SOS : problème avec power cinema, plus de periph tv

lea38 · le 18 décembre 2008

Bonsoir à tous

Je reviens vers vous car j'ai besoin d'un coup de main.

Je pense qu'il s'agit d'une infection, en même temps j'ai teléchargé un fichier zip et lancé une appli, (je peux m'en prendre qu'à moi même...)et depuis c'est la folie.

L'ordi n'a pas arreté de me planter, après maintes bidouille (mode sans echec, essayé de restaurer système....) Avast, Ad aware, power cinema...plus rien de marchait, dont VLC, winamp...que j'ai débloqué grace à l'aide...

Mais ce qui m'ennuie bien c'est que je peux plus regarder la téloche car Power cinema me dit qu'il n'y a pas de periphérique tv :P

Il y aurait il ici une ame charitable pour m'aider à débloquer tout ça ?

Faut t il que je poste un rapport hijacthis ? (fait en mode sans echec j'imagine car là ça marche pas)

D'avance merci à tous

Bonne soirée.

Lea38

Modifié le 29 avril 2009 par lea38

Thanos · le 18 décembre 2008

Salut

Poste plutôt le rapport suivant stp: fais le scan en mode normal si possible >>

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

Modifié le 18 décembre 2008 par Thanos

lea38 · le 18 décembre 2008

Bonsoir Thanos et merci de t'occuper de mon cas

Par contre ça commence mal : après "continue" ( et une barre de progression) il se passe rien, j'ai retenté et j'ai pu accepter la licence puis rien...ou message d'erreur.

Autre souci, j'arrive plus à démarrer en mode sans echec au cas où.

Merci @ +

Thanos · le 18 décembre 2008

ok: regarde dans le dossier C:\Program Files\trend micro et regarde si tu trouves le fichier lea38.exe > double clique dessus et accepte la license qui s'affiche en cliquant sur le bouton "I Accept".

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport.

lea38 · le 18 décembre 2008

Bon, ça non plus il veut pas quand je double click sur lea.exe, toujours le même message d'erreur : " ...........n'est pas un aplication valide win32"

Thanos · le 18 décembre 2008

ok le pc est sans doute infecté par Bagle: Voilà la marche à suivre scrupuleusement >>

Fais un clic sur le bouton droit de ta souris ICI
Choisis Enregistrer la cible (du lien) sous > une fenêtre s'ouvre >>
Dans le champs à droite de "Nom du Fichier" en bas de page, modifie le nom présent (ComboFix.exe) et met ceci >> lea38.exe
Enregistre-le fichier sur le Bureau: pour cela clique sur le bouton Enregistrer.

Attention!! N'oublie surtout pas de renommer le fichier avant de le télécharger sur le Bureau, sinon il sera détruit par Bagle!
Assure toi que tous les programmes soient fermés avant de lancer le fix!
Fait un double clique sur lea38.exe.
Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
Tape sur la touche Y (Yes) pour démarrer le scan.
Le pc va certainement redémarrer pour terminer le nettoyage: poste le contenu du rapport qui sera généré au redémarrage dans ton prochain message.
Si tu ne vois pas le rapport, tu le trouveras ici > C:\ComboFix.txt

lea38 · le 18 décembre 2008

Re

Voici le rapport :

ComboFix 08-12-18.01 - emily 2008-12-18 23:03:36.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.447.181 [GMT 1:00]

Lancé depuis: d:\documents and settings\emily\Bureau\lea38.exe

* Un nouveau point de restauration a été créé

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\apps\skype\phone\Skype.exe

c:\windows\system32\ban_list.txt

c:\windows\system32\mdelk.exe

c:\windows\system32\wintems.exe

d:\documents and settings\emily\Application Data\drivers\downld

d:\documents and settings\emily\Application Data\drivers\downld\100062.exe

d:\documents and settings\emily\Application Data\drivers\downld\100265.exe

d:\documents and settings\emily\Application Data\drivers\downld\102031.exe

d:\documents and settings\emily\Application Data\drivers\downld\102687.exe

d:\documents and settings\emily\Application Data\drivers\downld\102796.exe

d:\documents and settings\emily\Application Data\drivers\downld\108296.exe

d:\documents and settings\emily\Application Data\drivers\downld\109062.exe

d:\documents and settings\emily\Application Data\drivers\downld\109312.exe

d:\documents and settings\emily\Application Data\drivers\downld\109359.exe

d:\documents and settings\emily\Application Data\drivers\downld\110671.exe

d:\documents and settings\emily\Application Data\drivers\downld\111125.exe

d:\documents and settings\emily\Application Data\drivers\downld\111203.exe

d:\documents and settings\emily\Application Data\drivers\downld\112562.exe

d:\documents and settings\emily\Application Data\drivers\downld\113125.exe

d:\documents and settings\emily\Application Data\drivers\downld\113312.exe

d:\documents and settings\emily\Application Data\drivers\downld\114703.exe

d:\documents and settings\emily\Application Data\drivers\downld\115031.exe

d:\documents and settings\emily\Application Data\drivers\downld\115609.exe

d:\documents and settings\emily\Application Data\drivers\downld\117500.exe

d:\documents and settings\emily\Application Data\drivers\downld\118156.exe

d:\documents and settings\emily\Application Data\drivers\downld\118343.exe

d:\documents and settings\emily\Application Data\drivers\downld\119343.exe

d:\documents and settings\emily\Application Data\drivers\downld\120187.exe

d:\documents and settings\emily\Application Data\drivers\downld\120484.exe

d:\documents and settings\emily\Application Data\drivers\downld\120687.exe

d:\documents and settings\emily\Application Data\drivers\downld\120890.exe

d:\documents and settings\emily\Application Data\drivers\downld\121265.exe

d:\documents and settings\emily\Application Data\drivers\downld\123843.exe

d:\documents and settings\emily\Application Data\drivers\downld\125203.exe

d:\documents and settings\emily\Application Data\drivers\downld\125734.exe

d:\documents and settings\emily\Application Data\drivers\downld\126328.exe

d:\documents and settings\emily\Application Data\drivers\downld\127250.exe

d:\documents and settings\emily\Application Data\drivers\downld\127781.exe

d:\documents and settings\emily\Application Data\drivers\downld\128000.exe

d:\documents and settings\emily\Application Data\drivers\downld\130500.exe

d:\documents and settings\emily\Application Data\drivers\downld\131171.exe

d:\documents and settings\emily\Application Data\drivers\downld\131500.exe

d:\documents and settings\emily\Application Data\drivers\downld\139125.exe

d:\documents and settings\emily\Application Data\drivers\downld\139343.exe

d:\documents and settings\emily\Application Data\drivers\downld\142484.exe

d:\documents and settings\emily\Application Data\drivers\downld\142859.exe

d:\documents and settings\emily\Application Data\drivers\downld\143343.exe

d:\documents and settings\emily\Application Data\drivers\downld\143375.exe

d:\documents and settings\emily\Application Data\drivers\downld\143906.exe

d:\documents and settings\emily\Application Data\drivers\downld\143937.exe

d:\documents and settings\emily\Application Data\drivers\downld\143968.exe

d:\documents and settings\emily\Application Data\drivers\downld\146234.exe

d:\documents and settings\emily\Application Data\drivers\downld\146937.exe

d:\documents and settings\emily\Application Data\drivers\downld\14718093.exe

d:\documents and settings\emily\Application Data\drivers\downld\14718359.exe

d:\documents and settings\emily\Application Data\drivers\downld\14718375.exe

d:\documents and settings\emily\Application Data\drivers\downld\14723875.exe

d:\documents and settings\emily\Application Data\drivers\downld\147250.exe

d:\documents and settings\emily\Application Data\drivers\downld\14732703.exe

d:\documents and settings\emily\Application Data\drivers\downld\14734281.exe

d:\documents and settings\emily\Application Data\drivers\downld\14734687.exe

d:\documents and settings\emily\Application Data\drivers\downld\147703.exe

d:\documents and settings\emily\Application Data\drivers\downld\147765.exe

d:\documents and settings\emily\Application Data\drivers\downld\14776656.exe

d:\documents and settings\emily\Application Data\drivers\downld\14777296.exe

d:\documents and settings\emily\Application Data\drivers\downld\14777750.exe

d:\documents and settings\emily\Application Data\drivers\downld\14795062.exe

d:\documents and settings\emily\Application Data\drivers\downld\148046.exe

d:\documents and settings\emily\Application Data\drivers\downld\14812890.exe

d:\documents and settings\emily\Application Data\drivers\downld\14812953.exe

d:\documents and settings\emily\Application Data\drivers\downld\14812968.exe

d:\documents and settings\emily\Application Data\drivers\downld\14827859.exe

d:\documents and settings\emily\Application Data\drivers\downld\14828062.exe

d:\documents and settings\emily\Application Data\drivers\downld\14828109.exe

d:\documents and settings\emily\Application Data\drivers\downld\14845781.exe

d:\documents and settings\emily\Application Data\drivers\downld\14847406.exe

d:\documents and settings\emily\Application Data\drivers\downld\14848187.exe

d:\documents and settings\emily\Application Data\drivers\downld\14849046.exe

d:\documents and settings\emily\Application Data\drivers\downld\14849781.exe

d:\documents and settings\emily\Application Data\drivers\downld\14850671.exe

d:\documents and settings\emily\Application Data\drivers\downld\14866031.exe

d:\documents and settings\emily\Application Data\drivers\downld\14866640.exe

d:\documents and settings\emily\Application Data\drivers\downld\14866953.exe

d:\documents and settings\emily\Application Data\drivers\downld\148796.exe

d:\documents and settings\emily\Application Data\drivers\downld\148921.exe

d:\documents and settings\emily\Application Data\drivers\downld\14926859.exe

d:\documents and settings\emily\Application Data\drivers\downld\14933156.exe

d:\documents and settings\emily\Application Data\drivers\downld\14934328.exe

d:\documents and settings\emily\Application Data\drivers\downld\14935046.exe

d:\documents and settings\emily\Application Data\drivers\downld\14970437.exe

d:\documents and settings\emily\Application Data\drivers\downld\14971828.exe

d:\documents and settings\emily\Application Data\drivers\downld\14972234.exe

d:\documents and settings\emily\Application Data\drivers\downld\151828.exe

d:\documents and settings\emily\Application Data\drivers\downld\151921.exe

d:\documents and settings\emily\Application Data\drivers\downld\153140.exe

d:\documents and settings\emily\Application Data\drivers\downld\153171.exe

d:\documents and settings\emily\Application Data\drivers\downld\153531.exe

d:\documents and settings\emily\Application Data\drivers\downld\153656.exe

d:\documents and settings\emily\Application Data\drivers\downld\153843.exe

d:\documents and settings\emily\Application Data\drivers\downld\153890.exe

d:\documents and settings\emily\Application Data\drivers\downld\156156.exe

d:\documents and settings\emily\Application Data\drivers\downld\156687.exe

d:\documents and settings\emily\Application Data\drivers\downld\157171.exe

d:\documents and settings\emily\Application Data\drivers\downld\158468.exe

d:\documents and settings\emily\Application Data\drivers\downld\159406.exe

d:\documents and settings\emily\Application Data\drivers\downld\159812.exe

d:\documents and settings\emily\Application Data\drivers\downld\160968.exe

d:\documents and settings\emily\Application Data\drivers\downld\161000.exe

d:\documents and settings\emily\Application Data\drivers\downld\161031.exe

d:\documents and settings\emily\Application Data\drivers\downld\161140.exe

d:\documents and settings\emily\Application Data\drivers\downld\161671.exe

d:\documents and settings\emily\Application Data\drivers\downld\162156.exe

d:\documents and settings\emily\Application Data\drivers\downld\162671.exe

d:\documents and settings\emily\Application Data\drivers\downld\162718.exe

d:\documents and settings\emily\Application Data\drivers\downld\163281.exe

d:\documents and settings\emily\Application Data\drivers\downld\163765.exe

d:\documents and settings\emily\Application Data\drivers\downld\163796.exe

d:\documents and settings\emily\Application Data\drivers\downld\164281.exe

d:\documents and settings\emily\Application Data\drivers\downld\164296.exe

d:\documents and settings\emily\Application Data\drivers\downld\165375.exe

d:\documents and settings\emily\Application Data\drivers\downld\165406.exe

d:\documents and settings\emily\Application Data\drivers\downld\166250.exe

d:\documents and settings\emily\Application Data\drivers\downld\166484.exe

d:\documents and settings\emily\Application Data\drivers\downld\166968.exe

d:\documents and settings\emily\Application Data\drivers\downld\167578.exe

d:\documents and settings\emily\Application Data\drivers\downld\167687.exe

d:\documents and settings\emily\Application Data\drivers\downld\167812.exe

d:\documents and settings\emily\Application Data\drivers\downld\167968.exe

d:\documents and settings\emily\Application Data\drivers\downld\169031.exe

d:\documents and settings\emily\Application Data\drivers\downld\169046.exe

d:\documents and settings\emily\Application Data\drivers\downld\170000.exe

d:\documents and settings\emily\Application Data\drivers\downld\170734.exe

d:\documents and settings\emily\Application Data\drivers\downld\170765.exe

d:\documents and settings\emily\Application Data\drivers\downld\171406.exe

d:\documents and settings\emily\Application Data\drivers\downld\171484.exe

d:\documents and settings\emily\Application Data\drivers\downld\171625.exe

d:\documents and settings\emily\Application Data\drivers\downld\171703.exe

d:\documents and settings\emily\Application Data\drivers\downld\171843.exe

d:\documents and settings\emily\Application Data\drivers\downld\172031.exe

d:\documents and settings\emily\Application Data\drivers\downld\172890.exe

d:\documents and settings\emily\Application Data\drivers\downld\173000.exe

d:\documents and settings\emily\Application Data\drivers\downld\173187.exe

d:\documents and settings\emily\Application Data\drivers\downld\173234.exe

d:\documents and settings\emily\Application Data\drivers\downld\173484.exe

d:\documents and settings\emily\Application Data\drivers\downld\174109.exe

d:\documents and settings\emily\Application Data\drivers\downld\175171.exe

d:\documents and settings\emily\Application Data\drivers\downld\175750.exe

d:\documents and settings\emily\Application Data\drivers\downld\176015.exe

d:\documents and settings\emily\Application Data\drivers\downld\176984.exe

d:\documents and settings\emily\Application Data\drivers\downld\177375.exe

d:\documents and settings\emily\Application Data\drivers\downld\178828.exe

d:\documents and settings\emily\Application Data\drivers\downld\180484.exe

d:\documents and settings\emily\Application Data\drivers\downld\182218.exe

d:\documents and settings\emily\Application Data\drivers\downld\182328.exe

d:\documents and settings\emily\Application Data\drivers\downld\183218.exe

d:\documents and settings\emily\Application Data\drivers\downld\183437.exe

d:\documents and settings\emily\Application Data\drivers\downld\183687.exe

d:\documents and settings\emily\Application Data\drivers\downld\183828.exe

d:\documents and settings\emily\Application Data\drivers\downld\184000.exe

d:\documents and settings\emily\Application Data\drivers\downld\184203.exe

d:\documents and settings\emily\Application Data\drivers\downld\184421.exe

d:\documents and settings\emily\Application Data\drivers\downld\184515.exe

d:\documents and settings\emily\Application Data\drivers\downld\185015.exe

d:\documents and settings\emily\Application Data\drivers\downld\185390.exe

d:\documents and settings\emily\Application Data\drivers\downld\185453.exe

d:\documents and settings\emily\Application Data\drivers\downld\185718.exe

d:\documents and settings\emily\Application Data\drivers\downld\185781.exe

d:\documents and settings\emily\Application Data\drivers\downld\186015.exe

d:\documents and settings\emily\Application Data\drivers\downld\186031.exe

d:\documents and settings\emily\Application Data\drivers\downld\186125.exe

d:\documents and settings\emily\Application Data\drivers\downld\186218.exe

d:\documents and settings\emily\Application Data\drivers\downld\186312.exe

d:\documents and settings\emily\Application Data\drivers\downld\186546.exe

d:\documents and settings\emily\Application Data\drivers\downld\186562.exe

d:\documents and settings\emily\Application Data\drivers\downld\186718.exe

d:\documents and settings\emily\Application Data\drivers\downld\187281.exe

d:\documents and settings\emily\Application Data\drivers\downld\187812.exe

d:\documents and settings\emily\Application Data\drivers\downld\188078.exe

d:\documents and settings\emily\Application Data\drivers\downld\188875.exe

d:\documents and settings\emily\Application Data\drivers\downld\193656.exe

d:\documents and settings\emily\Application Data\drivers\downld\193781.exe

d:\documents and settings\emily\Application Data\drivers\downld\194453.exe

d:\documents and settings\emily\Application Data\drivers\downld\194906.exe

d:\documents and settings\emily\Application Data\drivers\downld\195015.exe

d:\documents and settings\emily\Application Data\drivers\downld\195187.exe

d:\documents and settings\emily\Application Data\drivers\downld\195343.exe

d:\documents and settings\emily\Application Data\drivers\downld\195953.exe

d:\documents and settings\emily\Application Data\drivers\downld\196250.exe

d:\documents and settings\emily\Application Data\drivers\downld\198093.exe

d:\documents and settings\emily\Application Data\drivers\downld\198421.exe

d:\documents and settings\emily\Application Data\drivers\downld\198593.exe

d:\documents and settings\emily\Application Data\drivers\downld\199078.exe

d:\documents and settings\emily\Application Data\drivers\downld\199234.exe

d:\documents and settings\emily\Application Data\drivers\downld\199500.exe

d:\documents and settings\emily\Application Data\drivers\downld\200187.exe

d:\documents and settings\emily\Application Data\drivers\downld\200328.exe

d:\documents and settings\emily\Application Data\drivers\downld\200406.exe

d:\documents and settings\emily\Application Data\drivers\downld\200531.exe

d:\documents and settings\emily\Application Data\drivers\downld\201062.exe

d:\documents and settings\emily\Application Data\drivers\downld\201328.exe

d:\documents and settings\emily\Application Data\drivers\downld\201546.exe

d:\documents and settings\emily\Application Data\drivers\downld\201578.exe

d:\documents and settings\emily\Application Data\drivers\downld\201953.exe

d:\documents and settings\emily\Application Data\drivers\downld\202218.exe

d:\documents and settings\emily\Application Data\drivers\downld\202656.exe

d:\documents and settings\emily\Application Data\drivers\downld\202671.exe

d:\documents and settings\emily\Application Data\drivers\downld\202875.exe

d:\documents and settings\emily\Application Data\drivers\downld\203000.exe

d:\documents and settings\emily\Application Data\drivers\downld\203390.exe

d:\documents and settings\emily\Application Data\drivers\downld\203531.exe

d:\documents and settings\emily\Application Data\drivers\downld\203734.exe

d:\documents and settings\emily\Application Data\drivers\downld\203828.exe

d:\documents and settings\emily\Application Data\drivers\downld\204031.exe

d:\documents and settings\emily\Application Data\drivers\downld\204656.exe

d:\documents and settings\emily\Application Data\drivers\downld\204906.exe

d:\documents and settings\emily\Application Data\drivers\downld\205140.exe

d:\documents and settings\emily\Application Data\drivers\downld\205531.exe

d:\documents and settings\emily\Application Data\drivers\downld\205703.exe

d:\documents and settings\emily\Application Data\drivers\downld\206125.exe

d:\documents and settings\emily\Application Data\drivers\downld\206250.exe

d:\documents and settings\emily\Application Data\drivers\downld\210734.exe

d:\documents and settings\emily\Application Data\drivers\downld\211718.exe

d:\documents and settings\emily\Application Data\drivers\downld\212468.exe

d:\documents and settings\emily\Application Data\drivers\downld\213812.exe

d:\documents and settings\emily\Application Data\drivers\downld\219796.exe

d:\documents and settings\emily\Application Data\drivers\downld\220359.exe

d:\documents and settings\emily\Application Data\drivers\downld\221000.exe

d:\documents and settings\emily\Application Data\drivers\downld\224375.exe

d:\documents and settings\emily\Application Data\drivers\downld\225375.exe

d:\documents and settings\emily\Application Data\drivers\downld\225390.exe

d:\documents and settings\emily\Application Data\drivers\downld\225437.exe

d:\documents and settings\emily\Application Data\drivers\downld\225781.exe

d:\documents and settings\emily\Application Data\drivers\downld\225890.exe

d:\documents and settings\emily\Application Data\drivers\downld\226031.exe

d:\documents and settings\emily\Application Data\drivers\downld\226312.exe

d:\documents and settings\emily\Application Data\drivers\downld\226328.exe

d:\documents and settings\emily\Application Data\drivers\downld\227000.exe

d:\documents and settings\emily\Application Data\drivers\downld\227015.exe

d:\documents and settings\emily\Application Data\drivers\downld\227234.exe

d:\documents and settings\emily\Application Data\drivers\downld\227515.exe

d:\documents and settings\emily\Application Data\drivers\downld\228109.exe

d:\documents and settings\emily\Application Data\drivers\downld\228171.exe

d:\documents and settings\emily\Application Data\drivers\downld\228453.exe

d:\documents and settings\emily\Application Data\drivers\downld\229296.exe

d:\documents and settings\emily\Application Data\drivers\downld\229781.exe

d:\documents and settings\emily\Application Data\drivers\downld\230375.exe

d:\documents and settings\emily\Application Data\drivers\downld\230515.exe

d:\documents and settings\emily\Application Data\drivers\downld\230937.exe

d:\documents and settings\emily\Application Data\drivers\downld\231250.exe

d:\documents and settings\emily\Application Data\drivers\downld\232125.exe

d:\documents and settings\emily\Application Data\drivers\downld\234453.exe

d:\documents and settings\emily\Application Data\drivers\downld\235281.exe

d:\documents and settings\emily\Application Data\drivers\downld\235296.exe

d:\documents and settings\emily\Application Data\drivers\downld\239312.exe

d:\documents and settings\emily\Application Data\drivers\downld\240531.exe

d:\documents and settings\emily\Application Data\drivers\downld\240984.exe

d:\documents and settings\emily\Application Data\drivers\downld\241390.exe

d:\documents and settings\emily\Application Data\drivers\downld\241453.exe

d:\documents and settings\emily\Application Data\drivers\downld\241640.exe

d:\documents and settings\emily\Application Data\drivers\downld\243000.exe

d:\documents and settings\emily\Application Data\drivers\downld\243093.exe

d:\documents and settings\emily\Application Data\drivers\downld\243859.exe

d:\documents and settings\emily\Application Data\drivers\downld\243953.exe

d:\documents and settings\emily\Application Data\drivers\downld\248796.exe

d:\documents and settings\emily\Application Data\drivers\downld\249312.exe

d:\documents and settings\emily\Application Data\drivers\downld\249328.exe

d:\documents and settings\emily\Application Data\drivers\downld\252906.exe

d:\documents and settings\emily\Application Data\drivers\downld\253406.exe

d:\documents and settings\emily\Application Data\drivers\downld\253890.exe

d:\documents and settings\emily\Application Data\drivers\downld\256281.exe

d:\documents and settings\emily\Application Data\drivers\downld\256968.exe

d:\documents and settings\emily\Application Data\drivers\downld\257140.exe

d:\documents and settings\emily\Application Data\drivers\downld\257265.exe

d:\documents and settings\emily\Application Data\drivers\downld\257828.exe

d:\documents and settings\emily\Application Data\drivers\downld\259187.exe

d:\documents and settings\emily\Application Data\drivers\downld\259203.exe

d:\documents and settings\emily\Application Data\drivers\downld\260093.exe

d:\documents and settings\emily\Application Data\drivers\downld\260109.exe

d:\documents and settings\emily\Application Data\drivers\downld\260984.exe

d:\documents and settings\emily\Application Data\drivers\downld\261109.exe

d:\documents and settings\emily\Application Data\drivers\downld\261140.exe

d:\documents and settings\emily\Application Data\drivers\downld\262015.exe

d:\documents and settings\emily\Application Data\drivers\downld\262062.exe

d:\documents and settings\emily\Application Data\drivers\downld\262609.exe

d:\documents and settings\emily\Application Data\drivers\downld\262687.exe

d:\documents and settings\emily\Application Data\drivers\downld\262765.exe

d:\documents and settings\emily\Application Data\drivers\downld\263078.exe

d:\documents and settings\emily\Application Data\drivers\downld\263718.exe

d:\documents and settings\emily\Application Data\drivers\downld\264359.exe

d:\documents and settings\emily\Application Data\drivers\downld\264765.exe

d:\documents and settings\emily\Application Data\drivers\downld\268593.exe

d:\documents and settings\emily\Application Data\drivers\downld\272390.exe

d:\documents and settings\emily\Application Data\drivers\downld\273718.exe

d:\documents and settings\emily\Application Data\drivers\downld\274109.exe

d:\documents and settings\emily\Application Data\drivers\downld\274296.exe

d:\documents and settings\emily\Application Data\drivers\downld\275312.exe

d:\documents and settings\emily\Application Data\drivers\downld\276250.exe

d:\documents and settings\emily\Application Data\drivers\downld\276968.exe

d:\documents and settings\emily\Application Data\drivers\downld\280031.exe

d:\documents and settings\emily\Application Data\drivers\downld\284171.exe

d:\documents and settings\emily\Application Data\drivers\downld\284375.exe

d:\documents and settings\emily\Application Data\drivers\downld\284718.exe

d:\documents and settings\emily\Application Data\drivers\downld\284921.exe

d:\documents and settings\emily\Application Data\drivers\downld\285156.exe

d:\documents and settings\emily\Application Data\drivers\downld\285187.exe

d:\documents and settings\emily\Application Data\drivers\downld\285281.exe

d:\documents and settings\emily\Application Data\drivers\downld\285500.exe

d:\documents and settings\emily\Application Data\drivers\downld\286296.exe

d:\documents and settings\emily\Application Data\drivers\downld\286718.exe

d:\documents and settings\emily\Application Data\drivers\downld\287312.exe

d:\documents and settings\emily\Application Data\drivers\downld\287328.exe

d:\documents and settings\emily\Application Data\drivers\downld\288406.exe

d:\documents and settings\emily\Application Data\drivers\downld\288703.exe

d:\documents and settings\emily\Application Data\drivers\downld\288984.exe

d:\documents and settings\emily\Application Data\drivers\downld\289343.exe

d:\documents and settings\emily\Application Data\drivers\downld\289375.exe

d:\documents and settings\emily\Application Data\drivers\downld\289656.exe

d:\documents and settings\emily\Application Data\drivers\downld\291218.exe

d:\documents and settings\emily\Application Data\drivers\downld\291515.exe

d:\documents and settings\emily\Application Data\drivers\downld\292390.exe

d:\documents and settings\emily\Application Data\drivers\downld\298359.exe

d:\documents and settings\emily\Application Data\drivers\downld\298734.exe

d:\documents and settings\emily\Application Data\drivers\downld\299078.exe

d:\documents and settings\emily\Application Data\drivers\downld\299390.exe

d:\documents and settings\emily\Application Data\drivers\downld\299812.exe

d:\documents and settings\emily\Application Data\drivers\downld\307359.exe

d:\documents and settings\emily\Application Data\drivers\downld\311015.exe

d:\documents and settings\emily\Application Data\drivers\downld\311875.exe

d:\documents and settings\emily\Application Data\drivers\downld\312218.exe

d:\documents and settings\emily\Application Data\drivers\downld\312765.exe

d:\documents and settings\emily\Application Data\drivers\downld\314421.exe

d:\documents and settings\emily\Application Data\drivers\downld\315484.exe

d:\documents and settings\emily\Application Data\drivers\downld\315859.exe

d:\documents and settings\emily\Application Data\drivers\downld\318390.exe

d:\documents and settings\emily\Application Data\drivers\downld\319937.exe

d:\documents and settings\emily\Application Data\drivers\downld\320281.exe

d:\documents and settings\emily\Application Data\drivers\downld\321921.exe

d:\documents and settings\emily\Application Data\drivers\downld\322531.exe

d:\documents and settings\emily\Application Data\drivers\downld\323640.exe

d:\documents and settings\emily\Application Data\drivers\downld\323843.exe

d:\documents and settings\emily\Application Data\drivers\downld\324078.exe

d:\documents and settings\emily\Application Data\drivers\downld\324546.exe

d:\documents and settings\emily\Application Data\drivers\downld\328000.exe

d:\documents and settings\emily\Application Data\drivers\downld\329250.exe

d:\documents and settings\emily\Application Data\drivers\downld\329734.exe

d:\documents and settings\emily\Application Data\drivers\downld\330828.exe

d:\documents and settings\emily\Application Data\drivers\downld\331953.exe

d:\documents and settings\emily\Application Data\drivers\downld\332296.exe

d:\documents and settings\emily\Application Data\drivers\downld\343000.exe

d:\documents and settings\emily\Application Data\drivers\downld\344750.exe

d:\documents and settings\emily\Application Data\drivers\downld\345546.exe

d:\documents and settings\emily\Application Data\drivers\downld\346015.exe

d:\documents and settings\emily\Application Data\drivers\downld\346984.exe

d:\documents and settings\emily\Application Data\drivers\downld\347359.exe

d:\documents and settings\emily\Application Data\drivers\downld\348734.exe

d:\documents and settings\emily\Application Data\drivers\downld\349015.exe

d:\documents and settings\emily\Application Data\drivers\downld\349937.exe

d:\documents and settings\emily\Application Data\drivers\downld\351500.exe

d:\documents and settings\emily\Application Data\drivers\downld\351687.exe

d:\documents and settings\emily\Application Data\drivers\downld\355687.exe

d:\documents and settings\emily\Application Data\drivers\downld\357921.exe

d:\documents and settings\emily\Application Data\drivers\downld\359671.exe

d:\documents and settings\emily\Application Data\drivers\downld\360078.exe

d:\documents and settings\emily\Application Data\drivers\downld\360312.exe

d:\documents and settings\emily\Application Data\drivers\downld\360671.exe

d:\documents and settings\emily\Application Data\drivers\downld\361453.exe

d:\documents and settings\emily\Application Data\drivers\downld\361703.exe

d:\documents and settings\emily\Application Data\drivers\downld\361890.exe

d:\documents and settings\emily\Application Data\drivers\downld\362187.exe

d:\documents and settings\emily\Application Data\drivers\downld\364046.exe

d:\documents and settings\emily\Application Data\drivers\downld\364640.exe

d:\documents and settings\emily\Application Data\drivers\downld\386703.exe

d:\documents and settings\emily\Application Data\drivers\downld\388156.exe

d:\documents and settings\emily\Application Data\drivers\downld\388890.exe

d:\documents and settings\emily\Application Data\drivers\downld\397843.exe

d:\documents and settings\emily\Application Data\drivers\downld\398781.exe

d:\documents and settings\emily\Application Data\drivers\downld\399390.exe

d:\documents and settings\emily\Application Data\drivers\downld\401921.exe

d:\documents and settings\emily\Application Data\drivers\downld\401953.exe

d:\documents and settings\emily\Application Data\drivers\downld\403171.exe

d:\documents and settings\emily\Application Data\drivers\downld\403359.exe

d:\documents and settings\emily\Application Data\drivers\downld\403593.exe

d:\documents and settings\emily\Application Data\drivers\downld\403890.exe

d:\documents and settings\emily\Application Data\drivers\downld\612406.exe

d:\documents and settings\emily\Application Data\drivers\downld\613468.exe

d:\documents and settings\emily\Application Data\drivers\downld\613484.exe

d:\documents and settings\emily\Application Data\drivers\downld\626562.exe

d:\documents and settings\emily\Application Data\drivers\downld\627031.exe

d:\documents and settings\emily\Application Data\drivers\downld\627140.exe

d:\documents and settings\emily\Application Data\drivers\downld\638671.exe

d:\documents and settings\emily\Application Data\drivers\downld\640296.exe

d:\documents and settings\emily\Application Data\drivers\downld\640984.exe

d:\documents and settings\emily\Application Data\drivers\downld\641921.exe

d:\documents and settings\emily\Application Data\drivers\downld\642765.exe

d:\documents and settings\emily\Application Data\drivers\downld\643156.exe

d:\documents and settings\emily\Application Data\drivers\downld\656546.exe

d:\documents and settings\emily\Application Data\drivers\downld\657062.exe

d:\documents and settings\emily\Application Data\drivers\downld\657484.exe

d:\documents and settings\emily\Application Data\drivers\downld\68546.exe

d:\documents and settings\emily\Application Data\drivers\downld\68953.exe

d:\documents and settings\emily\Application Data\drivers\downld\69187.exe

d:\documents and settings\emily\Application Data\drivers\downld\69843.exe

d:\documents and settings\emily\Application Data\drivers\downld\713515.exe

d:\documents and settings\emily\Application Data\drivers\downld\716843.exe

d:\documents and settings\emily\Application Data\drivers\downld\720921.exe

d:\documents and settings\emily\Application Data\drivers\downld\722687.exe

d:\documents and settings\emily\Application Data\drivers\downld\723328.exe

d:\documents and settings\emily\Application Data\drivers\downld\754390.exe

d:\documents and settings\emily\Application Data\drivers\downld\755781.exe

d:\documents and settings\emily\Application Data\drivers\downld\756250.exe

d:\documents and settings\emily\Application Data\drivers\downld\75640.exe

d:\documents and settings\emily\Application Data\drivers\downld\75703.exe

d:\documents and settings\emily\Application Data\drivers\downld\78015.exe

d:\documents and settings\emily\Application Data\drivers\downld\79531.exe

d:\documents and settings\emily\Application Data\drivers\downld\80500.exe

d:\documents and settings\emily\Application Data\drivers\downld\80515.exe

d:\documents and settings\emily\Application Data\drivers\downld\80875.exe

d:\documents and settings\emily\Application Data\drivers\downld\80921.exe

d:\documents and settings\emily\Application Data\drivers\downld\80937.exe

d:\documents and settings\emily\Application Data\drivers\downld\81062.exe

d:\documents and settings\emily\Application Data\drivers\downld\84734.exe

d:\documents and settings\emily\Application Data\drivers\downld\87281.exe

d:\documents and settings\emily\Application Data\drivers\downld\87656.exe

d:\documents and settings\emily\Application Data\drivers\downld\88359.exe

d:\documents and settings\emily\Application Data\drivers\downld\89125.exe

d:\documents and settings\emily\Application Data\drivers\downld\89515.exe

d:\documents and settings\emily\Application Data\drivers\downld\89531.exe

d:\documents and settings\emily\Application Data\drivers\downld\89781.exe

d:\documents and settings\emily\Application Data\drivers\downld\89843.exe

d:\documents and settings\emily\Application Data\drivers\downld\90796.exe

d:\documents and settings\emily\Application Data\drivers\downld\90843.exe

d:\documents and settings\emily\Application Data\drivers\downld\95953.exe

d:\documents and settings\emily\Application Data\drivers\downld\97765.exe

d:\documents and settings\emily\Application Data\drivers\downld\97828.exe

d:\documents and settings\emily\Application Data\drivers\downld\98500.exe

d:\documents and settings\emily\Application Data\drivers\downld\98546.exe

d:\documents and settings\emily\Application Data\drivers\downld\98765.exe

d:\documents and settings\emily\Application Data\drivers\downld\99218.exe

d:\documents and settings\emily\Application Data\drivers\downld\99609.exe

d:\documents and settings\emily\Application Data\drivers\downld\99906.exe

d:\documents and settings\emily\Application Data\drivers\downld\99968.exe

d:\documents and settings\emily\Application Data\drivers\srosa.sys

d:\documents and settings\emily\Application Data\drivers\srosa2.sys

d:\documents and settings\emily\Application Data\drivers\winupgro.exe

d:\documents and settings\emily\Application Data\m

d:\documents and settings\emily\Application Data\m\data.oct

d:\documents and settings\emily\Application Data\m\flec006.exe

d:\documents and settings\emily\Application Data\m\list.oct

d:\documents and settings\emily\Application Data\m\shared\[Nokia 6680 - Games] - Micro Billiard.zip

d:\documents and settings\emily\Application Data\m\shared\1ClickWebSlideShow 2.0 Build 2.0.0.28.zip

d:\documents and settings\emily\Application Data\m\shared\2G PosterWorks 1.0.6.zip

d:\documents and settings\emily\Application Data\m\shared\4DSite Designer 3.1.0340.zip

d:\documents and settings\emily\Application Data\m\shared\50-686 - Novell Foundations of Novell Networking Practice Test Questions 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\A1 DVD Audio Ripper 1.1.48.zip

d:\documents and settings\emily\Application Data\m\shared\Address URL Editor 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\Admin Arsenal 1.4.zip

d:\documents and settings\emily\Application Data\m\shared\Aimersoft Blackberry Media Converter 1.0.1.17.zip

d:\documents and settings\emily\Application Data\m\shared\Aimersoft DVD Studio Pack 2.0.2.13.zip

d:\documents and settings\emily\Application Data\m\shared\Alcea Fast BugTrack 6.0.zip

d:\documents and settings\emily\Application Data\m\shared\All Video to 3GP iPod iPhone Zune Converter 4.0.zip

d:\documents and settings\emily\Application Data\m\shared\Amazing 3D Aquarium - Chrysiptera Fish Pack 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\AMI GIF 3D Effects 1 2.0a.03.zip

d:\documents and settings\emily\Application Data\m\shared\Analog Simple White Clock 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\Answers Search 1.2.zip

d:\documents and settings\emily\Application Data\m\shared\Ashore Screensaver 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\AVG.Anti-Spyware.+.Serial.zip

d:\documents and settings\emily\Application Data\m\shared\Banana Accounting Cash Book 5.0.10.zip

d:\documents and settings\emily\Application Data\m\shared\BixBookmark 2.3.zip

d:\documents and settings\emily\Application Data\m\shared\BlinkLn 0.2.1.zip

d:\documents and settings\emily\Application Data\m\shared\BMP2000 4.00.28.zip

d:\documents and settings\emily\Application Data\m\shared\BT ColorPicker 2.0.zip

d:\documents and settings\emily\Application Data\m\shared\C++ Code Export 1.0.0.zip

d:\documents and settings\emily\Application Data\m\shared\Channel4 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\ChatMan 1.5.zip

d:\documents and settings\emily\Application Data\m\shared\Chevron Cars 1.0.0.0.zip

d:\documents and settings\emily\Application Data\m\shared\CollTrak 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\Color Tuner 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\Computing and Information Technology 9.2.zip

d:\documents and settings\emily\Application Data\m\shared\Cornucopia 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\CPPBackup 1.5.1 build 45.zip

d:\documents and settings\emily\Application Data\m\shared\Create A Quiz 5.16.zip

d:\documents and settings\emily\Application Data\m\shared\DataThief 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\Desktop4ever 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\DietMP3 4.03.00.zip

d:\documents and settings\emily\Application Data\m\shared\DISQLite3 Pro Edition 1.6.1.zip

d:\documents and settings\emily\Application Data\m\shared\DLL Indexer 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\DXTBmp 4.00.84.zip

d:\documents and settings\emily\Application Data\m\shared\Echo 1.00.0025.zip

d:\documents and settings\emily\Application Data\m\shared\EmptyDesk 1.0.1.zip

d:\documents and settings\emily\Application Data\m\shared\ENT Server Data Migrator 1.3.12.zip

d:\documents and settings\emily\Application Data\m\shared\Euro Millions Manager 1.04J.zip

d:\documents and settings\emily\Application Data\m\shared\Face Beauty Rank 1.5.0.zip

d:\documents and settings\emily\Application Data\m\shared\File Compare 1.2.0.zip

d:\documents and settings\emily\Application Data\m\shared\formEZ 0.7.4.zip

d:\documents and settings\emily\Application Data\m\shared\Google Icon 1.10.zip

d:\documents and settings\emily\Application Data\m\shared\Great Artist - French Artist 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\Griddlers Solver 1.3.zip

d:\documents and settings\emily\Application Data\m\shared\Hex Editor Pro 1.00.0025.zip

d:\documents and settings\emily\Application Data\m\shared\Home Based Business Opportunity 2.6.zip

d:\documents and settings\emily\Application Data\m\shared\IISBack 2.2.zip

d:\documents and settings\emily\Application Data\m\shared\In Flight Screensaver.zip

d:\documents and settings\emily\Application Data\m\shared\Innovative Firewall Manager 2.0.zip

d:\documents and settings\emily\Application Data\m\shared\iRenew 2.7.3.14809.zip

d:\documents and settings\emily\Application Data\m\shared\Kaspersky.Antivirus.Personal.Pro.v5.0.388.cracked.zip

d:\documents and settings\emily\Application Data\m\shared\Kaspersky.å¡å·´æ–¯åŸº.é˜²æ¯’.v5.0.227.é˜²ç«.v1.7.130.æœ€æ–°.2.åˆ.1æ•´åˆ

.zip

d:\documents and settings\emily\Application Data\m\shared\KoolKode 2.0.zip

d:\documents and settings\emily\Application Data\m\shared\LamaHub 0.0.5.2.zip

d:\documents and settings\emily\Application Data\m\shared\LingvoSoft Learning PhraseBook 2008 Italian - Albanian 2.3.91.zip

d:\documents and settings\emily\Application Data\m\shared\LingvoSoft Suite 2008 English - Korean 2.1.28.zip

d:\documents and settings\emily\Application Data\m\shared\LiteWeb 2.7.zip

d:\documents and settings\emily\Application Data\m\shared\LittleFunny Mp3 Player 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\Logon Script Creator 2.0.2.zip

d:\documents and settings\emily\Application Data\m\shared\M Color 9.1.278.0.zip

d:\documents and settings\emily\Application Data\m\shared\Magic ASCII Picture Convert 1.30.zip

d:\documents and settings\emily\Application Data\m\shared\MB Free Astrology-Numerology Glossary 1.60.zip

d:\documents and settings\emily\Application Data\m\shared\McAfee.GroupShield.v6.0.for.Microsoft.Exchange.crack.zip

d:\documents and settings\emily\Application Data\m\shared\MDB Password Recovery 1.0.2.zip

d:\documents and settings\emily\Application Data\m\shared\MediaHeal for Removable Disks 1.0.0831.zip

d:\documents and settings\emily\Application Data\m\shared\Memory Management System 10.3.zip

d:\documents and settings\emily\Application Data\m\shared\Mesh Viewer 0.3.1.zip

d:\documents and settings\emily\Application Data\m\shared\Mess Box AR 4.0.0.26.zip

d:\documents and settings\emily\Application Data\m\shared\MF Shutdown Manager 0.9.6.zip

d:\documents and settings\emily\Application Data\m\shared\MIDCNTIN 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\MiMail worm free removal tool 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\MING Network Monitor 2.0.zip

d:\documents and settings\emily\Application Data\m\shared\MiniSysMon 1.4.zip

d:\documents and settings\emily\Application Data\m\shared\MKN MemoryMonitor 2.0.zip

d:\documents and settings\emily\Application Data\m\shared\Mr.B's Multiplication 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\NetComp Connector 1.14.zip

d:\documents and settings\emily\Application Data\m\shared\OfficeFIX Office Data Recovery 6.33.zip

d:\documents and settings\emily\Application Data\m\shared\Old File Purger 1.0.1.zip

d:\documents and settings\emily\Application Data\m\shared\Open Menu+ Portable 1.5.6.zip

d:\documents and settings\emily\Application Data\m\shared\PassMark Rebooter 1.3 build 1002.zip

d:\documents and settings\emily\Application Data\m\shared\PlanLink 2.41.zip

d:\documents and settings\emily\Application Data\m\shared\plingme 1.02.zip

d:\documents and settings\emily\Application Data\m\shared\poedIRC 1.3.41.zip

d:\documents and settings\emily\Application Data\m\shared\Portable AcroPad 1.3.2.zip

d:\documents and settings\emily\Application Data\m\shared\Powware Visual Programming 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\Product Finder 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\ProSchematic 1.01.014.zip

d:\documents and settings\emily\Application Data\m\shared\QMailFilter 2.2.zip

d:\documents and settings\emily\Application Data\m\shared\RandomSaver 2.0.3.zip

d:\documents and settings\emily\Application Data\m\shared\Registry Fast 4.0.zip

d:\documents and settings\emily\Application Data\m\shared\Rental Software 4.12.1.zip

d:\documents and settings\emily\Application Data\m\shared\Ripper 2.2.zip

d:\documents and settings\emily\Application Data\m\shared\SCDJWS Preparation Kit 6.0.1.zip

d:\documents and settings\emily\Application Data\m\shared\Screen Movie Studio 1.25.zip

d:\documents and settings\emily\Application Data\m\shared\ScripTrap 1.03.zip

d:\documents and settings\emily\Application Data\m\shared\SF Maskerade 3.3.zip

d:\documents and settings\emily\Application Data\m\shared\Shift 1.0.0.0.zip

d:\documents and settings\emily\Application Data\m\shared\Sidebar Preview 1.0.0.0.zip

d:\documents and settings\emily\Application Data\m\shared\Sound Postcard 1.02.zip

d:\documents and settings\emily\Application Data\m\shared\Spytech PrivacyAgent 4.00.04.zip

d:\documents and settings\emily\Application Data\m\shared\SUMo 2.3.8.64.zip

d:\documents and settings\emily\Application Data\m\shared\Symantec.Norton.Internet.Security.2006.(Italiano).+.Istruzioni.+.Serial+att

ivazione-FUNGE100%.zip

d:\documents and settings\emily\Application Data\m\shared\SysMetrix 3.41.zip

d:\documents and settings\emily\Application Data\m\shared\The Green Search Widget 0.1.zip

d:\documents and settings\emily\Application Data\m\shared\The Ultimate Troubleshooter 4.84.zip

d:\documents and settings\emily\Application Data\m\shared\Validaty 1.4.1.zip

d:\documents and settings\emily\Application Data\m\shared\VBdocman 2.25.zip

d:\documents and settings\emily\Application Data\m\shared\Visual Paradigm for UML (Community Edition) 6.3 SP1.zip

d:\documents and settings\emily\Application Data\m\shared\Webcpp 1.3.7.zip

d:\documents and settings\emily\Application Data\m\shared\Websites Cop - Automatic File Disinfector 1.0.0.zip

d:\documents and settings\emily\Application Data\m\shared\WebTidy 1.00.003.zip

d:\documents and settings\emily\Application Data\m\shared\WinBPFix 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\Windows Installer 4.5 SDK.zip

d:\documents and settings\emily\Application Data\m\shared\Winter Reflections Screensaver 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\WordDocDiff.zip

d:\documents and settings\emily\Application Data\m\shared\WordMaestro 1.51.zip

d:\documents and settings\emily\Application Data\m\shared\Work At Home Moms Masters Course 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\World Cup Screensaver 1.02.zip

d:\documents and settings\emily\Application Data\m\shared\World Display Wallpaper Manager 0.2.1 Beta.zip

d:\documents and settings\emily\Application Data\m\shared\World Woe 1.0.zip

d:\documents and settings\emily\Application Data\m\shared\wwiTV 1.zip

d:\documents and settings\emily\Application Data\m\shared\Yahoo Photo Album Downloader 2.6.1.6.zip

d:\documents and settings\emily\Application Data\m\shared\Yeti's Shirt.Woot 1.1.zip

d:\documents and settings\emily\Application Data\m\shared\ZModeler 2.1.0 Build 940.zip

d:\documents and settings\emily\Application Data\m\srvlist.oct

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_SROSA

-------\Legacy_SROSA

-------\Legacy_SK9OU0S

-------\Service_sK9Ou0s

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-18 au 2008-12-18 ))))))))))))))))))))))))))))))))))))

.

2008-12-18 22:03 . 2008-12-18 22:26 <REP> d-------- c:\program files\trend micro

2008-12-18 22:00 . 2008-12-18 22:00 <REP> d-------- C:\rsit

2008-12-17 23:02 . 2008-12-18 23:16 <REP> d--h----- d:\documents and settings\emily\Application Data\drivers

2008-12-10 16:31 . 2008-12-10 16:31 54,156 --ah----- c:\windows\QTFont.qfn

2008-12-10 16:31 . 2008-12-10 16:31 1,409 --a------ c:\windows\QTFont.for

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-18 20:55 218,112 ----a-w d:\documents and settings\emily\HijackThis.exe

2008-12-18 14:23 --------- d-----w c:\program files\Lavasoft

2008-12-18 14:19 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard

2008-12-18 13:10 --------- d-----w c:\program files\Azureus

2008-12-18 13:09 --------- d-----w d:\documents and settings\All Users\Application Data\WinZip

2008-12-17 21:52 --------- d-----w c:\program files\eMule

2008-12-17 21:44 --------- d-----w d:\documents and settings\emily\Application Data\Skype

2008-12-15 14:45 --------- d-----w c:\program files\Lx_cats

2008-12-11 22:22 --------- d-----w d:\documents and settings\emily\Application Data\Azureus

2008-12-04 21:30 --------- d-----w c:\program files\Fichiers communs\Adobe

2008-11-17 17:09 3,713,997 ----a-w c:\windows\system32\drivers\fwdrv.err

2008-11-02 17:54 --------- d-----w d:\documents and settings\All Users\Application Data\CyberLink

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll

2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

2008-08-06 07:27 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008080620080807\index.dat

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]

"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2006-10-31 204843]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]

"Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2008-12-18 90112]

"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]

"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]

"lxcgmon.exe"="c:\program files\Lexmark 2300 Series\lxcgmon.exe" [2005-05-05 200704]

"EzPrint"="c:\program files\Lexmark 2300 Series\ezprint.exe" [2005-06-08 94208]

"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-05-03 299008]

"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]

"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]

"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-06-07 35328]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-10-11 98304]

"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-10-11 180269]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"LXCGCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-04-27 69632]

"SoundMan"="SOUNDMAN.EXE" [2005-05-17 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

d:\documents and settings\emily\Menu D‚marrer\Programmes\D‚marrage\

Outil de notification Live Search.lnk - d:\documents and settings\emily\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-07-30 143360]

d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-15 67128]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm

"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm

"msacm.mpegacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm

"vidc.mxmc"= MimicICM.DLL

"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%ProgramFiles%\\AOL 9.0\\aol.exe"=

"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=

"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\APPS\\Inventime\\my.exe"=

"c:\\WINDOWS\\system32\\lxcgcoms.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624]

R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2005-10-11 799744]

S2 SPF4;Sunbelt Personal Firewall 4;"c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 1234480]

S4 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000]

.

Contenu du dossier 'Tâches planifiées'

2008-12-18 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

.

- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Skype - c:\apps\skype\phone\Skype.exe

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.msn.fr/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = localhost

uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

FF - ProfilePath - d:\documents and settings\emily\Application Data\Mozilla\Firefox\Profiles\r9rqc6cj.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Live Search

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.fr/

FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q=

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPStreamPlug.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

ATTENTION: FIREFOX POLICES IS IN FORCE

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false);

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-18 23:21:11

Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LXCGCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès

Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MysqlInventime]

"ImagePath"="c:\apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=c:\apps\Inventime\mysql\my.ini MysqlInventime"

.

--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(528)

c:\windows\system32\Ati2evxx.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe

c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

c:\windows\system32\wdfmgr.exe

c:\apps\Powercinema\Kernel\TV\CLSched.exe

c:\apps\ABOARD\AOSD.EXE

d:\documents and settings\emily\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe

c:\windows\system32\lxcgcoms.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Heure de fin: 2008-12-18 23:28:38 - La machine a redémarré

ComboFix-quarantined-files.txt 2008-12-18 22:28:30

Avant-CF: 15,539,879,936 octets libres

Après-CF: 15,220,822,016 octets libres

768 --- E O F --- 2008-12-11 10:01:19

Thanos · le 18 décembre 2008

lea: patiente quelques instants le temps que je te poste la suite des manipulations à faire.

ComboFix a fait du bon boulot et l'infection est éradiquée, mais il reste à réparer les dégâts commis par le malware

Modifié le 18 décembre 2008 par Thanos

lea38 · le 18 décembre 2008

merci, t'inquiètes je patiente en parcourant le forum de malekalmorte sur avast, ad aware ...etc....j'm'endormirai moins bête ce soir...

@ tout'

Thanos · le 18 décembre 2008

lea38, ce qui suit est important: ne surfe pas avec ce pc tant que le pc n'est pas totalement désinfecté et sécurisé!!

Ton pc n'est plus protégé pour le moment car Bagle détruit les protections présentes sur le pc (antivirus/firewall). Ton parefeu Kério ne fonctionne plus et il va donc falloir le désinstaller puis le résintaller. Par contre je ne vois pas d'antivirus sur ce pc!!

Nous allons donc réinstaller les protections mais pour commencer >>

Passe par le Menu Démarrer > Exécuter > et tape ceci > ComboFix /u (il ya un espace entre x et / )

Une fenêtre va s'ouvrir et ComboFix sera désinstallé de ton pc.

Elimine le dossier rsit qui se trouve dans le répertoire C:\ ainsi que le dossier nommé trend micro

qui se trouve dans le répertoire c:\program files

1°) Désinstalle Kério.

2°) Réinstalle ton parefeu >>

Kerio

Lien de téléchargement : http://www.sunbelt-software.com/evaluation/440/kerio.exe

Tuto de Malekal_morte : http://www.malekal.com/kerio_firewall.html

3°) Télécharge Antivir sur le Bureau.

a) Installe Antivir puis met le à jour et configure le en suivant les indications du Tutoriel de tesgaz

(le tutoriel concerne la version anglaise mais les réglages sont les même).

b) Fais un scan du pc avec Antivir, comme ceci >>

Double-clique sur son icône près de l'horloge, cela ouvre l'interface principale, puis clique sur "Scan system now" à droite de "Last complete system scan".

/!\ Cela peut être long.

Sauvegarde le rapport en fin de parcours (bouton "Report").

Si Antivir détecte des fichiers infectés, mets les en quarantaine (choisis "Déplacer en quarantine" dans la liste des actions.)

Tu peux automatiser ce type d'action en cochant une case comme ci dessous :

Cela permet de ne pas rester à la surveiller.

Note: Certaines instructions ci-dessus concernent la version anglaise mais sont identiques en français.

Si tu as un doute, n'hésite pas à demander

Une fois ceci fait, de nouveau, télécharge RSIT et lance le comme indiqué plus haut.

Poste le rapport du scan avec Antivir ainsi que les rapports de RSIT: courage

Connexion

Pas encore inscrit ?

SOS : problème avec power cinema, plus de periph tv

Messages recommandés

lea38

Thanos

lea38

Thanos

lea38

Thanos

lea38

Thanos

lea38

Thanos

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer