Aller au contenu

Cayzer

Membres
  • Compteur de contenus

    5
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Français, Anglais, Arabe

Cayzer's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Voila ce que donne ComboFix2.txt : ComboFix 09-05-07.A0 - Bob_ 08/05/2009 15:06.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.455 [GMT 1:00] Lancé depuis: c:\documents and settings\Bob_\Bureau\downthmall\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Bob_\Bureau\downthmall\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) FILE :: c:\windows\system32\winxp.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 )))))))))))))))))))))))))))))))))))) . 2009-05-08 11:27 . 2009-05-08 11:28 -------- d-----w C:\rsit 2009-05-08 10:10 . 2008-02-15 11:49 184320 ----a-w c:\windows\system32\igfxres.dll 2009-05-08 09:54 . 2002-09-07 00:00 31360 -c--a-w c:\windows\system32\dllcache\weitekp9.sys 2009-05-08 09:54 . 2002-09-07 00:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll 2009-05-08 09:54 . 2008-04-13 17:33 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll 2009-05-08 09:54 . 2002-09-07 00:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll 2009-05-08 09:54 . 2008-04-13 17:33 77824 -c--a-w c:\windows\system32\dllcache\wam51.dll 2009-05-08 09:54 . 2008-04-13 17:33 367104 -c--a-w c:\windows\system32\dllcache\w3svc.dll 2009-05-08 09:54 . 2002-09-07 00:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll 2009-05-08 09:54 . 2002-09-07 00:00 74240 -c--a-w c:\windows\system32\dllcache\w3ext.dll 2009-05-08 09:54 . 2002-09-07 00:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll 2009-05-08 09:54 . 2002-09-07 00:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll 2009-05-08 09:54 . 2008-04-13 17:32 86073 -c--a-w c:\windows\system32\dllcache\voicesub.dll 2009-05-08 09:54 . 2008-04-13 17:32 426041 -c--a-w c:\windows\system32\dllcache\voicepad.dll 2009-05-08 09:52 . 2008-04-13 17:33 23040 -c--a-w c:\windows\system32\dllcache\lpdsvc.dll 2009-05-08 09:51 . 2002-09-07 00:00 7168 -c--a-w c:\windows\system32\dllcache\wamregps.dll 2009-05-08 09:40 . 2002-09-07 00:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll 2009-05-08 09:40 . 2002-09-07 00:00 13312 ----a-w c:\windows\system32\irclass.dll 2009-05-08 09:40 . 2002-09-07 00:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll 2009-05-08 09:40 . 2002-09-07 00:00 24661 ----a-w c:\windows\system32\spxcoins.dll 2009-05-07 22:33 . 2009-05-07 22:33 -------- d-----w c:\program files\Bazooka Scanner 2009-05-07 22:22 . 2009-05-07 22:22 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\documents and settings\Bob_\Application Data\Skype 2009-05-01 20:59 . 2009-05-01 21:03 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Skype 2009-04-27 20:25 . 2009-04-27 20:25 -------- d-----w c:\program files\WinAVI MP4 Converter 2009-04-24 11:51 . 2009-04-24 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor 2009-04-24 11:33 . 2009-04-24 11:33 230432 ----a-w C:\PA207.DAT 2009-04-23 13:35 . 2009-04-24 11:50 -------- d-----w c:\documents and settings\INTER\Application Data\GetRightToGo 2009-04-19 07:41 . 2009-04-19 07:41 -------- d-----w c:\windows\system32\config\systemprofile\Application DataPDFcreator 2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\documents and settings\Bob_\Application Data\PDFCreator 2009-04-18 19:32 . 2005-04-20 19:08 196608 ----a-w c:\windows\system32\PDFSpooler.exe 2009-04-18 19:32 . 2001-10-28 16:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll 2009-04-18 19:32 . 1998-07-06 16:56 125712 ----a-w c:\windows\system32\VB6DE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 158208 ----a-w c:\windows\system32\MSCMCDE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 64512 ----a-w c:\windows\system32\MSCC2DE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 33792 ----a-w c:\windows\system32\CMDLGDE.DLL 2009-04-18 19:32 . 1998-07-06 00:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL 2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\program files\PDFCreator PL 2009-04-17 21:31 . 2009-04-17 21:31 -------- d-----w c:\program files\MagicISO 2009-04-15 16:17 . 2009-04-15 16:18 -------- d-----w c:\program files\winLAME 2009-04-13 19:51 . 2009-04-17 12:19 -------- d-----w c:\documents and settings\Bob_\Application Data\Audacity 2009-04-13 08:33 . 2009-04-21 14:59 -------- d-----w c:\windows\system32\Adobe 2009-04-12 19:17 . 2009-04-12 19:17 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009 2009-04-12 19:15 . 2009-05-07 16:28 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009-04-12 18:55 . 2009-04-12 19:03 -------- d-----w c:\program files\Fichiers communs\SolidWorks Shared 2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\windows\system32\GroupPolicy 2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\program files\Fichiers communs\eDrawings2009 2009-04-12 18:55 . 2009-04-12 19:15 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks 2009-04-11 18:04 . 2009-04-11 18:04 -------- d-----w C:\rdm6 2009-04-11 17:10 . 2009-05-05 16:35 -------- d-----w C:\Toolbox Parts 2009-04-11 17:10 . 2009-04-12 19:19 -------- d-----w c:\program files\SolidWorks 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Graphisoft 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Graphisoft 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Application Data\Graphisoft 2009-04-10 09:10 . 2009-04-10 09:10 -------- d-----w c:\documents and settings\Bob_\Application Data\Notepad++ 2009-04-10 08:51 . 2009-04-10 08:51 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Identities . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-08 12:47 . 2002-09-07 00:00 80748 ----a-w c:\windows\system32\perfc00C.dat 2009-05-08 12:47 . 2002-09-07 00:00 500900 ----a-w c:\windows\system32\perfh00C.dat 2009-05-08 10:10 . 2009-03-01 13:42 96648 ----a-w c:\documents and settings\Bob_\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-08 09:50 . 2002-09-07 00:00 67 --sha-w c:\windows\Fonts\desktop.ini 2009-05-08 09:49 . 2009-03-01 12:12 23032 ----a-w c:\windows\system32\emptyregdb.dat 2009-05-05 21:23 . 2009-03-22 12:14 1210264 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-05 10:21 . 2009-03-01 14:07 96648 ----a-w c:\documents and settings\INTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 10:21 . 2009-04-04 09:47 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys 2009-04-23 15:11 . 2009-03-02 07:30 -------- d-----w c:\program files\MSN Messenger 2009-04-23 15:10 . 2009-03-06 19:32 -------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller 2009-04-12 18:55 . 2009-03-09 18:20 -------- d-----w c:\program files\AGEIA Technologies 2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Fichiers communs\PAC207 2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Aitinc 2009-04-08 10:27 . 2009-03-01 13:36 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-04 09:47 . 2009-04-04 09:47 -------- d-----w c:\program files\Avira 2009-04-04 08:34 . 2009-04-04 08:34 -------- d-----w c:\program files\Kaspersky Lab 2009-04-04 08:09 . 2009-04-04 08:26 1310720 ----a-w c:\windows\Internet Logs\xDBF.tmp 2009-04-04 08:09 . 2009-04-04 08:26 8192 ----a-w c:\windows\Internet Logs\xDBE.tmp 2009-04-04 08:08 . 2009-04-04 08:09 1384960 ----a-w c:\windows\Internet Logs\xDBD.tmp 2009-04-04 08:08 . 2009-04-04 08:09 32768 ----a-w c:\windows\Internet Logs\xDBC.tmp 2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBB.tmp 2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBA.tmp 2009-04-04 07:51 . 2009-04-04 08:05 15360 ----a-w c:\windows\Internet Logs\xDB9.tmp 2009-04-04 07:49 . 2009-04-04 07:51 1355264 ----a-w c:\windows\Internet Logs\xDB8.tmp 2009-04-04 07:49 . 2009-04-04 07:51 27136 ----a-w c:\windows\Internet Logs\xDB7.tmp 2009-04-04 07:44 . 2009-04-04 07:46 13824 ----a-w c:\windows\Internet Logs\xDB5.tmp 2009-04-04 07:44 . 2009-04-04 07:46 1328640 ----a-w c:\windows\Internet Logs\xDB6.tmp 2009-04-04 07:43 . 2009-04-04 07:44 43008 ----a-w c:\windows\Internet Logs\xDB2.tmp 2009-04-04 07:43 . 2009-04-04 07:44 1871872 ----a-w c:\windows\Internet Logs\xDB3.tmp 2009-04-04 07:41 . 2009-04-04 07:42 1875968 ----a-w c:\windows\Internet Logs\xDB1.tmp 2009-04-04 07:38 . 2009-04-04 07:44 1870848 ----a-w c:\windows\Internet Logs\xDB4.tmp 2009-04-04 07:38 . 2009-04-04 07:36 4212 ---ha-w c:\windows\system32\zllictbl.dat 2009-04-03 18:43 . 2009-04-03 18:43 -------- d-----w c:\program files\Zone Labs 2009-04-02 17:49 . 2009-04-02 17:49 83008 ----a-w c:\documents and settings\Papa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-02 15:32 . 2009-04-02 15:32 155648 ----a-w c:\windows\system32\SDCtrls.dll 2009-04-01 21:37 . 2009-04-01 21:37 290816 ------w c:\windows\Setup1.exe 2009-04-01 21:37 . 2009-04-01 21:37 74752 ----a-w c:\windows\ST6UNST.EXE 2009-04-01 11:28 . 2009-04-01 11:27 -------- d-----w c:\program files\QuickTime 2009-04-01 11:23 . 2009-03-31 09:41 -------- d-----w c:\program files\Graphisoft 2009-03-31 18:02 . 2009-03-31 18:00 -------- d-----w c:\program files\Fichiers communs\Ahead 2009-03-31 18:00 . 2009-03-31 18:00 -------- d-----w c:\program files\Nero 2009-03-31 11:16 . 2009-03-31 11:16 -------- d-----w c:\program files\WIBUKEY 2009-03-31 11:11 . 