rapport HiJackThis + combofix

adrien84 · le 16 mai 2008

bonsoir :

apparemment touché ppar un bagle et conseillé par la gentille angélique de ce site, voici mes deux rapports :

mais que faire maintenant svp ???

1.HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:10, on 2008-05-17

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Neuf\Kit\WiFi\9wifi.exe

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\Fichiers communs\PasenDommagement\mc.exe

C:\Program Files\OFFICE One6.0\OFFICE One PDF Manager\OoPDFSettingsv6.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\deray\Application Data\m\flec006.exe

C:\Program Files\LightSurf\Common\IconMgr.exe

C:\Program Files\OFFICE ONE6.0\OFFICE One Notes\oonotesv65.exe

C:\Program Files\LightSurf\Colorific\hgcctl95.exe

C:\Program Files\OFFICE ONE6.0\program\soffice.exe

C:\Program Files\LightSurf\Color Indicator\TICIcon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\deray\Local Settings\Temporary Internet Files\Content.IE5\H5DUIN1F\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [salestart] "C:\Program Files\Fichiers communs\PasenDommagement\mc.exe" dm=http://pasendommagement.com; ad=http://pasendommagement.com

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [oov6multiuser.exe] C:\Program Files\OFFICE ONE6.0\program\oov6multiuser.exe

O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.0\OFFICE One PDF Manager\OoPDFSettingsv6.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [PasenDommagement] C:\Program Files\PasenDommagement\GDC.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: OFFICE One 6.0.lnk = C:\Program Files\OFFICE ONE6.0\program\quickstart.exe

O4 - Global Startup: LightSurf.lnk = C:\Program Files\LightSurf\Common\IconMgr.exe

O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE ONE6.0\OFFICE One Notes\oonotesv65.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/v_1.0/im...FormProtect.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--

End of file - 9513 bytes

et combofix :

ComboFix 08-05-12.1 - deray 2008-05-17 0:14:33.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.153 [GMT 2:00]

Endroit: C:\Documents and Settings\deray\Bureau\Combo-Fix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\All Users\Application Data\salesmonitor

C:\Documents and Settings\deray\Application Data\m

C:\Documents and Settings\deray\Application Data\m\data.oct

C:\Documents and Settings\deray\Application Data\m\list.oct

C:\Documents and Settings\deray\Application Data\m\shared

C:\Documents and Settings\deray\Application Data\m\shared\101_Famous_Knock_Knock_Jokes_Screesaver_2.2_Key.zip

C:\Documents and Settings\deray\Application Data\m\shared\2_Drweb.V4.xx.CRACK.zip

C:\Documents and Settings\deray\Application Data\m\shared\3D_MP3_Sound_Recorder_G2_RL_4.03.zip

C:\Documents and Settings\deray\Application Data\m\shared\4DBK_Merchant_3.0_f6_build_451.zip

C:\Documents and Settings\deray\Application Data\m\shared\A_Christmas_Village_Demo_Screensaver_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Aardvark_Homepage_Creator_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\AB_Commander_XP_6.95_(With_Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\Acez_All_Audio_Converter_3.0.2.zip

C:\Documents and Settings\deray\Application Data\m\shared\AdCleaner_1.21_Cracked.zip

C:\Documents and Settings\deray\Application Data\m\shared\ADSTRIKER_9.3.0.10.zip

C:\Documents and Settings\deray\Application Data\m\shared\Alding_Webshop_Maker_1.4.zip

C:\Documents and Settings\deray\Application Data\m\shared\Altova_MissionKit_for_Enterprise_XML_Developers_2007_Release_3_[serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\Amazing_Butterflies_screensaver_1.1_[Key].zip

C:\Documents and Settings\deray\Application Data\m\shared\Antenna_-_Web_Design_Studio_2.7.zip

C:\Documents and Settings\deray\Application Data\m\shared\Aplus_Video_Joiner_8.28_(Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\ASPRunner_Professional_5.0_build_275_(Key+Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\Asset_Tracker_for_Networks_6.2.9.zip

C:\Documents and Settings\deray\Application Data\m\shared\AVG.Antivirus.Pro.v7.0.240(Incl.Working.SN).zip

C:\Documents and Settings\deray\Application Data\m\shared\BadgeBuilder_Express_4.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Bass_Club_Organizer_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Batch_Image_Commander_1.39.zip

C:\Documents and Settings\deray\Application Data\m\shared\Batch_Replacer_for_MS_PowerPoint_2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\BatchSync_FTP_2.0.31_(Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\Birthday_Calendar_Reminder_3.2.1_Patch.zip

C:\Documents and Settings\deray\Application Data\m\shared\Book_Organizer_1.00_With_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\Bramos_Toolbar_4.5.11.zip

C:\Documents and Settings\deray\Application Data\m\shared\Caledos_Wallpaper_Changer_6.3.2.zip

C:\Documents and Settings\deray\Application Data\m\shared\Call_of_Duty_Vampiric_map.zip

C:\Documents and Settings\deray\Application Data\m\shared\Centennia_Historical_Atlas_3.10_With_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\COM_Express_for_.NET_3.4.1_[Key+Serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\Cool_Record_Edit_3.8_Build_580_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\Cool_Web_Scrollbars_3.1_With_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\CyberMatrix_Class_Scheduler_5.01_(With_Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\Cyrillic-English_Keyboard_Driver_5.7.zip

C:\Documents and Settings\deray\Application Data\m\shared\Darth_Tater_Price_Comparison_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Deus_Ex_Hotel_Carone_1.12.zip

C:\Documents and Settings\deray\Application Data\m\shared\Diablo_II_Decakard_Cain's_Bad_Fur_Day_mod.zip

C:\Documents and Settings\deray\Application Data\m\shared\Dicm_File-Set_Writer_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\DMControls.CharMap_.NET_control_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\DVD_to_AVI_Converter_4.0.25_(Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\Eagle's_Quest_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\EDictionary_English-Russian_4.0.19.3.zip

C:\Documents and Settings\deray\Application Data\m\shared\eMail_Verifier_3.1.1_(Key+Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\EMS_DB_Comparer_for_Oracle_3.0.0.1_Key+Serial.zip

C:\Documents and Settings\deray\Application Data\m\shared\EMVview_2006_3.2.zip

C:\Documents and Settings\deray\Application Data\m\shared\Entaban_Secure_Address_Book_2.03.138.zip

C:\Documents and Settings\deray\Application Data\m\shared\Ewisoft_Template_Builder_[Cracked].zip

C:\Documents and Settings\deray\Application Data\m\shared\FaxMail_for_Windows_9.70.01.zip

C:\Documents and Settings\deray\Application Data\m\shared\FirePlotter_1.2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Flip_Wit_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Free_.NET_Barcode_Forms_Control_DLL_2006.zip

C:\Documents and Settings\deray\Application Data\m\shared\Geocaching_5.0_(KeyGen).zip

C:\Documents and Settings\deray\Application Data\m\shared\Go-Go_Quotations_1.203.zip

C:\Documents and Settings\deray\Application Data\m\shared\Google_Base_Want_Ads_Lister_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\guMa_4.35.zip

C:\Documents and Settings\deray\Application Data\m\shared\Halo_Combat_Evolved_DM7_Fear_map.zip

C:\Documents and Settings\deray\Application Data\m\shared\HTML_Protect_Center_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\ICreate_Panel_1.0_(Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\ImTOO_DVD_Ripper_Platinum_4.0.84.0802_[Key+Serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\Instant_Eyedropper_1.501.zip

C:\Documents and Settings\deray\Application Data\m\shared\Interactive_SQL_for_MSSQL_1.1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Intrance_Motion_Detector_2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\kHomeAccounting_1.0_[With_Crack].zip

C:\Documents and Settings\deray\Application Data\m\shared\Kupload+_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Lantailor_Office_2006_2.6_[Key+Serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\LingvoSoft_Suite_2007_German_-_Slovak_2.0.23_(Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\LogWiper_1.2.5.zip

C:\Documents and Settings\deray\Application Data\m\shared\LuraDocument_PDF_Compressor_4.2.02.15_(Cracked).zip

C:\Documents and Settings\deray\Application Data\m\shared\Macrobject_CHM-2-Word_2007_Pro_2007.8.1.200_[KeyGen].zip

C:\Documents and Settings\deray\Application Data\m\shared\MB_Free_Astrology_Natal_Chart_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\MDLabs_Collection_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\MIDITREM_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Mobile_Music_Polyphonic_2.62.zip

C:\Documents and Settings\deray\Application Data\m\shared\Monkey_Explorer_1.0.1_[Cracked].zip

C:\Documents and Settings\deray\Application Data\m\shared\MOV_Recorder_1.3_(Key+Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\MP3-OGG-WAV-WMA_Converter_1.80.zip

C:\Documents and Settings\deray\Application Data\m\shared\Muzip_3.04.zip

C:\Documents and Settings\deray\Application Data\m\shared\NATURA_Sound_Therapy_3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Nautical_Wireless_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Neevia_Document_Converter_Pro_4.9.8.9.zip

C:\Documents and Settings\deray\Application Data\m\shared\NetCD_2.45.zip

C:\Documents and Settings\deray\Application Data\m\shared\NetSpeeder2_2.3_[Cracked].zip

C:\Documents and Settings\deray\Application Data\m\shared\No_Spam_Today!_for_Servers_3.0.3.6.zip

C:\Documents and Settings\deray\Application Data\m\shared\Nyx_PassGen_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\OMNESTdemo_3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\PAL_Evidence_Eliminator_1.01.zip

C:\Documents and Settings\deray\Application Data\m\shared\Password_Protect_USB_3.6.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Pearson_Square_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Ping_Ball_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Power_CD+G_Filter_1.0.15a.zip

C:\Documents and Settings\deray\Application Data\m\shared\REAKTOR_5_5.1.2_(Patch).zip

C:\Documents and Settings\deray\Application Data\m\shared\remind.me.uk_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Remote_Office_Manager_3.0.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\RYSO_Handy_Look_3.0_Key.zip

C:\Documents and Settings\deray\Application Data\m\shared\Screen_Pen_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Setup_Factory_7.0.5.zip

C:\Documents and Settings\deray\Application Data\m\shared\ShaniXmlParser_1.4.16.zip

C:\Documents and Settings\deray\Application Data\m\shared\Shut_Down_or_Power_On_Now_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\SimpleSizer_1.60.zip

C:\Documents and Settings\deray\Application Data\m\shared\SmartDesktop_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\SMTP_Server_Pro_1.72.zip

C:\Documents and Settings\deray\Application Data\m\shared\Space_Plasma_3D_Screensaver_1.51_[With_Crack].zip

C:\Documents and Settings\deray\Application Data\m\shared\Super_PI_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Symantec.LiveState.Recovery.Advanced.Server.v3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Terminal_Services_AppLauncher_1.5.zip

C:\Documents and Settings\deray\Application Data\m\shared\The_General_2.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Thumb-View_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\TrayIcon_3.1.153.zip

C:\Documents and Settings\deray\Application Data\m\shared\TurnToolBox_3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\UFS_Explorer_Professional_2.7.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Ultra_Screen_Capture_Expert_2.0.2007.501.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\UnitConversion_1.3.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Unreal_Tournament_2003_-_Supa_Slow_Motion_Mutator.zip

C:\Documents and Settings\deray\Application Data\m\shared\USA_Photo_Maps_2.76.zip

C:\Documents and Settings\deray\Application Data\m\shared\Virtual_Screen_Manager_2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\VisualMask_1.0.4.zip

C:\Documents and Settings\deray\Application Data\m\shared\WinGuard_Pro_2005_5.8.3.zip

C:\Documents and Settings\deray\Application Data\m\shared\wyoEditor_2.3.3.zip

C:\Documents and Settings\deray\Application Data\m\shared\X-NetStat_5.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Xilisoft_iPhone_Video_Converter_3.1.37.0727b_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\XspandXL_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\XTAS_0.6_Beta.zip

C:\Documents and Settings\deray\Application Data\m\shared\Yahoo_Messenger_AutoResponder_2007_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Zilch_Standard-debt_reduction_4.0.zip

C:\Documents and Settings\deray\Application Data\m\srvlist.oct

C:\WINDOWS\system32\ban_list.txt

C:\WINDOWS\system32\drivers\downld

C:\WINDOWS\system32\drivers\downld\146265.exe

C:\WINDOWS\system32\drivers\downld\14900125.exe

C:\WINDOWS\system32\drivers\downld\14913515.exe

C:\WINDOWS\system32\drivers\downld\14931781.exe

C:\WINDOWS\system32\drivers\downld\14945468.exe

C:\WINDOWS\system32\drivers\downld\150265.exe

C:\WINDOWS\system32\drivers\downld\15178812.exe

C:\WINDOWS\system32\drivers\downld\15223703.exe

C:\WINDOWS\system32\drivers\downld\15261187.exe

C:\WINDOWS\system32\drivers\downld\15268828.exe

C:\WINDOWS\system32\drivers\downld\154515.exe

C:\WINDOWS\system32\drivers\downld\155703.exe

C:\WINDOWS\system32\drivers\downld\163593.exe

C:\WINDOWS\system32\drivers\downld\164375.exe

C:\WINDOWS\system32\drivers\downld\167734.exe

C:\WINDOWS\system32\drivers\downld\168921.exe

C:\WINDOWS\system32\drivers\downld\173921.exe

C:\WINDOWS\system32\drivers\downld\174968.exe

C:\WINDOWS\system32\drivers\downld\180859.exe

C:\WINDOWS\system32\drivers\downld\181843.exe

C:\WINDOWS\system32\drivers\downld\183328.exe

C:\WINDOWS\system32\drivers\downld\195750.exe

C:\WINDOWS\system32\drivers\downld\210437.exe

C:\WINDOWS\system32\drivers\downld\214625.exe

C:\WINDOWS\system32\drivers\downld\222921.exe

C:\WINDOWS\system32\drivers\downld\225234.exe

C:\WINDOWS\system32\drivers\downld\235890.exe

C:\WINDOWS\system32\drivers\downld\241906.exe

C:\WINDOWS\system32\drivers\downld\251250.exe

C:\WINDOWS\system32\drivers\downld\256781.exe

C:\WINDOWS\system32\drivers\downld\270031.exe

C:\WINDOWS\system32\drivers\downld\279734.exe

C:\WINDOWS\system32\drivers\downld\284734.exe

C:\WINDOWS\system32\drivers\downld\344546.exe

C:\WINDOWS\system32\drivers\downld\354375.exe

C:\WINDOWS\system32\drivers\downld\359218.exe

C:\WINDOWS\system32\drivers\downld\404281.exe

C:\WINDOWS\system32\drivers\downld\446609.exe

C:\WINDOWS\system32\drivers\downld\472609.exe

C:\WINDOWS\system32\drivers\downld\491046.exe

C:\WINDOWS\system32\drivers\hldrrr.exe

C:\WINDOWS\system32\drivers\mdelk.exe

C:\WINDOWS\system32\drivers\srosa.sys

C:\WINDOWS\system32\mdelk.exe

C:\WINDOWS\system32\wintems.exe

.

---- Previous Run -------

.

C:\WINDOWS\pp.exe

C:\WINDOWS\system32\ban_list.txt

C:\WINDOWS\system32\drivers\downld

C:\WINDOWS\system32\drivers\downld\103921.exe

C:\WINDOWS\system32\drivers\downld\110546.exe

C:\WINDOWS\system32\drivers\downld\116296.exe

C:\WINDOWS\system32\drivers\downld\1244328.exe

C:\WINDOWS\system32\drivers\downld\1248406.exe

C:\WINDOWS\system32\drivers\downld\1262671.exe

C:\WINDOWS\system32\drivers\downld\1276687.exe

C:\WINDOWS\system32\drivers\downld\130828.exe

C:\WINDOWS\system32\drivers\downld\1314484.exe

C:\WINDOWS\system32\drivers\downld\1327906.exe

C:\WINDOWS\system32\drivers\downld\1338250.exe

C:\WINDOWS\system32\drivers\downld\1340000.exe

C:\WINDOWS\system32\drivers\downld\1342359.exe

C:\WINDOWS\system32\drivers\downld\1342984.exe

C:\WINDOWS\system32\drivers\downld\134906.exe

C:\WINDOWS\system32\drivers\downld\1356250.exe

C:\WINDOWS\system32\drivers\downld\1364656.exe

C:\WINDOWS\system32\drivers\downld\136609.exe

C:\WINDOWS\system32\drivers\downld\139828.exe

C:\WINDOWS\system32\drivers\downld\1401078.exe

C:\WINDOWS\system32\drivers\downld\1412906.exe

C:\WINDOWS\system32\drivers\downld\1420734.exe

C:\WINDOWS\system32\drivers\downld\1425000.exe

C:\WINDOWS\system32\drivers\downld\146843.exe

C:\WINDOWS\system32\drivers\downld\146953.exe

C:\WINDOWS\system32\drivers\downld\1490781.exe

C:\WINDOWS\system32\drivers\downld\1495062.exe

C:\WINDOWS\system32\drivers\downld\1516875.exe

C:\WINDOWS\system32\drivers\downld\151843.exe

C:\WINDOWS\system32\drivers\downld\1522703.exe

C:\WINDOWS\system32\drivers\downld\1535156.exe

C:\WINDOWS\system32\drivers\downld\155843.exe

C:\WINDOWS\system32\drivers\downld\157546.exe

C:\WINDOWS\system32\drivers\downld\1577078.exe

C:\WINDOWS\system32\drivers\downld\158265.exe

C:\WINDOWS\system32\drivers\downld\1590781.exe

C:\WINDOWS\system32\drivers\downld\1599406.exe

C:\WINDOWS\system32\drivers\downld\1604218.exe

C:\WINDOWS\system32\drivers\downld\1619375.exe

C:\WINDOWS\system32\drivers\downld\1621984.exe

C:\WINDOWS\system32\drivers\downld\1629484.exe

C:\WINDOWS\system32\drivers\downld\1638906.exe

C:\WINDOWS\system32\drivers\downld\164281.exe

C:\WINDOWS\system32\drivers\downld\164406.exe

C:\WINDOWS\system32\drivers\downld\164953.exe

C:\WINDOWS\system32\drivers\downld\166203.exe

C:\WINDOWS\system32\drivers\downld\168109.exe

C:\WINDOWS\system32\drivers\downld\168765.exe

C:\WINDOWS\system32\drivers\downld\1693203.exe

C:\WINDOWS\system32\drivers\downld\169390.exe

C:\WINDOWS\system32\drivers\downld\169437.exe

C:\WINDOWS\system32\drivers\downld\1705656.exe

C:\WINDOWS\system32\drivers\downld\1714640.exe

C:\WINDOWS\system32\drivers\downld\1718953.exe

C:\WINDOWS\system32\drivers\downld\172703.exe

C:\WINDOWS\system32\drivers\downld\174953.exe

C:\WINDOWS\system32\drivers\downld\17725890.exe

C:\WINDOWS\system32\drivers\downld\17730890.exe

C:\WINDOWS\system32\drivers\downld\177796.exe

C:\WINDOWS\system32\drivers\downld\177968.exe

C:\WINDOWS\system32\drivers\downld\180546.exe

C:\WINDOWS\system32\drivers\downld\182968.exe

C:\WINDOWS\system32\drivers\downld\183468.exe

C:\WINDOWS\system32\drivers\downld\185796.exe

C:\WINDOWS\system32\drivers\downld\186796.exe

C:\WINDOWS\system32\drivers\downld\188093.exe

C:\WINDOWS\system32\drivers\downld\192296.exe

C:\WINDOWS\system32\drivers\downld\195328.exe

C:\WINDOWS\system32\drivers\downld\198281.exe

C:\WINDOWS\system32\drivers\downld\199687.exe

C:\WINDOWS\system32\drivers\downld\202640.exe

C:\WINDOWS\system32\drivers\downld\202875.exe

C:\WINDOWS\system32\drivers\downld\206843.exe

C:\WINDOWS\system32\drivers\downld\214500.exe

C:\WINDOWS\system32\drivers\downld\216187.exe

C:\WINDOWS\system32\drivers\downld\222500.exe

C:\WINDOWS\system32\drivers\downld\224812.exe

C:\WINDOWS\system32\drivers\downld\225859.exe

C:\WINDOWS\system32\drivers\downld\228203.exe

C:\WINDOWS\system32\drivers\downld\230625.exe

C:\WINDOWS\system32\drivers\downld\230812.exe

C:\WINDOWS\system32\drivers\downld\233468.exe

C:\WINDOWS\system32\drivers\downld\239843.exe

C:\WINDOWS\system32\drivers\downld\239921.exe

C:\WINDOWS\system32\drivers\downld\243984.exe

C:\WINDOWS\system32\drivers\downld\244375.exe

C:\WINDOWS\system32\drivers\downld\244656.exe

C:\WINDOWS\system32\drivers\downld\250562.exe

C:\WINDOWS\system32\drivers\downld\253140.exe

C:\WINDOWS\system32\drivers\downld\254328.exe

C:\WINDOWS\system32\drivers\downld\257796.exe

C:\WINDOWS\system32\drivers\downld\258687.exe

C:\WINDOWS\system32\drivers\downld\263359.exe

C:\WINDOWS\system32\drivers\downld\263453.exe

C:\WINDOWS\system32\drivers\downld\270312.exe

C:\WINDOWS\system32\drivers\downld\273281.exe

C:\WINDOWS\system32\drivers\downld\274453.exe

C:\WINDOWS\system32\drivers\downld\279187.exe

C:\WINDOWS\system32\drivers\downld\279609.exe

C:\WINDOWS\system32\drivers\downld\283687.exe

C:\WINDOWS\system32\drivers\downld\284640.exe

C:\WINDOWS\system32\drivers\downld\326906.exe

C:\WINDOWS\system32\drivers\downld\330328.exe

C:\WINDOWS\system32\drivers\downld\341734.exe

C:\WINDOWS\system32\drivers\downld\343843.exe

C:\WINDOWS\system32\drivers\downld\351578.exe

C:\WINDOWS\system32\drivers\downld\352562.exe

C:\WINDOWS\system32\drivers\downld\356421.exe

C:\WINDOWS\system32\drivers\downld\360296.exe

C:\WINDOWS\system32\drivers\downld\395953.exe

C:\WINDOWS\system32\drivers\downld\408953.exe

C:\WINDOWS\system32\drivers\downld\414671.exe

C:\WINDOWS\system32\drivers\downld\417265.exe

C:\WINDOWS\system32\drivers\downld\421765.exe

C:\WINDOWS\system32\drivers\downld\42597671.exe

C:\WINDOWS\system32\drivers\downld\42601921.exe

C:\WINDOWS\system32\drivers\downld\42610515.exe

C:\WINDOWS\system32\drivers\downld\42623609.exe

C:\WINDOWS\system32\drivers\downld\42640375.exe

C:\WINDOWS\system32\drivers\downld\42660296.exe

C:\WINDOWS\system32\drivers\downld\42663390.exe

C:\WINDOWS\system32\drivers\downld\42671703.exe

C:\WINDOWS\system32\drivers\downld\42676765.exe

C:\WINDOWS\system32\drivers\downld\42683500.exe

C:\WINDOWS\system32\drivers\downld\42756312.exe

C:\WINDOWS\system32\drivers\downld\42761484.exe

C:\WINDOWS\system32\drivers\downld\42780156.exe

C:\WINDOWS\system32\drivers\downld\42859609.exe

C:\WINDOWS\system32\drivers\downld\42862390.exe

C:\WINDOWS\system32\drivers\downld\42867156.exe

C:\WINDOWS\system32\drivers\downld\428703.exe

C:\WINDOWS\system32\drivers\downld\42875406.exe

C:\WINDOWS\system32\drivers\downld\42880593.exe

C:\WINDOWS\system32\drivers\downld\42895625.exe

C:\WINDOWS\system32\drivers\downld\429562.exe

C:\WINDOWS\system32\drivers\downld\43007718.exe

C:\WINDOWS\system32\drivers\downld\43030109.exe

C:\WINDOWS\system32\drivers\downld\43039828.exe

C:\WINDOWS\system32\drivers\downld\43044812.exe

C:\WINDOWS\system32\drivers\downld\443671.exe

C:\WINDOWS\system32\drivers\downld\453593.exe

C:\WINDOWS\system32\drivers\downld\458125.exe

C:\WINDOWS\system32\drivers\downld\463718.exe

C:\WINDOWS\system32\drivers\downld\470765.exe

C:\WINDOWS\system32\drivers\downld\76015.exe

C:\WINDOWS\system32\drivers\downld\83718.exe

C:\WINDOWS\system32\drivers\downld\84171.exe

C:\WINDOWS\system32\drivers\downld\84328.exe

C:\WINDOWS\system32\drivers\downld\88109.exe

C:\WINDOWS\system32\drivers\downld\9295609.exe

C:\WINDOWS\system32\drivers\downld\9299828.exe

C:\WINDOWS\system32\drivers\downld\9314671.exe

C:\WINDOWS\system32\drivers\downld\9345546.exe

C:\WINDOWS\system32\drivers\downld\9358328.exe

C:\WINDOWS\system32\drivers\downld\9374140.exe

C:\WINDOWS\system32\drivers\downld\94578.exe

C:\WINDOWS\system32\drivers\downld\96265.exe

C:\WINDOWS\system32\drivers\downld\97515.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_SROSA

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-16 to 2008-05-16 ))))))))))))))))))))))))))))))))))))

.

2009-04-22 20:24 . 2009-04-22 20:24 256 --a------ C:\WINDOWS\system32\imail40.rtl

2008-05-17 00:09 . 2008-05-17 00:09 <REP> d-------- C:\hjt

2008-05-12 12:37 . 2008-05-12 12:37 <REP> d-------- C:\Program Files\Spybot - Search & Destroy

2008-05-12 12:37 . 2008-05-12 12:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-05-12 12:35 . 2001-08-23 16:59 289,920 --a--c--- C:\WINDOWS\system32\dllcache\atimpab.sys

2008-05-12 12:35 . 2001-08-23 16:59 281,728 --a--c--- C:\WINDOWS\system32\dllcache\atimtai.sys

2008-05-12 12:35 . 2001-08-23 16:59 75,392 --a--c--- C:\WINDOWS\system32\dllcache\atimpae.sys

2008-05-12 12:35 . 2001-08-23 17:47 37,376 --a--c--- C:\WINDOWS\system32\dllcache\atievxx.exe

2008-05-12 12:35 . 2001-08-17 20:49 10,240 --a--c--- C:\WINDOWS\system32\dllcache\atipcxxx.sys

2008-05-12 12:33 . 2001-08-17 22:07 56,960 --a--c--- C:\WINDOWS\system32\dllcache\aic78xx.sys

2008-05-12 12:19 . 2001-08-17 20:19 747,392 --a--c--- C:\WINDOWS\system32\dllcache\adm8830.sys

2008-05-12 12:18 . 2007-02-28 18:02 2,182,400 --a--c--- C:\WINDOWS\system32\dllcache\OLD2B.tmp

2008-05-12 02:46 . 2008-05-12 02:50 <REP> d-------- C:\Documents and Settings\deray\.housecall6.6

2008-05-12 01:26 . 2008-05-12 01:26 <REP> d-------- C:\Program Files\Lavalys

2008-05-05 21:01 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt19.sqm

2008-05-05 21:01 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt18.sqm

2008-05-05 21:01 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt17.sqm

2008-05-05 21:01 . 2008-05-05 21:01 232 --ah----- C:\sqmdata19.sqm

2008-05-05 21:01 . 2008-05-05 21:01 232 --ah----- C:\sqmdata18.sqm

2008-05-05 21:01 . 2008-05-05 21:01 232 --ah----- C:\sqmdata17.sqm

2008-05-05 21:00 . 2008-05-05 21:00 244 --ah----- C:\sqmnoopt16.sqm

2008-05-05 21:00 . 2008-05-05 21:00 244 --ah----- C:\sqmnoopt15.sqm

2008-05-05 21:00 . 2008-05-05 23:06 244 --ah----- C:\sqmnoopt14.sqm

2008-05-05 21:00 . 2008-05-05 23:06 244 --ah----- C:\sqmnoopt13.sqm

2008-05-05 21:00 . 2008-05-05 21:00 232 --ah----- C:\sqmdata16.sqm

2008-05-05 21:00 . 2008-05-05 21:00 232 --ah----- C:\sqmdata15.sqm

2008-05-05 21:00 . 2008-05-05 23:06 232 --ah----- C:\sqmdata14.sqm

2008-05-05 21:00 . 2008-05-05 23:06 232 --ah----- C:\sqmdata13.sqm

2008-05-05 19:52 . 2008-05-05 19:52 <REP> d-------- C:\Program Files\CleanUp!

2008-05-05 17:41 . 2008-05-05 23:06 244 --ah----- C:\sqmnoopt12.sqm

2008-05-05 17:41 . 2008-05-05 23:06 232 --ah----- C:\sqmdata12.sqm

2008-05-04 21:24 . 2008-05-05 23:00 244 --ah----- C:\sqmnoopt05.sqm

2008-05-04 21:24 . 2008-05-05 23:00 232 --ah----- C:\sqmdata05.sqm

2008-05-04 21:23 . 2008-05-05 23:00 244 --ah----- C:\sqmnoopt04.sqm

2008-05-04 21:23 . 2008-05-05 23:00 232 --ah----- C:\sqmdata04.sqm

2008-05-04 20:17 . 2008-05-05 23:00 244 --ah----- C:\sqmnoopt03.sqm

2008-05-04 20:17 . 2008-05-05 23:00 232 --ah----- C:\sqmdata03.sqm

2008-05-04 20:10 . 2008-05-04 20:07 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl

2008-05-04 20:10 . 2008-05-04 20:07 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe

2008-05-04 20:10 . 2008-01-24 16:36 4,127,488 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys

2008-05-04 20:10 . 2008-05-04 20:07 577,536 --a------ C:\WINDOWS\soundman.exe

2008-05-04 20:10 . 2008-05-04 20:07 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll

2008-05-04 20:10 . 2008-05-04 20:07 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav

2008-05-04 20:10 . 2008-05-04 20:07 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe

2008-05-04 20:08 . 2008-05-05 20:07 <REP> d-------- C:\Program Files\Realtek AC97

2008-05-04 20:08 . 2008-05-04 20:07 315,392 --a------ C:\WINDOWS\alcupd.exe

2008-05-04 20:08 . 2008-05-04 20:07 217,088 --a------ C:\WINDOWS\alcrmv.exe

2008-05-04 02:45 . 2008-05-05 22:59 244 --ah----- C:\sqmnoopt02.sqm

2008-05-04 02:45 . 2008-05-05 22:59 232 --ah----- C:\sqmdata02.sqm

2008-05-04 01:50 . 2008-05-05 22:47 244 --ah----- C:\sqmnoopt01.sqm

2008-05-04 01:50 . 2008-05-05 22:47 232 --ah----- C:\sqmdata01.sqm

2008-05-03 09:47 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt00.sqm

2008-05-03 09:47 . 2008-05-05 21:01 232 --ah----- C:\sqmdata00.sqm

2008-05-02 18:21 . 2007-02-19 14:21 170,800 --a------ C:\WINDOWS\system32\drivers\PavProc.sys

2008-05-02 18:21 . 2007-03-12 17:27 31,104 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys

2008-05-01 02:12 . 2008-05-01 02:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson

2008-05-01 00:50 . 2008-05-01 00:50 290,816 --------- C:\WINDOWS\Setup1.exe

2008-05-01 00:50 . 2008-05-01 00:50 74,752 --a------ C:\WINDOWS\ST6UNST.EXE

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-05 18:08 --------- d-----w C:\Program Files\DivX

2008-05-04 18:08 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-02 16:21 --------- d-----w C:\Program Files\Fichiers communs\Panda Software

2008-05-02 14:23 --------- d-----w C:\Program Files\Zylom Games

2008-05-02 13:46 --------- d-----w C:\Program Files\LG PC Suite

2008-04-30 23:01 --------- d-----w C:\Program Files\eMule

2008-03-21 20:30 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys

2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2004-05-08 02:02 679936]

"PasenDommagement"="C:\Program Files\PasenDommagement\GDC.exe" [ ]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-05-12 12:37 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2005-03-08 05:33 53248 C:\WINDOWS\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2005-11-01 06:15 163840 C:\WINDOWS\system32\VTTrayp.exe]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 16:21 61952 C:\WINDOWS\system32\HdAShCut.exe]

"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 11:11 925696]

"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-04-25 04:52 385024]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37 35328]

"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2007-06-28 18:27 181488]

"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]

"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-03-14 04:06 1397760]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 11:56 286720]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-17 00:17 79224]

"oov6multiuser.exe"="C:\Program Files\OFFICE ONE6.0\program\oov6multiuser.exe" [2002-07-15 07:00 253440]

"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.0\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-01-28 17:10 500736]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.mpng"= C:\Program Files\photos montage\0.957\686\tabdec.dll

"vidc.mvjp"= C:\Program Files\photos montage\0.957\686\tabdec.dll

"vidc.444p"= C:\Program Files\photos montage\0.957\686\tabdec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\WINDOWS\\system32\\rundll32.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 05:38]

R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 05:39]

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]

R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-03-12 17:27]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]

R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]

R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2006-03-21 17:28]

S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2006-12-19 21:58]

S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 00:08]

S4 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-02-19 14:21]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b5c5da4-0ee5-11dd-86ba-0060b3458495}]

\Shell\AutoRun\command - F:\nideiect.com

\Shell\explore\Command - F:\nideiect.com

\Shell\open\Command - F:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b5c5da5-0ee5-11dd-86ba-0060b3458495}]

\Shell\AutoRun\command - G:\nideiect.com

\Shell\explore\Command - G:\nideiect.com

\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d07f0c6-1a06-11dd-86f5-0060b3458495}]

\Shell\AutoRun\command - nideiect.com

\Shell\explore\Command - nideiect.com

\Shell\open\Command - nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88d9c5dc-b6c2-11dc-85f3-0060b3458495}]

\Shell\AutoRun\command - F:\nideiect.com

\Shell\explore\Command - F:\nideiect.com

\Shell\open\Command - F:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88d9c5dd-b6c2-11dc-85f3-0060b3458495}]

\Shell\AutoRun\command - G:\nideiect.com

\Shell\explore\Command - G:\nideiect.com

\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a975e210-74fb-11db-8442-806d6172696f}]

\Shell\AutoRun\command - E:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6ee96cc-aaa5-11dc-85db-0060b3458495}]

\Shell\AutoRun\command - nideiect.com

\Shell\explore\Command - F:\nideiect.com

\Shell\open\Command - F:\nideiect.com

.

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

"2008-05-05 19:30:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-05-16 21:50:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

Falkra · le 16 mai 2008

Bonsoir, ComboFix ne shoote pas tout dans cette variante, je suis en train de récupérer les fichiers pour en envoyer aux développeurs (dans un autre sujet).

Rends-toi sur ce site :

http://www.zonavirus.com/datos/descargas/95/elibagla.asp

En bas de cette page tu trouveras un outil (Elibagla) à telecharger : clique sur Descargar Elibagla et place ce fichier sur le bureau.

- Double-clique sur Elibagla.exe

- Dans le menu Unidad, tu dois être sur C:\

- laisse la case "Eliminar ficheros automáticamente" cochée

- clique sur"Explorar" pour l'ancer le travail (dure quelques minutes).

- poste le rapport dans ta prochaine réponse, il sera dans c:\infosat.txt si tu le perds de vue.

adrien84 · le 16 mai 2008

ok merci c'est gentil

Falkra · le 16 mai 2008

De rien. Je regarde ça "demain" de près, l'essentiel est déjà tué par ComboFix de toute façon, mais il y a un fichier qui reste, coriace.

adrien84 · le 16 mai 2008

voila le rapport :

Sat May 17 01:04:54 2008

----------------------------------------------

Lista de Acciones (por Acción Directa):

Sat May 17 01:05:09 2008

----------------------------------------------

Lista de Acciones (por Exploración):

Explorando Unidad C:\

C:\Program Files\Google\GoogleToolbarNotifier\GOOGLETOOLBARNOTIFIER.EXE --> Eliminado Bagle.dldr

C:\QooBox\Quarantine\C\Documents and Settings\deray\Application Data\m\DATA.OCT.VIR --> Eliminado Bagle.dldr

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\139828.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\14931781.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\1516875.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\157546.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\166203.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\169390.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\173921.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\174953.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\174968.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\233468.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\42610515.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\42640375.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\42676765.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\42867156.EXE.VIR --> Eliminado Bagle

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\42880593.EXE.VIR --> Eliminado Bagle

Nº Total de Directorios: 12817

Nº Total de Ficheros: 110584

Nº de Ficheros Analizados: 11719

Nº de Ficheros Infectados: 17

Nº de Ficheros Limpiados: 17

d'accord ca marche merci

par contre c'est quoi le message en rouge que j'ai?? est ce qu'il faut que je fasse ce qui est indiqué ici : http://www.bleepingcomputer.com/combofix/f...iliser-combofix

Falkra · le 16 mai 2008

Bon, ça ne passe pas directement.Sans intérêt, mais pas très grave.

Je te prépare un script demain pour récupérer tout ça.

adrien84 · le 16 mai 2008

ah oui et derniere chose : je sais pas si c'est normal mais quand je veux lancer avast et bien ca ne marche toujours pas (application win32 non valide)

j'espere vraiment pouvoir me débarasser de ce fichu virus !!! grrrr

merci bcp pour ton aide en tout cas

ok je patienterai demain sans pb

merci encore

Falkra · le 17 mai 2008

Je vais désactiver TeaTimer pas ce script en virant aussi d'autres saletés, ne le réactive plus (très honnêtement il ne sert à rien, et ici il mettra le bazar si on le remet en route. De toute manière Spybot n'est plus vraiment une arme efficace, mais le garder (sans le teatimer) ne pose pas de problèmes.

Ouvre le bloc notes. Copie colle ceci dedans :

RootKit::
C:\Documents and Settings\deray\Application Data\m\flec006.exe

File::

C:\WINDOWS\System32\keys.txt

C:\Users\ordi\AppData\Local\Temp\vwetcogc.dll

Folder::

C:\Program Files\PCPrivacyTool

C:\Program Files\Fichiers communs\PasenDommagement

C:\Program Files\Fichiers communs\BOONTY Shared

Registry::

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b5c5da4-0ee5-11dd-86ba-0060b3458495}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b5c5da5-0ee5-11dd-86ba-0060b3458495}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d07f0c6-1a06-11dd-86f5-0060b3458495}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88d9c5dc-b6c2-11dc-85f3-0060b3458495}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88d9c5dd-b6c2-11dc-85f3-0060b3458495}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a975e210-74fb-11db-8442-806d6172696f}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6ee96cc-aaa5-11dc-85db-0060b3458495}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PasenDommagement"=-

"SpybotSD TeaTimer"=-

Driver::

Boonty Games

Sauvegarde cela comme fichier texte nommé CFScript, sur le bureau.
Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

Une fenêtre bleue va apparaître: au message qui apparaît (Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Falkra · le 18 mai 2008

Je poste ici le rapport que tu m'a envoyé par MP.

Le virus que tu as détruit partiellement les antivirus, il est normal qu'Avast ne fonctionne plus, mais n'essaie pas de le réinstaler tout de suite.

Idem pour windows update n'y va pas pour l'instant.

ComboFix 08-05-12.1 - deray 2008-05-17 23:34:11.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.205 [GMT 2:00]

Endroit: C:\Documents and Settings\deray\Bureau\Combo-Fix.exe

Command switches used :: C:\Documents and Settings\deray\Bureau\CFScript.txt

* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::

C:\Users\ordi\AppData\Local\Temp\vwetcogc.dll

C:\WINDOWS\System32\keys.txt

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\deray\Application Data\m\flec006.exe

C:\Program Files\Fichiers communs\BOONTY Shared

C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

C:\Program Files\Fichiers communs\PasenDommagement

C:\Program Files\Fichiers communs\PasenDommagement\mc.exe

C:\WINDOWS\system32\drivers\downld

.

---- Previous Run -------

.

C:\Documents and Settings\All Users\Application Data\salesmonitor

C:\Documents and Settings\deray\Application Data\m

C:\Documents and Settings\deray\Application Data\m\data.oct

C:\Documents and Settings\deray\Application Data\m\list.oct

C:\Documents and Settings\deray\Application Data\m\shared

C:\Documents and Settings\deray\Application Data\m\shared\101_Famous_Knock_Knock_Jokes_Screesaver_2.2_Key.zip

C:\Documents and Settings\deray\Application Data\m\shared\2_Drweb.V4.xx.CRACK.zip

C:\Documents and Settings\deray\Application Data\m\shared\3D_MP3_Sound_Recorder_G2_RL_4.03.zip

C:\Documents and Settings\deray\Application Data\m\shared\4DBK_Merchant_3.0_f6_build_451.zip

C:\Documents and Settings\deray\Application Data\m\shared\A_Christmas_Village_Demo_Screensaver_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Aardvark_Homepage_Creator_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\AB_Commander_XP_6.95_(With_Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\Acez_All_Audio_Converter_3.0.2.zip

C:\Documents and Settings\deray\Application Data\m\shared\AdCleaner_1.21_Cracked.zip

C:\Documents and Settings\deray\Application Data\m\shared\ADSTRIKER_9.3.0.10.zip

C:\Documents and Settings\deray\Application Data\m\shared\Alding_Webshop_Maker_1.4.zip

C:\Documents and Settings\deray\Application Data\m\shared\Altova_MissionKit_for_Enterprise_XML_Developers_2007_Release_3_[serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\Amazing_Butterflies_screensaver_1.1_[Key].zip

C:\Documents and Settings\deray\Application Data\m\shared\Antenna_-_Web_Design_Studio_2.7.zip

C:\Documents and Settings\deray\Application Data\m\shared\Aplus_Video_Joiner_8.28_(Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\ASPRunner_Professional_5.0_build_275_(Key+Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\Asset_Tracker_for_Networks_6.2.9.zip

C:\Documents and Settings\deray\Application Data\m\shared\AVG.Antivirus.Pro.v7.0.240(Incl.Working.SN).zip

C:\Documents and Settings\deray\Application Data\m\shared\BadgeBuilder_Express_4.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Bass_Club_Organizer_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Batch_Image_Commander_1.39.zip

C:\Documents and Settings\deray\Application Data\m\shared\Batch_Replacer_for_MS_PowerPoint_2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\BatchSync_FTP_2.0.31_(Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\Birthday_Calendar_Reminder_3.2.1_Patch.zip

C:\Documents and Settings\deray\Application Data\m\shared\Book_Organizer_1.00_With_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\Bramos_Toolbar_4.5.11.zip

C:\Documents and Settings\deray\Application Data\m\shared\Caledos_Wallpaper_Changer_6.3.2.zip

C:\Documents and Settings\deray\Application Data\m\shared\Call_of_Duty_Vampiric_map.zip

C:\Documents and Settings\deray\Application Data\m\shared\Centennia_Historical_Atlas_3.10_With_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\COM_Express_for_.NET_3.4.1_[Key+Serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\Cool_Record_Edit_3.8_Build_580_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\Cool_Web_Scrollbars_3.1_With_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\CyberMatrix_Class_Scheduler_5.01_(With_Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\Cyrillic-English_Keyboard_Driver_5.7.zip

C:\Documents and Settings\deray\Application Data\m\shared\Darth_Tater_Price_Comparison_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Deus_Ex_Hotel_Carone_1.12.zip

C:\Documents and Settings\deray\Application Data\m\shared\Diablo_II_Decakard_Cain's_Bad_Fur_Day_mod.zip

C:\Documents and Settings\deray\Application Data\m\shared\Dicm_File-Set_Writer_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\DMControls.CharMap_.NET_control_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\DVD_to_AVI_Converter_4.0.25_(Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\Eagle's_Quest_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\EDictionary_English-Russian_4.0.19.3.zip

C:\Documents and Settings\deray\Application Data\m\shared\eMail_Verifier_3.1.1_(Key+Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\EMS_DB_Comparer_for_Oracle_3.0.0.1_Key+Serial.zip

C:\Documents and Settings\deray\Application Data\m\shared\EMVview_2006_3.2.zip

C:\Documents and Settings\deray\Application Data\m\shared\Entaban_Secure_Address_Book_2.03.138.zip

C:\Documents and Settings\deray\Application Data\m\shared\Ewisoft_Template_Builder_[Cracked].zip

C:\Documents and Settings\deray\Application Data\m\shared\FaxMail_for_Windows_9.70.01.zip

C:\Documents and Settings\deray\Application Data\m\shared\FirePlotter_1.2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Flip_Wit_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Free_.NET_Barcode_Forms_Control_DLL_2006.zip

C:\Documents and Settings\deray\Application Data\m\shared\Geocaching_5.0_(KeyGen).zip

C:\Documents and Settings\deray\Application Data\m\shared\Go-Go_Quotations_1.203.zip

C:\Documents and Settings\deray\Application Data\m\shared\Google_Base_Want_Ads_Lister_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\guMa_4.35.zip

C:\Documents and Settings\deray\Application Data\m\shared\Halo_Combat_Evolved_DM7_Fear_map.zip

C:\Documents and Settings\deray\Application Data\m\shared\HTML_Protect_Center_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\ICreate_Panel_1.0_(Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\ImTOO_DVD_Ripper_Platinum_4.0.84.0802_[Key+Serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\Instant_Eyedropper_1.501.zip

C:\Documents and Settings\deray\Application Data\m\shared\Interactive_SQL_for_MSSQL_1.1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Intrance_Motion_Detector_2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\kHomeAccounting_1.0_[With_Crack].zip

C:\Documents and Settings\deray\Application Data\m\shared\Kupload+_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Lantailor_Office_2006_2.6_[Key+Serial].zip

C:\Documents and Settings\deray\Application Data\m\shared\LingvoSoft_Suite_2007_German_-_Slovak_2.0.23_(Crack).zip

C:\Documents and Settings\deray\Application Data\m\shared\LogWiper_1.2.5.zip

C:\Documents and Settings\deray\Application Data\m\shared\LuraDocument_PDF_Compressor_4.2.02.15_(Cracked).zip

C:\Documents and Settings\deray\Application Data\m\shared\Macrobject_CHM-2-Word_2007_Pro_2007.8.1.200_[KeyGen].zip

C:\Documents and Settings\deray\Application Data\m\shared\MB_Free_Astrology_Natal_Chart_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\MDLabs_Collection_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\MIDITREM_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Mobile_Music_Polyphonic_2.62.zip

C:\Documents and Settings\deray\Application Data\m\shared\Monkey_Explorer_1.0.1_[Cracked].zip

C:\Documents and Settings\deray\Application Data\m\shared\MOV_Recorder_1.3_(Key+Serial).zip

C:\Documents and Settings\deray\Application Data\m\shared\MP3-OGG-WAV-WMA_Converter_1.80.zip

C:\Documents and Settings\deray\Application Data\m\shared\Muzip_3.04.zip

C:\Documents and Settings\deray\Application Data\m\shared\NATURA_Sound_Therapy_3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Nautical_Wireless_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Neevia_Document_Converter_Pro_4.9.8.9.zip

C:\Documents and Settings\deray\Application Data\m\shared\NetCD_2.45.zip

C:\Documents and Settings\deray\Application Data\m\shared\NetSpeeder2_2.3_[Cracked].zip

C:\Documents and Settings\deray\Application Data\m\shared\No_Spam_Today!_for_Servers_3.0.3.6.zip

C:\Documents and Settings\deray\Application Data\m\shared\Nyx_PassGen_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\OMNESTdemo_3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\PAL_Evidence_Eliminator_1.01.zip

C:\Documents and Settings\deray\Application Data\m\shared\Password_Protect_USB_3.6.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Pearson_Square_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Ping_Ball_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Power_CD+G_Filter_1.0.15a.zip

C:\Documents and Settings\deray\Application Data\m\shared\REAKTOR_5_5.1.2_(Patch).zip

C:\Documents and Settings\deray\Application Data\m\shared\remind.me.uk_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Remote_Office_Manager_3.0.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\RYSO_Handy_Look_3.0_Key.zip

C:\Documents and Settings\deray\Application Data\m\shared\Screen_Pen_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Setup_Factory_7.0.5.zip

C:\Documents and Settings\deray\Application Data\m\shared\ShaniXmlParser_1.4.16.zip

C:\Documents and Settings\deray\Application Data\m\shared\Shut_Down_or_Power_On_Now_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\SimpleSizer_1.60.zip

C:\Documents and Settings\deray\Application Data\m\shared\SmartDesktop_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\SMTP_Server_Pro_1.72.zip

C:\Documents and Settings\deray\Application Data\m\shared\Space_Plasma_3D_Screensaver_1.51_[With_Crack].zip

C:\Documents and Settings\deray\Application Data\m\shared\Super_PI_1.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Symantec.LiveState.Recovery.Advanced.Server.v3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Terminal_Services_AppLauncher_1.5.zip

C:\Documents and Settings\deray\Application Data\m\shared\The_General_2.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Thumb-View_1.zip

C:\Documents and Settings\deray\Application Data\m\shared\TrayIcon_3.1.153.zip

C:\Documents and Settings\deray\Application Data\m\shared\TurnToolBox_3.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\UFS_Explorer_Professional_2.7.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Ultra_Screen_Capture_Expert_2.0.2007.501.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\UnitConversion_1.3.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Unreal_Tournament_2003_-_Supa_Slow_Motion_Mutator.zip

C:\Documents and Settings\deray\Application Data\m\shared\USA_Photo_Maps_2.76.zip

C:\Documents and Settings\deray\Application Data\m\shared\Virtual_Screen_Manager_2.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\VisualMask_1.0.4.zip

C:\Documents and Settings\deray\Application Data\m\shared\WinGuard_Pro_2005_5.8.3.zip

C:\Documents and Settings\deray\Application Data\m\shared\wyoEditor_2.3.3.zip

C:\Documents and Settings\deray\Application Data\m\shared\X-NetStat_5.1.zip

C:\Documents and Settings\deray\Application Data\m\shared\Xilisoft_iPhone_Video_Converter_3.1.37.0727b_Crack.zip

C:\Documents and Settings\deray\Application Data\m\shared\XspandXL_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\XTAS_0.6_Beta.zip

C:\Documents and Settings\deray\Application Data\m\shared\Yahoo_Messenger_AutoResponder_2007_1.0.zip

C:\Documents and Settings\deray\Application Data\m\shared\Zilch_Standard-debt_reduction_4.0.zip

C:\Documents and Settings\deray\Application Data\m\srvlist.oct

C:\WINDOWS\pp.exe

C:\WINDOWS\system32\ban_list.txt

C:\WINDOWS\system32\drivers\downld

C:\WINDOWS\system32\drivers\downld\103921.exe

C:\WINDOWS\system32\drivers\downld\110546.exe

C:\WINDOWS\system32\drivers\downld\116296.exe

C:\WINDOWS\system32\drivers\downld\1244328.exe

C:\WINDOWS\system32\drivers\downld\1248406.exe

C:\WINDOWS\system32\drivers\downld\1262671.exe

C:\WINDOWS\system32\drivers\downld\1276687.exe

C:\WINDOWS\system32\drivers\downld\130828.exe

C:\WINDOWS\system32\drivers\downld\1314484.exe

C:\WINDOWS\system32\drivers\downld\1327906.exe

C:\WINDOWS\system32\drivers\downld\1338250.exe

C:\WINDOWS\system32\drivers\downld\1340000.exe

C:\WINDOWS\system32\drivers\downld\1342359.exe

C:\WINDOWS\system32\drivers\downld\1342984.exe

C:\WINDOWS\system32\drivers\downld\134906.exe

C:\WINDOWS\system32\drivers\downld\1356250.exe

C:\WINDOWS\system32\drivers\downld\1364656.exe

C:\WINDOWS\system32\drivers\downld\136609.exe

C:\WINDOWS\system32\drivers\downld\139828.exe

C:\WINDOWS\system32\drivers\downld\1401078.exe

C:\WINDOWS\system32\drivers\downld\1412906.exe

C:\WINDOWS\system32\drivers\downld\1420734.exe

C:\WINDOWS\system32\drivers\downld\1425000.exe

C:\WINDOWS\system32\drivers\downld\146265.exe

C:\WINDOWS\system32\drivers\downld\146843.exe

C:\WINDOWS\system32\drivers\downld\146953.exe

C:\WINDOWS\system32\drivers\downld\14900125.exe

C:\WINDOWS\system32\drivers\downld\1490781.exe

C:\WINDOWS\system32\drivers\downld\14913515.exe

C:\WINDOWS\system32\drivers\downld\14931781.exe

C:\WINDOWS\system32\drivers\downld\14945468.exe

C:\WINDOWS\system32\drivers\downld\1495062.exe

C:\WINDOWS\system32\drivers\downld\150265.exe

C:\WINDOWS\system32\drivers\downld\1516875.exe

C:\WINDOWS\system32\drivers\downld\15178812.exe

C:\WINDOWS\system32\drivers\downld\151843.exe

C:\WINDOWS\system32\drivers\downld\15223703.exe

C:\WINDOWS\system32\drivers\downld\1522703.exe

C:\WINDOWS\system32\drivers\downld\15261187.exe

C:\WINDOWS\system32\drivers\downld\15268828.exe

C:\WINDOWS\system32\drivers\downld\1535156.exe

C:\WINDOWS\system32\drivers\downld\154515.exe

C:\WINDOWS\system32\drivers\downld\155703.exe

C:\WINDOWS\system32\drivers\downld\155843.exe

C:\WINDOWS\system32\drivers\downld\157546.exe

C:\WINDOWS\system32\drivers\downld\1577078.exe

C:\WINDOWS\system32\drivers\downld\158265.exe

C:\WINDOWS\system32\drivers\downld\1590781.exe

C:\WINDOWS\system32\drivers\downld\1599406.exe

C:\WINDOWS\system32\drivers\downld\1604218.exe

C:\WINDOWS\system32\drivers\downld\1619375.exe

C:\WINDOWS\system32\drivers\downld\1621984.exe

C:\WINDOWS\system32\drivers\downld\1629484.exe

C:\WINDOWS\system32\drivers\downld\163593.exe

C:\WINDOWS\system32\drivers\downld\1638906.exe

C:\WINDOWS\system32\drivers\downld\164281.exe

C:\WINDOWS\system32\drivers\downld\164375.exe

C:\WINDOWS\system32\drivers\downld\164406.exe

C:\WINDOWS\system32\drivers\downld\164953.exe

C:\WINDOWS\system32\drivers\downld\166203.exe

C:\WINDOWS\system32\drivers\downld\167734.exe

C:\WINDOWS\system32\drivers\downld\168109.exe

C:\WINDOWS\system32\drivers\downld\168765.exe

C:\WINDOWS\system32\drivers\downld\168921.exe

C:\WINDOWS\system32\drivers\downld\1693203.exe

C:\WINDOWS\system32\drivers\downld\169390.exe

C:\WINDOWS\system32\drivers\downld\169437.exe

C:\WINDOWS\system32\drivers\downld\1705656.exe

C:\WINDOWS\system32\drivers\downld\1714640.exe

C:\WINDOWS\system32\drivers\downld\1718953.exe

C:\WINDOWS\system32\drivers\downld\172703.exe

C:\WINDOWS\system32\drivers\downld\173921.exe

C:\WINDOWS\system32\drivers\downld\174953.exe

C:\WINDOWS\system32\drivers\downld\174968.exe

C:\WINDOWS\system32\drivers\downld\17725890.exe

C:\WINDOWS\system32\drivers\downld\17730890.exe

C:\WINDOWS\system32\drivers\downld\177796.exe

C:\WINDOWS\system32\drivers\downld\177968.exe

C:\WINDOWS\system32\drivers\downld\180546.exe

C:\WINDOWS\system32\drivers\downld\180859.exe

C:\WINDOWS\system32\drivers\downld\181843.exe

C:\WINDOWS\system32\drivers\downld\182968.exe

C:\WINDOWS\system32\drivers\downld\183328.exe

C:\WINDOWS\system32\drivers\downld\183468.exe

C:\WINDOWS\system32\drivers\downld\185796.exe

C:\WINDOWS\system32\drivers\downld\186796.exe

C:\WINDOWS\system32\drivers\downld\188093.exe

C:\WINDOWS\system32\drivers\downld\192296.exe

C:\WINDOWS\system32\drivers\downld\195328.exe

C:\WINDOWS\system32\drivers\downld\195750.exe

C:\WINDOWS\system32\drivers\downld\198281.exe

C:\WINDOWS\system32\drivers\downld\199687.exe

C:\WINDOWS\system32\drivers\downld\202640.exe

C:\WINDOWS\system32\drivers\downld\202875.exe

C:\WINDOWS\system32\drivers\downld\206843.exe

C:\WINDOWS\system32\drivers\downld\210437.exe

C:\WINDOWS\system32\drivers\downld\214500.exe

C:\WINDOWS\system32\drivers\downld\214625.exe

C:\WINDOWS\system32\drivers\downld\216187.exe

C:\WINDOWS\system32\drivers\downld\222500.exe

C:\WINDOWS\system32\drivers\downld\222921.exe

C:\WINDOWS\system32\drivers\downld\224812.exe

C:\WINDOWS\system32\drivers\downld\225234.exe

C:\WINDOWS\system32\drivers\downld\225859.exe

C:\WINDOWS\system32\drivers\downld\228203.exe

C:\WINDOWS\system32\drivers\downld\230625.exe

C:\WINDOWS\system32\drivers\downld\230812.exe

C:\WINDOWS\system32\drivers\downld\233468.exe

C:\WINDOWS\system32\drivers\downld\235890.exe

C:\WINDOWS\system32\drivers\downld\239843.exe

C:\WINDOWS\system32\drivers\downld\239921.exe

C:\WINDOWS\system32\drivers\downld\241906.exe

C:\WINDOWS\system32\drivers\downld\243984.exe

C:\WINDOWS\system32\drivers\downld\244375.exe

C:\WINDOWS\system32\drivers\downld\244656.exe

C:\WINDOWS\system32\drivers\downld\250562.exe

C:\WINDOWS\system32\drivers\downld\251250.exe

C:\WINDOWS\system32\drivers\downld\253140.exe

C:\WINDOWS\system32\drivers\downld\254328.exe

C:\WINDOWS\system32\drivers\downld\256781.exe

C:\WINDOWS\system32\drivers\downld\257796.exe

C:\WINDOWS\system32\drivers\downld\258687.exe

C:\WINDOWS\system32\drivers\downld\263359.exe

C:\WINDOWS\system32\drivers\downld\263453.exe

C:\WINDOWS\system32\drivers\downld\270031.exe

C:\WINDOWS\system32\drivers\downld\270312.exe

C:\WINDOWS\system32\drivers\downld\273281.exe

C:\WINDOWS\system32\drivers\downld\274453.exe

C:\WINDOWS\system32\drivers\downld\279187.exe

C:\WINDOWS\system32\drivers\downld\279609.exe

C:\WINDOWS\system32\drivers\downld\279734.exe

C:\WINDOWS\system32\drivers\downld\283687.exe

C:\WINDOWS\system32\drivers\downld\284640.exe

C:\WINDOWS\system32\drivers\downld\284734.exe

C:\WINDOWS\system32\drivers\downld\326906.exe

C:\WINDOWS\system32\drivers\downld\330328.exe

C:\WINDOWS\system32\drivers\downld\341734.exe

C:\WINDOWS\system32\drivers\downld\343843.exe

C:\WINDOWS\system32\drivers\downld\344546.exe

C:\WINDOWS\system32\drivers\downld\351578.exe

C:\WINDOWS\system32\drivers\downld\352562.exe

C:\WINDOWS\system32\drivers\downld\354375.exe

C:\WINDOWS\system32\drivers\downld\356421.exe

C:\WINDOWS\system32\drivers\downld\359218.exe

C:\WINDOWS\system32\drivers\downld\360296.exe

C:\WINDOWS\system32\drivers\downld\395953.exe

C:\WINDOWS\system32\drivers\downld\404281.exe

C:\WINDOWS\system32\drivers\downld\408953.exe

C:\WINDOWS\system32\drivers\downld\414671.exe

C:\WINDOWS\system32\drivers\downld\417265.exe

C:\WINDOWS\system32\drivers\downld\421765.exe

C:\WINDOWS\system32\drivers\downld\42597671.exe

C:\WINDOWS\system32\drivers\downld\42601921.exe

C:\WINDOWS\system32\drivers\downld\42610515.exe

C:\WINDOWS\system32\drivers\downld\42623609.exe

C:\WINDOWS\system32\drivers\downld\42640375.exe

C:\WINDOWS\system32\drivers\downld\42660296.exe

C:\WINDOWS\system32\drivers\downld\42663390.exe

C:\WINDOWS\system32\drivers\downld\42671703.exe

C:\WINDOWS\system32\drivers\downld\42676765.exe

C:\WINDOWS\system32\drivers\downld\42683500.exe

C:\WINDOWS\system32\drivers\downld\42756312.exe

C:\WINDOWS\system32\drivers\downld\42761484.exe

C:\WINDOWS\system32\drivers\downld\42780156.exe

C:\WINDOWS\system32\drivers\downld\42859609.exe

C:\WINDOWS\system32\drivers\downld\42862390.exe

C:\WINDOWS\system32\drivers\downld\42867156.exe

C:\WINDOWS\system32\drivers\downld\428703.exe

C:\WINDOWS\system32\drivers\downld\42875406.exe

C:\WINDOWS\system32\drivers\downld\42880593.exe

C:\WINDOWS\system32\drivers\downld\42895625.exe

C:\WINDOWS\system32\drivers\downld\429562.exe

C:\WINDOWS\system32\drivers\downld\43007718.exe

C:\WINDOWS\system32\drivers\downld\43030109.exe

C:\WINDOWS\system32\drivers\downld\43039828.exe

C:\WINDOWS\system32\drivers\downld\43044812.exe

C:\WINDOWS\system32\drivers\downld\443671.exe

C:\WINDOWS\system32\drivers\downld\446609.exe

C:\WINDOWS\system32\drivers\downld\453593.exe

C:\WINDOWS\system32\drivers\downld\458125.exe

C:\WINDOWS\system32\drivers\downld\463718.exe

C:\WINDOWS\system32\drivers\downld\470765.exe

C:\WINDOWS\system32\drivers\downld\472609.exe

C:\WINDOWS\system32\drivers\downld\491046.exe

C:\WINDOWS\system32\drivers\downld\76015.exe

C:\WINDOWS\system32\drivers\downld\83718.exe

C:\WINDOWS\system32\drivers\downld\84171.exe

C:\WINDOWS\system32\drivers\downld\84328.exe

C:\WINDOWS\system32\drivers\downld\88109.exe

C:\WINDOWS\system32\drivers\downld\9295609.exe

C:\WINDOWS\system32\drivers\downld\9299828.exe

C:\WINDOWS\system32\drivers\downld\9314671.exe

C:\WINDOWS\system32\drivers\downld\9345546.exe

C:\WINDOWS\system32\drivers\downld\9358328.exe

C:\WINDOWS\system32\drivers\downld\9374140.exe

C:\WINDOWS\system32\drivers\downld\94578.exe

C:\WINDOWS\system32\drivers\downld\96265.exe

C:\WINDOWS\system32\drivers\downld\97515.exe

C:\WINDOWS\system32\drivers\hldrrr.exe

C:\WINDOWS\system32\drivers\mdelk.exe

C:\WINDOWS\system32\drivers\srosa.sys

C:\WINDOWS\system32\mdelk.exe

C:\WINDOWS\system32\wintems.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_SROSA

-------\Legacy_BOONTY_GAMES

-------\Service_Boonty Games

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-17 to 2008-05-17 ))))))))))))))))))))))))))))))))))))

.

2009-04-22 20:24 . 2009-04-22 20:24 256 --a------ C:\WINDOWS\system32\imail40.rtl

2008-05-17 00:09 . 2008-05-17 00:09 <REP> d-------- C:\hjt

2008-05-12 12:37 . 2008-05-12 12:37 <REP> d-------- C:\Program Files\Spybot - Search & Destroy

2008-05-12 12:37 . 2008-05-12 12:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-05-12 12:35 . 2001-08-23 16:59 289,920 --a--c--- C:\WINDOWS\system32\dllcache\atimpab.sys

2008-05-12 12:35 . 2001-08-23 16:59 281,728 --a--c--- C:\WINDOWS\system32\dllcache\atimtai.sys

2008-05-12 12:35 . 2001-08-23 16:59 75,392 --a--c--- C:\WINDOWS\system32\dllcache\atimpae.sys

2008-05-12 12:35 . 2001-08-23 17:47 37,376 --a--c--- C:\WINDOWS\system32\dllcache\atievxx.exe

2008-05-12 12:35 . 2001-08-17 20:49 10,240 --a--c--- C:\WINDOWS\system32\dllcache\atipcxxx.sys

2008-05-12 12:33 . 2001-08-17 22:07 56,960 --a--c--- C:\WINDOWS\system32\dllcache\aic78xx.sys

2008-05-12 12:19 . 2001-08-17 20:19 747,392 --a--c--- C:\WINDOWS\system32\dllcache\adm8830.sys

2008-05-12 12:18 . 2007-02-28 18:02 2,182,400 --a--c--- C:\WINDOWS\system32\dllcache\OLD2B.tmp

2008-05-12 02:46 . 2008-05-12 02:50 <REP> d-------- C:\Documents and Settings\deray\.housecall6.6

2008-05-12 01:26 . 2008-05-12 01:26 <REP> d-------- C:\Program Files\Lavalys

2008-05-05 21:01 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt19.sqm

2008-05-05 21:01 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt18.sqm

2008-05-05 21:01 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt17.sqm

2008-05-05 21:01 . 2008-05-05 21:01 232 --ah----- C:\sqmdata19.sqm

2008-05-05 21:01 . 2008-05-05 21:01 232 --ah----- C:\sqmdata18.sqm

2008-05-05 21:01 . 2008-05-05 21:01 232 --ah----- C:\sqmdata17.sqm

2008-05-05 21:00 . 2008-05-05 21:00 244 --ah----- C:\sqmnoopt16.sqm

2008-05-05 21:00 . 2008-05-05 21:00 244 --ah----- C:\sqmnoopt15.sqm

2008-05-05 21:00 . 2008-05-05 23:06 244 --ah----- C:\sqmnoopt14.sqm

2008-05-05 21:00 . 2008-05-05 23:06 244 --ah----- C:\sqmnoopt13.sqm

2008-05-05 21:00 . 2008-05-05 21:00 232 --ah----- C:\sqmdata16.sqm

2008-05-05 21:00 . 2008-05-05 21:00 232 --ah----- C:\sqmdata15.sqm

2008-05-05 21:00 . 2008-05-05 23:06 232 --ah----- C:\sqmdata14.sqm

2008-05-05 21:00 . 2008-05-05 23:06 232 --ah----- C:\sqmdata13.sqm

2008-05-05 19:52 . 2008-05-05 19:52 <REP> d-------- C:\Program Files\CleanUp!

2008-05-05 17:41 . 2008-05-05 23:06 244 --ah----- C:\sqmnoopt12.sqm

2008-05-05 17:41 . 2008-05-05 23:06 232 --ah----- C:\sqmdata12.sqm

2008-05-04 21:24 . 2008-05-05 23:00 244 --ah----- C:\sqmnoopt05.sqm

2008-05-04 21:24 . 2008-05-05 23:00 232 --ah----- C:\sqmdata05.sqm

2008-05-04 21:23 . 2008-05-05 23:00 244 --ah----- C:\sqmnoopt04.sqm

2008-05-04 21:23 . 2008-05-05 23:00 232 --ah----- C:\sqmdata04.sqm

2008-05-04 20:17 . 2008-05-05 23:00 244 --ah----- C:\sqmnoopt03.sqm

2008-05-04 20:17 . 2008-05-05 23:00 232 --ah----- C:\sqmdata03.sqm

2008-05-04 20:10 . 2008-05-04 20:07 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl

2008-05-04 20:10 . 2008-05-04 20:07 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe

2008-05-04 20:10 . 2008-01-24 16:36 4,127,488 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys

2008-05-04 20:10 . 2008-05-04 20:07 577,536 --a------ C:\WINDOWS\soundman.exe

2008-05-04 20:10 . 2008-05-04 20:07 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll

2008-05-04 20:10 . 2008-05-04 20:07 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav

2008-05-04 20:10 . 2008-05-04 20:07 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe

2008-05-04 20:08 . 2008-05-05 20:07 <REP> d-------- C:\Program Files\Realtek AC97

2008-05-04 20:08 . 2008-05-04 20:07 315,392 --a------ C:\WINDOWS\alcupd.exe

2008-05-04 20:08 . 2008-05-04 20:07 217,088 --a------ C:\WINDOWS\alcrmv.exe

2008-05-04 02:45 . 2008-05-05 22:59 244 --ah----- C:\sqmnoopt02.sqm

2008-05-04 02:45 . 2008-05-05 22:59 232 --ah----- C:\sqmdata02.sqm

2008-05-04 01:50 . 2008-05-05 22:47 244 --ah----- C:\sqmnoopt01.sqm

2008-05-04 01:50 . 2008-05-05 22:47 232 --ah----- C:\sqmdata01.sqm

2008-05-03 09:47 . 2008-05-05 21:01 244 --ah----- C:\sqmnoopt00.sqm

2008-05-03 09:47 . 2008-05-05 21:01 232 --ah----- C:\sqmdata00.sqm

2008-05-02 18:21 . 2007-02-19 14:21 170,800 --a------ C:\WINDOWS\system32\drivers\PavProc.sys

2008-05-02 18:21 . 2007-03-12 17:27 31,104 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys

2008-05-01 02:12 . 2008-05-01 02:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson

2008-05-01 00:50 . 2008-05-01 00:50 290,816 --------- C:\WINDOWS\Setup1.exe

2008-05-01 00:50 . 2008-05-01 00:50 74,752 --a------ C:\WINDOWS\ST6UNST.EXE

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-05 18:08 --------- d-----w C:\Program Files\DivX

2008-05-04 18:08 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-02 16:21 --------- d-----w C:\Program Files\Fichiers communs\Panda Software

2008-05-02 14:23 --------- d-----w C:\Program Files\Zylom Games

2008-05-02 13:46 --------- d-----w C:\Program Files\LG PC Suite

2008-04-30 23:01 --------- d-----w C:\Program Files\eMule

2008-03-31 21:25 831,488 ----a-w C:\WINDOWS\system32\divx_xx0a.dll

2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll

2008-03-31 21:25 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll

2008-03-31 21:25 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll

2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\DivX.dll

2008-03-31 21:25 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe

2008-03-21 20:30 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys

2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll

2008-03-21 20:30 129,784 ------w C:\WINDOWS\system32\pxafs.dll

2008-03-21 20:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe

2008-03-21 20:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe

2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll

2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll

2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll

2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll

2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll

2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll

2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll

2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll

2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll

2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll

2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe

.

((((((((((((((((((((((((((((( snapshot@2008-05-17_ 0.37.44.14 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-05-16 22:23:37 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-05-17 21:40:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat

- 2004-08-19 15:09:24 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll

+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll

- 2004-08-19 15:09:34 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll

+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll

- 2004-08-19 15:09:34 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll

+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll

- 2004-08-19 15:09:34 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll

+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll

+ 2008-03-25 04:50:40 355,112 -c----w C:\WINDOWS\system32\dllcache\msjetol1.dll

- 2004-08-19 15:09:34 184,351 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll

+ 2008-03-25 04:51:08 194,144 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll

- 2004-08-19 15:09:34 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll

+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll

- 2004-08-19 15:09:34 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll

+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll

- 2004-08-19 15:09:34 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll

+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll

- 2004-08-19 15:09:34 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll

+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll

- 2004-08-19 15:09:34 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll

+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll

- 2004-08-19 15:09:34 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll

+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll

- 2004-08-19 15:09:34 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll

+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll

- 2004-08-19 15:09:36 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll

+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll

- 2004-08-19 15:09:36 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll

+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll

- 2004-08-19 15:09:36 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll

+ 2008-03-25 04:51:09 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll

- 2004-08-19 15:09:36 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll

+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll

- 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe

+ 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe

- 2004-08-19 15:09:34 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll

+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll

- 2004-08-19 15:09:34 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll

+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll

- 2004-08-19 15:09:34 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll

+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll

- 2004-07-17 10:34:48 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll

+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll

- 2004-08-19 15:09:34 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll

+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll

- 2004-08-19 15:09:34 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll

+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll

- 2004-08-19 15:09:34 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll

+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll

- 2004-08-19 15:09:34 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll

+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll

- 2004-08-19 15:09:34 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll

+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll

- 2004-08-19 15:09:34 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll

+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll

- 2004-08-19 15:09:34 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll

+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll

- 2004-08-19 15:09:36 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll

+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll

- 2004-08-19 15:09:36 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll

+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll

- 2004-08-19 15:09:36 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll

+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2005-03-08 05:33 53248 C:\WINDOWS\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2005-11-01 06:15 163840 C:\WINDOWS\system32\VTTrayp.exe]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 16:21 61952 C:\WINDOWS\system32\HdAShCut.exe]

"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 11:11 925696]

"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-04-25 04:52 385024]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37 35328]

"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2007-06-28 18:27 181488]

"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]

"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-03-14 04:06 1397760]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 11:56 286720]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

"oov6multiuser.exe"="C:\Program Files\OFFICE ONE6.0\program\oov6multiuser.exe" [2002-07-15 07:00 253440]

"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.0\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-01-28 17:10 500736]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.mpng"= C:\Program Files\photos montage\0.957\686\tabdec.dll

"vidc.mvjp"= C:\Program Files\photos montage\0.957\686\tabdec.dll

"vidc.444p"= C:\Program Files\photos montage\0.957\686\tabdec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\WINDOWS\\system32\\rundll32.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 05:38]

R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-02-23 05:39]

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]

R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-03-12 17:27]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]

R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]

R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2006-03-21 17:28]

S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 00:08]

S4 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-02-19 14:21]

.

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

"2008-05-05 19:30:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-05-17 21:50:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

Suite des opérations, poste un nouveau rapport HijackThis stp.

J'aimerais si tu peux que tu fasses un zip du dossier suivant :

C:\Qoobox

Il contient les fichiers éliminés, ce serait pour les analyser.

adrien84 · le 18 mai 2008

voila j'ai refait une analyse avec HjT et avant ca j'avais zippé le dossier que tu m'as dit ....mais j'ai qd meme laissé le dossier non zippé dans le C:

voila le rapport.....merci!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:25, on 2008-05-18

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Neuf\Kit\WiFi\9wifi.exe

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\OFFICE One6.0\OFFICE One PDF Manager\OoPDFSettingsv6.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\LightSurf\Common\IconMgr.exe

C:\Program Files\OFFICE ONE6.0\OFFICE One Notes\oonotesv65.exe

C:\Program Files\LightSurf\Colorific\hgcctl95.exe

C:\Program Files\OFFICE ONE6.0\program\soffice.exe

C:\Program Files\LightSurf\Color Indicator\TICIcon.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE

C:\Documents and Settings\deray\Local Settings\Temporary Internet Files\Content.IE5\15KMC5EB\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll