixkrystal\List-C.bat c:\combofixkrystal\List-D.bat c:\combofixkrystal\List.bat c:\combofixkrystal\lnkread.vbs c:\combofixkrystal\LocalService.dat c:\combofixkrystal\LocalServiceNetworkRestricted.dat c:\combofixkrystal\LocalSystemNetworkRestricted.dat c:\combofixkrystal\moveex.cfexe c:\combofixkrystal\MoveIt.bat c:\combofixkrystal\mtee.cfexe c:\combofixkrystal\MUI c:\combofixkrystal\mynul c:\combofixkrystal\n.com c:\combofixkrystal\N_\11333 c:\combofixkrystal\N_\11450 c:\combofixkrystal\N_\18429 c:\combofixkrystal\N_\19686 c:\combofixkrystal\N_\28149 c:\combofixkrystal\N_\30971 c:\combofixkrystal\N_\3202 c:\combofixkrystal\N_\7598 c:\combofixkrystal\N_\8900 c:\combofixkrystal\ND_.bat c:\combofixkrystal\ndis_combofix.dat c:\combofixkrystal\netsvc.bad.dat c:\combofixkrystal\netsvc.dat c:\combofixkrystal\netsvc.vista.dat c:\combofixkrystal\netsvc.xp.dat c:\combofixkrystal\NetworkService.dat c:\combofixkrystal\NirCmd.cfexe c:\combofixkrystal\Nircmd.com c:\combofixkrystal\NirCmdC.cfexe c:\combofixkrystal\NlsLanguageDefault c:\combofixkrystal\NT-OS.cmd c:\combofixkrystal\NULL c:\combofixkrystal\OSid.vbs c:\combofixkrystal\OsVer c:\combofixkrystal\pev.cfexe c:\combofixkrystal\pev.exe c:\combofixkrystal\pingtest00 c:\combofixkrystal\pingtest01 c:\combofixkrystal\pingtest02 c:\combofixkrystal\Policies.dat c:\combofixkrystal\Prep.inf c:\combofixkrystal\psexec.cfexe c:\combofixkrystal\Purity.dat c:\combofixkrystal\pv.cfexe c:\combofixkrystal\RCLink c:\combofixkrystal\REGDACL.sed c:\combofixkrystal\RegDo.sed c:\combofixkrystal\region.dat c:\combofixkrystal\RegScan.cmd c:\combofixkrystal\Resident.txt c:\combofixkrystal\restore_pt.vbs c:\combofixkrystal\RestoreO4.bat c:\combofixkrystal\Rkey.cmd c:\combofixkrystal\rogues.dat c:\combofixkrystal\run2.sed c:\combofixkrystal\safeboot.dat c:\combofixkrystal\safeboot.def.dat c:\combofixkrystal\safeboot.def.vista.dat c:\combofixkrystal\SafeBootRepair.bat c:\combofixkrystal\sed.cfexe c:\combofixkrystal\SetEnvmt.bat c:\combofixkrystal\setpath.cfexe c:\combofixkrystal\SF.exe c:\combofixkrystal\sfx.cmd c:\combofixkrystal\SnapShot.cmd c:\combofixkrystal\SRestore.cmd c:\combofixkrystal\srizbi.md5 c:\combofixkrystal\SuppScan.cmd c:\combofixkrystal\svc_wht.dat c:\combofixkrystal\SvcDrv.vbs c:\combofixkrystal\svchost.dat c:\combofixkrystal\svchost.vista.dat c:\combofixkrystal\SWREG.cfexe c:\combofixkrystal\swreg.exe c:\combofixkrystal\swsc.cfexe c:\combofixkrystal\swxcacls.cfexe c:\combofixkrystal\system_ini.dat c:\combofixkrystal\tail.cfexe c:\combofixkrystal\toolbar.sed c:\combofixkrystal\unzip.cfexe c:\combofixkrystal\Update-CF.cmd c:\combofixkrystal\Vista.mac c:\combofixkrystal\vistareg.dat c:\combofixkrystal\w2kreg.dat c:\combofixkrystal\xpreg.dat c:\combofixkrystal\zDomain.dat c:\combofixkrystal\zhsvc.dat c:\combofixkrystal\zip.cfexe C:\Combofixkrystal2 c:\combofixkrystal2\023.dat c:\combofixkrystal2\023v.dat c:\combofixkrystal2\appinit.bad c:\combofixkrystal2\Assoc.cmd c:\combofixkrystal2\Attrib.cfexe c:\combofixkrystal2\Auto-RC.cmd c:\combofixkrystal2\av.cmd c:\combofixkrystal2\av.vbs c:\combofixkrystal2\AWF.cmd c:\combofixkrystal2\badclsid.c c:\combofixkrystal2\Boot-Rk.cmd c:\combofixkrystal2\Boot.bat c:\combofixkrystal2\BootSect c:\combofixkrystal2\c.bat c:\combofixkrystal2\Catch-sub.cmd c:\combofixkrystal2\catchme.cfexe c:\combofixkrystal2\CCS.bat c:\combofixkrystal2\CF-Script.cmd c:\combofixkrystal2\CHCP.bat c:\combofixkrystal2\clsid.c c:\combofixkrystal2\Combobatch.bat c:\combofixkrystal2\ComboFix-Download.cfexe c:\combofixkrystal2\Create.cmd c:\combofixkrystal2\Creg.dat c:\combofixkrystal2\CregC.cmd c:\combofixkrystal2\CregC.dat c:\combofixkrystal2\CSet.cmd c:\combofixkrystal2\dd.cfexe c:\combofixkrystal2\ddsDo.sed c:\combofixkrystal2\DelClsid.bat c:\combofixkrystal2\DPF.str c:\combofixkrystal2\dumphive.cfexe c:\combofixkrystal2\embedded.sed c:\combofixkrystal2\ERDNT.e_e c:\combofixkrystal2\ERDNTDOS.LOC c:\combofixkrystal2\ERDNTWIN.LOC c:\combofixkrystal2\ERUNT.cfexe c:\combofixkrystal2\erunt.dat c:\combofixkrystal2\ERUNT.LOC c:\combofixkrystal2\Exe.reg c:\combofixkrystal2\extract.cfexe c:\combofixkrystal2\FD-SV.cmd c:\combofixkrystal2\ffdefstr.dll c:\combofixkrystal2\Fin.dat c:\combofixkrystal2\FIND3M.bat c:\combofixkrystal2\FINDSTR.cfexe c:\combofixkrystal2\FIXLSP.bat c:\combofixkrystal2\FKMGen.cmd c:\combofixkrystal2\ForeignWht c:\combofixkrystal2\FProps.vbs c:\combofixkrystal2\GetHive.cmd c:\combofixkrystal2\grep.cfexe c:\combofixkrystal2\gsar.cfexe c:\combofixkrystal2\handle.cfexe c:\combofixkrystal2\hidec.exe c:\combofixkrystal2\history.bat c:\combofixkrystal2\image001.gif c:\combofixkrystal2\Install-RC.cmd c:\combofixkrystal2\katch.cmd c:\combofixkrystal2\Kill-All.cmd c:\combofixkrystal2\kmd.dat c:\combofixkrystal2\Lang.bat c:\combofixkrystal2\List-B.bat c:\combofixkrystal2\List-C.bat c:\combofixkrystal2\List-D.bat c:\combofixkrystal2\List.bat c:\combofixkrystal2\lnkread.vbs c:\combofixkrystal2\LocalService.dat c:\combofixkrystal2\LocalServiceNetworkRestricted.dat c:\combofixkrystal2\LocalSystemNetworkRestricted.dat c:\combofixkrystal2\moveex.cfexe c:\combofixkrystal2\MoveIt.bat c:\combofixkrystal2\mtee.cfexe c:\combofixkrystal2\MUI c:\combofixkrystal2\mynul c:\combofixkrystal2\n.com c:\combofixkrystal2\N_\11096 c:\combofixkrystal2\N_\16378 c:\combofixkrystal2\N_\21491 c:\combofixkrystal2\N_\2666 c:\combofixkrystal2\N_\28584 c:\combofixkrystal2\N_\2882 c:\combofixkrystal2\N_\31517 c:\combofixkrystal2\N_\6016 c:\combofixkrystal2\N_\7705 c:\combofixkrystal2\ND_.bat c:\combofixkrystal2\ndis_combofix.dat c:\combofixkrystal2\netsvc.bad.dat c:\combofixkrystal2\netsvc.dat c:\combofixkrystal2\netsvc.vista.dat c:\combofixkrystal2\netsvc.xp.dat c:\combofixkrystal2\NetworkService.dat c:\combofixkrystal2\NirCmd.cfexe c:\combofixkrystal2\Nircmd.com c:\combofixkrystal2\NirCmdC.cfexe c:\combofixkrystal2\NlsLanguageDefault c:\combofixkrystal2\NT-OS.cmd c:\combofixkrystal2\NULL c:\combofixkrystal2\OSid.vbs c:\combofixkrystal2\OsVer c:\combofixkrystal2\pev.cfexe c:\combofixkrystal2\pev.exe c:\combofixkrystal2\pingtest00 c:\combofixkrystal2\pingtest01 c:\combofixkrystal2\pingtest02 c:\combofixkrystal2\Policies.dat c:\combofixkrystal2\Prep.inf c:\combofixkrystal2\psexec.cfexe c:\combofixkrystal2\Purity.dat c:\combofixkrystal2\pv.cfexe c:\combofixkrystal2\RCLink c:\combofixkrystal2\REGDACL.sed c:\combofixkrystal2\RegDo.sed c:\combofixkrystal2\region.dat c:\combofixkrystal2\RegScan.cmd c:\combofixkrystal2\Resident.txt c:\combofixkrystal2\restore_pt.vbs c:\combofixkrystal2\RestoreO4.bat c:\combofixkrystal2\Rkey.cmd c:\combofixkrystal2\rogues.dat c:\combofixkrystal2\run2.sed c:\combofixkrystal2\safeboot.dat c:\combofixkrystal2\safeboot.def.dat c:\combofixkrystal2\safeboot.def.vista.dat c:\combofixkrystal2\SafeBootRepair.bat c:\combofixkrystal2\sed.cfexe c:\combofixkrystal2\SetEnvmt.bat c:\combofixkrystal2\setpath.cfexe c:\combofixkrystal2\SF.exe c:\combofixkrystal2\sfx.cmd c:\combofixkrystal2\SnapShot.cmd c:\combofixkrystal2\SRestore.cmd c:\combofixkrystal2\srizbi.md5 c:\combofixkrystal2\SuppScan.cmd c:\combofixkrystal2\svc_wht.dat c:\combofixkrystal2\SvcDrv.vbs c:\combofixkrystal2\svchost.dat c:\combofixkrystal2\svchost.vista.dat c:\combofixkrystal2\SWREG.cfexe c:\combofixkrystal2\swreg.exe c:\combofixkrystal2\swsc.cfexe c:\combofixkrystal2\swxcacls.cfexe c:\combofixkrystal2\system_ini.dat c:\combofixkrystal2\tail.cfexe c:\combofixkrystal2\toolbar.sed c:\combofixkrystal2\unzip.cfexe c:\combofixkrystal2\Update-CF.cmd c:\combofixkrystal2\Vista.mac c:\combofixkrystal2\vistareg.dat c:\combofixkrystal2\w2kreg.dat c:\combofixkrystal2\xpreg.dat c:\combofixkrystal2\zDomain.dat c:\combofixkrystal2\zhsvc.dat c:\combofixkrystal2\zip.cfexe c:\users\Floly\AppData\Roaming\drivers . ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-17 au 2009-04-17 )))))))))))))))))))))))))))))))))))) . 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\users\Floly\AppData\Roaming\Malwarebytes 2009-04-17 15:50 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-17 15:50 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\users\All Users\Malwarebytes 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\programdata\Malwarebytes 2009-04-16 20:45 . 2009-04-16 20:48 -------- d-----w C:\ToolBar SD 2009-04-15 18:38 . 2009-04-16 04:52 -------- d-----w c:\windows\BDOSCAN8 2009-04-14 18:46 . 2009-04-14 19:22 38 ----a-w c:\windows\AviSplitter.INI 2009-04-14 16:15 . 2009-04-14 16:15 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-04-12 14:20 . 2009-04-12 14:20 -------- d-----w c:\users\All Users\GameHouse 2009-04-12 14:20 . 2009-04-12 14:20 -------- d-----w c:\programdata\GameHouse 2009-04-12 13:19 . 2009-04-12 14:20 -------- d-----w c:\users\Floly\AppData\Roaming\Zylom 2009-04-12 13:18 . 2009-04-12 15:23 -------- d-----w c:\users\Floly\AppData\Local\Zylom Games 2009-03-27 23:53 . 2009-03-27 23:53 -------- d-----w c:\users\Floly\AppData\Local\Real 2009-03-20 18:24 . 2009-03-20 18:24 31750 ----a-w c:\users\Floly\AppData\Local\kgcmeic.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-17 20:12 . 2008-05-11 15:04 -------- d-----w c:\users\Floly\AppData\Roaming\Skype 2009-04-17 20:12 . 2009-04-17 20:12 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat 2009-04-17 20:12 . 2009-04-17 20:12 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat 2009-04-17 20:04 . 2007-07-06 12:59 678718 ----a-w c:\windows\System32\perfh00C.dat 2009-04-17 20:04 . 2007-07-06 12:59 127798 ----a-w c:\windows\System32\perfc00C.dat 2009-04-17 16:15 . 2008-05-11 15:07 -------- d-----w c:\users\Floly\AppData\Roaming\skypePM 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-16 20:48 . 2009-04-16 20:47 18230 ----a-w C:\TB.txt 2009-04-16 19:21 . 2009-04-16 19:19 -------- d-----w c:\program files\Navilog1 2009-04-16 18:59 . 2008-06-13 14:32 88 ----a-w c:\users\Floly\AppData\Local\eulcsja.bat 2009-04-16 05:09 . 2007-10-28 12:20 32768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2009-04-16 05:09 . 2007-10-28 12:20 16384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 2009-04-16 05:09 . 2007-10-28 12:20 16384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2009-03-27 23:53 . 2009-03-27 23:53 -------- d-----w c:\program files\Common Files\xing shared 2009-03-27 23:53 . 2007-07-06 03:48 -------- d-----w c:\program files\Common Files\Real 2009-03-27 23:52 . 2007-07-06 04:01 -------- d-----w c:\program files\Google 2009-03-11 19:11 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-03-02 09:59 . 2007-10-28 12:31 102784 ----a-w c:\users\Floly\AppData\Local\GDIPFONTCACHEV1.DAT 2009-03-02 09:57 . 2009-03-02 09:57 -------- d-----w c:\users\Floly\AppData\Roaming\OpenOffice.org 2009-03-02 09:51 . 2009-03-02 09:51 -------- d-----w c:\program files\JRE 2009-03-02 09:51 . 2009-03-02 09:51 -------- d-----w c:\program files\OpenOffice.org 3 2009-03-02 09:51 . 2007-11-10 11:02 -------- d-----w c:\program files\OpenOffice.org 2.3 2009-03-02 09:44 . 2007-11-10 14:00 -------- d-----w c:\users\Floly\AppData\Roaming\OpenOffice.org2 2009-02-28 10:24 . 2009-01-12 21:44 -------- d-----w c:\program files\Serious Sam 2 2009-02-28 10:22 . 2008-05-09 20:24 -------- d-----w c:\program files\Common Files\Apple 2009-02-28 10:21 . 2007-07-06 03:34 -------- d--h--w c:\program files\InstallShield Installation Information 2009-02-28 10:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Microsoft Games 2009-02-28 09:38 . 2008-11-27 09:03 -------- d-----w c:\program files\Microsoft Silverlight 2009-02-26 20:30 . 2009-02-26 20:30 -------- d-----w c:\users\Floly\AppData\Roaming\AdobeUM 2009-02-26 19:59 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat 2009-02-26 19:59 . 2006-11-02 10:25 143360 ----a-w c:\windows\Inf\infstrng.dat 2009-02-26 19:59 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat 2009-02-19 13:44 . 2009-02-19 13:43 -------- d-----w c:\program files\SweetIM 2009-02-19 13:43 . 2009-02-19 13:43 -------- d-----w c:\programdata\SweetIM 2009-02-14 15:49 . 2009-02-14 11:17 60435 ----a-w c:\users\Floly\AppData\Roaming\mdbu.bin 2009-02-09 03:10 . 2009-03-11 05:38 2033152 ----a-w c:\windows\System32\win32k.sys 2009-01-12 16:47 . 2008-01-29 09:34 220 ----a-w c:\users\Floly\AppData\Roaming\wklnhst.dat 2008-07-23 11:04 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2008-03-17 19:26 . 2008-03-17 19:26 680 ----a-w c:\users\Floly\AppData\Local\d3d9caps.dat 2008-01-03 18:46 . 2008-01-03 18:46 93 ----a-w c:\users\Floly\AppData\Local\fusioncache.dat . ((((((((((((((((((((((((((((( SnapShot@2009-04-17_19.36.23 ))))))))))))))))))))))))))))))))))))))))) . + 2006-11-02 07:33 . 2006-11-02 07:33 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18226_none_f35dec30ba31667b\mshtmler.dll + 2008-07-18 21:43 . 2008-01-19 07:33 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18226_none_ae22877d06d0b3c6\admparse.dll + 2008-04-09 06:49 . 2008-02-22 05:01 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\WininetPlugin.dll + 2008-07-18 21:43 . 2008-01-19 07:33 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe + 2008-07-18 21:45 . 2008-01-19 07:43 441400 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\ksecdd.sys + 2006-11-02 08:43 . 2006-11-02 09:51 407144 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\ksecdd.sys + 2006-11-02 08:43 . 2006-11-02 09:51 407144 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\ksecdd.sys + 2008-07-18 21:43 . 2008-01-19 07:34 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18226_none_6492d24fae29d383\ieui.dll + 2008-07-18 21:45 . 2008-01-19 07:36 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18226_none_479410098c8efa7d\sqmapi.dll + 2006-11-02 07:27 . 2006-11-02 09:39 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18226_none_ae22877d06d0b3c6\ieakui.dll + 2009-04-17 20:12 . 2008-07-26 06:25 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2009-04-17 19:32 . 2008-07-26 06:25 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2007-07-06 12:59 . 2009-04-17 16:19 678718 c:\windows\System32\perfh00C.dat + 2007-07-06 12:59 . 2009-04-17 20:04 678718 c:\windows\System32\perfh00C.dat - 2006-11-02 10:33 . 2009-04-17 16:19 595308 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-04-17 20:04 595308 c:\windows\System32\perfh009.dat - 2007-07-06 12:59 . 2009-04-17 16:19 127798 c:\windows\System32\perfc00C.dat + 2007-07-06 12:59 . 2009-04-17 20:04 127798 c:\windows\System32\perfc00C.dat + 2006-11-02 10:33 . 2009-04-17 20:04 104742 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-04-17 16:19 104742 c:\windows\System32\perfc009.dat - 2006-11-02 12:47 . 2009-04-17 19:36 262144 c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2006-11-02 12:47 . 2009-04-17 20:12 262144 c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2006-11-02 12:47 . 2009-04-17 20:12 262144 c:\windows\ServiceProfiles\LocalService\NTUSER.DAT - 2006-11-02 12:47 . 2009-04-17 19:32 262144 c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-02-14 02:01 . 2008-02-14 02:01 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21023_none_fa22b17087c34c89\ieapfltr.dat + 2008-02-14 02:01 . 2008-02-14 02:01 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16830_none_f98b6bb96eb04969\ieapfltr.dat + 2006-11-02 10:22 . 2009-04-17 20:11 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat - 2006-11-02 10:22 . 2009-03-21 01:59 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat + 2009-04-17 20:08 . 2009-04-17 20:08 6475776 c:\windows\ERDNT\Hiv-backup\schema.dat + 2008-02-16 02:01 . 2009-04-17 19:41 208115525 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-10-08 11:22 1172792 ----a-w c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-04-30 22058792] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-20 39408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-13 136600] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-28 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-28 8473120] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-28 81920] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-28 111928] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-27 198160] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-01 4390912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168] c:\users\Floly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "FilterAdministratorToken"= 1 (0x1) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3315163706-1742322442-1852348343-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{E758E172-FC62-47DF-AA00-8D984A2BC362}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{A68C666A-87B0-4EF4-8BDC-30D4AD8EDE52}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{6ECF5B63-03D7-4E18-929A-0C1D94CC54CE}"= Disabled:UDP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OCNCZKO2\incredimail_install[1].exe:IncrediMail Installer "{DA0D83D9-4CA0-41BA-8722-F3D938199774}"= Disabled:TCP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OCNCZKO2\incredimail_install[1].exe:IncrediMail Installer "{BABD9CED-2B20-480C-A5D8-3F195EEBC6F1}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{27809375-E113-433B-BFA3-F0A09D1F39BA}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{B57F0B49-FBCD-4742-8B9C-ACE9B5094523}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{CE166D95-9357-4E05-AD5E-3849414DC012}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{14C43D57-8D38-4910-A1BA-ECCB01694AE4}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{98E0648B-CA34-43F3-A2DD-62A7284198E7}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "TCP Query User{DC29C8B7-65A8-4310-95D2-87A50470953F}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{0D31D0E4-655B-4015-B5D9-AE1132DD80EF}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{E104571B-AAE7-49ED-A54C-E3155B66F356}"= Disabled:UDP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0G2OAXW\incredimail_install[1].exe:IncrediMail Installer "{6773CDF1-9DEA-4BF1-A9C5-8DA6ECACEC26}"= Disabled:TCP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0G2OAXW\incredimail_install[1].exe:IncrediMail Installer "{5E989702-D3C0-4A63-BC18-E9ADB6310B3E}"= Disabled:UDP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKB43ZQ1\incredimail_install[1].exe:IncrediMail Installer "{0E6BBA53-732C-4DCC-9D25-FF0879842CAE}"= Disabled:TCP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKB43ZQ1\incredimail_install[1].exe:IncrediMail Installer "{6808B310-06AC-4231-987D-4B1FEFE3DBD5}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{AC32F140-E3C0-4951-AA2E-AFF6EE1DECD2}"= c:\program files\Skype\Phone\Skype.exe:Skype "{349742FC-5E1C-4279-99D8-5137FDFFB888}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{1E8BC845-522D-4BB9-BF45-A83AE7B9710B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{9A59F8C4-2187-4720-AB2B-9A5B43FC7278}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{BD93F797-B950-4167-951D-FB93C71B7C63}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{E4EDFE9E-5893-4105-9557-5D33A592CD86}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{9EF9BF6B-5C1B-4E7A-B488-005F90FA1726}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{9E480C17-0B7C-44A2-BEEF-F4E1A5D12A5C}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{3C034664-B62D-4ECF-B439-4660C6C24FE6}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 gupdate1c9af37af92a6c;Service Google Update (gupdate1c9af37af92a6c);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-27 133104] --- Autres Services/Pilotes en mémoire --- *Deregistered* - sptd . Contenu du dossier 'Tâches planifiées' 2009-04-17 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-27 23:51] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.orange.fr/ mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-17 22:12 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(8396) c:\windows\TEMP\logishrd\LVPrcInj01.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\audiodg.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\logishrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\logishrd\LVCOMSER\LVComSer.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\System32\WUDFHost.exe c:\windows\System32\conime.exe c:\windows\System32\rundll32.exe c:\windows\System32\rundll32.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\windows\ehome\ehmsas.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\program files\Common Files\logishrd\LQCVFX\COCIManager.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Heure de fin: 2009-04-17 22:16 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-17 20:16 ComboFix2.txt 2009-04-17 19:40 Avant-CF: 221 436 096 512 octets libres Après-CF: 221 608 693 760 octets libres 571 --- E O F --- 2009-04-06 17:49
  15. krystal33380
    ComboFix 09-04-15.08 - Floly 17/04/2009 21:27.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3070.1975 [GMT 2:00] Lancé depuis: c:\users\Floly\Desktop\pouet.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Floly\AppData\Roaming\drivers\downld c:\users\Floly\AppData\Roaming\drivers\downld\1000668.exe c:\users\Floly\AppData\Roaming\drivers\downld\1000684.exe c:\users\Floly\AppData\Roaming\drivers\downld\100776.exe c:\users\Floly\AppData\Roaming\drivers\downld\1027516.exe c:\users\Floly\AppData\Roaming\drivers\downld\1029154.exe c:\users\Floly\AppData\Roaming\drivers\downld\1029419.exe c:\users\Floly\AppData\Roaming\drivers\downld\1030090.exe c:\users\Floly\AppData\Roaming\drivers\downld\103023.exe c:\users\Floly\AppData\Roaming\drivers\downld\1031400.exe c:\users\Floly\AppData\Roaming\drivers\downld\106845.exe c:\users\Floly\AppData\Roaming\drivers\downld\108093.exe c:\users\Floly\AppData\Roaming\drivers\downld\109699.exe c:\users\Floly\AppData\Roaming\drivers\downld\110136.exe c:\users\Floly\AppData\Roaming\drivers\downld\115222.exe c:\users\Floly\AppData\Roaming\drivers\downld\115737.exe c:\users\Floly\AppData\Roaming\drivers\downld\121633.exe c:\users\Floly\AppData\Roaming\drivers\downld\122211.exe c:\users\Floly\AppData\Roaming\drivers\downld\123271.exe c:\users\Floly\AppData\Roaming\drivers\downld\124223.exe c:\users\Floly\AppData\Roaming\drivers\downld\126298.exe c:\users\Floly\AppData\Roaming\drivers\downld\126501.exe c:\users\Floly\AppData\Roaming\drivers\downld\126750.exe c:\users\Floly\AppData\Roaming\drivers\downld\126906.exe c:\users\Floly\AppData\Roaming\drivers\downld\127343.exe c:\users\Floly\AppData\Roaming\drivers\downld\127702.exe c:\users\Floly\AppData\Roaming\drivers\downld\127827.exe c:\users\Floly\AppData\Roaming\drivers\downld\128529.exe c:\users\Floly\AppData\Roaming\drivers\downld\130354.exe c:\users\Floly\AppData\Roaming\drivers\downld\131212.exe c:\users\Floly\AppData\Roaming\drivers\downld\136719.exe c:\users\Floly\AppData\Roaming\drivers\downld\140634.exe c:\users\Floly\AppData\Roaming\drivers\downld\141258.exe c:\users\Floly\AppData\Roaming\drivers\downld\141742.exe c:\users\Floly\AppData\Roaming\drivers\downld\143520.exe c:\users\Floly\AppData\Roaming\drivers\downld\145096.exe c:\users\Floly\AppData\Roaming\drivers\downld\145767.exe c:\users\Floly\AppData\Roaming\drivers\downld\150946.exe c:\users\Floly\AppData\Roaming\drivers\downld\15284307.exe c:\users\Floly\AppData\Roaming\drivers\downld\15284322.exe c:\users\Floly\AppData\Roaming\drivers\downld\15295632.exe c:\users\Floly\AppData\Roaming\drivers\downld\15295648.exe c:\users\Floly\AppData\Roaming\drivers\downld\15295664.exe c:\users\Floly\AppData\Roaming\drivers\downld\15305180.exe c:\users\Floly\AppData\Roaming\drivers\downld\15305195.exe c:\users\Floly\AppData\Roaming\drivers\downld\15306693.exe c:\users\Floly\AppData\Roaming\drivers\downld\15307785.exe c:\users\Floly\AppData\Roaming\drivers\downld\15308268.exe c:\users\Floly\AppData\Roaming\drivers\downld\15315226.exe c:\users\Floly\AppData\Roaming\drivers\downld\15316521.exe c:\users\Floly\AppData\Roaming\drivers\downld\15316958.exe c:\users\Floly\AppData\Roaming\drivers\downld\15322511.exe c:\users\Floly\AppData\Roaming\drivers\downld\15322527.exe c:\users\Floly\AppData\Roaming\drivers\downld\15332870.exe c:\users\Floly\AppData\Roaming\drivers\downld\15333884.exe c:\users\Floly\AppData\Roaming\drivers\downld\15334321.exe c:\users\Floly\AppData\Roaming\drivers\downld\15355677.exe c:\users\Floly\AppData\Roaming\drivers\downld\15360763.exe c:\users\Floly\AppData\Roaming\drivers\downld\15361636.exe c:\users\Floly\AppData\Roaming\drivers\downld\15362354.exe c:\users\Floly\AppData\Roaming\drivers\downld\15362619.exe c:\users\Floly\AppData\Roaming\drivers\downld\15363072.exe c:\users\Floly\AppData\Roaming\drivers\downld\15378032.exe c:\users\Floly\AppData\Roaming\drivers\downld\15378874.exe c:\users\Floly\AppData\Roaming\drivers\downld\15379545.exe c:\users\Floly\AppData\Roaming\drivers\downld\153972.exe c:\users\Floly\AppData\Roaming\drivers\downld\15401151.exe c:\users\Floly\AppData\Roaming\drivers\downld\15401167.exe c:\users\Floly\AppData\Roaming\drivers\downld\15406877.exe c:\users\Floly\AppData\Roaming\drivers\downld\15407719.exe c:\users\Floly\AppData\Roaming\drivers\downld\15408390.exe c:\users\Floly\AppData\Roaming\drivers\downld\15414645.exe c:\users\Floly\AppData\Roaming\drivers\downld\15414755.exe c:\users\Floly\AppData\Roaming\drivers\downld\15415457.exe c:\users\Floly\AppData\Roaming\drivers\downld\15416564.exe c:\users\Floly\AppData\Roaming\drivers\downld\15417017.exe c:\users\Floly\AppData\Roaming\drivers\downld\154378.exe c:\users\Floly\AppData\Roaming\drivers\downld\15451337.exe c:\users\Floly\AppData\Roaming\drivers\downld\15460993.exe c:\users\Floly\AppData\Roaming\drivers\downld\15461851.exe c:\users\Floly\AppData\Roaming\drivers\downld\15462507.exe c:\users\Floly\AppData\Roaming\drivers\downld\15462663.exe c:\users\Floly\AppData\Roaming\drivers\downld\15521225.exe c:\users\Floly\AppData\Roaming\drivers\downld\15521397.exe c:\users\Floly\AppData\Roaming\drivers\downld\15521413.exe c:\users\Floly\AppData\Roaming\drivers\downld\15521428.exe c:\users\Floly\AppData\Roaming\drivers\downld\15526654.exe c:\users\Floly\AppData\Roaming\drivers\downld\15527512.exe c:\users\Floly\AppData\Roaming\drivers\downld\15528370.exe c:\users\Floly\AppData\Roaming\drivers\downld\15529415.exe c:\users\Floly\AppData\Roaming\drivers\downld\15531147.exe c:\users\Floly\AppData\Roaming\drivers\downld\15532067.exe c:\users\Floly\AppData\Roaming\drivers\downld\15533846.exe c:\users\Floly\AppData\Roaming\drivers\downld\155501.exe c:\users\Floly\AppData\Roaming\drivers\downld\15555218.exe c:\users\Floly\AppData\Roaming\drivers\downld\15560538.exe c:\users\Floly\AppData\Roaming\drivers\downld\15561630.exe c:\users\Floly\AppData\Roaming\drivers\downld\15561895.exe c:\users\Floly\AppData\Roaming\drivers\downld\15568962.exe c:\users\Floly\AppData\Roaming\drivers\downld\15568977.exe c:\users\Floly\AppData\Roaming\drivers\downld\15571536.exe c:\users\Floly\AppData\Roaming\drivers\downld\15590271.exe c:\users\Floly\AppData\Roaming\drivers\downld\15591285.exe c:\users\Floly\AppData\Roaming\drivers\downld\15592424.exe c:\users\Floly\AppData\Roaming\drivers\downld\15633749.exe c:\users\Floly\AppData\Roaming\drivers\downld\15633764.exe c:\users\Floly\AppData\Roaming\drivers\downld\15642625.exe c:\users\Floly\AppData\Roaming\drivers\downld\15643187.exe c:\users\Floly\AppData\Roaming\drivers\downld\15643593.exe c:\users\Floly\AppData\Roaming\drivers\downld\15699613.exe c:\users\Floly\AppData\Roaming\drivers\downld\15700377.exe c:\users\Floly\AppData\Roaming\drivers\downld\15700611.exe c:\users\Floly\AppData\Roaming\drivers\downld\15703138.exe c:\users\Floly\AppData\Roaming\drivers\downld\15703154.exe c:\users\Floly\AppData\Roaming\drivers\downld\15705759.exe c:\users\Floly\AppData\Roaming\drivers\downld\15705775.exe c:\users\Floly\AppData\Roaming\drivers\downld\15706664.exe c:\users\Floly\AppData\Roaming\drivers\downld\15707366.exe c:\users\Floly\AppData\Roaming\drivers\downld\15707569.exe c:\users\Floly\AppData\Roaming\drivers\downld\157093.exe c:\users\Floly\AppData\Roaming\drivers\downld\15710111.exe c:\users\Floly\AppData\Roaming\drivers\downld\15710127.exe c:\users\Floly\AppData\Roaming\drivers\downld\15712779.exe c:\users\Floly\AppData\Roaming\drivers\downld\15712795.exe c:\users\Floly\AppData\Roaming\drivers\downld\15716710.exe c:\users\Floly\AppData\Roaming\drivers\downld\15717771.exe c:\users\Floly\AppData\Roaming\drivers\downld\15718255.exe c:\users\Floly\AppData\Roaming\drivers\downld\15720127.exe c:\users\Floly\AppData\Roaming\drivers\downld\15724089.exe c:\users\Floly\AppData\Roaming\drivers\downld\15725103.exe c:\users\Floly\AppData\Roaming\drivers\downld\15725618.exe c:\users\Floly\AppData\Roaming\drivers\downld\15726476.exe c:\users\Floly\AppData\Roaming\drivers\downld\15729284.exe c:\users\Floly\AppData\Roaming\drivers\downld\15729924.exe c:\users\Floly\AppData\Roaming\drivers\downld\15730142.exe c:\users\Floly\AppData\Roaming\drivers\downld\15732560.exe c:\users\Floly\AppData\Roaming\drivers\downld\15732576.exe c:\users\Floly\AppData\Roaming\drivers\downld\15735337.exe c:\users\Floly\AppData\Roaming\drivers\downld\15735352.exe c:\users\Floly\AppData\Roaming\drivers\downld\15747520.exe c:\users\Floly\AppData\Roaming\drivers\downld\15748534.exe c:\users\Floly\AppData\Roaming\drivers\downld\15749018.exe c:\users\Floly\AppData\Roaming\drivers\downld\15749814.exe c:\users\Floly\AppData\Roaming\drivers\downld\15754072.exe c:\users\Floly\AppData\Roaming\drivers\downld\15754556.exe c:\users\Floly\AppData\Roaming\drivers\downld\15754821.exe c:\users\Floly\AppData\Roaming\drivers\downld\15758253.exe c:\users\Floly\AppData\Roaming\drivers\downld\15758269.exe c:\users\Floly\AppData\Roaming\drivers\downld\15760765.exe c:\users\Floly\AppData\Roaming\drivers\downld\15760781.exe c:\users\Floly\AppData\Roaming\drivers\downld\15771763.exe c:\users\Floly\AppData\Roaming\drivers\downld\15772824.exe c:\users\Floly\AppData\Roaming\drivers\downld\15773307.exe c:\users\Floly\AppData\Roaming\drivers\downld\15775195.exe c:\users\Floly\AppData\Roaming\drivers\downld\157795.exe c:\users\Floly\AppData\Roaming\drivers\downld\15811637.exe c:\users\Floly\AppData\Roaming\drivers\downld\15812183.exe c:\users\Floly\AppData\Roaming\drivers\downld\15812386.exe c:\users\Floly\AppData\Roaming\drivers\downld\15814960.exe c:\users\Floly\AppData\Roaming\drivers\downld\15814975.exe c:\users\Floly\AppData\Roaming\drivers\downld\15818579.exe c:\users\Floly\AppData\Roaming\drivers\downld\15818594.exe c:\users\Floly\AppData\Roaming\drivers\downld\15826441.exe c:\users\Floly\AppData\Roaming\drivers\downld\15828360.exe c:\users\Floly\AppData\Roaming\drivers\downld\15829515.exe c:\users\Floly\AppData\Roaming\drivers\downld\15830544.exe c:\users\Floly\AppData\Roaming\drivers\downld\15848235.exe c:\users\Floly\AppData\Roaming\drivers\downld\15848937.exe c:\users\Floly\AppData\Roaming\drivers\downld\15849436.exe c:\users\Floly\AppData\Roaming\drivers\downld\15851760.exe c:\users\Floly\AppData\Roaming\drivers\downld\15852447.exe c:\users\Floly\AppData\Roaming\drivers\downld\15852946.exe c:\users\Floly\AppData\Roaming\drivers\downld\15898436.exe c:\users\Floly\AppData\Roaming\drivers\downld\15899029.exe c:\users\Floly\AppData\Roaming\drivers\downld\15899512.exe c:\users\Floly\AppData\Roaming\drivers\downld\15902913.exe c:\users\Floly\AppData\Roaming\drivers\downld\15902929.exe c:\users\Floly\AppData\Roaming\drivers\downld\15906127.exe c:\users\Floly\AppData\Roaming\drivers\downld\15906158.exe c:\users\Floly\AppData\Roaming\drivers\downld\15937249.exe c:\users\Floly\AppData\Roaming\drivers\downld\15952256.exe c:\users\Floly\AppData\Roaming\drivers\downld\159698.exe c:\users\Floly\AppData\Roaming\drivers\downld\15973254.exe c:\users\Floly\AppData\Roaming\drivers\downld\15973285.exe c:\users\Floly\AppData\Roaming\drivers\downld\15973831.exe c:\users\Floly\AppData\Roaming\drivers\downld\15974065.exe c:\users\Floly\AppData\Roaming\drivers\downld\15974081.exe c:\users\Floly\AppData\Roaming\drivers\downld\159932.exe c:\users\Floly\AppData\Roaming\drivers\downld\16004360.exe c:\users\Floly\AppData\Roaming\drivers\downld\16004906.exe c:\users\Floly\AppData\Roaming\drivers\downld\16005140.exe c:\users\Floly\AppData\Roaming\drivers\downld\16019118.exe c:\users\Floly\AppData\Roaming\drivers\downld\16019680.exe c:\users\Floly\AppData\Roaming\drivers\downld\16019929.exe c:\users\Floly\AppData\Roaming\drivers\downld\160618.exe c:\users\Floly\AppData\Roaming\drivers\downld\16062159.exe c:\users\Floly\AppData\Roaming\drivers\downld\16066854.exe c:\users\Floly\AppData\Roaming\drivers\downld\16067338.exe c:\users\Floly\AppData\Roaming\drivers\downld\16067416.exe c:\users\Floly\AppData\Roaming\drivers\downld\16067868.exe c:\users\Floly\AppData\Roaming\drivers\downld\16071659.exe c:\users\Floly\AppData\Roaming\drivers\downld\16076698.exe c:\users\Floly\AppData\Roaming\drivers\downld\16078180.exe c:\users\Floly\AppData\Roaming\drivers\downld\16078258.exe c:\users\Floly\AppData\Roaming\drivers\downld\16079163.exe c:\users\Floly\AppData\Roaming\drivers\downld\16079179.exe c:\users\Floly\AppData\Roaming\drivers\downld\16079194.exe c:\users\Floly\AppData\Roaming\drivers\downld\16079818.exe c:\users\Floly\AppData\Roaming\drivers\downld\16079834.exe c:\users\Floly\AppData\Roaming\drivers\downld\16105917.exe c:\users\Floly\AppData\Roaming\drivers\downld\16110301.exe c:\users\Floly\AppData\Roaming\drivers\downld\16110535.exe c:\users\Floly\AppData\Roaming\drivers\downld\16110894.exe c:\users\Floly\AppData\Roaming\drivers\downld\16111237.exe c:\users\Floly\AppData\Roaming\drivers\downld\16111252.exe c:\users\Floly\AppData\Roaming\drivers\downld\16146992.exe c:\users\Floly\AppData\Roaming\drivers\downld\16147569.exe c:\users\Floly\AppData\Roaming\drivers\downld\16147819.exe c:\users\Floly\AppData\Roaming\drivers\downld\16156274.exe c:\users\Floly\AppData\Roaming\drivers\downld\16161048.exe c:\users\Floly\AppData\Roaming\drivers\downld\16161282.exe c:\users\Floly\AppData\Roaming\drivers\downld\16161360.exe c:\users\Floly\AppData\Roaming\drivers\downld\16161859.exe c:\users\Floly\AppData\Roaming\drivers\downld\16161875.exe c:\users\Floly\AppData\Roaming\drivers\downld\163473.exe c:\users\Floly\AppData\Roaming\drivers\downld\164159.exe c:\users\Floly\AppData\Roaming\drivers\downld\171491.exe c:\users\Floly\AppData\Roaming\drivers\downld\174596.exe c:\users\Floly\AppData\Roaming\drivers\downld\175267.exe c:\users\Floly\AppData\Roaming\drivers\downld\180633.exe c:\users\Floly\AppData\Roaming\drivers\downld\189728.exe c:\users\Floly\AppData\Roaming\drivers\downld\191194.exe c:\users\Floly\AppData\Roaming\drivers\downld\201506.exe c:\users\Floly\AppData\Roaming\drivers\downld\202879.exe c:\users\Floly\AppData\Roaming\drivers\downld\212925.exe c:\users\Floly\AppData\Roaming\drivers\downld\219353.exe c:\users\Floly\AppData\Roaming\drivers\downld\220117.exe c:\users\Floly\AppData\Roaming\drivers\downld\221412.exe c:\users\Floly\AppData\Roaming\drivers\downld\233330.exe c:\users\Floly\AppData\Roaming\drivers\downld\289319.exe c:\users\Floly\AppData\Roaming\drivers\downld\289522.exe c:\users\Floly\AppData\Roaming\drivers\downld\289537.exe c:\users\Floly\AppData\Roaming\drivers\downld\292252.exe c:\users\Floly\AppData\Roaming\drivers\downld\294670.exe c:\users\Floly\AppData\Roaming\drivers\downld\294966.exe c:\users\Floly\AppData\Roaming\drivers\downld\299147.exe c:\users\Floly\AppData\Roaming\drivers\downld\299397.exe c:\users\Floly\AppData\Roaming\drivers\downld\299459.exe c:\users\Floly\AppData\Roaming\drivers\downld\299615.exe c:\users\Floly\AppData\Roaming\drivers\downld\299631.exe c:\users\Floly\AppData\Roaming\drivers\downld\302189.exe c:\users\Floly\AppData\Roaming\drivers\downld\30468243.exe c:\users\Floly\AppData\Roaming\drivers\downld\30468258.exe c:\users\Floly\AppData\Roaming\drivers\downld\30479459.exe c:\users\Floly\AppData\Roaming\drivers\downld\30479475.exe c:\users\Floly\AppData\Roaming\drivers\downld\30480785.exe c:\users\Floly\AppData\Roaming\drivers\downld\30481253.exe c:\users\Floly\AppData\Roaming\drivers\downld\30493609.exe c:\users\Floly\AppData\Roaming\drivers\downld\30494888.exe c:\users\Floly\AppData\Roaming\drivers\downld\30495340.exe c:\users\Floly\AppData\Roaming\drivers\downld\30511580.exe c:\users\Floly\AppData\Roaming\drivers\downld\30511595.exe c:\users\Floly\AppData\Roaming\drivers\downld\30525199.exe c:\users\Floly\AppData\Roaming\drivers\downld\30526041.exe c:\users\Floly\AppData\Roaming\drivers\downld\30526696.exe c:\users\Floly\AppData\Roaming\drivers\downld\30528241.exe c:\users\Floly\AppData\Roaming\drivers\downld\30529489.exe c:\users\Floly\AppData\Roaming\drivers\downld\30529926.exe c:\users\Floly\AppData\Roaming\drivers\downld\30539067.exe c:\users\Floly\AppData\Roaming\drivers\downld\30539925.exe c:\users\Floly\AppData\Roaming\drivers\downld\30540580.exe c:\users\Floly\AppData\Roaming\drivers\downld\30562265.exe c:\users\Floly\AppData\Roaming\drivers\downld\30573762.exe c:\users\Floly\AppData\Roaming\drivers\downld\30574199.exe c:\users\Floly\AppData\Roaming\drivers\downld\30574620.exe c:\users\Floly\AppData\Roaming\drivers\downld\30575291.exe c:\users\Floly\AppData\Roaming\drivers\downld\30575556.exe c:\users\Floly\AppData\Roaming\drivers\downld\30576008.exe c:\users\Floly\AppData\Roaming\drivers\downld\30583793.exe c:\users\Floly\AppData\Roaming\drivers\downld\30598691.exe c:\users\Floly\AppData\Roaming\drivers\downld\306027.exe c:\users\Floly\AppData\Roaming\drivers\downld\30620094.exe c:\users\Floly\AppData\Roaming\drivers\downld\30621015.exe c:\users\Floly\AppData\Roaming\drivers\downld\30621670.exe c:\users\Floly\AppData\Roaming\drivers\downld\30643260.exe c:\users\Floly\AppData\Roaming\drivers\downld\306495.exe c:\users\Floly\AppData\Roaming\drivers\downld\30682900.exe c:\users\Floly\AppData\Roaming\drivers\downld\30694366.exe c:\users\Floly\AppData\Roaming\drivers\downld\30694382.exe c:\users\Floly\AppData\Roaming\drivers\downld\30701698.exe c:\users\Floly\AppData\Roaming\drivers\downld\30702119.exe c:\users\Floly\AppData\Roaming\drivers\downld\30703367.exe c:\users\Floly\AppData\Roaming\drivers\downld\307056.exe c:\users\Floly\AppData\Roaming\drivers\downld\30707455.exe c:\users\Floly\AppData\Roaming\drivers\downld\30716175.exe c:\users\Floly\AppData\Roaming\drivers\downld\30717267.exe c:\users\Floly\AppData\Roaming\drivers\downld\30718546.exe c:\users\Floly\AppData\Roaming\drivers\downld\307243.exe c:\users\Floly\AppData\Roaming\drivers\downld\30747251.exe c:\users\Floly\AppData\Roaming\drivers\downld\30758717.exe c:\users\Floly\AppData\Roaming\drivers\downld\30761946.exe c:\users\Floly\AppData\Roaming\drivers\downld\30762944.exe c:\users\Floly\AppData\Roaming\drivers\downld\30763865.exe c:\users\Floly\AppData\Roaming\drivers\downld\30791820.exe c:\users\Floly\AppData\Roaming\drivers\downld\30791836.exe c:\users\Floly\AppData\Roaming\drivers\downld\30801055.exe c:\users\Floly\AppData\Roaming\drivers\downld\30803317.exe c:\users\Floly\AppData\Roaming\drivers\downld\30804238.exe c:\users\Floly\AppData\Roaming\drivers\downld\308460.exe c:\users\Floly\AppData\Roaming\drivers\downld\308554.exe c:\users\Floly\AppData\Roaming\drivers\downld\30890537.exe c:\users\Floly\AppData\Roaming\drivers\downld\30891286.exe c:\users\Floly\AppData\Roaming\drivers\downld\30891536.exe c:\users\Floly\AppData\Roaming\drivers\downld\30893969.exe c:\users\Floly\AppData\Roaming\drivers\downld\30893985.exe c:\users\Floly\AppData\Roaming\drivers\downld\30896388.exe c:\users\Floly\AppData\Roaming\drivers\downld\30896403.exe c:\users\Floly\AppData\Roaming\drivers\downld\30904936.exe c:\users\Floly\AppData\Roaming\drivers\downld\30910334.exe c:\users\Floly\AppData\Roaming\drivers\downld\30911286.exe c:\users\Floly\AppData\Roaming\drivers\downld\30911769.exe c:\users\Floly\AppData\Roaming\drivers\downld\30912502.exe c:\users\Floly\AppData\Roaming\drivers\downld\30920022.exe c:\users\Floly\AppData\Roaming\drivers\downld\30920568.exe c:\users\Floly\AppData\Roaming\drivers\downld\30920817.exe c:\users\Floly\AppData\Roaming\drivers\downld\30923235.exe c:\users\Floly\AppData\Roaming\drivers\downld\30923251.exe c:\users\Floly\AppData\Roaming\drivers\downld\30925700.exe c:\users\Floly\AppData\Roaming\drivers\downld\30925716.exe c:\users\Floly\AppData\Roaming\drivers\downld\30930755.exe c:\users\Floly\AppData\Roaming\drivers\downld\30931519.exe c:\users\Floly\AppData\Roaming\drivers\downld\30931737.exe c:\users\Floly\AppData\Roaming\drivers\downld\30932767.exe c:\users\Floly\AppData\Roaming\drivers\downld\30933734.exe c:\users\Floly\AppData\Roaming\drivers\downld\30934109.exe c:\users\Floly\AppData\Roaming\drivers\downld\30934124.exe c:\users\Floly\AppData\Roaming\drivers\downld\30934218.exe c:\users\Floly\AppData\Roaming\drivers\downld\30936230.exe c:\users\Floly\AppData\Roaming\drivers\downld\30936527.exe c:\users\Floly\AppData\Roaming\drivers\downld\30954935.exe c:\users\Floly\AppData\Roaming\drivers\downld\30955949.exe c:\users\Floly\AppData\Roaming\drivers\downld\30956495.exe c:\users\Floly\AppData\Roaming\drivers\downld\30957712.exe c:\users\Floly\AppData\Roaming\drivers\downld\309583.exe c:\users\Floly\AppData\Roaming\drivers\downld\30977321.exe c:\users\Floly\AppData\Roaming\drivers\downld\30978148.exe c:\users\Floly\AppData\Roaming\drivers\downld\30978506.exe c:\users\Floly\AppData\Roaming\drivers\downld\30984434.exe c:\users\Floly\AppData\Roaming\drivers\downld\30984450.exe c:\users\Floly\AppData\Roaming\drivers\downld\309864.exe c:\users\Floly\AppData\Roaming\drivers\downld\30988257.exe c:\users\Floly\AppData\Roaming\drivers\downld\30988272.exe c:\users\Floly\AppData\Roaming\drivers\downld\30998802.exe c:\users\Floly\AppData\Roaming\drivers\downld\31002063.exe c:\users\Floly\AppData\Roaming\drivers\downld\31003108.exe c:\users\Floly\AppData\Roaming\drivers\downld\31003716.exe c:\users\Floly\AppData\Roaming\drivers\downld\31004559.exe c:\users\Floly\AppData\Roaming\drivers\downld\310254.exe c:\users\Floly\AppData\Roaming\drivers\downld\31036242.exe c:\users\Floly\AppData\Roaming\drivers\downld\31036976.exe c:\users\Floly\AppData\Roaming\drivers\downld\31037475.exe c:\users\Floly\AppData\Roaming\drivers\downld\31055462.exe c:\users\Floly\AppData\Roaming\drivers\downld\310597.exe c:\users\Floly\AppData\Roaming\drivers\downld\31081920.exe c:\users\Floly\AppData\Roaming\drivers\downld\31082497.exe c:\users\Floly\AppData\Roaming\drivers\downld\31082996.exe c:\users\Floly\AppData\Roaming\drivers\downld\31091061.exe c:\users\Floly\AppData\Roaming\drivers\downld\31091077.exe c:\users\Floly\AppData\Roaming\drivers\downld\31136021.exe c:\users\Floly\AppData\Roaming\drivers\downld\31136036.exe c:\users\Floly\AppData\Roaming\drivers\downld\31158422.exe c:\users\Floly\AppData\Roaming\drivers\downld\31159000.exe c:\users\Floly\AppData\Roaming\drivers\downld\31159234.exe c:\users\Floly\AppData\Roaming\drivers\downld\31172884.exe c:\users\Floly\AppData\Roaming\drivers\downld\31172899.exe c:\users\Floly\AppData\Roaming\drivers\downld\31185301.exe c:\users\Floly\AppData\Roaming\drivers\downld\31185317.exe c:\users\Floly\AppData\Roaming\drivers\downld\31206174.exe c:\users\Floly\AppData\Roaming\drivers\downld\31206736.exe c:\users\Floly\AppData\Roaming\drivers\downld\31206986.exe c:\users\Floly\AppData\Roaming\drivers\downld\31239871.exe c:\users\Floly\AppData\Roaming\drivers\downld\31240432.exe c:\users\Floly\AppData\Roaming\drivers\downld\31240682.exe c:\users\Floly\AppData\Roaming\drivers\downld\31255595.exe c:\users\Floly\AppData\Roaming\drivers\downld\31256219.exe c:\users\Floly\AppData\Roaming\drivers\downld\31257374.exe c:\users\Floly\AppData\Roaming\drivers\downld\31275314.exe c:\users\Floly\AppData\Roaming\drivers\downld\31279432.exe c:\users\Floly\AppData\Roaming\drivers\downld\31279666.exe c:\users\Floly\AppData\Roaming\drivers\downld\31279760.exe c:\users\Floly\AppData\Roaming\drivers\downld\31280181.exe c:\users\Floly\AppData\Roaming\drivers\downld\31280197.exe c:\users\Floly\AppData\Roaming\drivers\downld\31293878.exe c:\users\Floly\AppData\Roaming\drivers\downld\31297981.exe c:\users\Floly\AppData\Roaming\drivers\downld\31298293.exe c:\users\Floly\AppData\Roaming\drivers\downld\31298371.exe c:\users\Floly\AppData\Roaming\drivers\downld\31298776.exe c:\users\Floly\AppData\Roaming\drivers\downld\31298792.exe c:\users\Floly\AppData\Roaming\drivers\downld\31328775.exe c:\users\Floly\AppData\Roaming\drivers\downld\31332754.exe c:\users\Floly\AppData\Roaming\drivers\downld\31332972.exe c:\users\Floly\AppData\Roaming\drivers\downld\31333050.exe c:\users\Floly\AppData\Roaming\drivers\downld\31333424.exe c:\users\Floly\AppData\Roaming\drivers\downld\31333440.exe c:\users\Floly\AppData\Roaming\drivers\downld\31345265.exe c:\users\Floly\AppData\Roaming\drivers\downld\31349992.exe c:\users\Floly\AppData\Roaming\drivers\downld\31353408.exe c:\users\Floly\AppData\Roaming\drivers\downld\31356559.exe c:\users\Floly\AppData\Roaming\drivers\downld\31356965.exe c:\users\Floly\AppData\Roaming\drivers\downld\31356980.exe c:\users\Floly\AppData\Roaming\drivers\downld\316994.exe c:\users\Floly\AppData\Roaming\drivers\downld\318710.exe c:\users\Floly\AppData\Roaming\drivers\downld\318912.exe c:\users\Floly\AppData\Roaming\drivers\downld\319396.exe c:\users\Floly\AppData\Roaming\drivers\downld\319474.exe c:\users\Floly\AppData\Roaming\drivers\downld\320675.exe c:\users\Floly\AppData\Roaming\drivers\downld\320878.exe c:\users\Floly\AppData\Roaming\drivers\downld\322407.exe c:\users\Floly\AppData\Roaming\drivers\downld\322781.exe c:\users\Floly\AppData\Roaming\drivers\downld\322937.exe c:\users\Floly\AppData\Roaming\drivers\downld\325652.exe c:\users\Floly\AppData\Roaming\drivers\downld\325917.exe c:\users\Floly\AppData\Roaming\drivers\downld\325932.exe c:\users\Floly\AppData\Roaming\drivers\downld\327399.exe c:\users\Floly\AppData\Roaming\drivers\downld\327586.exe c:\users\Floly\AppData\Roaming\drivers\downld\327602.exe c:\users\Floly\AppData\Roaming\drivers\downld\327976.exe c:\users\Floly\AppData\Roaming\drivers\downld\328241.exe c:\users\Floly\AppData\Roaming\drivers\downld\328319.exe c:\users\Floly\AppData\Roaming\drivers\downld\330160.exe c:\users\Floly\AppData\Roaming\drivers\downld\339426.exe c:\users\Floly\AppData\Roaming\drivers\downld\340877.exe c:\users\Floly\AppData\Roaming\drivers\downld\342858.exe c:\users\Floly\AppData\Roaming\drivers\downld\343233.exe c:\users\Floly\AppData\Roaming\drivers\downld\347289.exe c:\users\Floly\AppData\Roaming\drivers\downld\347351.exe c:\users\Floly\AppData\Roaming\drivers\downld\347539.exe c:\users\Floly\AppData\Roaming\drivers\downld\347554.exe c:\users\Floly\AppData\Roaming\drivers\downld\347632.exe c:\users\Floly\AppData\Roaming\drivers\downld\347648.exe c:\users\Floly\AppData\Roaming\drivers\downld\348459.exe c:\users\Floly\AppData\Roaming\drivers\downld\348989.exe c:\users\Floly\AppData\Roaming\drivers\downld\349333.exe c:\users\Floly\AppData\Roaming\drivers\downld\353186.exe c:\users\Floly\AppData\Roaming\drivers\downld\353623.exe c:\users\Floly\AppData\Roaming\drivers\downld\353638.exe c:\users\Floly\AppData\Roaming\drivers\downld\354964.exe c:\users\Floly\AppData\Roaming\drivers\downld\355276.exe c:\users\Floly\AppData\Roaming\drivers\downld\357866.exe c:\users\Floly\AppData\Roaming\drivers\downld\358412.exe c:\users\Floly\AppData\Roaming\drivers\downld\360627.exe c:\users\Floly\AppData\Roaming\drivers\downld\362624.exe c:\users\Floly\AppData\Roaming\drivers\downld\366633.exe c:\users\Floly\AppData\Roaming\drivers\downld\368645.exe c:\users\Floly\AppData\Roaming\drivers\downld\369254.exe c:\users\Floly\AppData\Roaming\drivers\downld\42728.exe c:\users\Floly\AppData\Roaming\drivers\downld\44585.exe c:\users\Floly\AppData\Roaming\drivers\downld\44600.exe c:\users\Floly\AppData\Roaming\drivers\downld\45131.exe c:\users\Floly\AppData\Roaming\drivers\downld\45692.exe c:\users\Floly\AppData\Roaming\drivers\downld\45699073.exe c:\users\Floly\AppData\Roaming\drivers\downld\45699307.exe c:\users\Floly\AppData\Roaming\drivers\downld\45699322.exe c:\users\Floly\AppData\Roaming\drivers\downld\45714064.exe c:\users\Floly\AppData\Roaming\drivers\downld\45715515.exe c:\users\Floly\AppData\Roaming\drivers\downld\45715952.exe c:\users\Floly\AppData\Roaming\drivers\downld\45757277.exe c:\users\Floly\AppData\Roaming\drivers\downld\45757526.exe c:\users\Floly\AppData\Roaming\drivers\downld\45759913.exe c:\users\Floly\AppData\Roaming\drivers\downld\45766403.exe c:\users\Floly\AppData\Roaming\drivers\downld\45767105.exe c:\users\Floly\AppData\Roaming\drivers\downld\45769304.exe c:\users\Floly\AppData\Roaming\drivers\downld\45770802.exe c:\users\Floly\AppData\Roaming\drivers\downld\45771364.exe c:\users\Floly\AppData\Roaming\drivers\downld\45822485.exe c:\users\Floly\AppData\Roaming\drivers\downld\45836369.exe c:\users\Floly\AppData\Roaming\drivers\downld\45840020.exe c:\users\Floly\AppData\Roaming\drivers\downld\45914245.exe c:\users\Floly\AppData\Roaming\drivers\downld\45928035.exe c:\users\Floly\AppData\Roaming\drivers\downld\45928285.exe c:\users\Floly\AppData\Roaming\drivers\downld\45937489.exe c:\users\Floly\AppData\Roaming\drivers\downld\45952403.exe c:\users\Floly\AppData\Roaming\drivers\downld\45953495.exe c:\users\Floly\AppData\Roaming\drivers\downld\45953932.exe c:\users\Floly\AppData\Roaming\drivers\downld\46026160.exe c:\users\Floly\AppData\Roaming\drivers\downld\46026456.exe c:\users\Floly\AppData\Roaming\drivers\downld\46032104.exe c:\users\Floly\AppData\Roaming\drivers\downld\46032478.exe c:\users\Floly\AppData\Roaming\drivers\downld\46032837.exe c:\users\Floly\AppData\Roaming\drivers\downld\46114519.exe c:\users\Floly\AppData\Roaming\drivers\downld\46115642.exe c:\users\Floly\AppData\Roaming\drivers\downld\46115892.exe c:\users\Floly\AppData\Roaming\drivers\downld\46118700.exe c:\users\Floly\AppData\Roaming\drivers\downld\46119417.exe c:\users\Floly\AppData\Roaming\drivers\downld\46119433.exe c:\users\Floly\AppData\Roaming\drivers\downld\46124893.exe c:\users\Floly\AppData\Roaming\drivers\downld\46125642.exe c:\users\Floly\AppData\Roaming\drivers\downld\46169088.exe c:\users\Floly\AppData\Roaming\drivers\downld\46170321.exe c:\users\Floly\AppData\Roaming\drivers\downld\46170804.exe c:\users\Floly\AppData\Roaming\drivers\downld\46171584.exe c:\users\Floly\AppData\Roaming\drivers\downld\46206528.exe c:\users\Floly\AppData\Roaming\drivers\downld\46207074.exe c:\users\Floly\AppData\Roaming\drivers\downld\46207340.exe c:\users\Floly\AppData\Roaming\drivers\downld\46209898.exe c:\users\Floly\AppData\Roaming\drivers\downld\46210662.exe c:\users\Floly\AppData\Roaming\drivers\downld\46213314.exe c:\users\Floly\AppData\Roaming\drivers\downld\46214157.exe c:\users\Floly\AppData\Roaming\drivers\downld\46227121.exe c:\users\Floly\AppData\Roaming\drivers\downld\46228431.exe c:\users\Floly\AppData\Roaming\drivers\downld\46228993.exe c:\users\Floly\AppData\Roaming\drivers\downld\46229835.exe c:\users\Floly\AppData\Roaming\drivers\downld\46294014.exe c:\users\Floly\AppData\Roaming\drivers\downld\46297695.exe c:\users\Floly\AppData\Roaming\drivers\downld\46298195.exe c:\users\Floly\AppData\Roaming\drivers\downld\46351063.exe c:\users\Floly\AppData\Roaming\drivers\downld\46352265.exe c:\users\Floly\AppData\Roaming\drivers\downld\46352280.exe c:\users\Floly\AppData\Roaming\drivers\downld\46419439.exe c:\users\Floly\AppData\Roaming\drivers\downld\46420484.exe c:\users\Floly\AppData\Roaming\drivers\downld\46420733.exe c:\users\Floly\AppData\Roaming\drivers\downld\46457019.exe c:\users\Floly\AppData\Roaming\drivers\downld\46457331.exe c:\users\Floly\AppData\Roaming\drivers\downld\46457347.exe c:\users\Floly\AppData\Roaming\drivers\downld\46510949.exe c:\users\Floly\AppData\Roaming\drivers\downld\46514958.exe c:\users\Floly\AppData\Roaming\drivers\downld\46515426.exe c:\users\Floly\AppData\Roaming\drivers\downld\46515504.exe c:\users\Floly\AppData\Roaming\drivers\downld\46515878.exe c:\users\Floly\AppData\Roaming\drivers\downld\46516643.exe c:\users\Floly\AppData\Roaming\drivers\downld\46533429.exe c:\users\Floly\AppData\Roaming\drivers\downld\46534583.exe c:\users\Floly\AppData\Roaming\drivers\downld\46534817.exe c:\users\Floly\AppData\Roaming\drivers\downld\46626561.exe c:\users\Floly\AppData\Roaming\drivers\downld\46631304.exe c:\users\Floly\AppData\Roaming\drivers\downld\46631850.exe c:\users\Floly\AppData\Roaming\drivers\downld\46631928.exe c:\users\Floly\AppData\Roaming\drivers\downld\46632520.exe c:\users\Floly\AppData\Roaming\drivers\downld\46633347.exe c:\users\Floly\AppData\Roaming\drivers\downld\478486.exe c:\users\Floly\AppData\Roaming\drivers\downld\479001.exe c:\users\Floly\AppData\Roaming\drivers\downld\479219.exe c:\users\Floly\AppData\Roaming\drivers\downld\481559.exe c:\users\Floly\AppData\Roaming\drivers\downld\482261.exe c:\users\Floly\AppData\Roaming\drivers\downld\48282.exe c:\users\Floly\AppData\Roaming\drivers\downld\484773.exe c:\users\Floly\AppData\Roaming\drivers\downld\485053.exe c:\users\Floly\AppData\Roaming\drivers\downld\485599.exe c:\users\Floly\AppData\Roaming\drivers\downld\485615.exe c:\users\Floly\AppData\Roaming\drivers\downld\485818.exe c:\users\Floly\AppData\Roaming\drivers\downld\486785.exe c:\users\Floly\AppData\Roaming\drivers\downld\488189.exe c:\users\Floly\AppData\Roaming\drivers\downld\488922.exe c:\users\Floly\AppData\Roaming\drivers\downld\488938.exe c:\users\Floly\AppData\Roaming\drivers\downld\490685.exe c:\users\Floly\AppData\Roaming\drivers\downld\491293.exe c:\users\Floly\AppData\Roaming\drivers\downld\491387.exe c:\users\Floly\AppData\Roaming\drivers\downld\491527.exe c:\users\Floly\AppData\Roaming\drivers\downld\492167.exe c:\users\Floly\AppData\Roaming\drivers\downld\492183.exe c:\users\Floly\AppData\Roaming\drivers\downld\495708.exe c:\users\Floly\AppData\Roaming\drivers\downld\496566.exe c:\users\Floly\AppData\Roaming\drivers\downld\497143.exe c:\users\Floly\AppData\Roaming\drivers\downld\497268.exe c:\users\Floly\AppData\Roaming\drivers\downld\497362.exe c:\users\Floly\AppData\Roaming\drivers\downld\498875.exe c:\users\Floly\AppData\Roaming\drivers\downld\499983.exe c:\users\Floly\AppData\Roaming\drivers\downld\500342.exe c:\users\Floly\AppData\Roaming\drivers\downld\500888.exe c:\users\Floly\AppData\Roaming\drivers\downld\500919.exe c:\users\Floly\AppData\Roaming\drivers\downld\501122.exe c:\users\Floly\AppData\Roaming\drivers\downld\501668.exe c:\users\Floly\AppData\Roaming\drivers\downld\502728.exe c:\users\Floly\AppData\Roaming\drivers\downld\502744.exe c:\users\Floly\AppData\Roaming\drivers\downld\503696.exe c:\users\Floly\AppData\Roaming\drivers\downld\504600.exe c:\users\Floly\AppData\Roaming\drivers\downld\51324.exe c:\users\Floly\AppData\Roaming\drivers\downld\51386.exe c:\users\Floly\AppData\Roaming\drivers\downld\514226.exe c:\users\Floly\AppData\Roaming\drivers\downld\514740.exe c:\users\Floly\AppData\Roaming\drivers\downld\517221.exe c:\users\Floly\AppData\Roaming\drivers\downld\518110.exe c:\users\Floly\AppData\Roaming\drivers\downld\519264.exe c:\users\Floly\AppData\Roaming\drivers\downld\519857.exe c:\users\Floly\AppData\Roaming\drivers\downld\521074.exe c:\users\Floly\AppData\Roaming\drivers\downld\521573.exe c:\users\Floly\AppData\Roaming\drivers\downld\522790.exe c:\users\Floly\AppData\Roaming\drivers\downld\523133.exe c:\users\Floly\AppData\Roaming\drivers\downld\523352.exe c:\users\Floly\AppData\Roaming\drivers\downld\523570.exe c:\users\Floly\AppData\Roaming\drivers\downld\525972.exe c:\users\Floly\AppData\Roaming\drivers\downld\526690.exe c:\users\Floly\AppData\Roaming\drivers\downld\528843.exe c:\users\Floly\AppData\Roaming\drivers\downld\528921.exe c:\users\Floly\AppData\Roaming\drivers\downld\529077.exe c:\users\Floly\AppData\Roaming\drivers\downld\529373.exe c:\users\Floly\AppData\Roaming\drivers\downld\529638.exe c:\users\Floly\AppData\Roaming\drivers\downld\530216.exe c:\users\Floly\AppData\Roaming\drivers\downld\530762.exe c:\users\Floly\AppData\Roaming\drivers\downld\531573.exe c:\users\Floly\AppData\Roaming\drivers\downld\532213.exe c:\users\Floly\AppData\Roaming\drivers\downld\532868.exe c:\users\Floly\AppData\Roaming\drivers\downld\532883.exe c:\users\Floly\AppData\Roaming\drivers\downld\532977.exe c:\users\Floly\AppData\Roaming\drivers\downld\532993.exe c:\users\Floly\AppData\Roaming\drivers\downld\535801.exe c:\users\Floly\AppData\Roaming\drivers\downld\536815.exe c:\users\Floly\AppData\Roaming\drivers\downld\536830.exe c:\users\Floly\AppData\Roaming\drivers\downld\544568.exe c:\users\Floly\AppData\Roaming\drivers\downld\545660.exe c:\users\Floly\AppData\Roaming\drivers\downld\545878.exe c:\users\Floly\AppData\Roaming\drivers\downld\546253.exe c:\users\Floly\AppData\Roaming\drivers\downld\54662.exe c:\users\Floly\AppData\Roaming\drivers\downld\547048.exe c:\users\Floly\AppData\Roaming\drivers\downld\54787.exe c:\users\Floly\AppData\Roaming\drivers\downld\547891.exe c:\users\Floly\AppData\Roaming\drivers\downld\548967.exe c:\users\Floly\AppData\Roaming\drivers\downld\549716.exe c:\users\Floly\AppData\Roaming\drivers\downld\549731.exe c:\users\Floly\AppData\Roaming\drivers\downld\550730.exe c:\users\Floly\AppData\Roaming\drivers\downld\552103.exe c:\users\Floly\AppData\Roaming\drivers\downld\552165.exe c:\users\Floly\AppData\Roaming\drivers\downld\552243.exe c:\users\Floly\AppData\Roaming\drivers\downld\552680.exe c:\users\Floly\AppData\Roaming\drivers\downld\553491.exe c:\users\Floly\AppData\Roaming\drivers\downld\554084.exe c:\users\Floly\AppData\Roaming\drivers\downld\555847.exe c:\users\Floly\AppData\Roaming\drivers\downld\555862.exe c:\users\Floly\AppData\Roaming\drivers\downld\556502.exe c:\users\Floly\AppData\Roaming\drivers\downld\558499.exe c:\users\Floly\AppData\Roaming\drivers\downld\559341.exe c:\users\Floly\AppData\Roaming\drivers\downld\559357.exe c:\users\Floly\AppData\Roaming\drivers\downld\563553.exe c:\users\Floly\AppData\Roaming\drivers\downld\564427.exe c:\users\Floly\AppData\Roaming\drivers\downld\56550.exe c:\users\Floly\AppData\Roaming\drivers\downld\566486.exe c:\users\Floly\AppData\Roaming\drivers\downld\566860.exe c:\users\Floly\AppData\Roaming\drivers\downld\567266.exe c:\users\Floly\AppData\Roaming\drivers\downld\567578.exe c:\users\Floly\AppData\Roaming\drivers\downld\567594.exe c:\users\Floly\AppData\Roaming\drivers\downld\568264.exe c:\users\Floly\AppData\Roaming\drivers\downld\570745.exe c:\users\Floly\AppData\Roaming\drivers\downld\57096.exe c:\users\Floly\AppData\Roaming\drivers\downld\571260.exe c:\users\Floly\AppData\Roaming\drivers\downld\571774.exe c:\users\Floly\AppData\Roaming\drivers\downld\572305.exe c:\users\Floly\AppData\Roaming\drivers\downld\573085.exe c:\users\Floly\AppData\Roaming\drivers\downld\573132.exe c:\users\Floly\AppData\Roaming\drivers\downld\573678.exe c:\users\Floly\AppData\Roaming\drivers\downld\574567.exe c:\users\Floly\AppData\Roaming\drivers\downld\576517.exe c:\users\Floly\AppData\Roaming\drivers\downld\577390.exe c:\users\Floly\AppData\Roaming\drivers\downld\596017.exe c:\users\Floly\AppData\Roaming\drivers\downld\598903.exe c:\users\Floly\AppData\Roaming\drivers\downld\601789.exe c:\users\Floly\AppData\Roaming\drivers\downld\602803.exe c:\users\Floly\AppData\Roaming\drivers\downld\60387.exe c:\users\Floly\AppData\Roaming\drivers\downld\60916939.exe c:\users\Floly\AppData\Roaming\drivers\downld\60931291.exe c:\users\Floly\AppData\Roaming\drivers\downld\60932290.exe c:\users\Floly\AppData\Roaming\drivers\downld\60932836.exe c:\users\Floly\AppData\Roaming\drivers\downld\60976609.exe c:\users\Floly\AppData\Roaming\drivers\downld\60977452.exe c:\users\Floly\AppData\Roaming\drivers\downld\60978123.exe c:\users\Floly\AppData\Roaming\drivers\downld\61033612.exe c:\users\Floly\AppData\Roaming\drivers\downld\61033628.exe c:\users\Floly\AppData\Roaming\drivers\downld\61034533.exe c:\users\Floly\AppData\Roaming\drivers\downld\61047762.exe c:\users\Floly\AppData\Roaming\drivers\downld\61048900.exe c:\users\Floly\AppData\Roaming\drivers\downld\61049462.exe c:\users\Floly\AppData\Roaming\drivers\downld\61093267.exe c:\users\Floly\AppData\Roaming\drivers\downld\61094265.exe c:\users\Floly\AppData\Roaming\drivers\downld\61094999.exe c:\users\Floly\AppData\Roaming\drivers\downld\61143562.exe c:\users\Floly\AppData\Roaming\drivers\downld\61143577.exe c:\users\Floly\AppData\Roaming\drivers\downld\61146120.exe c:\users\Floly\AppData\Roaming\drivers\downld\61151611.exe c:\users\Floly\AppData\Roaming\drivers\downld\61256460.exe c:\users\Floly\AppData\Roaming\drivers\downld\61256475.exe c:\users\Floly\AppData\Roaming\drivers\downld\61266428.exe c:\users\Floly\AppData\Roaming\drivers\downld\61267754.exe c:\users\Floly\AppData\Roaming\drivers\downld\61268643.exe c:\users\Floly\AppData\Roaming\drivers\downld\61339.exe c:\users\Floly\AppData\Roaming\drivers\downld\61439449.exe c:\users\Floly\AppData\Roaming\drivers\downld\61440057.exe c:\users\Floly\AppData\Roaming\drivers\downld\61440322.exe c:\users\Floly\AppData\Roaming\drivers\downld\61443068.exe c:\users\Floly\AppData\Roaming\drivers\downld\61443084.exe c:\users\Floly\AppData\Roaming\drivers\downld\61445798.exe c:\users\Floly\AppData\Roaming\drivers\downld\61445814.exe c:\users\Floly\AppData\Roaming\drivers\downld\61456843.exe c:\users\Floly\AppData\Roaming\drivers\downld\61457873.exe c:\users\Floly\AppData\Roaming\drivers\downld\61458419.exe c:\users\Floly\AppData\Roaming\drivers\downld\61459401.exe c:\users\Floly\AppData\Roaming\drivers\downld\61612251.exe c:\users\Floly\AppData\Roaming\drivers\downld\61612797.exe c:\users\Floly\AppData\Roaming\drivers\downld\61613187.exe c:\users\Floly\AppData\Roaming\drivers\downld\61639614.exe c:\users\Floly\AppData\Roaming\drivers\downld\61639629.exe c:\users\Floly\AppData\Roaming\drivers\downld\61707505.exe c:\users\Floly\AppData\Roaming\drivers\downld\61708067.exe c:\users\Floly\AppData\Roaming\drivers\downld\61708363.exe c:\users\Floly\AppData\Roaming\drivers\downld\61795053.exe c:\users\Floly\AppData\Roaming\drivers\downld\61795552.exe c:\users\Floly\AppData\Roaming\drivers\downld\61795755.exe c:\users\Floly\AppData\Roaming\drivers\downld\61796239.exe c:\users\Floly\AppData\Roaming\drivers\downld\61800560.exe c:\users\Floly\AppData\Roaming\drivers\downld\61800934.exe c:\users\Floly\AppData\Roaming\drivers\downld\61801122.exe c:\users\Floly\AppData\Roaming\drivers\downld\61801496.exe c:\users\Floly\AppData\Roaming\drivers\downld\61801512.exe c:\users\Floly\AppData\Roaming\drivers\downld\61801621.exe c:\users\Floly\AppData\Roaming\drivers\downld\61801636.exe c:\users\Floly\AppData\Roaming\drivers\downld\61803992.exe c:\users\Floly\AppData\Roaming\drivers\downld\61804008.exe c:\users\Floly\AppData\Roaming\drivers\downld\61818656.exe c:\users\Floly\AppData\Roaming\drivers\downld\61819670.exe c:\users\Floly\AppData\Roaming\drivers\downld\61820201.exe c:\users\Floly\AppData\Roaming\drivers\downld\61820965.exe c:\users\Floly\AppData\Roaming\drivers\downld\619355.exe c:\users\Floly\AppData\Roaming\drivers\downld\61945220.exe c:\users\Floly\AppData\Roaming\drivers\downld\61945891.exe c:\users\Floly\AppData\Roaming\drivers\downld\61946374.exe c:\users\Floly\AppData\Roaming\drivers\downld\62001739.exe c:\users\Floly\AppData\Roaming\drivers\downld\62001754.exe c:\users\Floly\AppData\Roaming\drivers\downld\620244.exe c:\users\Floly\AppData\Roaming\drivers\downld\62072205.exe c:\users\Floly\AppData\Roaming\drivers\downld\62072735.exe c:\users\Floly\AppData\Roaming\drivers\downld\62072969.exe c:\users\Floly\AppData\Roaming\drivers\downld\620899.exe c:\users\Floly\AppData\Roaming\drivers\downld\62165852.exe c:\users\Floly\AppData\Roaming\drivers\downld\62170797.exe c:\users\Floly\AppData\Roaming\drivers\downld\62171031.exe c:\users\Floly\AppData\Roaming\drivers\downld\62171406.exe c:\users\Floly\AppData\Roaming\drivers\downld\62171811.exe c:\users\Floly\AppData\Roaming\drivers\downld\62171827.exe c:\users\Floly\AppData\Roaming\drivers\downld\62540.exe c:\users\Floly\AppData\Roaming\drivers\downld\62790.exe c:\users\Floly\AppData\Roaming\drivers\downld\63336.exe c:\users\Floly\AppData\Roaming\drivers\downld\641834.exe c:\users\Floly\AppData\Roaming\drivers\downld\642973.exe c:\users\Floly\AppData\Roaming\drivers\downld\643894.exe c:\users\Floly\AppData\Roaming\drivers\downld\644050.exe c:\users\Floly\AppData\Roaming\drivers\downld\64459.exe c:\users\Floly\AppData\Roaming\drivers\downld\64537.exe c:\users\Floly\AppData\Roaming\drivers\downld\64568.exe c:\users\Floly\AppData\Roaming\drivers\downld\647731.exe c:\users\Floly\AppData\Roaming\drivers\downld\648308.exe c:\users\Floly\AppData\Roaming\drivers\downld\65302.exe c:\users\Floly\AppData\Roaming\drivers\downld\65645.exe c:\users\Floly\AppData\Roaming\drivers\downld\65660.exe c:\users\Floly\AppData\Roaming\drivers\downld\660804.exe c:\users\Floly\AppData\Roaming\drivers\downld\661553.exe c:\users\Floly\AppData\Roaming\drivers\downld\662115.exe c:\users\Floly\AppData\Roaming\drivers\downld\680663.exe c:\users\Floly\AppData\Roaming\drivers\downld\681334.exe c:\users\Floly\AppData\Roaming\drivers\downld\681708.exe c:\users\Floly\AppData\Roaming\drivers\downld\681833.exe c:\users\Floly\AppData\Roaming\drivers\downld\682020.exe c:\users\Floly\AppData\Roaming\drivers\downld\68484.exe c:\users\Floly\AppData\Roaming\drivers\downld\68546.exe c:\users\Floly\AppData\Roaming\drivers\downld\695842.exe c:\users\Floly\AppData\Roaming\drivers\downld\696560.exe c:\users\Floly\AppData\Roaming\drivers\downld\696856.exe c:\users\Floly\AppData\Roaming\drivers\downld\697605.exe c:\users\Floly\AppData\Roaming\drivers\downld\698104.exe c:\users\Floly\AppData\Roaming\drivers\downld\700210.exe c:\users\Floly\AppData\Roaming\drivers\downld\709258.exe c:\users\Floly\AppData\Roaming\drivers\downld\709632.exe c:\users\Floly\AppData\Roaming\drivers\downld\709648.exe c:\users\Floly\AppData\Roaming\drivers\downld\710459.exe c:\users\Floly\AppData\Roaming\drivers\downld\710756.exe c:\users\Floly\AppData\Roaming\drivers\downld\710771.exe c:\users\Floly\AppData\Roaming\drivers\downld\71729.exe c:\users\Floly\AppData\Roaming\drivers\downld\717760.exe c:\users\Floly\AppData\Roaming\drivers\downld\717979.exe c:\users\Floly\AppData\Roaming\drivers\downld\717994.exe c:\users\Floly\AppData\Roaming\drivers\downld\727963.exe c:\users\Floly\AppData\Roaming\drivers\downld\728821.exe c:\users\Floly\AppData\Roaming\drivers\downld\729351.exe c:\users\Floly\AppData\Roaming\drivers\downld\74786.exe c:\users\Floly\AppData\Roaming\drivers\downld\750645.exe c:\users\Floly\AppData\Roaming\drivers\downld\751581.exe c:\users\Floly\AppData\Roaming\drivers\downld\751815.exe c:\users\Floly\AppData\Roaming\drivers\downld\754732.exe c:\users\Floly\AppData\Roaming\drivers\downld\75488.exe c:\users\Floly\AppData\Roaming\drivers\downld\75504.exe c:\users\Floly\AppData\Roaming\drivers\downld\755154.exe c:\users\Floly\AppData\Roaming\drivers\downld\755169.exe c:\users\Floly\AppData\Roaming\drivers\downld\75598.exe c:\users\Floly\AppData\Roaming\drivers\downld\759849.exe c:\users\Floly\AppData\Roaming\drivers\downld\760161.exe c:\users\Floly\AppData\Roaming\drivers\downld\76128.exe c:\users\Floly\AppData\Roaming\drivers\downld\76201995.exe c:\users\Floly\AppData\Roaming\drivers\downld\76202026.exe c:\users\Floly\AppData\Roaming\drivers\downld\76215411.exe c:\users\Floly\AppData\Roaming\drivers\downld\76216909.exe c:\users\Floly\AppData\Roaming\drivers\downld\76217533.exe c:\users\Floly\AppData\Roaming\drivers\downld\76261509.exe c:\users\Floly\AppData\Roaming\drivers\downld\76262445.exe c:\users\Floly\AppData\Roaming\drivers\downld\76263241.exe c:\users\Floly\AppData\Roaming\drivers\downld\76357840.exe c:\users\Floly\AppData\Roaming\drivers\downld\76470660.exe c:\users\Floly\AppData\Roaming\drivers\downld\76470785.exe c:\users\Floly\AppData\Roaming\drivers\downld\76596.exe c:\users\Floly\AppData\Roaming\drivers\downld\77314.exe c:\users\Floly\AppData\Roaming\drivers\downld\777618.exe c:\users\Floly\AppData\Roaming\drivers\downld\77860.exe c:\users\Floly\AppData\Roaming\drivers\downld\780644.exe c:\users\Floly\AppData\Roaming\drivers\downld\781596.exe c:\users\Floly\AppData\Roaming\drivers\downld\781830.exe c:\users\Floly\AppData\Roaming\drivers\downld\781845.exe c:\users\Floly\AppData\Roaming\drivers\downld\78296.exe c:\users\Floly\AppData\Roaming\drivers\downld\787103.exe c:\users\Floly\AppData\Roaming\drivers\downld\78733.exe c:\users\Floly\AppData\Roaming\drivers\downld\787399.exe c:\users\Floly\AppData\Roaming\drivers\downld\787415.exe c:\users\Floly\AppData\Roaming\drivers\downld\788101.exe c:\users\Floly\AppData\Roaming\drivers\downld\79045.exe c:\users\Floly\AppData\Roaming\drivers\downld\792282.exe c:\users\Floly\AppData\Roaming\drivers\downld\792531.exe c:\users\Floly\AppData\Roaming\drivers\downld\79451.exe c:\users\Floly\AppData\Roaming\drivers\downld\81058.exe c:\users\Floly\AppData\Roaming\drivers\downld\823170.exe c:\users\Floly\AppData\Roaming\drivers\downld\82321.exe c:\users\Floly\AppData\Roaming\drivers\downld\823591.exe c:\users\Floly\AppData\Roaming\drivers\downld\836508.exe c:\users\Floly\AppData\Roaming\drivers\downld\837631.exe c:\users\Floly\AppData\Roaming\drivers\downld\837865.exe c:\users\Floly\AppData\Roaming\drivers\downld\855462.exe c:\users\Floly\AppData\Roaming\drivers\downld\85769.exe c:\users\Floly\AppData\Roaming\drivers\downld\859674.exe c:\users\Floly\AppData\Roaming\drivers\downld\859971.exe c:\users\Floly\AppData\Roaming\drivers\downld\86939.exe c:\users\Floly\AppData\Roaming\drivers\downld\86954.exe c:\users\Floly\AppData\Roaming\drivers\downld\874307.exe c:\users\Floly\AppData\Roaming\drivers\downld\876522.exe c:\users\Floly\AppData\Roaming\drivers\downld\883230.exe c:\users\Floly\AppData\Roaming\drivers\downld\884010.exe c:\users\Floly\AppData\Roaming\drivers\downld\884697.exe c:\users\Floly\AppData\Roaming\drivers\downld\886694.exe c:\users\Floly\AppData\Roaming\drivers\downld\889314.exe c:\users\Floly\AppData\Roaming\drivers\downld\893573.exe c:\users\Floly\AppData\Roaming\drivers\downld\895336.exe c:\users\Floly\AppData\Roaming\drivers\downld\895679.exe c:\users\Floly\AppData\Roaming\drivers\downld\897380.exe c:\users\Floly\AppData\Roaming\drivers\downld\898362.exe c:\users\Floly\AppData\Roaming\drivers\downld\898612.exe c:\users\Floly\AppData\Roaming\drivers\downld\902699.exe c:\users\Floly\AppData\Roaming\drivers\downld\903261.exe c:\users\Floly\AppData\Roaming\drivers\downld\903354.exe c:\users\Floly\AppData\Roaming\drivers\downld\903729.exe c:\users\Floly\AppData\Roaming\drivers\downld\904914.exe c:\users\Floly\AppData\Roaming\drivers\downld\912839.exe c:\users\Floly\AppData\Roaming\drivers\downld\91447.exe c:\users\Floly\AppData\Roaming\drivers\downld\916708.exe c:\users\Floly\AppData\Roaming\drivers\downld\92040.exe c:\users\Floly\AppData\Roaming\drivers\downld\920920.exe c:\users\Floly\AppData\Roaming\drivers\downld\920983.exe c:\users\Floly\AppData\Roaming\drivers\downld\921497.exe c:\users\Floly\AppData\Roaming\drivers\downld\922246.exe c:\users\Floly\AppData\Roaming\drivers\downld\92695.exe c:\users\Floly\AppData\Roaming\drivers\downld\935725.exe c:\users\Floly\AppData\Roaming\drivers\downld\944008.exe c:\users\Floly\AppData\Roaming\drivers\downld\94708.exe c:\users\Floly\AppData\Roaming\drivers\downld\947924.exe c:\users\Floly\AppData\Roaming\drivers\downld\948579.exe c:\users\Floly\AppData\Roaming\drivers\downld\948704.exe c:\users\Floly\AppData\Roaming\drivers\downld\949047.exe c:\users\Floly\AppData\Roaming\drivers\downld\949858.exe c:\users\Floly\AppData\Roaming\drivers\downld\949874.exe c:\users\Floly\AppData\Roaming\drivers\downld\956379.exe c:\users\Floly\AppData\Roaming\drivers\downld\95940.exe c:\users\Floly\AppData\Roaming\drivers\downld\962510.exe c:\users\Floly\AppData\Roaming\drivers\downld\963805.exe c:\users\Floly\AppData\Roaming\drivers\downld\964678.exe c:\users\Floly\AppData\Roaming\drivers\downld\965521.exe c:\users\Floly\AppData\Roaming\drivers\downld\96580.exe c:\users\Floly\AppData\Roaming\drivers\downld\967518.exe c:\users\Floly\AppData\Roaming\drivers\downld\967533.exe c:\users\Floly\AppData\Roaming\drivers\downld\97188.exe c:\users\Floly\AppData\Roaming\drivers\downld\97812.exe c:\users\Floly\AppData\Roaming\drivers\downld\99138.exe c:\users\Floly\AppData\Roaming\drivers\downld\992337.exe c:\users\Floly\AppData\Roaming\drivers\downld\998187.exe c:\users\Floly\AppData\Roaming\drivers\downld\998734.exe c:\users\Floly\AppData\Roaming\drivers\downld\998921.exe c:\users\Floly\AppData\Roaming\drivers\downld\999404.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SK9OU0S ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-17 au 2009-04-17 )))))))))))))))))))))))))))))))))))) . 2009-04-17 16:28 . 2009-04-17 16:28 -------- d-----w C:\Combofixkrystal2 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\users\Floly\AppData\Roaming\Malwarebytes 2009-04-17 15:50 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-17 15:50 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\users\All Users\Malwarebytes 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\programdata\Malwarebytes 2009-04-17 14:32 . 2009-04-17 14:33 -------- d-----w C:\ComboFixkrystal 2009-04-16 20:45 . 2009-04-16 20:48 -------- d-----w C:\ToolBar SD 2009-04-15 18:38 . 2009-04-16 04:52 -------- d-----w c:\windows\BDOSCAN8 2009-04-14 18:46 . 2009-04-14 19:22 38 ----a-w c:\windows\AviSplitter.INI 2009-04-14 16:15 . 2009-04-14 16:15 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-04-14 16:10 . 2009-04-17 19:30 -------- d--h--w c:\users\Floly\AppData\Roaming\drivers 2009-04-12 14:20 . 2009-04-12 14:20 -------- d-----w c:\users\All Users\GameHouse 2009-04-12 14:20 . 2009-04-12 14:20 -------- d-----w c:\programdata\GameHouse 2009-04-12 13:19 . 2009-04-12 14:20 -------- d-----w c:\users\Floly\AppData\Roaming\Zylom 2009-04-12 13:18 . 2009-04-12 15:23 -------- d-----w c:\users\Floly\AppData\Local\Zylom Games 2009-03-27 23:53 . 2009-03-27 23:53 -------- d-----w c:\users\Floly\AppData\Local\Real 2009-03-20 18:24 . 2009-03-20 18:24 31750 ----a-w c:\users\Floly\AppData\Local\kgcmeic.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-17 19:34 . 2008-05-11 15:04 -------- d-----w c:\users\Floly\AppData\Roaming\Skype 2009-04-17 19:32 . 2009-04-17 19:32 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat 2009-04-17 19:32 . 2009-04-17 19:32 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat 2009-04-17 16:19 . 2007-07-06 12:59 678718 ----a-w c:\windows\System32\perfh00C.dat 2009-04-17 16:19 . 2007-07-06 12:59 127798 ----a-w c:\windows\System32\perfc00C.dat 2009-04-17 16:15 . 2008-05-11 15:07 -------- d-----w c:\users\Floly\AppData\Roaming\skypePM 2009-04-17 15:50 . 2009-04-17 15:50 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-16 20:48 . 2009-04-16 20:47 18230 ----a-w C:\TB.txt 2009-04-16 19:21 . 2009-04-16 19:19 -------- d-----w c:\program files\Navilog1 2009-04-16 18:59 . 2008-06-13 14:32 88 ----a-w c:\users\Floly\AppData\Local\eulcsja.bat 2009-04-16 05:09 . 2007-10-28 12:20 32768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2009-04-16 05:09 . 2007-10-28 12:20 16384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 2009-04-16 05:09 . 2007-10-28 12:20 16384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2009-03-27 23:53 . 2009-03-27 23:53 -------- d-----w c:\program files\Common Files\xing shared 2009-03-27 23:53 . 2007-07-06 03:48 -------- d-----w c:\program files\Common Files\Real 2009-03-27 23:52 . 2007-07-06 04:01 -------- d-----w c:\program files\Google 2009-03-11 19:11 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-03-02 09:59 . 2007-10-28 12:31 102784 ----a-w c:\users\Floly\AppData\Local\GDIPFONTCACHEV1.DAT 2009-03-02 09:57 . 2009-03-02 09:57 -------- d-----w c:\users\Floly\AppData\Roaming\OpenOffice.org 2009-03-02 09:51 . 2009-03-02 09:51 -------- d-----w c:\program files\JRE 2009-03-02 09:51 . 2009-03-02 09:51 -------- d-----w c:\program files\OpenOffice.org 3 2009-03-02 09:51 . 2007-11-10 11:02 -------- d-----w c:\program files\OpenOffice.org 2.3 2009-03-02 09:44 . 2007-11-10 14:00 -------- d-----w c:\users\Floly\AppData\Roaming\OpenOffice.org2 2009-02-28 10:24 . 2009-01-12 21:44 -------- d-----w c:\program files\Serious Sam 2 2009-02-28 10:22 . 2008-05-09 20:24 -------- d-----w c:\program files\Common Files\Apple 2009-02-28 10:21 . 2007-07-06 03:34 -------- d--h--w c:\program files\InstallShield Installation Information 2009-02-28 10:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Microsoft Games 2009-02-28 09:38 . 2008-11-27 09:03 -------- d-----w c:\program files\Microsoft Silverlight 2009-02-26 20:30 . 2009-02-26 20:30 -------- d-----w c:\users\Floly\AppData\Roaming\AdobeUM 2009-02-26 19:59 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat 2009-02-26 19:59 . 2006-11-02 10:25 143360 ----a-w c:\windows\Inf\infstrng.dat 2009-02-26 19:59 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat 2009-02-19 13:44 . 2009-02-19 13:43 -------- d-----w c:\program files\SweetIM 2009-02-19 13:43 . 2009-02-19 13:43 -------- d-----w c:\programdata\SweetIM 2009-02-14 15:49 . 2009-02-14 11:17 60435 ----a-w c:\users\Floly\AppData\Roaming\mdbu.bin 2009-02-09 03:10 . 2009-03-11 05:38 2033152 ----a-w c:\windows\System32\win32k.sys 2009-01-12 16:47 . 2008-01-29 09:34 220 ----a-w c:\users\Floly\AppData\Roaming\wklnhst.dat 2008-07-23 11:04 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2008-03-17 19:26 . 2008-03-17 19:26 680 ----a-w c:\users\Floly\AppData\Local\d3d9caps.dat 2008-01-03 18:46 . 2008-01-03 18:46 93 ----a-w c:\users\Floly\AppData\Local\fusioncache.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-10-08 11:22 1172792 ----a-w c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-04-30 22058792] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-20 39408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-13 136600] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-28 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-28 8473120] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-28 81920] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-28 111928] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-27 198160] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-01 4390912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168] c:\users\Floly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "FilterAdministratorToken"= 1 (0x1) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3315163706-1742322442-1852348343-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{E758E172-FC62-47DF-AA00-8D984A2BC362}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{A68C666A-87B0-4EF4-8BDC-30D4AD8EDE52}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{6ECF5B63-03D7-4E18-929A-0C1D94CC54CE}"= Disabled:UDP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OCNCZKO2\incredimail_install[1].exe:IncrediMail Installer "{DA0D83D9-4CA0-41BA-8722-F3D938199774}"= Disabled:TCP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OCNCZKO2\incredimail_install[1].exe:IncrediMail Installer "{BABD9CED-2B20-480C-A5D8-3F195EEBC6F1}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{27809375-E113-433B-BFA3-F0A09D1F39BA}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{B57F0B49-FBCD-4742-8B9C-ACE9B5094523}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{CE166D95-9357-4E05-AD5E-3849414DC012}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{14C43D57-8D38-4910-A1BA-ECCB01694AE4}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{98E0648B-CA34-43F3-A2DD-62A7284198E7}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "TCP Query User{DC29C8B7-65A8-4310-95D2-87A50470953F}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{0D31D0E4-655B-4015-B5D9-AE1132DD80EF}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{E104571B-AAE7-49ED-A54C-E3155B66F356}"= Disabled:UDP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0G2OAXW\incredimail_install[1].exe:IncrediMail Installer "{6773CDF1-9DEA-4BF1-A9C5-8DA6ECACEC26}"= Disabled:TCP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0G2OAXW\incredimail_install[1].exe:IncrediMail Installer "{5E989702-D3C0-4A63-BC18-E9ADB6310B3E}"= Disabled:UDP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKB43ZQ1\incredimail_install[1].exe:IncrediMail Installer "{0E6BBA53-732C-4DCC-9D25-FF0879842CAE}"= Disabled:TCP:c:\users\Floly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKB43ZQ1\incredimail_install[1].exe:IncrediMail Installer "{6808B310-06AC-4231-987D-4B1FEFE3DBD5}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{AC32F140-E3C0-4951-AA2E-AFF6EE1DECD2}"= c:\program files\Skype\Phone\Skype.exe:Skype "{349742FC-5E1C-4279-99D8-5137FDFFB888}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{1E8BC845-522D-4BB9-BF45-A83AE7B9710B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{9A59F8C4-2187-4720-AB2B-9A5B43FC7278}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{BD93F797-B950-4167-951D-FB93C71B7C63}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{E4EDFE9E-5893-4105-9557-5D33A592CD86}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{9EF9BF6B-5C1B-4E7A-B488-005F90FA1726}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{9E480C17-0B7C-44A2-BEEF-F4E1A5D12A5C}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{3C034664-B62D-4ECF-B439-4660C6C24FE6}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 gupdate1c9af37af92a6c;Service Google Update (gupdate1c9af37af92a6c);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-27 133104] --- Autres Services/Pilotes en mémoire --- *Deregistered* - sptd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57afb721-b228-11dd-a4c0-001bb9843414}] \shell\AutoRun\command - J:\autorun.exe \shell\directx\command - j:\directx9\dxsetup.exe \shell\setup\command - J:\install.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57afb731-b228-11dd-a4c0-001bb9843414}] \shell\AutoRun\command - K:\CDCheck.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57afb733-b228-11dd-a4c0-001bb9843414}] \shell\AutoRun\command - L:\CDCheck.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57afb735-b228-11dd-a4c0-001bb9843414}] \shell\AutoRun\command - M:\CDCheck.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{afb2961d-cd03-11dc-b394-001bb9843414}] \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd561.vbs . Contenu du dossier 'Tâches planifiées' 2009-04-17 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-27 23:51] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe HKCU-Run-uugic - c:\users\floly\appdata\local\uugic.exe HKCU-RunOnce-Shockwave Updater - c:\windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB5; SIMBAR={F99EA412-476E-4684-B4EE-F4A26A4CDF02}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET HKLM-Run-RegistryMechanic - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.orange.fr/ mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-17 21:36 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(10056) c:\windows\TEMP\logishrd\LVPrcInj01.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\audiodg.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\logishrd\LVCOMSER\LVComSer.exe c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\logishrd\LVCOMSER\LVComSer.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\System32\conime.exe c:\windows\System32\rundll32.exe c:\windows\System32\rundll32.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\ehome\ehmsas.exe c:\program files\Common Files\logishrd\LQCVFX\COCIManager.exe c:\windows\servicing\TrustedInstaller.exe c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe . ************************************************************************** . Heure de fin: 2009-04-17 21:40 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-17 19:39 Avant-CF: 221 123 866 624 octets libres Après-CF: 222 300 786 688 octets libres 1135 --- E O F --- 2009-04-06 17:49
  16. krystal33380
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:00:01, on 17/04/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Users\Floly\Videos\Hijack kristal33380.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [uugic] "c:\users\floly\appdata\local\uugic.exe" uugic O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB5; SIMBAR={F99EA412-476E-4684-B4EE-F4A26A4CDF02}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.isketch.net/isketch.shtml" O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader4.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate1c9af37af92a6c) (gupdate1c9af37af92a6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10915 bytes
  17. krystal33380
    même pb que tout à l'heure ! encart bleu avec administrateur en haut et petit tiret qui clignote !
  18. krystal33380
    MBAM m'a fait redémarrer mais un encart windows defender s'est affiché ! ça dit: échec de l'initialisation de l'application..... le temps que je marque, c'est parti ! je continue donc !
  19. krystal33380
    Malwarebytes' Anti-Malware 1.36 Version de la base de données: 1993 Windows 6.0.6001 Service Pack 1 17/04/2009 18:09:23 mbam-log-2009-04-17 (18-09-23).txt Type de recherche: Examen rapide Eléments examinés: 83007 Temps écoulé: 6 minute(s), 22 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 16 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sk9ou0s (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sk9ou0s (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sk9ou0s (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa (Rootkit.Bagle) -> Delete on reboot. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Rootkit.Bagle) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Rootkit.Bagle) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Rootkit.Bagle) -> Delete on reboot. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\WINDOWS\System32\drivers\down (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Floly\AppData\Roaming\m (Trojan.Agent) -> Delete on reboot. Fichier(s) infecté(s): C:\Users\Floly\Local Settings\Application Data\uugic_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Floly\Local Settings\Application Data\uugic_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Floly\Local Settings\Application Data\uugic.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Floly\Local Settings\Application Data\uugic.exe (Adware.Navipromo.H) -> Delete on reboot. C:\WINDOWS\System32\drivers\down\567703.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\System32\drivers\down\571462.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Floly\AppData\Roaming\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Floly\AppData\Roaming\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Floly\AppData\Roaming\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Floly\AppData\Roaming\drivers\srosa2.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Floly\AppData\Roaming\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\System32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully. C:\WINDOWS\System32\wintems.exe (Trojan.Spammer) -> Delete on reboot. C:\Users\Floly\AppData\Roaming\m\flec006.exe (Trojan.Agent) -> Delete on reboot. C:\Users\Floly\Application Data\drivers\srosa2.sys (Rootkit.Bagle) -> Quarantined and deleted successfully. C:\Users\Floly\Application Data\drivers\wfsintwq.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
  20. krystal33380
    je ne me sers plus de combofix? je peux le fermer?
  21. krystal33380
    voilà! je pense avoir fait comme c'était dit, j'ai lancé combofix ça m'affiche un petit écran bleu avec "administrateur et un petit trait qui clignote dessous !mais il ne se lance pas ! je n'ose cliquer sur rien !!!mdr
  22. krystal33380
    Dsl, je n'avais pas vu que j'avais ta réponse sur la 2ème page ! je m'y remets ! merci !
  23. krystal33380
    petite question avant de commencer ! dès que je clique sur le lien de combofix, je mets exécuter ou enregistrer ? je veux être sure de ne pas faire d'aneries ! (comme je les collectionne en ce moment....lol )merci !
  24. krystal33380
    petite question avant de commencer ! dès que je clique sur le lien de combofix, je mets exécuter ou enregistrer ? je veux être sure de ne pas faire d'aneries ! (comme je les collectionne en ce moment....lol )merci !
  25. krystal33380
    -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Floly ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:290 Go (Free:209 Go) D:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go) E:\ (CD or DVD) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (CD or DVD) K:\ (CD or DVD) L:\ (CD or DVD) M:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 16/04/2009|22:47 ) [ UAC => 0 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\DAEMON Tools Toolbar C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll C:\Program Files\DAEMON Tools Toolbar\Resources C:\Program Files\DAEMON Tools Toolbar\uninst.exe C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico C:\Program Files\DAEMON Tools Toolbar\Resources\as.png C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioError.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioError_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioSmallDisp.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioSmallDisp_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioWait.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\RadioWait_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.orange.fr/" "Local Page"="C:\\Windows\\system32\\blank.htm" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://home.sweetim.com" "Default_Page_URL"="http://fr.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections C:\Users\Floly\AppData\Local\uugic.dat C:\Users\Floly\AppData\Local\uugic.exe C:\Users\Floly\AppData\Local\uugic_nav.dat C:\Users\Floly\AppData\Local\uugic_navps.dat ==> EGDACCESS <== C:\Windows\system32\ban_list.txt C:\Windows\system32\drivers\down ==> BAGLE <== --------------------\\ ROOTKIT !! Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA] Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA] Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA] --------------------\\ Cracks & Keygens .. C:\Users\Floly\Documents\Dieu\Musiques\Musique yo\01 Wise Cracks - Raccourci.lnk C:\Users\Floly\Favorites\sites thom\Le crack du black jack.url [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 16/04/2009|22:48 - Option : [1] -----------\\ Fin du rapport a 22:48:17,73 ouf ! j'ai réussi !^^
×
×
  • Créer...