2009-03-31 11:17 57552 ----a-w c:\windows\system32\WkDos.exe 2009-03-31 11:11 . 2009-03-31 11:17 516096 ----a-w c:\windows\system32\WibuXpm4J32.dll 2009-03-31 11:11 . 2009-03-31 11:17 479232 ----a-w c:\windows\system32\wibuKJni.dll 2009-03-31 11:11 . 2009-03-31 11:17 348160 ----a-w c:\windows\system32\WkExt32.dll 2009-03-31 11:11 . 2009-03-31 11:17 16384 ----a-w c:\windows\system32\drivers\Wibukey2.sys 2009-03-31 11:11 . 2009-03-31 11:17 72704 ----a-w c:\windows\system32\drivers\WibuKey.sys 2009-03-31 11:11 . 2009-03-31 11:17 159744 ----a-w c:\windows\system32\WkWin32.dll 2009-03-31 09:45 . 2009-03-31 09:45 -------- d-----w c:\program files\WIBU-SYSTEMS 2009-03-31 09:44 . 2009-03-31 09:44 -------- d-----w c:\program files\Apple Software Update 2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Java 2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Fichiers communs\Java 2009-03-26 15:11 . 2009-03-26 15:11 -------- d-----w c:\program files\EnGenius 2009-03-25 12:28 . 2009-03-25 12:28 -------- d-----w c:\program files\EPSON 2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\program files\ma-config.com 2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com 2009-03-24 17:10 . 2009-03-24 17:10 -------- d-----w c:\program files\DigitalPeers 2009-03-22 12:14 . 2009-03-22 12:14 -------- d-----w c:\program files\MSBuild 2009-03-22 12:13 . 2009-03-22 12:13 -------- d-----w c:\program files\Reference Assemblies 2009-03-18 10:55 . 2009-03-02 07:42 -------- d-----w c:\program files\Messenger Plus! Live 2009-03-16 11:53 . 2009-03-16 11:53 -------- d-----w c:\program files\GIMP-2.0 2009-03-10 18:26 . 2009-03-10 18:26 -------- d-----w c:\program files\EA GAMES 2009-03-10 12:22 . 2009-03-02 07:08 -------- d-----w c:\program files\Winamp 2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Fichiers communs\Macromedia 2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Macromedia 2009-03-10 12:19 . 2009-03-02 07:16 -------- d-----w c:\program files\Fichiers communs\InstallShield 2009-03-09 18:19 . 2009-03-09 18:19 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2009-03-09 18:19 . 2009-03-09 18:19 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys 2009-03-05 12:34 . 2009-03-05 12:34 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-03-03 12:25 . 2009-03-01 12:14 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-03 11:05 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-03-02 07:16 . 2009-03-02 07:16 319488 ----a-w c:\windows\HideWin.exe 2009-03-02 07:06 . 2009-03-02 07:04 10368 ----a-w c:\windows\system32\drivers\pfc.sys 2009-03-01 17:12 . 2009-03-01 17:12 0 ----a-w c:\windows\nsreg.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-03 206088] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 99840] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\Bob_\Menu D‚marrer\Programmes\D‚marrage\ Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-9-9 841000] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\eMule\\emule.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2009 10:47 108289] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] R3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [08/04/2009 11:27 616064] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [09/09/2008 06:01 79144] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}] \Shell\AutoRun\command - J:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}] \Shell\AutoRun\command - L:\setupSNK.exe . Contenu du dossier 'Tâches planifiées' 2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] 2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Examen supplémentaire ------- . IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm IE: &Tout télécharger avec FlashGet - k:\progra~1\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - k:\progra~1\FlashGet\jc_link.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {F5D79831-1767-4B49-8D11-11492C360F56} = 208.67.222.222 193.55.10.102 FF - ProfilePath - c:\documents and settings\Bob_\Application Data\Mozilla\Firefox\Profiles\wyo4od69.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.google.fr FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-08 15:07 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1177238915-1500820517-1606980848-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\" "HistoryDir"="c:\\Documents and Settings\\Bob_\\Bureau\\fm\\FM-Genie-Scout-1.0-b103\\History Points" "LangDB"="" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="34-8400-E71F" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:0000001c . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(2452) c:\windows\system32\ieframe.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2009-05-08 15:08 ComboFix-quarantined-files.txt 2009-05-08 14:08 ComboFix2.txt 2009-05-08 13:38 Avant-CF: 12 791 652 352 octets libres Après-CF: 12 787 544 064 octets libres 283 --- E O F --- 2009-03-06 17:43 Merci pour ton aide pour Flashget, je m'en débarasse tout de suite je te crois sur parole MBAM est en cour de mise a jour (avec la connection que j'ai ça devrait prendre du temps) je t'envoi le rapport dés que je l'ai.. Encore une fois Merci pour tout
  2. Ah j'avais oublié de le poster désolé, Voila : --- ComboFix 09-05-07.A0 - Bob_ 08/05/2009 15:40.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.475 [GMT 1:00] Lancé depuis: c:\documents and settings\Bob_\Bureau\downthmall\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Bob_\Bureau\downthmall\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) FILE :: c:\windows\system32\winxp.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 )))))))))))))))))))))))))))))))))))) . 2009-05-08 11:27 . 2009-05-08 11:28 -------- d-----w C:\rsit 2009-05-08 10:10 . 2008-02-15 11:49 184320 ----a-w c:\windows\system32\igfxres.dll 2009-05-08 09:54 . 2002-09-07 00:00 31360 -c--a-w c:\windows\system32\dllcache\weitekp9.sys 2009-05-08 09:54 . 2002-09-07 00:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll 2009-05-08 09:54 . 2008-04-13 17:33 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll 2009-05-08 09:54 . 2002-09-07 00:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll 2009-05-08 09:54 . 2008-04-13 17:33 77824 -c--a-w c:\windows\system32\dllcache\wam51.dll 2009-05-08 09:54 . 2008-04-13 17:33 367104 -c--a-w c:\windows\system32\dllcache\w3svc.dll 2009-05-08 09:54 . 2002-09-07 00:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll 2009-05-08 09:54 . 2002-09-07 00:00 74240 -c--a-w c:\windows\system32\dllcache\w3ext.dll 2009-05-08 09:54 . 2002-09-07 00:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll 2009-05-08 09:54 . 2002-09-07 00:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll 2009-05-08 09:54 . 2008-04-13 17:32 86073 -c--a-w c:\windows\system32\dllcache\voicesub.dll 2009-05-08 09:54 . 2008-04-13 17:32 426041 -c--a-w c:\windows\system32\dllcache\voicepad.dll 2009-05-08 09:52 . 2008-04-13 17:33 23040 -c--a-w c:\windows\system32\dllcache\lpdsvc.dll 2009-05-08 09:51 . 2002-09-07 00:00 7168 -c--a-w c:\windows\system32\dllcache\wamregps.dll 2009-05-08 09:40 . 2002-09-07 00:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll 2009-05-08 09:40 . 2002-09-07 00:00 13312 ----a-w c:\windows\system32\irclass.dll 2009-05-08 09:40 . 2002-09-07 00:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll 2009-05-08 09:40 . 2002-09-07 00:00 24661 ----a-w c:\windows\system32\spxcoins.dll 2009-05-07 22:33 . 2009-05-07 22:33 -------- d-----w c:\program files\Bazooka Scanner 2009-05-07 22:22 . 2009-05-07 22:22 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\documents and settings\Bob_\Application Data\Skype 2009-05-01 20:59 . 2009-05-01 21:03 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Skype 2009-04-27 20:25 . 2009-04-27 20:25 -------- d-----w c:\program files\WinAVI MP4 Converter 2009-04-24 11:51 . 2009-04-24 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor 2009-04-24 11:33 . 2009-04-24 11:33 230432 ----a-w C:\PA207.DAT 2009-04-23 13:35 . 2009-04-24 11:50 -------- d-----w c:\documents and settings\INTER\Application Data\GetRightToGo 2009-04-19 07:41 . 2009-04-19 07:41 -------- d-----w c:\windows\system32\config\systemprofile\Application DataPDFcreator 2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\documents and settings\Bob_\Application Data\PDFCreator 2009-04-18 19:32 . 2005-04-20 19:08 196608 ----a-w c:\windows\system32\PDFSpooler.exe 2009-04-18 19:32 . 2001-10-28 16:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll 2009-04-18 19:32 . 1998-07-06 16:56 125712 ----a-w c:\windows\system32\VB6DE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 158208 ----a-w c:\windows\system32\MSCMCDE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 64512 ----a-w c:\windows\system32\MSCC2DE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 33792 ----a-w c:\windows\system32\CMDLGDE.DLL 2009-04-18 19:32 . 1998-07-06 00:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL 2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\program files\PDFCreator PL 2009-04-17 21:31 . 2009-04-17 21:31 -------- d-----w c:\program files\MagicISO 2009-04-15 16:17 . 2009-04-15 16:18 -------- d-----w c:\program files\winLAME 2009-04-13 19:51 . 2009-04-17 12:19 -------- d-----w c:\documents and settings\Bob_\Application Data\Audacity 2009-04-13 08:33 . 2009-04-21 14:59 -------- d-----w c:\windows\system32\Adobe 2009-04-12 19:17 . 2009-04-12 19:17 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009 2009-04-12 19:15 . 2009-05-07 16:28 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009-04-12 18:55 . 2009-04-12 19:03 -------- d-----w c:\program files\Fichiers communs\SolidWorks Shared 2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\windows\system32\GroupPolicy 2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\program files\Fichiers communs\eDrawings2009 2009-04-12 18:55 . 2009-04-12 19:15 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks 2009-04-11 18:04 . 2009-04-11 18:04 -------- d-----w C:\rdm6 2009-04-11 17:10 . 2009-05-05 16:35 -------- d-----w C:\Toolbox Parts 2009-04-11 17:10 . 2009-04-12 19:19 -------- d-----w c:\program files\SolidWorks 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Graphisoft 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Graphisoft 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Application Data\Graphisoft 2009-04-10 09:10 . 2009-04-10 09:10 -------- d-----w c:\documents and settings\Bob_\Application Data\Notepad++ 2009-04-10 08:51 . 2009-04-10 08:51 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Identities . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-08 12:47 . 2002-09-07 00:00 80748 ----a-w c:\windows\system32\perfc00C.dat 2009-05-08 12:47 . 2002-09-07 00:00 500900 ----a-w c:\windows\system32\perfh00C.dat 2009-05-08 10:10 . 2009-03-01 13:42 96648 ----a-w c:\documents and settings\Bob_\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-08 09:50 . 2002-09-07 00:00 67 --sha-w c:\windows\Fonts\desktop.ini 2009-05-08 09:49 . 2009-03-01 12:12 23032 ----a-w c:\windows\system32\emptyregdb.dat 2009-05-05 21:23 . 2009-03-22 12:14 1210264 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-05 10:21 . 2009-03-01 14:07 96648 ----a-w c:\documents and settings\INTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 10:21 . 2009-04-04 09:47 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys 2009-04-23 15:11 . 2009-03-02 07:30 -------- d-----w c:\program files\MSN Messenger 2009-04-23 15:10 . 2009-03-06 19:32 -------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller 2009-04-12 18:55 . 2009-03-09 18:20 -------- d-----w c:\program files\AGEIA Technologies 2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Fichiers communs\PAC207 2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Aitinc 2009-04-08 10:27 . 2009-03-01 13:36 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-04 09:47 . 2009-04-04 09:47 -------- d-----w c:\program files\Avira 2009-04-04 08:34 . 2009-04-04 08:34 -------- d-----w c:\program files\Kaspersky Lab 2009-04-04 08:09 . 2009-04-04 08:26 1310720 ----a-w c:\windows\Internet Logs\xDBF.tmp 2009-04-04 08:09 . 2009-04-04 08:26 8192 ----a-w c:\windows\Internet Logs\xDBE.tmp 2009-04-04 08:08 . 2009-04-04 08:09 1384960 ----a-w c:\windows\Internet Logs\xDBD.tmp 2009-04-04 08:08 . 2009-04-04 08:09 32768 ----a-w c:\windows\Internet Logs\xDBC.tmp 2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBB.tmp 2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBA.tmp 2009-04-04 07:51 . 2009-04-04 08:05 15360 ----a-w c:\windows\Internet Logs\xDB9.tmp 2009-04-04 07:49 . 2009-04-04 07:51 1355264 ----a-w c:\windows\Internet Logs\xDB8.tmp 2009-04-04 07:49 . 2009-04-04 07:51 27136 ----a-w c:\windows\Internet Logs\xDB7.tmp 2009-04-04 07:44 . 2009-04-04 07:46 13824 ----a-w c:\windows\Internet Logs\xDB5.tmp 2009-04-04 07:44 . 2009-04-04 07:46 1328640 ----a-w c:\windows\Internet Logs\xDB6.tmp 2009-04-04 07:43 . 2009-04-04 07:44 43008 ----a-w c:\windows\Internet Logs\xDB2.tmp 2009-04-04 07:43 . 2009-04-04 07:44 1871872 ----a-w c:\windows\Internet Logs\xDB3.tmp 2009-04-04 07:41 . 2009-04-04 07:42 1875968 ----a-w c:\windows\Internet Logs\xDB1.tmp 2009-04-04 07:38 . 2009-04-04 07:44 1870848 ----a-w c:\windows\Internet Logs\xDB4.tmp 2009-04-04 07:38 . 2009-04-04 07:36 4212 ---ha-w c:\windows\system32\zllictbl.dat 2009-04-03 18:43 . 2009-04-03 18:43 -------- d-----w c:\program files\Zone Labs 2009-04-02 17:49 . 2009-04-02 17:49 83008 ----a-w c:\documents and settings\Papa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-02 15:32 . 2009-04-02 15:32 155648 ----a-w c:\windows\system32\SDCtrls.dll 2009-04-01 21:37 . 2009-04-01 21:37 290816 ------w c:\windows\Setup1.exe 2009-04-01 21:37 . 2009-04-01 21:37 74752 ----a-w c:\windows\ST6UNST.EXE 2009-04-01 11:28 . 2009-04-01 11:27 -------- d-----w c:\program files\QuickTime 2009-04-01 11:23 . 2009-03-31 09:41 -------- d-----w c:\program files\Graphisoft 2009-03-31 18:02 . 2009-03-31 18:00 -------- d-----w c:\program files\Fichiers communs\Ahead 2009-03-31 18:00 . 2009-03-31 18:00 -------- d-----w c:\program files\Nero 2009-03-31 11:16 . 2009-03-31 11:16 -------- d-----w c:\program files\WIBUKEY 2009-03-31 11:11 . 2009-03-31 11:17 57552 ----a-w c:\windows\system32\WkDos.exe 2009-03-31 11:11 . 2009-03-31 11:17 516096 ----a-w c:\windows\system32\WibuXpm4J32.dll 2009-03-31 11:11 . 2009-03-31 11:17 479232 ----a-w c:\windows\system32\wibuKJni.dll 2009-03-31 11:11 . 2009-03-31 11:17 348160 ----a-w c:\windows\system32\WkExt32.dll 2009-03-31 11:11 . 2009-03-31 11:17 16384 ----a-w c:\windows\system32\drivers\Wibukey2.sys 2009-03-31 11:11 . 2009-03-31 11:17 72704 ----a-w c:\windows\system32\drivers\WibuKey.sys 2009-03-31 11:11 . 2009-03-31 11:17 159744 ----a-w c:\windows\system32\WkWin32.dll 2009-03-31 09:45 . 2009-03-31 09:45 -------- d-----w c:\program files\WIBU-SYSTEMS 2009-03-31 09:44 . 2009-03-31 09:44 -------- d-----w c:\program files\Apple Software Update 2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Java 2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Fichiers communs\Java 2009-03-26 15:11 . 2009-03-26 15:11 -------- d-----w c:\program files\EnGenius 2009-03-25 12:28 . 2009-03-25 12:28 -------- d-----w c:\program files\EPSON 2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\program files\ma-config.com 2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com 2009-03-24 17:10 . 2009-03-24 17:10 -------- d-----w c:\program files\DigitalPeers 2009-03-22 12:14 . 2009-03-22 12:14 -------- d-----w c:\program files\MSBuild 2009-03-22 12:13 . 2009-03-22 12:13 -------- d-----w c:\program files\Reference Assemblies 2009-03-18 10:55 . 2009-03-02 07:42 -------- d-----w c:\program files\Messenger Plus! Live 2009-03-16 11:53 . 2009-03-16 11:53 -------- d-----w c:\program files\GIMP-2.0 2009-03-10 18:26 . 2009-03-10 18:26 -------- d-----w c:\program files\EA GAMES 2009-03-10 12:22 . 2009-03-02 07:08 -------- d-----w c:\program files\Winamp 2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Fichiers communs\Macromedia 2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Macromedia 2009-03-10 12:19 . 2009-03-02 07:16 -------- d-----w c:\program files\Fichiers communs\InstallShield 2009-03-09 18:19 . 2009-03-09 18:19 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2009-03-09 18:19 . 2009-03-09 18:19 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys 2009-03-05 12:34 . 2009-03-05 12:34 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-03-03 12:25 . 2009-03-01 12:14 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-03 11:05 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-03-02 07:16 . 2009-03-02 07:16 319488 ----a-w c:\windows\HideWin.exe 2009-03-02 07:06 . 2009-03-02 07:04 10368 ----a-w c:\windows\system32\drivers\pfc.sys 2009-03-01 17:12 . 2009-03-01 17:12 0 ----a-w c:\windows\nsreg.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-03 206088] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 99840] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\Bob_\Menu D‚marrer\Programmes\D‚marrage\ Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-9-9 841000] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\eMule\\emule.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2009 10:47 108289] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] R3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [08/04/2009 11:27 616064] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [09/09/2008 06:01 79144] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}] \Shell\AutoRun\command - J:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}] \Shell\AutoRun\command - L:\setupSNK.exe . Contenu du dossier 'Tâches planifiées' 2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] 2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Examen supplémentaire ------- . IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm IE: &Tout télécharger avec FlashGet - k:\progra~1\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - k:\progra~1\FlashGet\jc_link.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {F5D79831-1767-4B49-8D11-11492C360F56} = 208.67.222.222 193.55.10.102 FF - ProfilePath - c:\documents and settings\Bob_\Application Data\Mozilla\Firefox\Profiles\wyo4od69.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.google.fr FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-08 15:41 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1177238915-1500820517-1606980848-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\" "HistoryDir"="c:\\Documents and Settings\\Bob_\\Bureau\\fm\\FM-Genie-Scout-1.0-b103\\History Points" "LangDB"="" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="34-8400-E71F" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:0000001c . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3972) c:\windows\system32\ieframe.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA c:\program files\WIBU-SYSTEMS\System\WibuShellExt.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Graphisoft\ArchiCAD 12\GSShellX32.dll c:\windows\system32\igfxpph.dll c:\windows\system32\hccutils.DLL . Heure de fin: 2009-05-08 15:42 ComboFix-quarantined-files.txt 2009-05-08 14:42 ComboFix2.txt 2009-05-08 14:08 ComboFix3.txt 2009-05-08 13:38 Avant-CF: 12 789 465 088 octets libres Après-CF: 12 776 800 256 octets libres 292 --- E O F --- 2009-03-06 17:43
  3. le lecteur F est une partition (NTFS) que j'ai crée pour y installer Ubuntu il est installé depuis le livecd sous windows, je te post ce que me renvoi Systeme look tout de suite.. EDIT: Voila : SystemLook v1.0 by jpshortstuff (24.04.09) Log created at 15:13 on 08/05/2009 by Bob_ (Administrator - Elevation successful) ========== filefind ========== Searching for "winfile.jpg" No files found. Searching for "*winfile.jpg*" No files found. -=End Of File=-
  4. Merci pour la rapidité de la reponse j'arrive déja a acceder au gestionnaire des taches et autres je n'ai plus que le message au démarrage sinon ça semble déja aller mieux lol, pour le rapport voila ce que ça donne: ComboFix 09-05-07.A0 - Bob_ 08/05/2009 14:30.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.374 [GMT 1:00] Lancé depuis: c:\documents and settings\Bob_\Bureau\downthmall\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Bob_\Application Data\BITS c:\documents and settings\Bob_\Application Data\BITS\BITS.ini c:\documents and settings\Bob_\Application Data\BITS\DHTTable.dat c:\documents and settings\Bob_\Application Data\BITS\ProxyList.ini c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305162604.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305162901.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182704.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090315130414.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090315130414.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090315130414.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090331123411.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090331123411.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401171329.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401171329.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403161702.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403161702.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403171702.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403171702.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090418194626.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090418194626.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090418194626.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233001.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233001.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233001.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.~tmp c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.bits c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.filelist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.hybridlist c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.seeds c:\documents and settings\Bob_\Application Data\BITS\UPnP.ini c:\documents and settings\INTER\Application Data\BITS c:\documents and settings\INTER\Application Data\BITS\BITS.ini c:\documents and settings\INTER\Application Data\BITS\DHTTable.dat c:\documents and settings\INTER\Application Data\BITS\ProxyList.ini c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.~tmp c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.seeds c:\documents and settings\INTER\Application Data\BITS\Torrent\20090304120347.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090304120347.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090312102055.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090312102055.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314080642.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314080642.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314081200.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314081200.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182318.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182318.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182318.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182704.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182704.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090315130414.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090315130414.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180816.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180816.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180831.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180831.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180838.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180838.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090321142914.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090321142914.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.seeds c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent.~tmp c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401171329.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401171329.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401181329.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401181329.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403161702.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403161702.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.~tmp c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.seeds c:\documents and settings\INTER\Application Data\BITS\Torrent\20090411191800.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090411191800.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131857.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131857.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131901.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131901.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131904.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131904.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415132844.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415132844.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.~tmp c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.seeds c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416073349.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416073349.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.~tmp c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103514.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103514.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103554.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103554.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090418194626.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090418194626.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072833.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072833.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072836.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072836.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423073136.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423073136.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.~tmp c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.bits c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.filelist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.hybridlist c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.seeds c:\documents and settings\INTER\Application Data\BITS\UPnP.ini c:\program files\FlashGet Network c:\program files\FlashGet Network\FlashGet universal\btcore.dll c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49abae31.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ae6013.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ae720d.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49af7133.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49af714b.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49afef0c.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49afefbd.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49aff32d.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49b119a7.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49b8d3f7.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bb5782.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bb58c0.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bba4af.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bbe806.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bbe8e8.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bbe8f0.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bceebe.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49be8780.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49be878f.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49be8796.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49c4ebaa.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ca2fa0.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49cca834.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d07e2d.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d1f1a3.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d392a9.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d6286e.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d6ed0e.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e0ded8.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e47f31.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e47f35.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e47f38.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e5d2fc.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e625d9.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e6d14d.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e7992c.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e84d52.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e84d7a.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ea2002.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49eee8f3.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f00a91.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f00a94.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f00b48.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f19247.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f33d80.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f54fcc.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f5503f.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f74707.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f774ca.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f94324.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fb07bd.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fbef64.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fc8f12.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fc8f16.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fd4bae.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1ae3.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1ae9.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1b00.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1b04.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1b08.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4a013574.torrent c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4a0200fc.torrent c:\program files\FlashGet Network\FlashGet universal\btwrap.dll c:\program files\FlashGet Network\FlashGet universal\BugReport.dll c:\program files\FlashGet Network\FlashGet universal\BugReport.exe c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll c:\program files\FlashGet Network\FlashGet universal\fgoption.ini c:\program files\FlashGet Network\FlashGet universal\FGVer.dll c:\program files\FlashGet Network\FlashGet universal\flashget.exe c:\program files\FlashGet Network\FlashGet universal\gt.exe c:\program files\FlashGet Network\FlashGet universal\hashgen.dll c:\program files\FlashGet Network\FlashGet universal\Help\license.txt c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini c:\program files\FlashGet Network\FlashGet universal\libupnp.dll c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_0.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_1.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_2.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_3.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_4.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_5.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_6.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_7.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_8.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_9.jpg c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo.ini c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo.jpg c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo.zip c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\storage.dll c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe c:\program files\FlashGet Network\FlashGet universal\transaction.log c:\program files\FlashGet Network\FlashGet universal\uninst.exe c:\program files\FlashGet Network\FlashGet universal\zlib.dll F:\Autorun.inf . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 )))))))))))))))))))))))))))))))))))) . 2009-05-08 11:27 . 2009-05-08 11:28 -------- d-----w C:\rsit 2009-05-08 10:10 . 2008-02-15 11:49 184320 ----a-w c:\windows\system32\igfxres.dll 2009-05-08 09:54 . 2002-09-07 00:00 31360 -c--a-w c:\windows\system32\dllcache\weitekp9.sys 2009-05-08 09:54 . 2002-09-07 00:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll 2009-05-08 09:54 . 2008-04-13 17:33 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll 2009-05-08 09:54 . 2002-09-07 00:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll 2009-05-08 09:54 . 2008-04-13 17:33 77824 -c--a-w c:\windows\system32\dllcache\wam51.dll 2009-05-08 09:54 . 2008-04-13 17:33 367104 -c--a-w c:\windows\system32\dllcache\w3svc.dll 2009-05-08 09:54 . 2002-09-07 00:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll 2009-05-08 09:54 . 2002-09-07 00:00 74240 -c--a-w c:\windows\system32\dllcache\w3ext.dll 2009-05-08 09:54 . 2002-09-07 00:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll 2009-05-08 09:54 . 2002-09-07 00:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll 2009-05-08 09:54 . 2008-04-13 17:32 86073 -c--a-w c:\windows\system32\dllcache\voicesub.dll 2009-05-08 09:54 . 2008-04-13 17:32 426041 -c--a-w c:\windows\system32\dllcache\voicepad.dll 2009-05-08 09:52 . 2008-04-13 17:33 23040 -c--a-w c:\windows\system32\dllcache\lpdsvc.dll 2009-05-08 09:51 . 2002-09-07 00:00 7168 -c--a-w c:\windows\system32\dllcache\wamregps.dll 2009-05-08 09:40 . 2002-09-07 00:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll 2009-05-08 09:40 . 2002-09-07 00:00 13312 ----a-w c:\windows\system32\irclass.dll 2009-05-08 09:40 . 2002-09-07 00:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll 2009-05-08 09:40 . 2002-09-07 00:00 24661 ----a-w c:\windows\system32\spxcoins.dll 2009-05-07 22:33 . 2009-05-07 22:33 -------- d-----w c:\program files\Bazooka Scanner 2009-05-07 22:22 . 2009-05-07 22:22 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\documents and settings\Bob_\Application Data\Skype 2009-05-01 20:59 . 2009-05-01 21:03 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Skype 2009-04-27 20:25 . 2009-04-27 20:25 -------- d-----w c:\program files\WinAVI MP4 Converter 2009-04-24 11:51 . 2009-04-24 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor 2009-04-24 11:33 . 2009-04-24 11:33 230432 ----a-w C:\PA207.DAT 2009-04-23 13:35 . 2009-04-24 11:50 -------- d-----w c:\documents and settings\INTER\Application Data\GetRightToGo 2009-04-19 07:41 . 2009-04-19 07:41 -------- d-----w c:\windows\system32\config\systemprofile\Application DataPDFcreator 2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\documents and settings\Bob_\Application Data\PDFCreator 2009-04-18 19:32 . 2005-04-20 19:08 196608 ----a-w c:\windows\system32\PDFSpooler.exe 2009-04-18 19:32 . 2001-10-28 16:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll 2009-04-18 19:32 . 1998-07-06 16:56 125712 ----a-w c:\windows\system32\VB6DE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 158208 ----a-w c:\windows\system32\MSCMCDE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 64512 ----a-w c:\windows\system32\MSCC2DE.DLL 2009-04-18 19:32 . 1998-07-06 16:55 33792 ----a-w c:\windows\system32\CMDLGDE.DLL 2009-04-18 19:32 . 1998-07-06 00:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL 2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\program files\PDFCreator PL 2009-04-17 21:31 . 2009-04-17 21:31 -------- d-----w c:\program files\MagicISO 2009-04-15 16:17 . 2009-04-15 16:18 -------- d-----w c:\program files\winLAME 2009-04-13 19:51 . 2009-04-17 12:19 -------- d-----w c:\documents and settings\Bob_\Application Data\Audacity 2009-04-13 08:33 . 2009-04-21 14:59 -------- d-----w c:\windows\system32\Adobe 2009-04-12 19:17 . 2009-04-12 19:17 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009 2009-04-12 19:15 . 2009-05-07 16:28 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009-04-12 18:55 . 2009-04-12 19:03 -------- d-----w c:\program files\Fichiers communs\SolidWorks Shared 2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\windows\system32\GroupPolicy 2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\program files\Fichiers communs\eDrawings2009 2009-04-12 18:55 . 2009-04-12 19:15 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks 2009-04-11 18:04 . 2009-04-11 18:04 -------- d-----w C:\rdm6 2009-04-11 17:10 . 2009-05-05 16:35 -------- d-----w C:\Toolbox Parts 2009-04-11 17:10 . 2009-04-12 19:19 -------- d-----w c:\program files\SolidWorks 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Graphisoft 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Graphisoft 2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Application Data\Graphisoft 2009-04-10 09:10 . 2009-04-10 09:10 -------- d-----w c:\documents and settings\Bob_\Application Data\Notepad++ 2009-04-10 08:51 . 2009-04-10 08:51 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Identities . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-08 12:47 . 2002-09-07 00:00 80748 ----a-w c:\windows\system32\perfc00C.dat 2009-05-08 12:47 . 2002-09-07 00:00 500900 ----a-w c:\windows\system32\perfh00C.dat 2009-05-08 10:10 . 2009-03-01 13:42 96648 ----a-w c:\documents and settings\Bob_\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-08 09:50 . 2002-09-07 00:00 67 --sha-w c:\windows\Fonts\desktop.ini 2009-05-08 09:49 . 2009-03-01 12:12 23032 ----a-w c:\windows\system32\emptyregdb.dat 2009-05-05 21:23 . 2009-03-22 12:14 1210264 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-05 10:21 . 2009-03-01 14:07 96648 ----a-w c:\documents and settings\INTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 10:21 . 2009-04-04 09:47 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys 2009-04-23 15:11 . 2009-03-02 07:30 -------- d-----w c:\program files\MSN Messenger 2009-04-23 15:10 . 2009-03-06 19:32 -------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller 2009-04-12 18:55 . 2009-03-09 18:20 -------- d-----w c:\program files\AGEIA Technologies 2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Fichiers communs\PAC207 2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Aitinc 2009-04-08 10:27 . 2009-03-01 13:36 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-04 09:47 . 2009-04-04 09:47 -------- d-----w c:\program files\Avira 2009-04-04 08:34 . 2009-04-04 08:34 -------- d-----w c:\program files\Kaspersky Lab 2009-04-04 08:09 . 2009-04-04 08:26 1310720 ----a-w c:\windows\Internet Logs\xDBF.tmp 2009-04-04 08:09 . 2009-04-04 08:26 8192 ----a-w c:\windows\Internet Logs\xDBE.tmp 2009-04-04 08:08 . 2009-04-04 08:09 1384960 ----a-w c:\windows\Internet Logs\xDBD.tmp 2009-04-04 08:08 . 2009-04-04 08:09 32768 ----a-w c:\windows\Internet Logs\xDBC.tmp 2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBB.tmp 2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBA.tmp 2009-04-04 07:51 . 2009-04-04 08:05 15360 ----a-w c:\windows\Internet Logs\xDB9.tmp 2009-04-04 07:49 . 2009-04-04 07:51 1355264 ----a-w c:\windows\Internet Logs\xDB8.tmp 2009-04-04 07:49 . 2009-04-04 07:51 27136 ----a-w c:\windows\Internet Logs\xDB7.tmp 2009-04-04 07:44 . 2009-04-04 07:46 13824 ----a-w c:\windows\Internet Logs\xDB5.tmp 2009-04-04 07:44 . 2009-04-04 07:46 1328640 ----a-w c:\windows\Internet Logs\xDB6.tmp 2009-04-04 07:43 . 2009-04-04 07:44 43008 ----a-w c:\windows\Internet Logs\xDB2.tmp 2009-04-04 07:43 . 2009-04-04 07:44 1871872 ----a-w c:\windows\Internet Logs\xDB3.tmp 2009-04-04 07:41 . 2009-04-04 07:42 1875968 ----a-w c:\windows\Internet Logs\xDB1.tmp 2009-04-04 07:38 . 2009-04-04 07:44 1870848 ----a-w c:\windows\Internet Logs\xDB4.tmp 2009-04-04 07:38 . 2009-04-04 07:36 4212 ---ha-w c:\windows\system32\zllictbl.dat 2009-04-03 18:43 . 2009-04-03 18:43 -------- d-----w c:\program files\Zone Labs 2009-04-02 17:49 . 2009-04-02 17:49 83008 ----a-w c:\documents and settings\Papa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-02 15:32 . 2009-04-02 15:32 155648 ----a-w c:\windows\system32\SDCtrls.dll 2009-04-01 21:37 . 2009-04-01 21:37 290816 ------w c:\windows\Setup1.exe 2009-04-01 21:37 . 2009-04-01 21:37 74752 ----a-w c:\windows\ST6UNST.EXE 2009-04-01 11:28 . 2009-04-01 11:27 -------- d-----w c:\program files\QuickTime 2009-04-01 11:23 . 2009-03-31 09:41 -------- d-----w c:\program files\Graphisoft 2009-03-31 18:02 . 2009-03-31 18:00 -------- d-----w c:\program files\Fichiers communs\Ahead 2009-03-31 18:00 . 2009-03-31 18:00 -------- d-----w c:\program files\Nero 2009-03-31 11:16 . 2009-03-31 11:16 -------- d-----w c:\program files\WIBUKEY 2009-03-31 11:11 . 2009-03-31 11:17 57552 ----a-w c:\windows\system32\WkDos.exe 2009-03-31 11:11 . 2009-03-31 11:17 516096 ----a-w c:\windows\system32\WibuXpm4J32.dll 2009-03-31 11:11 . 2009-03-31 11:17 479232 ----a-w c:\windows\system32\wibuKJni.dll 2009-03-31 11:11 . 2009-03-31 11:17 348160 ----a-w c:\windows\system32\WkExt32.dll 2009-03-31 11:11 . 2009-03-31 11:17 16384 ----a-w c:\windows\system32\drivers\Wibukey2.sys 2009-03-31 11:11 . 2009-03-31 11:17 72704 ----a-w c:\windows\system32\drivers\WibuKey.sys 2009-03-31 11:11 . 2009-03-31 11:17 159744 ----a-w c:\windows\system32\WkWin32.dll 2009-03-31 09:45 . 2009-03-31 09:45 -------- d-----w c:\program files\WIBU-SYSTEMS 2009-03-31 09:44 . 2009-03-31 09:44 -------- d-----w c:\program files\Apple Software Update 2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Java 2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Fichiers communs\Java 2009-03-26 15:11 . 2009-03-26 15:11 -------- d-----w c:\program files\EnGenius 2009-03-25 12:28 . 2009-03-25 12:28 -------- d-----w c:\program files\EPSON 2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\program files\ma-config.com 2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com 2009-03-24 17:10 . 2009-03-24 17:10 -------- d-----w c:\program files\DigitalPeers 2009-03-22 12:14 . 2009-03-22 12:14 -------- d-----w c:\program files\MSBuild 2009-03-22 12:13 . 2009-03-22 12:13 -------- d-----w c:\program files\Reference Assemblies 2009-03-18 10:55 . 2009-03-02 07:42 -------- d-----w c:\program files\Messenger Plus! Live 2009-03-16 11:53 . 2009-03-16 11:53 -------- d-----w c:\program files\GIMP-2.0 2009-03-10 18:26 . 2009-03-10 18:26 -------- d-----w c:\program files\EA GAMES 2009-03-10 12:22 . 2009-03-02 07:08 -------- d-----w c:\program files\Winamp 2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Fichiers communs\Macromedia 2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Macromedia 2009-03-10 12:19 . 2009-03-02 07:16 -------- d-----w c:\program files\Fichiers communs\InstallShield 2009-03-09 18:19 . 2009-03-09 18:19 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard 2009-03-09 18:19 . 2009-03-09 18:19 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys 2009-03-05 12:34 . 2009-03-05 12:34 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-03-03 12:25 . 2009-03-01 12:14 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-03 11:05 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-03-02 07:16 . 2009-03-02 07:16 319488 ----a-w c:\windows\HideWin.exe 2009-03-02 07:06 . 2009-03-02 07:04 10368 ----a-w c:\windows\system32\drivers\pfc.sys 2009-03-01 17:12 . 2009-03-01 17:12 0 ----a-w c:\windows\nsreg.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-03 206088] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 99840] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "CTFMON"="c:\windows\system32\wscript.exe" [2008-04-13 155648] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\Bob_\Menu D‚marrer\Programmes\D‚marrage\ Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-9-9 841000] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "d:\\eMule\\emule.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2009 10:47 108289] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592] R3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [08/04/2009 11:27 616064] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [09/09/2008 06:01 79144] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}] \Shell\AutoRun\command - J:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9814a31e-3b02-11de-a7e3-001fd010b3e5}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}] \Shell\AutoRun\command - L:\setupSNK.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8CD3B31D-716D-5F87-05D4-10885C63CAA1}] c:\windows\system32\winxp.exe . Contenu du dossier 'Tâches planifiées' 2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] 2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Examen supplémentaire ------- . IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm IE: &Tout télécharger avec FlashGet - k:\progra~1\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - k:\progra~1\FlashGet\jc_link.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {F5D79831-1767-4B49-8D11-11492C360F56} = 208.67.222.222 193.55.10.102 FF - ProfilePath - c:\documents and settings\Bob_\Application Data\Mozilla\Firefox\Profiles\wyo4od69.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.google.fr FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-08 14:36 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1177238915-1500820517-1606980848-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\" "HistoryDir"="c:\\Documents and Settings\\Bob_\\Bureau\\fm\\FM-Genie-Scout-1.0-b103\\History Points" "LangDB"="" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000000 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="34-8400-E71F" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:0000001c . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(316) c:\windows\system32\ieframe.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll c:\program files\WIBU-SYSTEMS\System\WibuShellExt.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA c:\program files\Graphisoft\ArchiCAD 12\GSShellX32.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\PAStiSvc.exe c:\windows\system32\igfxsrvc.exe c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-05-08 14:38 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-08 13:38 Avant-CF: 11 913 191 424 octets libres Après-CF: 12 805 779 456 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect c:\wubildr.mbr="Ubuntu" 1006 --- E O F --- 2009-03-06 17:43
  5. Bonjour, Mon pc a été infecté par le (Cheval de troie?) backdoor.win32.bifrose et depuis je ne peux plus : Restaurer mon systeme, acceder au gestionnaire des taches... etc.. a chaque fois que j'essay j'ai un message d'erreur "Impossible de trouver le fichier script... ". J'ai visiter une topic traitant du meme sujet ici : http://forum.zebulon.fr/infection-backdoorwin32bifrose-resolu-t159232.html&pid=1349286&mode=threaded#entry1349286 Voila mon info.txt: info.txt logfile of random's system information tool 1.06 2009-05-08 12:28:17 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->MsiExec /X{7104189A-C592-4A56-AC9E-7C0CA135DA3C} -->MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ACDSee Pro-->MsiExec.exe /I{F99F74B4-972B-4B06-B893-6B3B0DB0128B} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe AGEIA PhysX v6.10.25-->MsiExec.exe /X{7104189A-C592-4A56-AC9E-7C0CA135DA3C} AP Tuner 3.08-->"D:\Program Files\AP Tuner\AP Tuner 3.08\uninstall.exe" Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} ArchiCAD 12 FRA-->C:\Program Files\Graphisoft\ArchiCAD 12\Uninstall.AC\uninstaller.exe ASIO4ALL-->D:\Program Files\ASIO4ALL v2\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Audacity 1.3.5 (Unicode)-->"D:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Bazooka Scanner-->"C:\Program Files\Bazooka Scanner\Uninstall.exe" "C:\Program Files\Bazooka Scanner\install.log" Blender (remove only)-->"D:\Program Files\Blender Foundation\Blender\uninstall.exe" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u EasyPHP 2.0b1-->"D:\Program Files\EasyPHP 2.0b1\unins000.exe" eMulev0.49a.-MorphXTv11.0-->"D:\eMule\unins000.exe" EnGenius Wireless LAN-->C:\Program Files\InstallShield Installation Information\{34CD65DD-3271-4C7B-B029-1670A65DA381}\setup.exe -runfromtemp -l0x0009 -removeonly EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R FileZilla Client 3.2.2.1-->D:\Program Files\FileZilla FTP Client\uninstall.exe FL Studio 8-->D:\Program Files\Image-Line\FL Studio 8\uninstall.exe FlashGet 2.0-->C:\Program Files\FlashGet Network\FlashGet universal\uninst.exe GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly Guitar Pro 5.0-->"D:\Program Files\Guitar Pro 5\unins000.exe" HijackThis 2.0.2-->"C:\Documents and Settings\BoB\Bureau\Downloads\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} K-Lite Codec Pack 2.89 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe Loop12 V2-->D:\Program Files\Loop12 V2\Uninstal.exe Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3} Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D} Magic ISO Maker v5.5 (build 0276)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Notepad++-->C:\Program Files\Notepad++\uninstall.exe PC Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}\setup.exe" -l0x9 -removeonly PDFCreator PL 0.8.0-->C:\Program Files\PDFCreator PL\unins000.exe PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121} REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Skype 1.1-->"C:\Program Files\Skype\Phone\unins000.exe" SolidWorks 2009 SP0-->MsiExec.exe /I{95317473-83DB-4E17-9848-353924D66813} The Sims 2 University - Crack-->D:\Program Files\EA GAMES\Les Sims 2 Académie\crack_uninst.exe Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe Ubuntu-->F:\ubuntu\Uninstall-Ubuntu.exe VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE} VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe Webcam Surveyor 1.7.5-->"D:\Program Files\Webcam Surveyor\unins000.exe" WIBU-KEY Setup (WIBU-KEY Remove)-->C:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161} Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" winLAME prerelease4-->MsiExec.exe /I{062BFFA1-0CCC-400B-B840-F162328D8C00} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ======Security center information====== AV: AntiVir Desktop AV: Kaspersky Anti-Virus (disabled) ======System event log====== Computer Name: BOB Event Code: 20158 Message: L'utilisateur hamzalyes a établi une connexion à Easy Adsl en utilisant le périphérique PPPoE4-0. Record Number: 7840 Source Name: RemoteAccess Time Written: 20090415110733.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 7036 Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution. Record Number: 7839 Source Name: Service Control Manager Time Written: 20090415110729.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL. Record Number: 7838 Source Name: Service Control Manager Time Written: 20090415110729.000000+060 Event Type: Informations User: AUTORITE NT\SERVICE LOCAL Computer Name: BOB Event Code: 7036 Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution. Record Number: 7837 Source Name: Service Control Manager Time Written: 20090415110729.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Hôte de périphérique universel Plug-and-Play. Record Number: 7836 Source Name: Service Control Manager Time Written: 20090415110729.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: BOB Event Code: 101 Message: msnmsgr (2544) Le moteur de base de données est arrêté. Record Number: 2120 Source Name: ESENT Time Written: 20090424211802.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 103 Message: msnmsgr (2544) \\.\C:\Documents and Settings\Bob_\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_E41C_DAB0_1CDA_7D4C\dfsr.db: Le moteur de base de données a arrêté une instance (0). Record Number: 2119 Source Name: ESENT Time Written: 20090424211802.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 7 Message: Récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> Record Number: 2118 Source Name: crypt32 Time Written: 20090424164823.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 102 Message: msnmsgr (2544) \\.\C:\Documents and Settings\Bob_\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_E41C_DAB0_1CDA_7D4C\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0). Record Number: 2117 Source Name: ESENT Time Written: 20090424164805.000000+060 Event Type: Informations User: Computer Name: BOB Event Code: 100 Message: msnmsgr (2544) Le moteur de base de données 5.01.2600.5512 est démarré. Record Number: 2116 Source Name: ESENT Time Written: 20090424164805.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip -----------------EOF----------------- et log.txt -------------------------------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Bob_ at 2009-05-08 12:27:55 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 11 GB (29%) free of 38 GB Total RAM: 1015 MB (24% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:28:15, on 08/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\PixArt\PAC207\Monitor.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\Program Files\Avira\AntiVir Desktop\avnotify.exe D:\eMule\emule.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Bob_\Bureau\downthmall\RSIT.exe C:\Documents and Settings\BoB\Bureau\Downloads\Bob_.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - K:\PROGRA~1\FlashGet\jccatch.dll (file missing) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [regdiit] C:\WINDOWS\system32\winxp.exe O4 - HKLM\..\Run: [CTFMON] C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg O4 - HKLM\..\Run: [svchost2] C:\WINDOWS\system32\winxp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: &Tout télécharger avec FlashGet - K:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - K:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{F5D79831-1767-4B49-8D11-11492C360F56}: NameServer = 208.67.222.222 193.55.10.102 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 8428 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job C:\WINDOWS\tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}] FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}] FGCatchUrl - K:\PROGRA~1\FlashGet\jccatch.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-03-03 206088] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-04-01 36352] "EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-14 99840] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-10-19 286720] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488] "Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488] "regdiit"=C:\WINDOWS\system32\winxp.exe [] "CTFMON"=C:\WINDOWS\system32\wscript.exe [2008-04-13 155648] "svchost2"=C:\WINDOWS\system32\winxp.exe [] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] C:\Documents and Settings\Bob_\Menu Démarrer\Programmes\Démarrage Moteur du Planificateur de tâches SolidWorks.lnk - C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-11-11 218376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\eMule\emule.exe"="D:\eMule\emule.exe:*:Enabled:eMuleMorphXT" "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2" "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate" "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx" "K:\Program Files\FlashGet\flashget.exe"="K:\Program Files\FlashGet\flashget.exe:*:Enabled:FlashGet" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}] shell\AutoRun\command - J:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9814a31e-3b02-11de-a7e3-001fd010b3e5}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a406b914-22da-11de-a780-806d6172696f}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}] shell\AutoRun\command - L:\setupSNK.exe ======File associations====== .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2009-05-08 12:27:55 ----D---- C:\rsit 2009-05-08 11:10:19 ----A---- C:\WINDOWS\system32\igfxres.dll 2009-05-08 11:08:26 ----D---- C:\WINDOWS\Prefetch 2009-05-08 10:51:30 ----A---- C:\AUTOEXEC.BAT 2009-05-08 10:51:20 ----A---- C:\WINDOWS\OEWABLog.txt 2009-05-08 10:50:23 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-05-08 10:40:01 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-05-08 10:40:01 ----A---- C:\WINDOWS\system32\irclass.dll 2009-05-08 10:39:38 ----RA---- C:\WINDOWS\SET89.tmp 2009-05-08 10:39:36 ----RA---- C:\WINDOWS\SET7D.tmp 2009-05-08 10:39:34 ----RA---- C:\WINDOWS\SET7A.tmp 2009-05-08 10:38:59 ----A---- C:\WINDOWS\setuplog.txt 2009-05-08 01:14:09 ----A---- C:\WINDOWS\ntbtlog.txt 2009-05-07 23:33:44 ----D---- C:\Program Files\Bazooka Scanner 2009-05-02 16:23:08 ----N---- C:\rs422.txt 2009-05-02 16:22:32 ----N---- C:\rs422.txt~ 2009-05-01 21:59:26 ----D---- C:\Documents and Settings\Bob_\Application Data\Skype 2009-05-01 21:59:26 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2009-05-01 21:59:17 ----D---- C:\Program Files\Skype 2009-04-27 21:25:34 ----D---- C:\Program Files\WinAVI MP4 Converter 2009-04-24 12:51:19 ----D---- C:\Documents and Settings\All Users\Application Data\WebacamSurveyor 2009-04-18 20:32:23 ----D---- C:\Documents and Settings\Bob_\Application Data\PDFCreator 2009-04-18 20:32:23 ----A---- C:\WINDOWS\system32\PDFSpooler.exe 2009-04-18 20:32:23 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll 2009-04-18 20:32:22 ----D---- C:\Program Files\PDFCreator PL 2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\VB6DE.DLL 2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL 2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\MSCMCDE.DLL 2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\MSCC2DE.DLL 2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\CMDLGDE.DLL 2009-04-17 22:31:10 ----D---- C:\Program Files\MagicISO 2009-04-15 17:17:59 ----D---- C:\Program Files\winLAME 2009-04-13 20:51:17 ----D---- C:\Documents and Settings\Bob_\Application Data\Audacity 2009-04-13 09:33:35 ----D---- C:\WINDOWS\system32\Adobe 2009-04-12 20:17:29 ----D---- C:\Documents and Settings\Bob_\Application Data\SolidWorks 2009 2009-04-12 20:15:01 ----D---- C:\Documents and Settings\Bob_\Application Data\SolidWorks 2009-04-12 19:55:36 ----D---- C:\Program Files\Fichiers communs\SolidWorks Shared 2009-04-12 19:55:22 ----D---- C:\WINDOWS\system32\GroupPolicy 2009-04-12 19:55:21 ----D---- C:\Program Files\Fichiers communs\eDrawings2009 2009-04-12 19:55:17 ----D---- C:\Documents and Settings\All Users\Application Data\SolidWorks 2009-04-11 19:04:07 ----D---- C:\rdm6 2009-04-11 18:29:28 ----D---- C:\Documents and Settings\Bob_\Application Data\Sun 2009-04-11 18:10:17 ----D---- C:\Toolbox Parts 2009-04-11 18:10:17 ----D---- C:\Program Files\SolidWorks 2009-04-10 10:11:40 ----D---- C:\Documents and Settings\Bob_\Application Data\Graphisoft 2009-04-10 10:10:15 ----D---- C:\Documents and Settings\Bob_\Application Data\Notepad++ ======List of files/folders modified in the last 1 months====== 2009-05-08 12:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-05-08 11:37:02 ----D---- C:\WINDOWS\system 2009-05-08 11:37:01 ----D---- C:\WINDOWS\system32\Setup 2009-05-08 11:37:00 ----D---- C:\WINDOWS\Help 2009-05-08 11:36:55 ----D---- C:\WINDOWS\L2Schemas 2009-05-08 11:36:54 ----D---- C:\WINDOWS\system32\usmt 2009-05-08 11:36:54 ----D---- C:\WINDOWS\system32\drivers 2009-05-08 11:36:44 ----D---- C:\WINDOWS\AppPatch 2009-05-08 11:36:43 ----D---- C:\WINDOWS\ehome 2009-05-08 11:36:42 ----D---- C:\WINDOWS\ime 2009-05-08 11:36:41 ----RSD---- C:\WINDOWS\Fonts 2009-05-08 11:36:41 ----D---- C:\WINDOWS\Media 2009-05-08 11:36:40 ----D---- C:\WINDOWS\Network Diagnostic 2009-05-08 11:36:38 ----D---- C:\WINDOWS\system32\fr-fr 2009-05-08 11:36:29 ----D---- C:\WINDOWS\PeerNet 2009-05-08 11:36:18 ----D---- C:\WINDOWS\system32\npp 2009-05-08 11:36:11 ----D---- C:\WINDOWS\msagent 2009-05-08 11:36:07 ----D---- C:\WINDOWS\system32\fr 2009-05-08 11:34:26 ----D---- C:\WINDOWS\system32\1036 2009-05-08 11:34:20 ----D---- C:\WINDOWS\twain_32 2009-05-08 11:34:11 ----D---- C:\WINDOWS\system32\icsxml 2009-05-08 11:33:49 ----D---- C:\WINDOWS\system32\1033 2009-05-08 11:32:56 ----D---- C:\WINDOWS\WinSxS 2009-05-08 11:32:56 ----D---- C:\WINDOWS\Driver Cache 2009-05-08 11:24:23 ----D---- C:\Program Files\Mozilla Firefox 2009-05-08 11:23:35 ----D---- C:\WINDOWS\Temp 2009-05-08 11:10:27 ----D---- C:\WINDOWS\Registration 2009-05-08 11:10:19 ----D---- C:\WINDOWS\system32 2009-05-08 11:10:03 ----HD---- C:\WINDOWS\inf 2009-05-08 11:09:36 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-08 11:09:34 ----SHD---- C:\System Volume Information 2009-05-08 11:09:34 ----D---- C:\WINDOWS\system32\Restore 2009-05-08 11:08:26 ----D---- C:\WINDOWS 2009-05-08 10:56:54 ----D---- C:\WINDOWS\system32\config 2009-05-08 10:54:59 ----D---- C:\WINDOWS\repair 2009-05-08 10:54:17 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-08 10:51:15 ----A---- C:\WINDOWS\ODBCINST.INI 2009-05-08 10:51:08 ----D---- C:\WINDOWS\Debug 2009-05-08 10:50:50 ----D---- C:\WINDOWS\system32\ias 2009-05-08 10:50:26 ----RD---- C:\WINDOWS\Web 2009-05-08 10:50:26 ----RD---- C:\Program Files 2009-05-08 10:50:17 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-05-08 10:50:06 ----A---- C:\WINDOWS\win.ini 2009-05-08 10:49:57 ----D---- C:\Program Files\Windows Media Player 2009-05-08 10:49:52 ----D---- C:\WINDOWS\system32\oobe 2009-05-08 10:49:47 ----D---- C:\Program Files\Internet Explorer 2009-05-08 10:49:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-08 10:49:11 ----D---- C:\WINDOWS\system32\Com 2009-05-08 10:48:45 ----D---- C:\WINDOWS\system32\wbem 2009-05-08 10:48:43 ----SHD---- C:\WINDOWS\Installer 2009-05-08 10:47:48 ----D---- C:\WINDOWS\security 2009-05-08 10:47:26 ----SH---- C:\boot.ini 2009-05-08 10:40:07 ----A---- C:\WINDOWS\system.ini 2009-05-08 10:39:54 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-05-08 10:39:40 ----D---- C:\WINDOWS\system32\CatRoot 2009-05-08 09:54:16 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-07 20:30:47 ----D---- C:\Documents and Settings\Bob_\Application Data\BITS 2009-05-07 18:25:20 ----A---- C:\WINDOWS\NeroDigital.ini 2009-05-07 17:55:50 ----D---- C:\Downloads 2009-04-25 17:39:21 ----D---- C:\Documents and Settings\Bob_\Application Data\dvdcss 2009-04-23 16:12:25 ----SHD---- C:\Config.Msi 2009-04-23 16:12:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-04-23 16:12:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-04-23 16:11:30 ----D---- C:\Program Files\MSN Messenger 2009-04-23 16:11:19 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-04-23 16:10:25 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2009-04-23 15:20:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2009-04-21 15:58:46 ----D---- C:\Documents and Settings\Bob_\Application Data\Adobe 2009-04-21 15:58:41 ----D---- C:\WINDOWS\system32\Macromed 2009-04-13 18:52:02 ----D---- C:\Documents and Settings\Bob_\Application Data\BraCa_Soft 2009-04-12 20:06:24 ----RSD---- C:\WINDOWS\assembly 2009-04-12 20:03:35 ----D---- C:\WINDOWS\system32\ShellExt 2009-04-12 19:55:36 ----D---- C:\Program Files\Fichiers communs 2009-04-12 19:55:21 ----D---- C:\Program Files\AGEIA Technologies 2009-04-11 18:12:53 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2009-04-11 18:10:41 ----D---- C:\Program Files\Microsoft Office 2009-04-10 09:51:22 ----SD---- C:\Documents and Settings\Bob_\Application Data\Microsoft 2009-04-09 11:06:13 ----SHD---- C:\RECYCLER ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-04-29 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-03-03 226832] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-04-29 55640] R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2009-03-31 72704] R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2005-12-18 44416] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288] R3 PAC207;PC Camera; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2007-10-25 616064] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-03-02 10368] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-11-09 452480] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-29 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-03-03 206088] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe [2008-09-09 79144] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-04-12 79360] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Voila ! Merci d'avance. PS : je suis sous Winxp Pro SP3, j'ai Avira Antivir comme antivirus et Ubuntu 8.1 en dualboot
×
×
  • Créer...