[Résolu] Malware récalcitrant (merci pear)

pear · le 1 mars 2008

ON dirait que bagle est revenu.

Relancez Combo-fix comme à mon message 4.

ellesé · le 1 mars 2008

ON dirait que bagle est revenu.

Relancez Combo-fix comme à mon message 4.

Heureusement mon PC s'est rallumé, grâce à "dernière bonne configuration connue".

Eh oui, Bagle est revenu !

Peut-on conclure que le dernier essai avec IE6 a réanimé Bagle sans connexion internet, ou lors de la connexion suivante, même après fermeture de IE ?

Voici le rapport Combo-Fix et Lop SD avant le dernier palntage.

ComboFix 08-02-25.2 - Lorenzo 2008-03-01 18:20:45.8 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.669 [GMT 1:00]

Endroit: C:\Documents and Settings\Lorenzo\Bureau\Combo-Fix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Previous Run -------

.

C:\WINDOWS\system32\drivers\down

C:\WINDOWS\system32\drivers\down\85687.exe

C:\WINDOWS\system32\drivers\hldrrr.exe

C:\WINDOWS\system32\drivers\srosa.sys

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\LEGACY_SROSA

-------\srosa

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))

.

2008-03-01 17:39 . 2008-03-01 17:39 <REP> d-------- C:\My Documents

2008-03-01 14:01 . 2008-03-01 14:11 <REP> d-------- C:\Lop SD

2008-02-29 23:46 . 2008-02-29 23:46 <REP> d-------- C:\WINDOWS\ERUNT

2008-02-29 23:39 . 2008-03-01 00:06 <REP> d-------- C:\SDFix

2008-02-29 23:24 . 2008-02-29 23:37 <REP> d-------- C:\Program Files\Navilog1

2008-02-25 00:23 . 2008-02-25 00:23 <REP> d-------- C:\TcpView

2008-02-25 00:14 . 2008-02-25 00:14 30,332 --a------ C:\EasyCleaner REG cleanup.htm

2008-02-25 00:03 . 2008-02-25 00:03 459,307 --a------ C:\EasyCleaner-Inutiles.htm

2008-02-24 22:56 . 2008-02-24 22:58 <REP> d-------- C:\Program Files\SpywareBlaster

2008-02-24 20:08 . 2008-02-24 20:08 <REP> d-------- C:\Program Files\ToniArts

2008-02-24 20:06 . 2008-02-27 12:41 <REP> d-------- C:\HijackThis

2008-02-23 19:46 . 2008-02-23 19:46 <REP> d-------- C:\Muestras

2008-02-14 21:49 . 2008-02-14 21:49 <REP> d-------- C:\Program Files\Avira

2008-02-14 21:49 . 2008-02-14 21:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira

2008-02-12 23:15 . 2008-02-12 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Uniblue

2008-02-10 22:48 . 2008-02-10 22:46 691,545 --a------ C:\WINDOWS\unins000.exe

2008-02-10 22:48 . 2008-02-10 22:48 3,453 --a------ C:\WINDOWS\unins000.dat

2008-02-10 22:15 . 2008-02-10 22:15 <REP> d-------- C:\Program Files\Fichiers communs\PC Tools

2008-02-10 22:14 . 2008-02-12 23:14 <REP> d-------- C:\Program Files\Spyware Doctor

2008-02-10 22:14 . 2008-02-10 22:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools

2008-02-10 22:14 . 2007-02-23 00:09 83,536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys

2008-02-10 22:14 . 2007-02-25 23:45 59,472 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys

2008-02-10 22:14 . 2007-02-19 18:13 52,304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys

2008-02-10 22:14 . 2007-02-19 18:13 39,248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys

2008-02-10 22:14 . 2007-02-23 07:13 26,064 --a------ C:\WINDOWS\system32\drivers\kcom.sys

2008-02-10 22:05 . 2008-02-10 22:05 <REP> d-------- C:\Program Files\CCleaner

2008-02-10 21:57 . 2006-06-08 20:00 116,864 --a------ C:\WINDOWS\system32\drivers\naiavf5x.sys

2008-02-10 21:57 . 2006-06-08 20:00 58,464 --a------ C:\WINDOWS\system32\drivers\mvstdi5x.sys

2008-02-10 21:56 . 2008-02-10 21:57 <REP> d-------- C:\Program Files\Network Associates

2008-02-10 21:56 . 2008-02-10 21:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Network Associates

2008-02-09 15:45 . 2008-02-09 15:45 <REP> d-------- C:\Program Files\DAMN NFO Viewer

2008-02-09 15:23 . 2008-02-09 15:23 <REP> d-------- C:\Documents and Settings\Lorenzo\Application Data\Reasonable Software House Ltd

2008-02-03 15:08 . 2008-02-03 15:08 <REP> d-------- C:\Program Files\Kalender

2008-02-03 15:08 . 2008-03-01 16:49 <REP> d-------- C:\Documents and Settings\Lorenzo\Application Data\UK's Kalender

2008-02-03 12:08 . 2008-02-03 12:09 <REP> d-------- C:\Program Files\iTunes

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-01 16:39 936 ----a-w C:\WP_VFR1.bin

2008-03-01 16:39 564 ----a-w C:\WP_FileList4AVFR.bin

2008-03-01 16:39 432 ----a-w C:\WP_FileList4SVFR.bin

2008-03-01 16:39 --------- d-----w C:\Program Files\WinPilot XP VFR

2008-03-01 15:49 28,256 ----a-w C:\WINDOWS\system32\drivers\MxlW2k.sys

2008-03-01 14:34 --------- d-----w C:\Program Files\AutoREALM

2008-03-01 14:27 --------- d-----w C:\Program Files\SPAMfighter

2008-02-24 23:07 --------- d-----w C:\Program Files\Norton Ghost

2008-02-24 23:07 --------- d-----w C:\Program Files\eMule

2008-02-24 21:09 15,360 ----a-w C:\WINDOWS\system32\dllcache\register.exe

2008-02-24 19:08 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-14 19:53 --------- d-----w C:\Program Files\Yahoo!

2008-02-14 08:00 --------- d-----w C:\Program Files\SecCopy

2008-02-12 23:09 --------- d-----w C:\Program Files\Uniblue

2008-02-12 23:09 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Uniblue

2008-02-12 22:14 --------- d-----w C:\Program Files\Miraizon

2008-02-12 22:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-02-11 06:29 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-02-10 21:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-02-10 20:56 --------- d-----w C:\Program Files\Fichiers communs\Network Associates

2008-02-07 15:48 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll

2008-02-07 15:48 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll

2008-02-07 15:48 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll

2008-02-04 20:59 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\AdobeUM

2008-02-03 11:09 --------- d-----w C:\Program Files\iPod

2008-02-03 11:05 --------- d-----w C:\Program Files\QuickTime

2008-01-27 21:06 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Media Player Classic

2008-01-27 21:00 --------- d-----w C:\Program Files\Combined Community Codec Pack

2008-01-26 13:56 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-01-19 09:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\RapidSolution

2008-01-18 22:08 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\SlySoft

2008-01-18 22:00 --------- d-----w C:\Program Files\SlySoft

2008-01-06 16:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle

2008-01-06 16:17 --------- d-----w C:\Program Files\Pinnacle

2008-01-06 16:05 --------- d-----w C:\Program Files\Avid

2008-01-06 15:37 --------- d-----w C:\Program Files\DivX

2008-01-04 21:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2008-01-04 20:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems

2008-01-04 17:58 --------- d-----w C:\Program Files\Logitech

2008-01-04 17:52 --------- d-----w C:\Program Files\InstantTimeZone

2008-01-04 17:47 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Ringtone

2008-01-04 17:36 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Lavasoft

2008-01-04 17:34 --------- d-----w C:\Program Files\DiscWizard 2003

2008-01-04 14:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft

2008-01-03 21:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\PicturesToExe

2008-01-03 21:40 --------- d-----w C:\Program Files\WnSoft PicturesToExe

2008-01-03 15:24 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\eMule

2007-12-22 14:24 39,424 ----a-w C:\WINDOWS\zipinst.exe

2006-12-24 15:30 94,880 ----a-w C:\Documents and Settings\Lorenzo\Application Data\GDIPFONTCACHEV1.DAT

2006-01-15 12:47 4 ----a-w C:\Program Files\SpeechMillLAIPTTSin.pol

2006-01-15 12:37 4 ----a-w C:\Program Files\SpeechMillLAIPTTSout.pol

2005-09-09 17:55 7,155,864 ----a-w C:\Program Files\NGhost10.msi

2005-09-09 17:55 37,766,164 ----a-w C:\Program Files\Data1.cab

2005-09-09 17:55 35 ----a-w C:\Program Files\SCSSDist.ini

2005-04-09 17:24 83,224 ------w C:\Documents and Settings\Adriana\Application Data\GDIPFONTCACHEV1.DAT

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]

"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [2008-01-29 10:13 1424648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe" [2008-03-01 18:01 147514]

"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2007-10-25 15:29 308880]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 00:07 8491008]

"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2008-03-01 18:01 94208]

"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2008-03-01 18:01 139320]

"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-01 18:01 249896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17 443968]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ :\WINDOWS\system3

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]

backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bootvis.lnk]

backup=C:\WINDOWS\pss\Bootvis.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Device Detector 2.lnk]

backup=C:\WINDOWS\pss\Device Detector 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HOTSYNCSHORTCUTNAME.lnk]

backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]

backup=C:\WINDOWS\pss\InstantTimeZone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Catherine^Menu Démarrer^Programmes^Démarrage^La Solution Associations Ciel.lnk]

backup=C:\WINDOWS\pss\La Solution Associations Ciel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Catherine^Menu Démarrer^Programmes^Démarrage^La Solution Enseignement Ciel.lnk]

backup=C:\WINDOWS\pss\La Solution Enseignement Ciel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Catherine^Menu Démarrer^Programmes^Démarrage^Palm Registration.lnk]

backup=C:\WINDOWS\pss\Palm Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lorenzo^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lorenzo^Menu Démarrer^Programmes^Démarrage^Anti-Pub.lnk]

backup=C:\WINDOWS\pss\Anti-Pub.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lorenzo^Menu Démarrer^Programmes^Démarrage^La Solution Enseignement Ciel.lnk]

backup=C:\WINDOWS\pss\La Solution Enseignement Ciel.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADUserMon]

--a------ 2002-09-24 15:39 147456 C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]

--a------ 2008-01-19 10:54 469504 C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

--a------ 2008-02-24 21:35 58984 C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]

--a------ 2004-02-05 13:45 510464 C:\WINDOWS\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]

--a------ 2004-01-07 15:14 2453504 C:\WINDOWS\CMICNFG.CPL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskup]

--a------ 2002-07-16 09:55 32768 C:\Program Files\Iomega\DriveIcons\deskup.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]

--a------ 2003-12-29 23:33 94208 C:\WINDOWS\Dit.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

--a------ 2003-05-16 00:41 163840 C:\Program Files\Microsoft IntelliPoint\point32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Drive Icons]

--a------ 2002-08-13 13:30 86016 C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2008-01-15 03:22 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kalender]

--a------ 2007-10-12 15:37 819200 C:\Program Files\Kalender\Kalender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]

--a------ 2004-02-03 17:15 5794816 C:\WINDOWS\CNYHKey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeScape Media Detector]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

--a------ 2004-01-20 12:50 188416 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

--a------ 2004-01-20 12:53 77824 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]

--a------ 2003-06-10 17:49 50688 C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]

--a------ 2004-02-04 16:09 53248 C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]

C:\Program Files\Microsoft Money\System\mnyexpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]

--------- 2005-10-11 18:25 1961984 C:\Program Files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]

--a------ 2005-09-09 18:09 1537648 C:\Program Files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2007-09-17 00:07 8491008 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2007-09-17 00:07 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2007-09-17 00:07 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

--a------ 2002-02-20 20:01 49152 C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--a------ 2004-02-26 10:08 61440 C:\Program Files\Home Cinema\PowerCinema\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

--a------ 2007-09-28 02:17 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]

--a------ 2004-03-10 23:26 406016 C:\WINDOWS\system32\\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRISMSTA.EXE]

--a------ 2004-01-14 16:09 215552 C:\WINDOWS\system32\PRISMSTA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Prism_Utility]

--a------ 2004-01-14 16:09 215552 C:\WINDOWS\system32\PRISMSTA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-01-10 15:27 385024 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

--a------ 2008-03-01 13:17 669776 C:\Program Files\Spyware Doctor\SDTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Second Copy 2000]

--a------ 2001-09-17 08:37 1134080 C:\PROGRA~1\SecCopy\SecCopy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

--a------ 2008-03-01 18:00 2385488 C:\Program Files\Spyware Doctor\swdoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2006-10-12 03:10 49263 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2006-09-21 05:05 757887 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

--a------ 2007-06-17 12:29 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue Registry Booster]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]

--a------ 2007-12-05 16:06 1885464 C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]

C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]

C:\Program Files\Yahoo!\Messenger\ypager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ccSetMgr"=2 (0x2)

"ccPwdSvc"=3 (0x3)

"ccEvtMgr"=2 (0x2)

"Norton Ghost"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"C:\\Program Files\\Avidyne\\FlightMax\\AviSysDL\\DataTransacServer.exe"=

"C:\\Program Files\\Avidyne\\FlightMax\\DatalinkClient.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

"C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\StudioU.mod"=

"C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\RM.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowOutboundDestinationUnreachable"= 1 (0x1)

"AllowOutboundSourceQuench"= 1 (0x1)

"AllowOutboundTimeExceeded"= 1 (0x1)

"AllowRedirect"= 1 (0x1)

R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2007-10-25 15:29]

R3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2007-06-21 07:32]

R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]

R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys [2002-04-24 12:07]

S1 atitray;atitray;C:\Program Files\Radeon Omega Drivers\v3.8.330\ATI Tray Tools\atitray.sys []

S3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]

S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2005-05-20 18:27]

S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2005-05-20 18:27]

S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [2005-05-20 18:28]

S3 IIUSBISP;USB Mass Storage for USB ISP;C:\WINDOWS\system32\Drivers\iiusbisp.sys []

S3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2003-05-22 19:44]

S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 10:47]

S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 09:31]

S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]

S3 VNUSB;VN Series Device;C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2003-12-15 17:22]

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-02-27 11:56:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-02-12 22:42:38 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"

- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe

"2008-03-01 16:32:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 18:21:46

Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès

Les fichiers cachés: 0

**************************************************************************

.

Temps d'accomplissement: 2008-03-01 18:22:32

ComboFix-quarantined-files.txt 2008-03-01 17:22:18

ComboFix2.txt 2008-03-01 11:38:51

ComboFix3.txt 2008-02-29 21:25:40

ComboFix4.txt 2008-02-28 22:27:15

ComboFix5.txt 2008-02-27 22:33:46

.

2008-01-27 13:55:01 --- E O F ---

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-----------------------------[ Lop S&D 4.0.2 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : Lorenzo ] [ "C:\Lop SD" ]

[ 01/03/2008 | 14:10:27,79 ] [ PC : NET-WXPHE ]

[ MAJ : 30-02-2008 | 00:12 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\Program Files\Viewpoint

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\.

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\..

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[27/02/2004|19:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help

[27/02/2004|18:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia

[28/02/2004|20:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/02/2004|17:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

[01/03/2008|12:34] C:\DOCUME~1\Adriana\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\Adriana\APPLIC~1\..

[09/11/2004|17:30] C:\DOCUME~1\Adriana\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\Adriana\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\Adriana\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\Adriana\APPLIC~1\Ahead

[29/12/2005|15:46] C:\DOCUME~1\Adriana\APPLIC~1\Apple Computer

[28/02/2004|16:26] C:\DOCUME~1\Adriana\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Adriana\APPLIC~1\desktop.ini

[09/04/2005|18:24] C:\DOCUME~1\Adriana\APPLIC~1\GDIPFONTCACHEV1.DAT

[17/09/2006|17:12] C:\DOCUME~1\Adriana\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\Adriana\APPLIC~1\Help

[31/12/2005|16:03] C:\DOCUME~1\Adriana\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Adriana\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\Adriana\APPLIC~1\Macromedia

[24/02/2007|17:38] C:\DOCUME~1\Adriana\APPLIC~1\Microsoft

[22/05/2006|17:53] C:\DOCUME~1\Adriana\APPLIC~1\PC Tools

[28/02/2004|17:58] C:\DOCUME~1\Adriana\APPLIC~1\Real

[22/04/2007|19:15] C:\DOCUME~1\Adriana\APPLIC~1\SPAMfighter

[27/03/2005|18:22] C:\DOCUME~1\Adriana\APPLIC~1\Yahoo!

[21/05/2005|13:47] C:\DOCUME~1\Adriana\APPLIC~1\Yahoo! Messenger

[01/03/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[01/03/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[18/03/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[04/01/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead

[11/08/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[23/06/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[07/04/2007|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk

[14/02/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[13/11/2005|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon

[03/09/2005|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel

[28/02/2004|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[03/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f7129022-a000-4847-db07-470265a73c4f

[11/09/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[28/12/2005|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync

[04/01/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

[12/02/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies

[10/02/2008|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates

[27/10/2007|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[06/01/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

[10/02/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools

[03/01/2008|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PicturesToExe

[06/01/2008|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle

[01/05/2007|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio

[12/01/2008|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache

[26/09/2004|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[19/01/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution

[27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[04/04/2004|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft

[14/01/2006|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc

[10/02/2008|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[12/09/2004|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir

[12/09/2004|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard

[25/03/2007|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[12/02/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[12/02/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Uniblue

[23/12/2005|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[24/02/2007|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[31/08/2005|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

[01/03/2008|12:34] C:\DOCUME~1\CATHER~1\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\CATHER~1\APPLIC~1\..

[29/03/2005|08:56] C:\DOCUME~1\CATHER~1\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\CATHER~1\APPLIC~1\Adobe

[13/01/2008|09:32] C:\DOCUME~1\CATHER~1\APPLIC~1\AdobeUM

[21/06/2007|07:33] C:\DOCUME~1\CATHER~1\APPLIC~1\Ahead

[12/02/2006|14:45] C:\DOCUME~1\CATHER~1\APPLIC~1\Apple Computer

[28/02/2004|16:26] C:\DOCUME~1\CATHER~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\CATHER~1\APPLIC~1\desktop.ini

[01/06/2006|17:40] C:\DOCUME~1\CATHER~1\APPLIC~1\GDIPFONTCACHEV1.DAT

[11/09/2006|18:48] C:\DOCUME~1\CATHER~1\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\CATHER~1\APPLIC~1\Help

[28/12/2005|12:49] C:\DOCUME~1\CATHER~1\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\CATHER~1\APPLIC~1\Identities

[30/10/2005|17:05] C:\DOCUME~1\CATHER~1\APPLIC~1\InstallShield

[30/12/2005|19:24] C:\DOCUME~1\CATHER~1\APPLIC~1\Leadertech

[28/02/2004|17:59] C:\DOCUME~1\CATHER~1\APPLIC~1\Macromedia

[07/06/2007|21:42] C:\DOCUME~1\CATHER~1\APPLIC~1\Microsoft

[06/06/2004|16:54] C:\DOCUME~1\CATHER~1\APPLIC~1\MSN6

[21/06/2007|07:33] C:\DOCUME~1\CATHER~1\APPLIC~1\PC Tools

[28/02/2004|17:58] C:\DOCUME~1\CATHER~1\APPLIC~1\Real

[12/09/2004|11:42] C:\DOCUME~1\CATHER~1\APPLIC~1\ScanSoft

[03/04/2007|21:06] C:\DOCUME~1\CATHER~1\APPLIC~1\SPAMfighter

[05/09/2004|09:37] C:\DOCUME~1\CATHER~1\APPLIC~1\Sun

[25/06/2007|12:52] C:\DOCUME~1\CATHER~1\APPLIC~1\Uniblue

[23/01/2005|21:40] C:\DOCUME~1\CATHER~1\APPLIC~1\Yahoo!

[06/03/2005|08:25] C:\DOCUME~1\CATHER~1\APPLIC~1\Yahoo! Messenger

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help

[27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[01/03/2008|12:34] C:\DOCUME~1\Elio\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\Elio\APPLIC~1\..

[14/09/2005|18:36] C:\DOCUME~1\Elio\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\Elio\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\Elio\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\Elio\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\Elio\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Elio\APPLIC~1\desktop.ini

[19/01/2008|14:46] C:\DOCUME~1\Elio\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\Elio\APPLIC~1\Help

[08/01/2006|15:31] C:\DOCUME~1\Elio\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Elio\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\Elio\APPLIC~1\Macromedia

[04/01/2008|10:15] C:\DOCUME~1\Elio\APPLIC~1\Microsoft

[11/11/2005|20:28] C:\DOCUME~1\Elio\APPLIC~1\MSN6

[28/02/2004|17:58] C:\DOCUME~1\Elio\APPLIC~1\Real

[30/04/2007|11:01] C:\DOCUME~1\Elio\APPLIC~1\SPAMfighter

[28/07/2005|17:35] C:\DOCUME~1\Elio\APPLIC~1\Yahoo!

[28/07/2005|17:36] C:\DOCUME~1\Elio\APPLIC~1\Yahoo! Messenger

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/04/2004|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[29/02/2008|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\.

[29/02/2008|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\..

[12/03/2005|12:40] C:\DOCUME~1\Lorenzo\APPLIC~1\Active Disk

[04/01/2008|22:13] C:\DOCUME~1\Lorenzo\APPLIC~1\Adobe

[04/02/2008|21:59] C:\DOCUME~1\Lorenzo\APPLIC~1\AdobeUM

[26/12/2005|22:00] C:\DOCUME~1\Lorenzo\APPLIC~1\Ahead

[12/08/2007|09:44] C:\DOCUME~1\Lorenzo\APPLIC~1\Apple Computer

[13/05/2007|10:52] C:\DOCUME~1\Lorenzo\APPLIC~1\ATI

[03/05/2007|22:51] C:\DOCUME~1\Lorenzo\APPLIC~1\atitray

[07/04/2007|15:18] C:\DOCUME~1\Lorenzo\APPLIC~1\Autodesk

[12/05/2007|22:28] C:\DOCUME~1\Lorenzo\APPLIC~1\Avidyne

[28/02/2004|16:26] C:\DOCUME~1\Lorenzo\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Lorenzo\APPLIC~1\desktop.ini

[23/12/2007|17:35] C:\DOCUME~1\Lorenzo\APPLIC~1\DivX

[07/04/2007|14:58] C:\DOCUME~1\Lorenzo\APPLIC~1\Downloaded Installations

[03/01/2008|16:24] C:\DOCUME~1\Lorenzo\APPLIC~1\eMule

[24/12/2006|16:30] C:\DOCUME~1\Lorenzo\APPLIC~1\GDIPFONTCACHEV1.DAT

[13/09/2006|22:46] C:\DOCUME~1\Lorenzo\APPLIC~1\Google

[23/12/2007|10:57] C:\DOCUME~1\Lorenzo\APPLIC~1\Help

[28/12/2005|10:47] C:\DOCUME~1\Lorenzo\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Lorenzo\APPLIC~1\Identities

[01/05/2007|18:57] C:\DOCUME~1\Lorenzo\APPLIC~1\InstallShield

[24/10/2006|22:37] C:\DOCUME~1\Lorenzo\APPLIC~1\KSOL

[04/01/2008|18:36] C:\DOCUME~1\Lorenzo\APPLIC~1\Lavasoft

[28/12/2005|10:57] C:\DOCUME~1\Lorenzo\APPLIC~1\Leadertech

[28/02/2004|17:59] C:\DOCUME~1\Lorenzo\APPLIC~1\Macromedia

[27/01/2008|22:06] C:\DOCUME~1\Lorenzo\APPLIC~1\Media Player Classic

[10/06/2007|20:12] C:\DOCUME~1\Lorenzo\APPLIC~1\Microsoft

[02/01/2005|18:14] C:\DOCUME~1\Lorenzo\APPLIC~1\Microsoft Web Folders

[27/02/2008|12:49] C:\DOCUME~1\Lorenzo\APPLIC~1\Mozilla

[13/01/2008|17:03] C:\DOCUME~1\Lorenzo\APPLIC~1\Opera

[03/03/2006|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\PC Tools

[10/02/2006|22:36] C:\DOCUME~1\Lorenzo\APPLIC~1\Publish Providers

[17/06/2007|12:30] C:\DOCUME~1\Lorenzo\APPLIC~1\Real

[09/02/2008|15:23] C:\DOCUME~1\Lorenzo\APPLIC~1\Reasonable Software House Ltd

[04/01/2008|18:47] C:\DOCUME~1\Lorenzo\APPLIC~1\Ringtone

[27/03/2004|14:29] C:\DOCUME~1\Lorenzo\APPLIC~1\ScanSoft

[18/01/2008|23:08] C:\DOCUME~1\Lorenzo\APPLIC~1\SlySoft

[10/02/2006|22:25] C:\DOCUME~1\Lorenzo\APPLIC~1\Sony

[26/06/2007|21:29] C:\DOCUME~1\Lorenzo\APPLIC~1\SPAMfighter

[27/03/2004|23:09] C:\DOCUME~1\Lorenzo\APPLIC~1\Sun

[26/12/2005|20:43] C:\DOCUME~1\Lorenzo\APPLIC~1\Symantec

[25/09/2004|11:34] C:\DOCUME~1\Lorenzo\APPLIC~1\Template

[03/02/2008|15:53] C:\DOCUME~1\Lorenzo\APPLIC~1\UK's Kalender

[13/02/2008|00:09] C:\DOCUME~1\Lorenzo\APPLIC~1\Uniblue

[04/01/2008|18:40] C:\DOCUME~1\Lorenzo\APPLIC~1\WinRAR

[09/01/2005|20:21] C:\DOCUME~1\Lorenzo\APPLIC~1\Yahoo! Messenger

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/05/2004|12:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

[01/05/2004|12:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\..

[18/09/2005|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/02/2008 23:42][--a------] C:\WINDOWS\tasks\Uniblue SpyEraser.job

[27/02/2008 12:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[01/03/2008 13:32][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

[29/02/2008 23:56][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/03/2008|14:10] C:\Program Files\.

[01/03/2008|14:10] C:\Program Files\..

[15/01/2006|15:38] C:\Program Files\4ormulator

[04/01/2008|22:16] C:\Program Files\Adobe

[30/12/2006|21:33] C:\Program Files\Ahead

[30/07/2004|20:38] C:\Program Files\Alcohol Soft

[24/09/2007|20:52] C:\Program Files\AnMing

[18/03/2007|18:01] C:\Program Files\APDFPR

[22/12/2007|17:14] C:\Program Files\Apple Software Update

[02/07/2006|19:23] C:\Program Files\Atlence

[15/01/2006|13:04] C:\Program Files\Audacity

[07/04/2007|15:16] C:\Program Files\Autodesk

[04/01/2008|19:06] C:\Program Files\AutoREALM

[06/01/2008|17:05] C:\Program Files\Avid

[12/05/2007|22:26] C:\Program Files\Avidyne

[14/02/2008|21:49] C:\Program Files\Avira

[15/01/2006|10:57] C:\Program Files\AviSynth 2.5

[03/07/2005|18:31] C:\Program Files\Cadkey99

[13/11/2005|10:18] C:\Program Files\Canon

[10/02/2008|22:05] C:\Program Files\CCleaner

[02/06/2006|09:31] C:\Program Files\Ciel

[27/02/2004|19:11] C:\Program Files\C-Media 3D Audio

[10/09/2005|21:52] C:\Program Files\ColJaegerm2_3s

[27/01/2008|22:00] C:\Program Files\Combined Community Codec Pack

[13/01/2007|16:18] C:\Program Files\Common Files

[27/02/2004|18:28] C:\Program Files\ComPlus Applications

[28/02/2004|16:15] C:\Program Files\CyberLink

[09/02/2008|15:45] C:\Program Files\DAMN NFO Viewer

[09/09/2005|18:55] C:\Program Files\Data1.cab

[24/06/2006|07:56] C:\Program Files\Dico

[09/01/2005|15:16] C:\Program Files\directx

[04/01/2008|18:34] C:\Program Files\DiscWizard 2003

[06/01/2008|16:37] C:\Program Files\DivX

[08/05/2007|09:20] C:\Program Files\Driver Cleaner PE

[25/03/2007|22:27] C:\Program Files\Driver Validation

[19/01/2008|10:23] C:\Program Files\DVD Decrypter

[06/05/2006|12:36] C:\Program Files\EBP

[25/02/2008|00:07] C:\Program Files\eMule

[29/07/2007|10:48] C:\Program Files\eMusic Download Manager

[15/01/2006|22:15] C:\Program Files\EndItAll

[26/01/2008|15:49] C:\Program Files\eRightSoft

[23/12/2007|10:56] C:\Program Files\Exif Date Changer

[24/09/2007|21:23] C:\Program Files\EZ Ringtone

[10/02/2008|22:15] C:\Program Files\Fichiers communs

[25/09/2004|16:04] C:\Program Files\FotoTime

[04/03/2006|13:11] C:\Program Files\FouFou

[23/06/2007|22:43] C:\Program Files\Garmin

[15/07/2004|21:15] C:\Program Files\Ghostgum

[27/01/2007|10:33] C:\Program Files\Google

[15/07/2004|21:14] C:\Program Files\gs

[28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard

[28/02/2004|16:16] C:\Program Files\Home Cinema

[17/07/2007|13:40] C:\Program Files\Infogrames

[24/02/2008|20:08] C:\Program Files\InstallShield Installation Information

[04/01/2008|18:52] C:\Program Files\InstantTimeZone

[27/02/2004|18:45] C:\Program Files\Intel

[12/12/2007|23:16] C:\Program Files\Internet Explorer

[17/10/2004|11:41] C:\Program Files\Iomega

[03/02/2008|12:09] C:\Program Files\iPod

[29/12/2006|23:12] C:\Program Files\IrfanView

[03/02/2008|12:09] C:\Program Files\iTunes

[12/11/2006|12:25] C:\Program Files\Java

[05/11/2006|10:55] C:\Program Files\JoshMadison

[04/01/2008|18:54] C:\Program Files\JS World

[03/02/2008|15:08] C:\Program Files\Kalender

[04/01/2008|18:36] C:\Program Files\Lavasoft

[04/01/2008|16:01] C:\Program Files\Live_TV

[04/01/2008|18:58] C:\Program Files\Logitech

[28/02/2004|15:40] C:\Program Files\Medion Tools

[09/07/2006|17:15] C:\Program Files\Messenger

[03/02/2008|15:13] C:\Program Files\metagenia

[28/02/2004|14:52] C:\Program Files\Microsoft AutoRoute

[14/05/2007|21:19] C:\Program Files\Microsoft Bootvis

[10/05/2007|21:19] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[28/02/2004|14:57] C:\Program Files\Microsoft Encarta

[02/01/2005|18:14] C:\Program Files\microsoft frontpage

[26/02/2005|18:28] C:\Program Files\Microsoft IntelliPoint

[28/02/2004|14:51] C:\Program Files\Microsoft Money

[28/08/2005|13:38] C:\Program Files\Microsoft Money 2005(2)

[07/04/2007|15:18] C:\Program Files\Microsoft Office

[28/02/2004|14:56] C:\Program Files\Microsoft Picture It! 9

[31/07/2004|12:08] C:\Program Files\Microsoft R‚f‚rence

[06/01/2007|16:19] C:\Program Files\Microsoft Visual Studio

[25/09/2004|11:34] C:\Program Files\Microsoft Works

[28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004

[06/01/2007|17:12] C:\Program Files\Microsoft.NET

[12/02/2008|23:14] C:\Program Files\Miraizon

[08/07/2006|20:23] C:\Program Files\Movie Maker

[01/03/2008|12:39] C:\Program Files\Mozilla Firefox

[11/08/2007|18:13] C:\Program Files\MPEG4 Direct Maker

[27/02/2004|18:28] C:\Program Files\MSN

[27/02/2004|18:28] C:\Program Files\MSN Gaming Zone

[23/09/2007|19:52] C:\Program Files\MSN Messenger

[17/11/2006|19:25] C:\Program Files\MSXML 4.0

[28/02/2004|16:18] C:\Program Files\MUSICMATCH

[28/02/2004|15:01] C:\Program Files\muvee Technologies

[13/05/2007|10:42] C:\Program Files\My Company Name

[29/02/2008|23:37] C:\Program Files\Navilog1

[26/05/2007|20:07] C:\Program Files\Netgear

[31/08/2006|19:43] C:\Program Files\Netgroup - Politecnico di Torino

[08/07/2006|20:19] C:\Program Files\NetMeeting

[10/02/2008|21:57] C:\Program Files\Network Associates

[09/09/2005|18:55] C:\Program Files\NGhost10.msi

[25/02/2008|00:07] C:\Program Files\Norton Ghost

[28/02/2004|17:49] C:\Program Files\Nullsoft

[16/04/2005|19:49] C:\Program Files\Olympus

[14/06/2007|21:40] C:\Program Files\Outlook Express

[08/01/2006|15:54] C:\Program Files\Palm

[08/01/2005|15:36] C:\Program Files\PDFill Writer

[27/10/2007|17:11] C:\Program Files\Picasa2

[06/01/2008|17:17] C:\Program Files\Pinnacle

[05/08/2007|12:57] C:\Program Files\Planilog

[08/01/2005|15:36] C:\Program Files\PlotSoft

[13/11/2004|22:37] C:\Program Files\PocketFMS

[27/01/2008|14:21] C:\Program Files\Portrait Professional

[03/02/2008|12:05] C:\Program Files\QuickTime

[08/05/2007|11:36] C:\Program Files\Radeon Omega Drivers

[19/01/2008|00:36] C:\Program Files\RapidSolution

[28/02/2004|17:49] C:\Program Files\Real

[12/02/2008|23:01] C:\Program Files\Registry Mechanic

[02/07/2006|18:53] C:\Program Files\RenMultiFiles Pro

[06/06/2007|21:19] C:\Program Files\RepareOE

[06/06/2007|21:15] C:\Program Files\SaveOE

[27/03/2004|14:29] C:\Program Files\ScanSoft

[09/09/2005|18:55] C:\Program Files\SCSSDist.ini

[14/02/2008|09:00] C:\Program Files\SecCopy

[10/02/2006|22:19] C:\Program Files\SF8 install

[24/03/2007|10:58] C:\Program Files\Simpli Software

[18/01/2008|23:00] C:\Program Files\SlySoft

[07/01/2006|19:40] C:\Program Files\SmartSound Software

[03/02/2008|15:52] C:\Program Files\SodeaSoft

[10/02/2006|22:24] C:\Program Files\Sony

[01/03/2008|12:07] C:\Program Files\SPAMfighter

[15/01/2006|13:47] C:\Program Files\SpeechMillLAIPTTSin.pol

[15/01/2006|13:37] C:\Program Files\SpeechMillLAIPTTSout.pol

[11/02/2008|07:29] C:\Program Files\Spybot - Search & Destroy

[12/02/2008|23:14] C:\Program Files\Spyware Doctor

[24/02/2008|22:58] C:\Program Files\SpywareBlaster

[15/01/2006|13:10] C:\Program Files\Stratoware

[24/02/2007|14:21] C:\Program Files\Sunbelt Software

[09/09/2005|18:56] C:\Program Files\Support

[25/03/2007|22:30] C:\Program Files\Symantec

[09/03/2005|17:29] C:\Program Files\THQ

[23/12/2007|13:04] C:\Program Files\TimeToPhoto

[24/02/2008|20:08] C:\Program Files\ToniArts

[13/02/2008|00:09] C:\Program Files\Uniblue

[31/08/2004|19:30] C:\Program Files\Uninstall Information

[27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver

[10/02/2006|22:36] C:\Program Files\VSTplugins

[05/08/2006|19:29] C:\Program Files\Western Digital Technologies

[28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp

[27/02/2004|18:35] C:\Program Files\Windows Journal Viewer

[24/02/2007|14:02] C:\Program Files\Windows Live Favorites

[24/02/2007|14:15] C:\Program Files\Windows Live Safety Center

[30/11/2007|23:26] C:\Program Files\Windows Live Toolbar

[26/01/2008|14:56] C:\Program Files\Windows Media Connect 2

[26/01/2008|14:56] C:\Program Files\Windows Media Player

[08/07/2006|20:19] C:\Program Files\Windows NT

[25/02/2007|11:40] C:\Program Files\WindowsUpdate

[19/11/2006|10:38] C:\Program Files\WinPilot XP VFR

[25/02/2008|00:07] C:\Program Files\WinRAR

[20/12/2006|11:17] C:\Program Files\WMV9_VCM

[03/01/2008|22:40] C:\Program Files\WnSoft PicturesToExe

[11/09/2005|18:18] C:\Program Files\WorldTimeClock

[28/02/2004|16:16] C:\Program Files\X10 Hardware

[27/02/2004|18:30] C:\Program Files\xerox

[14/02/2008|20:53] C:\Program Files\Yahoo!

[04/03/2006|11:58] C:\Program Files\Zero G Registry

[18/03/2007|18:20] C:\Program Files\ZipCentral

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[10/02/2008|22:15] C:\Program Files\Fichiers communs\.

[10/02/2008|22:15] C:\Program Files\Fichiers communs\..

[04/01/2008|22:13] C:\Program Files\Fichiers communs\Adobe

[28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead

[30/10/2007|08:38] C:\Program Files\Fichiers communs\Ankiro

[28/02/2004|17:49] C:\Program Files\Fichiers communs\AOL

[11/08/2007|21:21] C:\Program Files\Fichiers communs\Apple

[30/10/2007|08:37] C:\Program Files\Fichiers communs\Application

[02/07/2006|19:26] C:\Program Files\Fichiers communs\Atlence

[22/04/2007|18:15] C:\Program Files\Fichiers communs\Autodesk Shared

[28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared

[08/08/2007|08:52] C:\Program Files\Fichiers communs\CIEL

[27/09/2006|17:45] C:\Program Files\Fichiers communs\Cisco Systems

[12/05/2007|22:26] C:\Program Files\Fichiers communs\Crystal Decisions

[06/01/2007|17:14] C:\Program Files\Fichiers communs\DESIGNER

[28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield

[27/03/2004|23:09] C:\Program Files\Fichiers communs\Java

[09/01/2005|15:13] C:\Program Files\Fichiers communs\Logitech

[19/01/2008|00:36] C:\Program Files\Fichiers communs\Microsoft Shared

[27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap

[28/02/2004|15:01] C:\Program Files\Fichiers communs\muvee Technologies

[10/02/2008|21:56] C:\Program Files\Fichiers communs\Network Associates

[27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC

[10/02/2008|22:15] C:\Program Files\Fichiers communs\PC Tools

[17/06/2007|12:29] C:\Program Files\Fichiers communs\Real

[08/08/2007|08:52] C:\Program Files\Fichiers communs\Sage

[27/03/2004|14:29] C:\Program Files\Fichiers communs\ScanSoft Shared

[27/02/2004|18:28] C:\Program Files\Fichiers communs\Services

[27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines

[03/04/2007|21:04] C:\Program Files\Fichiers communs\Symantec Shared

[14/06/2007|21:40] C:\Program Files\Fichiers communs\System

[04/01/2008|15:53] C:\Program Files\Fichiers communs\Wise Installation Wizard

[17/06/2007|12:30] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 14:11:08

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden files ...

scan completed successfully

hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\system32\drivers\down

C:\WINDOWS\system32\drivers\srosa.sys

C:\WINDOWS\system32\BAN_LIST.txt

! BAGLE Possible !

/!\ [Fich:1][Doss:3] C:\DOCUME~1\Lorenzo\LOCALS~1\Temp

/!\ [Fich:10][Doss:0] C:\DOCUME~1\Lorenzo\Cookies

/!\ [Fich:2][Doss:0] C:\DOCUME~1\Lorenzo\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 14:11:45,29 ]----------------------

ellesé · le 1 mars 2008

Heureusement mon PC s'est rallumé, grâce à "dernière bonne configuration connue".
Eh oui, Bagle est revenu !

Peut-on conclure que le dernier essai avec IE6 a réanimé Bagle sans connexion internet, ou lors de la connexion suivante, même après fermeture de IE ?

Voici le rapport Combo-Fix et Lop SD avant le dernier palntage.

ComboFix 08-02-25.2 - Lorenzo 2008-03-01 18:20:45.8 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.669 [GMT 1:00]

Endroit: C:\Documents and Settings\Lorenzo\Bureau\Combo-Fix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

C:\WINDOWS\system32\drivers\down

C:\WINDOWS\system32\drivers\down\85687.exe

C:\WINDOWS\system32\drivers\hldrrr.exe

C:\WINDOWS\system32\drivers\srosa.sys

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\LEGACY_SROSA

-------\srosa

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))

.

2008-03-01 17:39 . 2008-03-01 17:39 <REP> d-------- C:\My Documents

2008-03-01 14:01 . 2008-03-01 14:11 <REP> d-------- C:\Lop SD

2008-02-29 23:46 . 2008-02-29 23:46 <REP> d-------- C:\WINDOWS\ERUNT

2008-02-29 23:39 . 2008-03-01 00:06 <REP> d-------- C:\SDFix

2008-02-29 23:24 . 2008-02-29 23:37 <REP> d-------- C:\Program Files\Navilog1

2008-02-25 00:23 . 2008-02-25 00:23 <REP> d-------- C:\TcpView

2008-02-25 00:14 . 2008-02-25 00:14 30,332 --a------ C:\EasyCleaner REG cleanup.htm

2008-02-25 00:03 . 2008-02-25 00:03 459,307 --a------ C:\EasyCleaner-Inutiles.htm

2008-02-24 22:56 . 2008-02-24 22:58 <REP> d-------- C:\Program Files\SpywareBlaster

2008-02-24 20:08 . 2008-02-24 20:08 <REP> d-------- C:\Program Files\ToniArts

2008-02-24 20:06 . 2008-02-27 12:41 <REP> d-------- C:\HijackThis

2008-02-23 19:46 . 2008-02-23 19:46 <REP> d-------- C:\Muestras

2008-02-14 21:49 . 2008-02-14 21:49 <REP> d-------- C:\Program Files\Avira

2008-02-14 21:49 . 2008-02-14 21:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira

2008-02-12 23:15 . 2008-02-12 23:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Uniblue

2008-02-10 22:48 . 2008-02-10 22:46 691,545 --a------ C:\WINDOWS\unins000.exe

2008-02-10 22:48 . 2008-02-10 22:48 3,453 --a------ C:\WINDOWS\unins000.dat

2008-02-10 22:15 . 2008-02-10 22:15 <REP> d-------- C:\Program Files\Fichiers communs\PC Tools

2008-02-10 22:14 . 2008-02-12 23:14 <REP> d-------- C:\Program Files\Spyware Doctor

2008-02-10 22:14 . 2008-02-10 22:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools

2008-02-10 22:14 . 2007-02-23 00:09 83,536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys

2008-02-10 22:14 . 2007-02-25 23:45 59,472 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys

2008-02-10 22:14 . 2007-02-19 18:13 52,304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys

2008-02-10 22:14 . 2007-02-19 18:13 39,248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys

2008-02-10 22:14 . 2007-02-23 07:13 26,064 --a------ C:\WINDOWS\system32\drivers\kcom.sys

2008-02-10 22:05 . 2008-02-10 22:05 <REP> d-------- C:\Program Files\CCleaner

2008-02-10 21:57 . 2006-06-08 20:00 116,864 --a------ C:\WINDOWS\system32\drivers\naiavf5x.sys

2008-02-10 21:57 . 2006-06-08 20:00 58,464 --a------ C:\WINDOWS\system32\drivers\mvstdi5x.sys

2008-02-10 21:56 . 2008-02-10 21:57 <REP> d-------- C:\Program Files\Network Associates

2008-02-10 21:56 . 2008-02-10 21:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Network Associates

2008-02-09 15:45 . 2008-02-09 15:45 <REP> d-------- C:\Program Files\DAMN NFO Viewer

2008-02-09 15:23 . 2008-02-09 15:23 <REP> d-------- C:\Documents and Settings\Lorenzo\Application Data\Reasonable Software House Ltd

2008-02-03 15:08 . 2008-02-03 15:08 <REP> d-------- C:\Program Files\Kalender

2008-02-03 15:08 . 2008-03-01 16:49 <REP> d-------- C:\Documents and Settings\Lorenzo\Application Data\UK's Kalender

2008-02-03 12:08 . 2008-02-03 12:09 <REP> d-------- C:\Program Files\iTunes

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-01 16:39 936 ----a-w C:\WP_VFR1.bin

2008-03-01 16:39 564 ----a-w C:\WP_FileList4AVFR.bin

2008-03-01 16:39 432 ----a-w C:\WP_FileList4SVFR.bin

2008-03-01 16:39 --------- d-----w C:\Program Files\WinPilot XP VFR

2008-03-01 15:49 28,256 ----a-w C:\WINDOWS\system32\drivers\MxlW2k.sys

2008-03-01 14:34 --------- d-----w C:\Program Files\AutoREALM

2008-03-01 14:27 --------- d-----w C:\Program Files\SPAMfighter

2008-02-24 23:07 --------- d-----w C:\Program Files\Norton Ghost

2008-02-24 23:07 --------- d-----w C:\Program Files\eMule

2008-02-24 21:09 15,360 ----a-w C:\WINDOWS\system32\dllcache\register.exe

2008-02-24 19:08 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-14 19:53 --------- d-----w C:\Program Files\Yahoo!

2008-02-14 08:00 --------- d-----w C:\Program Files\SecCopy

2008-02-12 23:09 --------- d-----w C:\Program Files\Uniblue

2008-02-12 23:09 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Uniblue

2008-02-12 22:14 --------- d-----w C:\Program Files\Miraizon

2008-02-12 22:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-02-11 06:29 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-02-10 21:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-02-10 20:56 --------- d-----w C:\Program Files\Fichiers communs\Network Associates

2008-02-07 15:48 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll

2008-02-07 15:48 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll

2008-02-07 15:48 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll

2008-02-04 20:59 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\AdobeUM

2008-02-03 11:09 --------- d-----w C:\Program Files\iPod

2008-02-03 11:05 --------- d-----w C:\Program Files\QuickTime

2008-01-27 21:06 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Media Player Classic

2008-01-27 21:00 --------- d-----w C:\Program Files\Combined Community Codec Pack

2008-01-26 13:56 --------- d-----w C:\Program Files\Windows Media Connect 2

2008-01-19 09:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\RapidSolution

2008-01-18 22:08 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\SlySoft

2008-01-18 22:00 --------- d-----w C:\Program Files\SlySoft

2008-01-06 16:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle

2008-01-06 16:17 --------- d-----w C:\Program Files\Pinnacle

2008-01-06 16:05 --------- d-----w C:\Program Files\Avid

2008-01-06 15:37 --------- d-----w C:\Program Files\DivX

2008-01-04 21:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2008-01-04 20:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems

2008-01-04 17:58 --------- d-----w C:\Program Files\Logitech

2008-01-04 17:52 --------- d-----w C:\Program Files\InstantTimeZone

2008-01-04 17:47 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Ringtone

2008-01-04 17:36 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\Lavasoft

2008-01-04 17:34 --------- d-----w C:\Program Files\DiscWizard 2003

2008-01-04 14:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft

2008-01-03 21:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\PicturesToExe

2008-01-03 21:40 --------- d-----w C:\Program Files\WnSoft PicturesToExe

2008-01-03 15:24 --------- d-----w C:\Documents and Settings\Lorenzo\Application Data\eMule

2007-12-22 14:24 39,424 ----a-w C:\WINDOWS\zipinst.exe

2006-12-24 15:30 94,880 ----a-w C:\Documents and Settings\Lorenzo\Application Data\GDIPFONTCACHEV1.DAT

2006-01-15 12:47 4 ----a-w C:\Program Files\SpeechMillLAIPTTSin.pol

2006-01-15 12:37 4 ----a-w C:\Program Files\SpeechMillLAIPTTSout.pol

2005-09-09 17:55 7,155,864 ----a-w C:\Program Files\NGhost10.msi

2005-09-09 17:55 37,766,164 ----a-w C:\Program Files\Data1.cab

2005-09-09 17:55 35 ----a-w C:\Program Files\SCSSDist.ini

2005-04-09 17:24 83,224 ------w C:\Documents and Settings\Adriana\Application Data\GDIPFONTCACHEV1.DAT

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]

"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [2008-01-29 10:13 1424648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\tbmon.exe" [2008-03-01 18:01 147514]

"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2007-10-25 15:29 308880]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 00:07 8491008]

"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2008-03-01 18:01 94208]

"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2008-03-01 18:01 139320]

"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-01 18:01 249896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17 443968]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ :\WINDOWS\system3

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant d'Acrobat.lnk]

backup=C:\WINDOWS\pss\Assistant d'Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bootvis.lnk]

backup=C:\WINDOWS\pss\Bootvis.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Device Detector 2.lnk]

backup=C:\WINDOWS\pss\Device Detector 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HOTSYNCSHORTCUTNAME.lnk]

backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InstantTimeZone.lnk]

backup=C:\WINDOWS\pss\InstantTimeZone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Catherine^Menu Démarrer^Programmes^Démarrage^La Solution Associations Ciel.lnk]

backup=C:\WINDOWS\pss\La Solution Associations Ciel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Catherine^Menu Démarrer^Programmes^Démarrage^La Solution Enseignement Ciel.lnk]

backup=C:\WINDOWS\pss\La Solution Enseignement Ciel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Catherine^Menu Démarrer^Programmes^Démarrage^Palm Registration.lnk]

backup=C:\WINDOWS\pss\Palm Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lorenzo^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lorenzo^Menu Démarrer^Programmes^Démarrage^Anti-Pub.lnk]

backup=C:\WINDOWS\pss\Anti-Pub.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Lorenzo^Menu Démarrer^Programmes^Démarrage^La Solution Enseignement Ciel.lnk]

backup=C:\WINDOWS\pss\La Solution Enseignement Ciel.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADUserMon]

--a------ 2002-09-24 15:39 147456 C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]

--a------ 2008-01-19 10:54 469504 C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

--a------ 2008-02-24 21:35 58984 C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]

--a------ 2004-02-05 13:45 510464 C:\WINDOWS\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]

--a------ 2004-01-07 15:14 2453504 C:\WINDOWS\CMICNFG.CPL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskup]

--a------ 2002-07-16 09:55 32768 C:\Program Files\Iomega\DriveIcons\deskup.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]

--a------ 2003-12-29 23:33 94208 C:\WINDOWS\Dit.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

--a------ 2003-05-16 00:41 163840 C:\Program Files\Microsoft IntelliPoint\point32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Drive Icons]

--a------ 2002-08-13 13:30 86016 C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2008-01-15 03:22 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kalender]

--a------ 2007-10-12 15:37 819200 C:\Program Files\Kalender\Kalender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]

--a------ 2004-02-03 17:15 5794816 C:\WINDOWS\CNYHKey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeScape Media Detector]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

--a------ 2004-01-20 12:50 188416 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

--a------ 2004-01-20 12:53 77824 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]

--a------ 2003-06-10 17:49 50688 C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]

--a------ 2004-02-04 16:09 53248 C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]

C:\Program Files\Microsoft Money\System\mnyexpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]

--------- 2005-10-11 18:25 1961984 C:\Program Files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]

--a------ 2005-09-09 18:09 1537648 C:\Program Files\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2007-09-17 00:07 8491008 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2007-09-17 00:07 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2007-09-17 00:07 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

--a------ 2002-02-20 20:01 49152 C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--a------ 2004-02-26 10:08 61440 C:\Program Files\Home Cinema\PowerCinema\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

--a------ 2007-09-28 02:17 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]

--a------ 2004-03-10 23:26 406016 C:\WINDOWS\system32\\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRISMSTA.EXE]

--a------ 2004-01-14 16:09 215552 C:\WINDOWS\system32\PRISMSTA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Prism_Utility]

--a------ 2004-01-14 16:09 215552 C:\WINDOWS\system32\PRISMSTA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-01-10 15:27 385024 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

--a------ 2008-03-01 13:17 669776 C:\Program Files\Spyware Doctor\SDTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Second Copy 2000]

--a------ 2001-09-17 08:37 1134080 C:\PROGRA~1\SecCopy\SecCopy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

--a------ 2008-03-01 18:00 2385488 C:\Program Files\Spyware Doctor\swdoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2006-10-12 03:10 49263 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2006-09-21 05:05 757887 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

--a------ 2007-06-17 12:29 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue Registry Booster]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]

--a------ 2007-12-05 16:06 1885464 C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]

C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]

C:\Program Files\Yahoo!\Messenger\ypager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ccSetMgr"=2 (0x2)

"ccPwdSvc"=3 (0x3)

"ccEvtMgr"=2 (0x2)

"Norton Ghost"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"C:\\Program Files\\Avidyne\\FlightMax\\AviSysDL\\DataTransacServer.exe"=

"C:\\Program Files\\Avidyne\\FlightMax\\DatalinkClient.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=

"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

"C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\StudioU.mod"=

"C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\RM.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowOutboundDestinationUnreachable"= 1 (0x1)

"AllowOutboundSourceQuench"= 1 (0x1)

"AllowOutboundTimeExceeded"= 1 (0x1)

"AllowRedirect"= 1 (0x1)

R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2007-10-25 15:29]

R3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2007-06-21 07:32]

R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]

R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys [2002-04-24 12:07]

S1 atitray;atitray;C:\Program Files\Radeon Omega Drivers\v3.8.330\ATI Tray Tools\atitray.sys []

S3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]

S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2005-05-20 18:27]

S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2005-05-20 18:27]

S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [2005-05-20 18:28]

S3 IIUSBISP;USB Mass Storage for USB ISP;C:\WINDOWS\system32\Drivers\iiusbisp.sys []

S3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2003-05-22 19:44]

S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 10:47]

S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 09:31]

S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]

S3 VNUSB;VN Series Device;C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2003-12-15 17:22]

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-02-27 11:56:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-02-12 22:42:38 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"

- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe

"2008-03-01 16:32:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 18:21:46

Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès

Les fichiers cachés: 0

**************************************************************************

.

Temps d'accomplissement: 2008-03-01 18:22:32

ComboFix-quarantined-files.txt 2008-03-01 17:22:18

ComboFix2.txt 2008-03-01 11:38:51

ComboFix3.txt 2008-02-29 21:25:40

ComboFix4.txt 2008-02-28 22:27:15

ComboFix5.txt 2008-02-27 22:33:46

.

2008-01-27 13:55:01 --- E O F ---

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-----------------------------[ Lop S&D 4.0.2 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : Lorenzo ] [ "C:\Lop SD" ]

[ 01/03/2008 | 14:10:27,79 ] [ PC : NET-WXPHE ]

[ MAJ : 30-02-2008 | 00:12 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\Program Files\Viewpoint

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\.

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\..

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[27/02/2004|19:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help

[27/02/2004|18:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia

[28/02/2004|20:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/02/2004|17:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

[01/03/2008|12:34] C:\DOCUME~1\Adriana\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\Adriana\APPLIC~1\..

[09/11/2004|17:30] C:\DOCUME~1\Adriana\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\Adriana\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\Adriana\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\Adriana\APPLIC~1\Ahead

[29/12/2005|15:46] C:\DOCUME~1\Adriana\APPLIC~1\Apple Computer

[28/02/2004|16:26] C:\DOCUME~1\Adriana\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Adriana\APPLIC~1\desktop.ini

[09/04/2005|18:24] C:\DOCUME~1\Adriana\APPLIC~1\GDIPFONTCACHEV1.DAT

[17/09/2006|17:12] C:\DOCUME~1\Adriana\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\Adriana\APPLIC~1\Help

[31/12/2005|16:03] C:\DOCUME~1\Adriana\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Adriana\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\Adriana\APPLIC~1\Macromedia

[24/02/2007|17:38] C:\DOCUME~1\Adriana\APPLIC~1\Microsoft

[22/05/2006|17:53] C:\DOCUME~1\Adriana\APPLIC~1\PC Tools

[28/02/2004|17:58] C:\DOCUME~1\Adriana\APPLIC~1\Real

[22/04/2007|19:15] C:\DOCUME~1\Adriana\APPLIC~1\SPAMfighter

[27/03/2005|18:22] C:\DOCUME~1\Adriana\APPLIC~1\Yahoo!

[21/05/2005|13:47] C:\DOCUME~1\Adriana\APPLIC~1\Yahoo! Messenger

[01/03/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[01/03/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[18/03/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[04/01/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead

[11/08/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[23/06/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[07/04/2007|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk

[14/02/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[13/11/2005|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon

[03/09/2005|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel

[28/02/2004|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[03/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f7129022-a000-4847-db07-470265a73c4f

[11/09/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[28/12/2005|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync

[04/01/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

[12/02/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies

[10/02/2008|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates

[27/10/2007|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[06/01/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

[10/02/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools

[03/01/2008|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PicturesToExe

[06/01/2008|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle

[01/05/2007|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio

[12/01/2008|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache

[26/09/2004|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[19/01/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution

[27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[04/04/2004|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft

[14/01/2006|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc

[10/02/2008|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[12/09/2004|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir

[12/09/2004|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard

[25/03/2007|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[12/02/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[12/02/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Uniblue

[23/12/2005|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[24/02/2007|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[31/08/2005|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

[01/03/2008|12:34] C:\DOCUME~1\CATHER~1\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\CATHER~1\APPLIC~1\..

[29/03/2005|08:56] C:\DOCUME~1\CATHER~1\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\CATHER~1\APPLIC~1\Adobe

[13/01/2008|09:32] C:\DOCUME~1\CATHER~1\APPLIC~1\AdobeUM

[21/06/2007|07:33] C:\DOCUME~1\CATHER~1\APPLIC~1\Ahead

[12/02/2006|14:45] C:\DOCUME~1\CATHER~1\APPLIC~1\Apple Computer

[28/02/2004|16:26] C:\DOCUME~1\CATHER~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\CATHER~1\APPLIC~1\desktop.ini

[01/06/2006|17:40] C:\DOCUME~1\CATHER~1\APPLIC~1\GDIPFONTCACHEV1.DAT

[11/09/2006|18:48] C:\DOCUME~1\CATHER~1\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\CATHER~1\APPLIC~1\Help

[28/12/2005|12:49] C:\DOCUME~1\CATHER~1\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\CATHER~1\APPLIC~1\Identities

[30/10/2005|17:05] C:\DOCUME~1\CATHER~1\APPLIC~1\InstallShield

[30/12/2005|19:24] C:\DOCUME~1\CATHER~1\APPLIC~1\Leadertech

[28/02/2004|17:59] C:\DOCUME~1\CATHER~1\APPLIC~1\Macromedia

[07/06/2007|21:42] C:\DOCUME~1\CATHER~1\APPLIC~1\Microsoft

[06/06/2004|16:54] C:\DOCUME~1\CATHER~1\APPLIC~1\MSN6

[21/06/2007|07:33] C:\DOCUME~1\CATHER~1\APPLIC~1\PC Tools

[28/02/2004|17:58] C:\DOCUME~1\CATHER~1\APPLIC~1\Real

[12/09/2004|11:42] C:\DOCUME~1\CATHER~1\APPLIC~1\ScanSoft

[03/04/2007|21:06] C:\DOCUME~1\CATHER~1\APPLIC~1\SPAMfighter

[05/09/2004|09:37] C:\DOCUME~1\CATHER~1\APPLIC~1\Sun

[25/06/2007|12:52] C:\DOCUME~1\CATHER~1\APPLIC~1\Uniblue

[23/01/2005|21:40] C:\DOCUME~1\CATHER~1\APPLIC~1\Yahoo!

[06/03/2005|08:25] C:\DOCUME~1\CATHER~1\APPLIC~1\Yahoo! Messenger

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help

[27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[01/03/2008|12:34] C:\DOCUME~1\Elio\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\Elio\APPLIC~1\..

[14/09/2005|18:36] C:\DOCUME~1\Elio\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\Elio\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\Elio\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\Elio\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\Elio\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Elio\APPLIC~1\desktop.ini

[19/01/2008|14:46] C:\DOCUME~1\Elio\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\Elio\APPLIC~1\Help

[08/01/2006|15:31] C:\DOCUME~1\Elio\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Elio\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\Elio\APPLIC~1\Macromedia

[04/01/2008|10:15] C:\DOCUME~1\Elio\APPLIC~1\Microsoft

[11/11/2005|20:28] C:\DOCUME~1\Elio\APPLIC~1\MSN6

[28/02/2004|17:58] C:\DOCUME~1\Elio\APPLIC~1\Real

[30/04/2007|11:01] C:\DOCUME~1\Elio\APPLIC~1\SPAMfighter

[28/07/2005|17:35] C:\DOCUME~1\Elio\APPLIC~1\Yahoo!

[28/07/2005|17:36] C:\DOCUME~1\Elio\APPLIC~1\Yahoo! Messenger

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/04/2004|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[29/02/2008|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\.

[29/02/2008|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\..

[12/03/2005|12:40] C:\DOCUME~1\Lorenzo\APPLIC~1\Active Disk

[04/01/2008|22:13] C:\DOCUME~1\Lorenzo\APPLIC~1\Adobe

[04/02/2008|21:59] C:\DOCUME~1\Lorenzo\APPLIC~1\AdobeUM

[26/12/2005|22:00] C:\DOCUME~1\Lorenzo\APPLIC~1\Ahead

[12/08/2007|09:44] C:\DOCUME~1\Lorenzo\APPLIC~1\Apple Computer

[13/05/2007|10:52] C:\DOCUME~1\Lorenzo\APPLIC~1\ATI

[03/05/2007|22:51] C:\DOCUME~1\Lorenzo\APPLIC~1\atitray

[07/04/2007|15:18] C:\DOCUME~1\Lorenzo\APPLIC~1\Autodesk

[12/05/2007|22:28] C:\DOCUME~1\Lorenzo\APPLIC~1\Avidyne

[28/02/2004|16:26] C:\DOCUME~1\Lorenzo\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Lorenzo\APPLIC~1\desktop.ini

[23/12/2007|17:35] C:\DOCUME~1\Lorenzo\APPLIC~1\DivX

[07/04/2007|14:58] C:\DOCUME~1\Lorenzo\APPLIC~1\Downloaded Installations

[03/01/2008|16:24] C:\DOCUME~1\Lorenzo\APPLIC~1\eMule

[24/12/2006|16:30] C:\DOCUME~1\Lorenzo\APPLIC~1\GDIPFONTCACHEV1.DAT

[13/09/2006|22:46] C:\DOCUME~1\Lorenzo\APPLIC~1\Google

[23/12/2007|10:57] C:\DOCUME~1\Lorenzo\APPLIC~1\Help

[28/12/2005|10:47] C:\DOCUME~1\Lorenzo\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Lorenzo\APPLIC~1\Identities

[01/05/2007|18:57] C:\DOCUME~1\Lorenzo\APPLIC~1\InstallShield

[24/10/2006|22:37] C:\DOCUME~1\Lorenzo\APPLIC~1\KSOL

[04/01/2008|18:36] C:\DOCUME~1\Lorenzo\APPLIC~1\Lavasoft

[28/12/2005|10:57] C:\DOCUME~1\Lorenzo\APPLIC~1\Leadertech

[28/02/2004|17:59] C:\DOCUME~1\Lorenzo\APPLIC~1\Macromedia

[27/01/2008|22:06] C:\DOCUME~1\Lorenzo\APPLIC~1\Media Player Classic

[10/06/2007|20:12] C:\DOCUME~1\Lorenzo\APPLIC~1\Microsoft

[02/01/2005|18:14] C:\DOCUME~1\Lorenzo\APPLIC~1\Microsoft Web Folders

[27/02/2008|12:49] C:\DOCUME~1\Lorenzo\APPLIC~1\Mozilla

[13/01/2008|17:03] C:\DOCUME~1\Lorenzo\APPLIC~1\Opera

[03/03/2006|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\PC Tools

[10/02/2006|22:36] C:\DOCUME~1\Lorenzo\APPLIC~1\Publish Providers

[17/06/2007|12:30] C:\DOCUME~1\Lorenzo\APPLIC~1\Real

[09/02/2008|15:23] C:\DOCUME~1\Lorenzo\APPLIC~1\Reasonable Software House Ltd

[04/01/2008|18:47] C:\DOCUME~1\Lorenzo\APPLIC~1\Ringtone

[27/03/2004|14:29] C:\DOCUME~1\Lorenzo\APPLIC~1\ScanSoft

[18/01/2008|23:08] C:\DOCUME~1\Lorenzo\APPLIC~1\SlySoft

[10/02/2006|22:25] C:\DOCUME~1\Lorenzo\APPLIC~1\Sony

[26/06/2007|21:29] C:\DOCUME~1\Lorenzo\APPLIC~1\SPAMfighter

[27/03/2004|23:09] C:\DOCUME~1\Lorenzo\APPLIC~1\Sun

[26/12/2005|20:43] C:\DOCUME~1\Lorenzo\APPLIC~1\Symantec

[25/09/2004|11:34] C:\DOCUME~1\Lorenzo\APPLIC~1\Template

[03/02/2008|15:53] C:\DOCUME~1\Lorenzo\APPLIC~1\UK's Kalender

[13/02/2008|00:09] C:\DOCUME~1\Lorenzo\APPLIC~1\Uniblue

[04/01/2008|18:40] C:\DOCUME~1\Lorenzo\APPLIC~1\WinRAR

[09/01/2005|20:21] C:\DOCUME~1\Lorenzo\APPLIC~1\Yahoo! Messenger

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/05/2004|12:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

[01/05/2004|12:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\..

[18/09/2005|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/02/2008 23:42][--a------] C:\WINDOWS\tasks\Uniblue SpyEraser.job

[27/02/2008 12:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[01/03/2008 13:32][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

[29/02/2008 23:56][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/03/2008|14:10] C:\Program Files\.

[01/03/2008|14:10] C:\Program Files\..

[15/01/2006|15:38] C:\Program Files\4ormulator

[04/01/2008|22:16] C:\Program Files\Adobe

[30/12/2006|21:33] C:\Program Files\Ahead

[30/07/2004|20:38] C:\Program Files\Alcohol Soft

[24/09/2007|20:52] C:\Program Files\AnMing

[18/03/2007|18:01] C:\Program Files\APDFPR

[22/12/2007|17:14] C:\Program Files\Apple Software Update

[02/07/2006|19:23] C:\Program Files\Atlence

[15/01/2006|13:04] C:\Program Files\Audacity

[07/04/2007|15:16] C:\Program Files\Autodesk

[04/01/2008|19:06] C:\Program Files\AutoREALM

[06/01/2008|17:05] C:\Program Files\Avid

[12/05/2007|22:26] C:\Program Files\Avidyne

[14/02/2008|21:49] C:\Program Files\Avira

[15/01/2006|10:57] C:\Program Files\AviSynth 2.5

[03/07/2005|18:31] C:\Program Files\Cadkey99

[13/11/2005|10:18] C:\Program Files\Canon

[10/02/2008|22:05] C:\Program Files\CCleaner

[02/06/2006|09:31] C:\Program Files\Ciel

[27/02/2004|19:11] C:\Program Files\C-Media 3D Audio

[10/09/2005|21:52] C:\Program Files\ColJaegerm2_3s

[27/01/2008|22:00] C:\Program Files\Combined Community Codec Pack

[13/01/2007|16:18] C:\Program Files\Common Files

[27/02/2004|18:28] C:\Program Files\ComPlus Applications

[28/02/2004|16:15] C:\Program Files\CyberLink

[09/02/2008|15:45] C:\Program Files\DAMN NFO Viewer

[09/09/2005|18:55] C:\Program Files\Data1.cab

[24/06/2006|07:56] C:\Program Files\Dico

[09/01/2005|15:16] C:\Program Files\directx

[04/01/2008|18:34] C:\Program Files\DiscWizard 2003

[06/01/2008|16:37] C:\Program Files\DivX

[08/05/2007|09:20] C:\Program Files\Driver Cleaner PE

[25/03/2007|22:27] C:\Program Files\Driver Validation

[19/01/2008|10:23] C:\Program Files\DVD Decrypter

[06/05/2006|12:36] C:\Program Files\EBP

[25/02/2008|00:07] C:\Program Files\eMule

[29/07/2007|10:48] C:\Program Files\eMusic Download Manager

[15/01/2006|22:15] C:\Program Files\EndItAll

[26/01/2008|15:49] C:\Program Files\eRightSoft

[23/12/2007|10:56] C:\Program Files\Exif Date Changer

[24/09/2007|21:23] C:\Program Files\EZ Ringtone

[10/02/2008|22:15] C:\Program Files\Fichiers communs

[25/09/2004|16:04] C:\Program Files\FotoTime

[04/03/2006|13:11] C:\Program Files\FouFou

[23/06/2007|22:43] C:\Program Files\Garmin

[15/07/2004|21:15] C:\Program Files\Ghostgum

[27/01/2007|10:33] C:\Program Files\Google

[15/07/2004|21:14] C:\Program Files\gs

[28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard

[28/02/2004|16:16] C:\Program Files\Home Cinema

[17/07/2007|13:40] C:\Program Files\Infogrames

[24/02/2008|20:08] C:\Program Files\InstallShield Installation Information

[04/01/2008|18:52] C:\Program Files\InstantTimeZone

[27/02/2004|18:45] C:\Program Files\Intel

[12/12/2007|23:16] C:\Program Files\Internet Explorer

[17/10/2004|11:41] C:\Program Files\Iomega

[03/02/2008|12:09] C:\Program Files\iPod

[29/12/2006|23:12] C:\Program Files\IrfanView

[03/02/2008|12:09] C:\Program Files\iTunes

[12/11/2006|12:25] C:\Program Files\Java

[05/11/2006|10:55] C:\Program Files\JoshMadison

[04/01/2008|18:54] C:\Program Files\JS World

[03/02/2008|15:08] C:\Program Files\Kalender

[04/01/2008|18:36] C:\Program Files\Lavasoft

[04/01/2008|16:01] C:\Program Files\Live_TV

[04/01/2008|18:58] C:\Program Files\Logitech

[28/02/2004|15:40] C:\Program Files\Medion Tools

[09/07/2006|17:15] C:\Program Files\Messenger

[03/02/2008|15:13] C:\Program Files\metagenia

[28/02/2004|14:52] C:\Program Files\Microsoft AutoRoute

[14/05/2007|21:19] C:\Program Files\Microsoft Bootvis

[10/05/2007|21:19] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[28/02/2004|14:57] C:\Program Files\Microsoft Encarta

[02/01/2005|18:14] C:\Program Files\microsoft frontpage

[26/02/2005|18:28] C:\Program Files\Microsoft IntelliPoint

[28/02/2004|14:51] C:\Program Files\Microsoft Money

[28/08/2005|13:38] C:\Program Files\Microsoft Money 2005(2)

[07/04/2007|15:18] C:\Program Files\Microsoft Office

[28/02/2004|14:56] C:\Program Files\Microsoft Picture It! 9

[31/07/2004|12:08] C:\Program Files\Microsoft R‚f‚rence

[06/01/2007|16:19] C:\Program Files\Microsoft Visual Studio

[25/09/2004|11:34] C:\Program Files\Microsoft Works

[28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004

[06/01/2007|17:12] C:\Program Files\Microsoft.NET

[12/02/2008|23:14] C:\Program Files\Miraizon

[08/07/2006|20:23] C:\Program Files\Movie Maker

[01/03/2008|12:39] C:\Program Files\Mozilla Firefox

[11/08/2007|18:13] C:\Program Files\MPEG4 Direct Maker

[27/02/2004|18:28] C:\Program Files\MSN

[27/02/2004|18:28] C:\Program Files\MSN Gaming Zone

[23/09/2007|19:52] C:\Program Files\MSN Messenger

[17/11/2006|19:25] C:\Program Files\MSXML 4.0

[28/02/2004|16:18] C:\Program Files\MUSICMATCH

[28/02/2004|15:01] C:\Program Files\muvee Technologies

[13/05/2007|10:42] C:\Program Files\My Company Name

[29/02/2008|23:37] C:\Program Files\Navilog1

[26/05/2007|20:07] C:\Program Files\Netgear

[31/08/2006|19:43] C:\Program Files\Netgroup - Politecnico di Torino

[08/07/2006|20:19] C:\Program Files\NetMeeting

[10/02/2008|21:57] C:\Program Files\Network Associates

[09/09/2005|18:55] C:\Program Files\NGhost10.msi

[25/02/2008|00:07] C:\Program Files\Norton Ghost

[28/02/2004|17:49] C:\Program Files\Nullsoft

[16/04/2005|19:49] C:\Program Files\Olympus

[14/06/2007|21:40] C:\Program Files\Outlook Express

[08/01/2006|15:54] C:\Program Files\Palm

[08/01/2005|15:36] C:\Program Files\PDFill Writer

[27/10/2007|17:11] C:\Program Files\Picasa2

[06/01/2008|17:17] C:\Program Files\Pinnacle

[05/08/2007|12:57] C:\Program Files\Planilog

[08/01/2005|15:36] C:\Program Files\PlotSoft

[13/11/2004|22:37] C:\Program Files\PocketFMS

[27/01/2008|14:21] C:\Program Files\Portrait Professional

[03/02/2008|12:05] C:\Program Files\QuickTime

[08/05/2007|11:36] C:\Program Files\Radeon Omega Drivers

[19/01/2008|00:36] C:\Program Files\RapidSolution

[28/02/2004|17:49] C:\Program Files\Real

[12/02/2008|23:01] C:\Program Files\Registry Mechanic

[02/07/2006|18:53] C:\Program Files\RenMultiFiles Pro

[06/06/2007|21:19] C:\Program Files\RepareOE

[06/06/2007|21:15] C:\Program Files\SaveOE

[27/03/2004|14:29] C:\Program Files\ScanSoft

[09/09/2005|18:55] C:\Program Files\SCSSDist.ini

[14/02/2008|09:00] C:\Program Files\SecCopy

[10/02/2006|22:19] C:\Program Files\SF8 install

[24/03/2007|10:58] C:\Program Files\Simpli Software

[18/01/2008|23:00] C:\Program Files\SlySoft

[07/01/2006|19:40] C:\Program Files\SmartSound Software

[03/02/2008|15:52] C:\Program Files\SodeaSoft

[10/02/2006|22:24] C:\Program Files\Sony

[01/03/2008|12:07] C:\Program Files\SPAMfighter

[15/01/2006|13:47] C:\Program Files\SpeechMillLAIPTTSin.pol

[15/01/2006|13:37] C:\Program Files\SpeechMillLAIPTTSout.pol

[11/02/2008|07:29] C:\Program Files\Spybot - Search & Destroy

[12/02/2008|23:14] C:\Program Files\Spyware Doctor

[24/02/2008|22:58] C:\Program Files\SpywareBlaster

[15/01/2006|13:10] C:\Program Files\Stratoware

[24/02/2007|14:21] C:\Program Files\Sunbelt Software

[09/09/2005|18:56] C:\Program Files\Support

[25/03/2007|22:30] C:\Program Files\Symantec

[09/03/2005|17:29] C:\Program Files\THQ

[23/12/2007|13:04] C:\Program Files\TimeToPhoto

[24/02/2008|20:08] C:\Program Files\ToniArts

[13/02/2008|00:09] C:\Program Files\Uniblue

[31/08/2004|19:30] C:\Program Files\Uninstall Information

[27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver

[10/02/2006|22:36] C:\Program Files\VSTplugins

[05/08/2006|19:29] C:\Program Files\Western Digital Technologies

[28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp

[27/02/2004|18:35] C:\Program Files\Windows Journal Viewer

[24/02/2007|14:02] C:\Program Files\Windows Live Favorites

[24/02/2007|14:15] C:\Program Files\Windows Live Safety Center

[30/11/2007|23:26] C:\Program Files\Windows Live Toolbar

[26/01/2008|14:56] C:\Program Files\Windows Media Connect 2

[26/01/2008|14:56] C:\Program Files\Windows Media Player

[08/07/2006|20:19] C:\Program Files\Windows NT

[25/02/2007|11:40] C:\Program Files\WindowsUpdate

[19/11/2006|10:38] C:\Program Files\WinPilot XP VFR

[25/02/2008|00:07] C:\Program Files\WinRAR

[20/12/2006|11:17] C:\Program Files\WMV9_VCM

[03/01/2008|22:40] C:\Program Files\WnSoft PicturesToExe

[11/09/2005|18:18] C:\Program Files\WorldTimeClock

[28/02/2004|16:16] C:\Program Files\X10 Hardware

[27/02/2004|18:30] C:\Program Files\xerox

[14/02/2008|20:53] C:\Program Files\Yahoo!

[04/03/2006|11:58] C:\Program Files\Zero G Registry

[18/03/2007|18:20] C:\Program Files\ZipCentral

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[10/02/2008|22:15] C:\Program Files\Fichiers communs\.

[10/02/2008|22:15] C:\Program Files\Fichiers communs\..

[04/01/2008|22:13] C:\Program Files\Fichiers communs\Adobe

[28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead

[30/10/2007|08:38] C:\Program Files\Fichiers communs\Ankiro

[28/02/2004|17:49] C:\Program Files\Fichiers communs\AOL

[11/08/2007|21:21] C:\Program Files\Fichiers communs\Apple

[30/10/2007|08:37] C:\Program Files\Fichiers communs\Application

[02/07/2006|19:26] C:\Program Files\Fichiers communs\Atlence

[22/04/2007|18:15] C:\Program Files\Fichiers communs\Autodesk Shared

[28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared

[08/08/2007|08:52] C:\Program Files\Fichiers communs\CIEL

[27/09/2006|17:45] C:\Program Files\Fichiers communs\Cisco Systems

[12/05/2007|22:26] C:\Program Files\Fichiers communs\Crystal Decisions

[06/01/2007|17:14] C:\Program Files\Fichiers communs\DESIGNER

[28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield

[27/03/2004|23:09] C:\Program Files\Fichiers communs\Java

[09/01/2005|15:13] C:\Program Files\Fichiers communs\Logitech

[19/01/2008|00:36] C:\Program Files\Fichiers communs\Microsoft Shared

[27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap

[28/02/2004|15:01] C:\Program Files\Fichiers communs\muvee Technologies

[10/02/2008|21:56] C:\Program Files\Fichiers communs\Network Associates

[27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC

[10/02/2008|22:15] C:\Program Files\Fichiers communs\PC Tools

[17/06/2007|12:29] C:\Program Files\Fichiers communs\Real

[08/08/2007|08:52] C:\Program Files\Fichiers communs\Sage

[27/03/2004|14:29] C:\Program Files\Fichiers communs\ScanSoft Shared

[27/02/2004|18:28] C:\Program Files\Fichiers communs\Services

[27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines

[03/04/2007|21:04] C:\Program Files\Fichiers communs\Symantec Shared

[14/06/2007|21:40] C:\Program Files\Fichiers communs\System

[04/01/2008|15:53] C:\Program Files\Fichiers communs\Wise Installation Wizard

[17/06/2007|12:30] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 14:11:08

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden files ...

scan completed successfully

hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\system32\drivers\down

C:\WINDOWS\system32\drivers\srosa.sys

C:\WINDOWS\system32\BAN_LIST.txt

! BAGLE Possible !

/!\ [Fich:1][Doss:3] C:\DOCUME~1\Lorenzo\LOCALS~1\Temp

/!\ [Fich:10][Doss:0] C:\DOCUME~1\Lorenzo\Cookies

/!\ [Fich:2][Doss:0] C:\DOCUME~1\Lorenzo\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 14:11:45,29 ]----------------------

Voici le dernier Lop S&D. A priori propre... jusqu'au prochain lancement de IE ?

-----------------------------[ Lop S&D 4.0.2 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : Lorenzo ] [ "C:\Lop SD" ]

[ 01/03/2008 | 18:45:24,20 ] [ PC : NET-WXPHE ]

[ MAJ : 30-02-2008 | 00:12 ]

-------------[ Listing des dossiers dans Application Data ]------------

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\.

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\..

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini

[27/02/2004|19:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help

[27/02/2004|18:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia

[28/02/2004|20:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/02/2004|17:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

[01/03/2008|12:34] C:\DOCUME~1\Adriana\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\Adriana\APPLIC~1\..

[09/11/2004|17:30] C:\DOCUME~1\Adriana\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\Adriana\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\Adriana\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\Adriana\APPLIC~1\Ahead

[29/12/2005|15:46] C:\DOCUME~1\Adriana\APPLIC~1\Apple Computer

[28/02/2004|16:26] C:\DOCUME~1\Adriana\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Adriana\APPLIC~1\desktop.ini

[09/04/2005|18:24] C:\DOCUME~1\Adriana\APPLIC~1\GDIPFONTCACHEV1.DAT

[17/09/2006|17:12] C:\DOCUME~1\Adriana\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\Adriana\APPLIC~1\Help

[31/12/2005|16:03] C:\DOCUME~1\Adriana\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Adriana\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\Adriana\APPLIC~1\Macromedia

[24/02/2007|17:38] C:\DOCUME~1\Adriana\APPLIC~1\Microsoft

[22/05/2006|17:53] C:\DOCUME~1\Adriana\APPLIC~1\PC Tools

[28/02/2004|17:58] C:\DOCUME~1\Adriana\APPLIC~1\Real

[22/04/2007|19:15] C:\DOCUME~1\Adriana\APPLIC~1\SPAMfighter

[27/03/2005|18:22] C:\DOCUME~1\Adriana\APPLIC~1\Yahoo!

[21/05/2005|13:47] C:\DOCUME~1\Adriana\APPLIC~1\Yahoo! Messenger

[01/03/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[01/03/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[18/03/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[04/01/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems

[28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead

[11/08/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[23/06/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[07/04/2007|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk

[14/02/2008|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[13/11/2005|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Canon

[03/09/2005|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel

[28/02/2004|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[03/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f7129022-a000-4847-db07-470265a73c4f

[11/09/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[28/12/2005|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync

[04/01/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

[01/03/2008|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies

[10/02/2008|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates

[27/10/2007|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles

[06/01/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

[10/02/2008|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools

[03/01/2008|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PicturesToExe

[06/01/2008|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle

[01/05/2007|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio

[12/01/2008|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache

[26/09/2004|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[19/01/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution

[27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[04/04/2004|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft

[14/01/2006|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc

[01/03/2008|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[12/09/2004|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir

[12/09/2004|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard

[25/03/2007|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[12/02/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[12/02/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Uniblue

[23/12/2005|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[24/02/2007|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[01/03/2008|12:34] C:\DOCUME~1\CATHER~1\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\CATHER~1\APPLIC~1\..

[29/03/2005|08:56] C:\DOCUME~1\CATHER~1\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\CATHER~1\APPLIC~1\Adobe

[13/01/2008|09:32] C:\DOCUME~1\CATHER~1\APPLIC~1\AdobeUM

[21/06/2007|07:33] C:\DOCUME~1\CATHER~1\APPLIC~1\Ahead

[12/02/2006|14:45] C:\DOCUME~1\CATHER~1\APPLIC~1\Apple Computer

[28/02/2004|16:26] C:\DOCUME~1\CATHER~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\CATHER~1\APPLIC~1\desktop.ini

[01/06/2006|17:40] C:\DOCUME~1\CATHER~1\APPLIC~1\GDIPFONTCACHEV1.DAT

[11/09/2006|18:48] C:\DOCUME~1\CATHER~1\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\CATHER~1\APPLIC~1\Help

[28/12/2005|12:49] C:\DOCUME~1\CATHER~1\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\CATHER~1\APPLIC~1\Identities

[30/10/2005|17:05] C:\DOCUME~1\CATHER~1\APPLIC~1\InstallShield

[30/12/2005|19:24] C:\DOCUME~1\CATHER~1\APPLIC~1\Leadertech

[28/02/2004|17:59] C:\DOCUME~1\CATHER~1\APPLIC~1\Macromedia

[07/06/2007|21:42] C:\DOCUME~1\CATHER~1\APPLIC~1\Microsoft

[06/06/2004|16:54] C:\DOCUME~1\CATHER~1\APPLIC~1\MSN6

[21/06/2007|07:33] C:\DOCUME~1\CATHER~1\APPLIC~1\PC Tools

[28/02/2004|17:58] C:\DOCUME~1\CATHER~1\APPLIC~1\Real

[12/09/2004|11:42] C:\DOCUME~1\CATHER~1\APPLIC~1\ScanSoft

[03/04/2007|21:06] C:\DOCUME~1\CATHER~1\APPLIC~1\SPAMfighter

[05/09/2004|09:37] C:\DOCUME~1\CATHER~1\APPLIC~1\Sun

[25/06/2007|12:52] C:\DOCUME~1\CATHER~1\APPLIC~1\Uniblue

[23/01/2005|21:40] C:\DOCUME~1\CATHER~1\APPLIC~1\Yahoo!

[06/03/2005|08:25] C:\DOCUME~1\CATHER~1\APPLIC~1\Yahoo! Messenger

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help

[27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[01/03/2008|12:34] C:\DOCUME~1\Elio\APPLIC~1\.

[01/03/2008|12:34] C:\DOCUME~1\Elio\APPLIC~1\..

[14/09/2005|18:36] C:\DOCUME~1\Elio\APPLIC~1\Active Disk

[28/02/2004|16:52] C:\DOCUME~1\Elio\APPLIC~1\Adobe

[28/02/2004|16:52] C:\DOCUME~1\Elio\APPLIC~1\AdobeUM

[28/02/2004|15:48] C:\DOCUME~1\Elio\APPLIC~1\Ahead

[28/02/2004|16:26] C:\DOCUME~1\Elio\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Elio\APPLIC~1\desktop.ini

[19/01/2008|14:46] C:\DOCUME~1\Elio\APPLIC~1\Google

[27/02/2004|19:06] C:\DOCUME~1\Elio\APPLIC~1\Help

[08/01/2006|15:31] C:\DOCUME~1\Elio\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Elio\APPLIC~1\Identities

[28/02/2004|17:59] C:\DOCUME~1\Elio\APPLIC~1\Macromedia

[04/01/2008|10:15] C:\DOCUME~1\Elio\APPLIC~1\Microsoft

[11/11/2005|20:28] C:\DOCUME~1\Elio\APPLIC~1\MSN6

[28/02/2004|17:58] C:\DOCUME~1\Elio\APPLIC~1\Real

[30/04/2007|11:01] C:\DOCUME~1\Elio\APPLIC~1\SPAMfighter

[28/07/2005|17:35] C:\DOCUME~1\Elio\APPLIC~1\Yahoo!

[28/07/2005|17:36] C:\DOCUME~1\Elio\APPLIC~1\Yahoo! Messenger

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/04/2004|20:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

[01/03/2008|18:26] C:\DOCUME~1\Lorenzo\APPLIC~1\.

[01/03/2008|18:26] C:\DOCUME~1\Lorenzo\APPLIC~1\..

[12/03/2005|12:40] C:\DOCUME~1\Lorenzo\APPLIC~1\Active Disk

[04/01/2008|22:13] C:\DOCUME~1\Lorenzo\APPLIC~1\Adobe

[04/02/2008|21:59] C:\DOCUME~1\Lorenzo\APPLIC~1\AdobeUM

[26/12/2005|22:00] C:\DOCUME~1\Lorenzo\APPLIC~1\Ahead

[12/08/2007|09:44] C:\DOCUME~1\Lorenzo\APPLIC~1\Apple Computer

[13/05/2007|10:52] C:\DOCUME~1\Lorenzo\APPLIC~1\ATI

[03/05/2007|22:51] C:\DOCUME~1\Lorenzo\APPLIC~1\atitray

[07/04/2007|15:18] C:\DOCUME~1\Lorenzo\APPLIC~1\Autodesk

[12/05/2007|22:28] C:\DOCUME~1\Lorenzo\APPLIC~1\Avidyne

[28/02/2004|16:26] C:\DOCUME~1\Lorenzo\APPLIC~1\Cyberlink

[27/02/2004|18:26] C:\DOCUME~1\Lorenzo\APPLIC~1\desktop.ini

[23/12/2007|17:35] C:\DOCUME~1\Lorenzo\APPLIC~1\DivX

[07/04/2007|14:58] C:\DOCUME~1\Lorenzo\APPLIC~1\Downloaded Installations

[03/01/2008|16:24] C:\DOCUME~1\Lorenzo\APPLIC~1\eMule

[24/12/2006|16:30] C:\DOCUME~1\Lorenzo\APPLIC~1\GDIPFONTCACHEV1.DAT

[13/09/2006|22:46] C:\DOCUME~1\Lorenzo\APPLIC~1\Google

[23/12/2007|10:57] C:\DOCUME~1\Lorenzo\APPLIC~1\Help

[28/12/2005|10:47] C:\DOCUME~1\Lorenzo\APPLIC~1\HotSync

[27/02/2004|18:30] C:\DOCUME~1\Lorenzo\APPLIC~1\Identities

[01/05/2007|18:57] C:\DOCUME~1\Lorenzo\APPLIC~1\InstallShield

[24/10/2006|22:37] C:\DOCUME~1\Lorenzo\APPLIC~1\KSOL

[04/01/2008|18:36] C:\DOCUME~1\Lorenzo\APPLIC~1\Lavasoft

[28/12/2005|10:57] C:\DOCUME~1\Lorenzo\APPLIC~1\Leadertech

[28/02/2004|17:59] C:\DOCUME~1\Lorenzo\APPLIC~1\Macromedia

[27/01/2008|22:06] C:\DOCUME~1\Lorenzo\APPLIC~1\Media Player Classic

[10/06/2007|20:12] C:\DOCUME~1\Lorenzo\APPLIC~1\Microsoft

[02/01/2005|18:14] C:\DOCUME~1\Lorenzo\APPLIC~1\Microsoft Web Folders

[27/02/2008|12:49] C:\DOCUME~1\Lorenzo\APPLIC~1\Mozilla

[13/01/2008|17:03] C:\DOCUME~1\Lorenzo\APPLIC~1\Opera

[03/03/2006|22:20] C:\DOCUME~1\Lorenzo\APPLIC~1\PC Tools

[10/02/2006|22:36] C:\DOCUME~1\Lorenzo\APPLIC~1\Publish Providers

[17/06/2007|12:30] C:\DOCUME~1\Lorenzo\APPLIC~1\Real

[04/01/2008|18:47] C:\DOCUME~1\Lorenzo\APPLIC~1\Ringtone

[27/03/2004|14:29] C:\DOCUME~1\Lorenzo\APPLIC~1\ScanSoft

[18/01/2008|23:08] C:\DOCUME~1\Lorenzo\APPLIC~1\SlySoft

[10/02/2006|22:25] C:\DOCUME~1\Lorenzo\APPLIC~1\Sony

[26/06/2007|21:29] C:\DOCUME~1\Lorenzo\APPLIC~1\SPAMfighter

[27/03/2004|23:09] C:\DOCUME~1\Lorenzo\APPLIC~1\Sun

[26/12/2005|20:43] C:\DOCUME~1\Lorenzo\APPLIC~1\Symantec

[25/09/2004|11:34] C:\DOCUME~1\Lorenzo\APPLIC~1\Template

[01/03/2008|16:49] C:\DOCUME~1\Lorenzo\APPLIC~1\UK's Kalender

[13/02/2008|00:09] C:\DOCUME~1\Lorenzo\APPLIC~1\Uniblue

[04/01/2008|18:40] C:\DOCUME~1\Lorenzo\APPLIC~1\WinRAR

[09/01/2005|20:21] C:\DOCUME~1\Lorenzo\APPLIC~1\Yahoo! Messenger

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/05/2004|12:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

[01/05/2004|12:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\..

[18/09/2005|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/02/2008 23:42][--a------] C:\WINDOWS\tasks\Uniblue SpyEraser.job

[27/02/2008 12:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[01/03/2008 18:32][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

[01/03/2008 18:04][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/03/2008|17:53] C:\Program Files\.

[01/03/2008|17:53] C:\Program Files\..

[15/01/2006|15:38] C:\Program Files\4ormulator

[04/01/2008|22:16] C:\Program Files\Adobe

[30/12/2006|21:33] C:\Program Files\Ahead

[24/09/2007|20:52] C:\Program Files\AnMing

[18/03/2007|18:01] C:\Program Files\APDFPR

[22/12/2007|17:14] C:\Program Files\Apple Software Update

[02/07/2006|19:23] C:\Program Files\Atlence

[15/01/2006|13:04] C:\Program Files\Audacity

[07/04/2007|15:16] C:\Program Files\Autodesk

[01/03/2008|15:34] C:\Program Files\AutoREALM

[06/01/2008|17:05] C:\Program Files\Avid

[12/05/2007|22:26] C:\Program Files\Avidyne

[14/02/2008|21:49] C:\Program Files\Avira

[15/01/2006|10:57] C:\Program Files\AviSynth 2.5

[03/07/2005|18:31] C:\Program Files\Cadkey99

[13/11/2005|10:18] C:\Program Files\Canon

[10/02/2008|22:05] C:\Program Files\CCleaner

[02/06/2006|09:31] C:\Program Files\Ciel

[27/02/2004|19:11] C:\Program Files\C-Media 3D Audio

[27/01/2008|22:00] C:\Program Files\Combined Community Codec Pack

[13/01/2007|16:18] C:\Program Files\Common Files

[28/02/2004|16:15] C:\Program Files\CyberLink

[09/02/2008|15:45] C:\Program Files\DAMN NFO Viewer

[09/09/2005|18:55] C:\Program Files\Data1.cab

[24/06/2006|07:56] C:\Program Files\Dico

[04/01/2008|18:34] C:\Program Files\DiscWizard 2003

[06/01/2008|16:37] C:\Program Files\DivX

[08/05/2007|09:20] C:\Program Files\Driver Cleaner PE

[25/03/2007|22:27] C:\Program Files\Driver Validation

[06/05/2006|12:36] C:\Program Files\EBP

[25/02/2008|00:07] C:\Program Files\eMule

[15/01/2006|22:15] C:\Program Files\EndItAll

[23/12/2007|10:56] C:\Program Files\Exif Date Changer

[24/09/2007|21:23] C:\Program Files\EZ Ringtone

[01/03/2008|16:20] C:\Program Files\Fichiers communs

[04/03/2006|13:11] C:\Program Files\FouFou

[23/06/2007|22:43] C:\Program Files\Garmin

[15/07/2004|21:15] C:\Program Files\Ghostgum

[27/01/2007|10:33] C:\Program Files\Google

[15/07/2004|21:14] C:\Program Files\gs

[28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard

[28/02/2004|16:16] C:\Program Files\Home Cinema

[17/07/2007|13:40] C:\Program Files\Infogrames

[24/02/2008|20:08] C:\Program Files\InstallShield Installation Information

[04/01/2008|18:52] C:\Program Files\InstantTimeZone

[27/02/2004|18:45] C:\Program Files\Intel

[12/12/2007|23:16] C:\Program Files\Internet Explorer

[17/10/2004|11:41] C:\Program Files\Iomega

[03/02/2008|12:09] C:\Program Files\iPod

[29/12/2006|23:12] C:\Program Files\IrfanView

[03/02/2008|12:09] C:\Program Files\iTunes

[12/11/2006|12:25] C:\Program Files\Java

[05/11/2006|10:55] C:\Program Files\JoshMadison

[03/02/2008|15:08] C:\Program Files\Kalender

[04/01/2008|18:58] C:\Program Files\Logitech

[28/02/2004|15:40] C:\Program Files\Medion Tools

[09/07/2006|17:15] C:\Program Files\Messenger

[28/02/2004|14:52] C:\Program Files\Microsoft AutoRoute

[10/05/2007|21:19] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[28/02/2004|14:57] C:\Program Files\Microsoft Encarta

[02/01/2005|18:14] C:\Program Files\microsoft frontpage

[26/02/2005|18:28] C:\Program Files\Microsoft IntelliPoint

[07/04/2007|15:18] C:\Program Files\Microsoft Office

[28/02/2004|14:56] C:\Program Files\Microsoft Picture It! 9

[31/07/2004|12:08] C:\Program Files\Microsoft R‚f‚rence

[06/01/2007|16:19] C:\Program Files\Microsoft Visual Studio

[25/09/2004|11:34] C:\Program Files\Microsoft Works

[28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004

[06/01/2007|17:12] C:\Program Files\Microsoft.NET

[12/02/2008|23:14] C:\Program Files\Miraizon

[08/07/2006|20:23] C:\Program Files\Movie Maker

[01/03/2008|18:29] C:\Program Files\Mozilla Firefox

[11/08/2007|18:13] C:\Program Files\MPEG4 Direct Maker

[27/02/2004|18:28] C:\Program Files\MSN

[27/02/2004|18:28] C:\Program Files\MSN Gaming Zone

[23/09/2007|19:52] C:\Program Files\MSN Messenger

[17/11/2006|19:25] C:\Program Files\MSXML 4.0

[28/02/2004|16:18] C:\Program Files\MUSICMATCH

[28/02/2004|15:01] C:\Program Files\muvee Technologies

[29/02/2008|23:37] C:\Program Files\Navilog1

[26/05/2007|20:07] C:\Program Files\Netgear

[08/07/2006|20:19] C:\Program Files\NetMeeting

[10/02/2008|21:57] C:\Program Files\Network Associates

[09/09/2005|18:55] C:\Program Files\NGhost10.msi

[25/02/2008|00:07] C:\Program Files\Norton Ghost

[16/04/2005|19:49] C:\Program Files\Olympus

[14/06/2007|21:40] C:\Program Files\Outlook Express

[08/01/2006|15:54] C:\Program Files\Palm

[08/01/2005|15:36] C:\Program Files\PDFill Writer

[27/10/2007|17:11] C:\Program Files\Picasa2

[06/01/2008|17:17] C:\Program Files\Pinnacle

[08/01/2005|15:36] C:\Program Files\PlotSoft

[13/11/2004|22:37] C:\Program Files\PocketFMS

[03/02/2008|12:05] C:\Program Files\QuickTime

[28/02/2004|17:49] C:\Program Files\Real

[12/02/2008|23:01] C:\Program Files\Registry Mechanic

[02/07/2006|18:53] C:\Program Files\RenMultiFiles Pro

[06/06/2007|21:19] C:\Program Files\RepareOE

[06/06/2007|21:15] C:\Program Files\SaveOE

[27/03/2004|14:29] C:\Program Files\ScanSoft

[09/09/2005|18:55] C:\Program Files\SCSSDist.ini

[14/02/2008|09:00] C:\Program Files\SecCopy

[24/03/2007|10:58] C:\Program Files\Simpli Software

[18/01/2008|23:00] C:\Program Files\SlySoft

[07/01/2006|19:40] C:\Program Files\SmartSound Software

[10/02/2006|22:24] C:\Program Files\Sony

[01/03/2008|15:27] C:\Program Files\SPAMfighter

[15/01/2006|13:47] C:\Program Files\SpeechMillLAIPTTSin.pol

[15/01/2006|13:37] C:\Program Files\SpeechMillLAIPTTSout.pol

[11/02/2008|07:29] C:\Program Files\Spybot - Search & Destroy

[12/02/2008|23:14] C:\Program Files\Spyware Doctor

[24/02/2008|22:58] C:\Program Files\SpywareBlaster

[09/09/2005|18:56] C:\Program Files\Support

[25/03/2007|22:30] C:\Program Files\Symantec

[09/03/2005|17:29] C:\Program Files\THQ

[23/12/2007|13:04] C:\Program Files\TimeToPhoto

[24/02/2008|20:08] C:\Program Files\ToniArts

[13/02/2008|00:09] C:\Program Files\Uniblue

[31/08/2004|19:30] C:\Program Files\Uninstall Information

[27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver

[05/08/2006|19:29] C:\Program Files\Western Digital Technologies

[28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp

[27/02/2004|18:35] C:\Program Files\Windows Journal Viewer

[24/02/2007|14:02] C:\Program Files\Windows Live Favorites

[24/02/2007|14:15] C:\Program Files\Windows Live Safety Center

[30/11/2007|23:26] C:\Program Files\Windows Live Toolbar

[26/01/2008|14:56] C:\Program Files\Windows Media Connect 2

[26/01/2008|14:56] C:\Program Files\Windows Media Player

[08/07/2006|20:19] C:\Program Files\Windows NT

[25/02/2007|11:40] C:\Program Files\WindowsUpdate

[01/03/2008|17:39] C:\Program Files\WinPilot XP VFR

[25/02/2008|00:07] C:\Program Files\WinRAR

[20/12/2006|11:17] C:\Program Files\WMV9_VCM

[03/01/2008|22:40] C:\Program Files\WnSoft PicturesToExe

[11/09/2005|18:18] C:\Program Files\WorldTimeClock

[28/02/2004|16:16] C:\Program Files\X10 Hardware

[27/02/2004|18:30] C:\Program Files\xerox

[14/02/2008|20:53] C:\Program Files\Yahoo!

[18/03/2007|18:20] C:\Program Files\ZipCentral

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/03/2008|16:20] C:\Program Files\Fichiers communs\.

[01/03/2008|16:20] C:\Program Files\Fichiers communs\..

[04/01/2008|22:13] C:\Program Files\Fichiers communs\Adobe

[28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead

[30/10/2007|08:38] C:\Program Files\Fichiers communs\Ankiro

[11/08/2007|21:21] C:\Program Files\Fichiers communs\Apple

[30/10/2007|08:37] C:\Program Files\Fichiers communs\Application

[02/07/2006|19:26] C:\Program Files\Fichiers communs\Atlence

[22/04/2007|18:15] C:\Program Files\Fichiers communs\Autodesk Shared

[28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared

[08/08/2007|08:52] C:\Program Files\Fichiers communs\CIEL

[27/09/2006|17:45] C:\Program Files\Fichiers communs\Cisco Systems

[12/05/2007|22:26] C:\Program Files\Fichiers communs\Crystal Decisions

[06/01/2007|17:14] C:\Program Files\Fichiers communs\DESIGNER

[28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield

[27/03/2004|23:09] C:\Program Files\Fichiers communs\Java

[09/01/2005|15:13] C:\Program Files\Fichiers communs\Logitech

[01/03/2008|16:29] C:\Program Files\Fichiers communs\Microsoft Shared

[27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap

[28/02/2004|15:01] C:\Program Files\Fichiers communs\muvee Technologies

[10/02/2008|21:56] C:\Program Files\Fichiers communs\Network Associates

[27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC

[10/02/2008|22:15] C:\Program Files\Fichiers communs\PC Tools

[17/06/2007|12:29] C:\Program Files\Fichiers communs\Real

[08/08/2007|08:52] C:\Program Files\Fichiers communs\Sage

[27/03/2004|14:29] C:\Program Files\Fichiers communs\ScanSoft Shared

[27/02/2004|18:28] C:\Program Files\Fichiers communs\Services

[27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines

[03/04/2007|21:04] C:\Program Files\Fichiers communs\Symantec Shared

[14/06/2007|21:40] C:\Program Files\Fichiers communs\System

[17/06/2007|12:30] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 18:45:48

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden files ...

scan completed successfully

hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:1][Doss:1] C:\DOCUME~1\Lorenzo\LOCALS~1\Temp

/!\ [Fich:1][Doss:0] C:\DOCUME~1\Lorenzo\Cookies

/!\ [Fich:1][Doss:0] C:\DOCUME~1\Lorenzo\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 18:46:09,14 ]----------------------

pear · le 1 mars 2008

Bonsoir,

On y retourne:

2)Combo, Nettoyage

# Déconnectez-vous du net et désactivez l'antivirus (juste le temps de la procédure !)

Lancez Combofix

# Dans le bloc-note ,copiez-collez ces lignes :

Drivers::
srosa

File::
C:\WINDOWS\system32\BAN_LIST.txt 
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\srosa.sys

* Attention, ce code a été rédigé spécialement pour cet utilisateur, prière de ne pas le réutiliser dans d'autres cas !

Enregistrez-le en lui donnant le nom CFScript.txt

[*]Va en haut de la page et clique sur le menu"Fichier" , une liste apparait=>

[*]Choisis "Enregistrer sous" et choisis "Bureau"

[*]Dans le champs "Nom du fichier" en bas de page donne le nom suivant:CFScript en fichier .txt

[*]Clique sur le bouton "Enregistrer" à droite du champs "nom du fichier"

[*]Quitte le Bloc Notes.

[*]Fait un glisser/déposer de ce fichier CFScript.txt sur le fichier ComboFix.exe comme sur la capture

* suis les instructions

* Patiente le temps du scan.Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

ellesé · le 2 mars 2008

Bonjour,

Voici le rapport Combo-Fix.

Il a éliminé C:\WINDOWS\tasks\SA.dat comme instruit par CFScript. Jusqu'ici je n'avais jamais vu ce fichier analysé ou détruit par aucun des outils utilisés. Du progrès peut-être... Mais je reste perplexe quant au fait qu'il doit rester une instruction de repollution Bagle liée à IE... Ne faut-il pas encore nettoyer IE ? Je ne le rouvrirait que sur vos instructions.

A+

ellesé, en direct de Firefox.

ComboFix 08-02-25.2 - Lorenzo 2008-03-02 10:25:58.9 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.684 [GMT 1:00]

Endroit: C:\Documents and Settings\Lorenzo\Bureau\Combo-Fix.exe

Command switches used :: C:\Documents and Settings\Lorenzo\Bureau\CFScript.txt

* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::

C:\WINDOWS\system32\BAN_LIST.txt

C:\WINDOWS\system32\drivers\down

C:\WINDOWS\system32\drivers\srosa.sys

C:\WINDOWS\tasks\SA.DAT

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\tasks\SA.DAT

.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-02 to 2008-03-02 ))))))))))))))))))))))))))))))))))))

.

2008-03-01 17:39 . 2008-03-01 17:39 <REP> d-------- C:\My Documents

2008-03-01 14:01 . 2008-03-01 18:46 <REP> d-------- C:\Lop SD