[RESOLU] Infection - Hijackthis impossible

[Jagaumo]

Bonjour à tous,

 

J'ai trois bêbêtes sur mon PC : W32/Bagle.RP.worm, Generic Trj et Generic Malware.

Impossible d'évaluer via hijackthis (mon PC me dit que ce n'est pas une application valide, comme pas mal d'autres...)

Merci de votre aide.

Modifié le 17 février 2009 par Jagaumo

[Falkra]

Bonsoir, bienvenue dans la section désinfection.

 

On va s'occuper de ça.

 

Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.

Ne pas utiliser en dehors de ce cas de figure : dangereux.

 

Attention à bien suivre ces instructions en détail, ne pas oublier de renommer combofix.exe AVANT qu'il ne soit téléchargé, quand on peut encore changer le nom du fichier et dire au navigateur où le télécharger.

 

Télécharge combofix.exe de sUBs et renomme-le TRALALA.exe avant de le sauvegarder sur ton bureau (pas ailleurs : important).

• Assure toi que tous les programmes sont fermés avant de commencer.
  
• Double-clique TRALALA.exe afin de l'exécuter.
  
• Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  
• Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
  
• Ne ferme pas la fenêtre qui vient de s'ouvrir, tu te retrouverais avec un bureau vide.
  
• Lorsque l'analyse sera terminée, un rapport apparaîtra.
  
• Copie-colle ce rapport dans ta prochaine réponse.
  Le rapport se trouve dans : C:\Combofix.txt (si jamais).
  

[Jagaumo]

Bonsoir Falkra et merci pour ta réponse.

J'ai cette alerte alors qu'Antivir n'est pas actif dans la barre d'état. Que faire stp ? Merki !

 

Modifié le 16 février 2009 par Jagaumo

[Falkra]

Désactive Antivir si tu peux.

Sinon clique sur OK. C'est un message d'avertissement classique. On traiterai si besoin, ne t'en fais pas.

[Jagaumo]

Merci, voila le log :

 

ComboFix 09-02-15.01 - Philippe Stansky 2009-02-17 0:07:19.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1022.533 [GMT 1:00]

Lancé depuis: c:\documents and settings\Philippe Stansky\Bureau\TRALALA.exe

AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated)

* Un nouveau point de restauration a été créé

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\100703.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\101328.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\101781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\102718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\102734.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\102953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\103375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\103390.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\104500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\104906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\111578.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\112718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\112984.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\113156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\114000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\114500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\115718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\116640.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\117000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\118812.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\119796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\120250.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1216109.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1218765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1218781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1235437.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1236390.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1236718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1237359.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1238500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1238859.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1247125.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1247890.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1248218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\128375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\129187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\129562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1314859.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1315156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1315187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1347468.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1348046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1348078.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1350750.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1351937.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1363218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1364703.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1365125.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1366078.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1367218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1367781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1389156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1390015.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1390406.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1409296.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1409656.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\143296.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1440875.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1441796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\1441953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14768156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14768265.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14768296.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14778875.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14779531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14780000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14794125.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14794859.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14827968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14827984.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14862031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14862062.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14864906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14864921.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14876156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14877453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14878015.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14879109.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14880218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14880765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14902546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14902984.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14903343.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14919859.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14919875.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14945796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14950125.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14950421.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\14950484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\150625.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\150875.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\150906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\153484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\156375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\156390.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\157203.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\157484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\157531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15844671.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15844765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15858515.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15859312.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15859687.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15860531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15861484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15861828.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15870234.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15870750.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\15871093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16002468.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16002500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16002515.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16036953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16037000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16037015.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16039750.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16039796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16052500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16055078.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16056312.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16058046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16059000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16059421.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16086906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16087390.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16087828.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16105906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16105937.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16105953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16136171.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16136796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\16137031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\168937.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\169421.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\169453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\169562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\170406.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\170812.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\178500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\185000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\186187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\186593.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\219156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\220140.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\220187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\220218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\220562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\222984.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\223687.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\223703.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\224796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\225046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\233718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\235281.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\235796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\237015.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\237921.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\238359.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\244937.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\245718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\248234.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\249031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\249046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\259031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\259671.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\259687.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\259953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\260953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\261281.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\261406.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\262093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\262765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\263468.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\263953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\264000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\264437.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\265515.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\265609.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\265625.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\265968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\266781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\267093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\267625.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\267765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\268046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\277250.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\279000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\279453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\280078.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\280250.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\281125.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\281562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\281718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\281968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\282250.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\282375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\283593.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\284203.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\284453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\284906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\286765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\287218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\288187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\289156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\289781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\290765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\291593.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\291953.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29354843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29354968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29354984.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29366031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29366671.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29367093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29368031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29369531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29369875.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29378078.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29378562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29381640.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29404968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29416625.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29416656.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29456906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29456984.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29457000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29459484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29459546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29472375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29473562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29474093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29475187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29476109.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29476546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29504687.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29505187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29505546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29525484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29525500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29525515.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29578828.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29583468.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29583937.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\29584031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\302812.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\303500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\303843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30540375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30540437.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30540468.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30557125.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30558171.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30558609.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30575171.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30576718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\30577156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\307828.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\307921.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\308640.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\308671.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\308781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\309109.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\314718.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\315093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\315156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\319796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\321812.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\322328.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\326937.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\327312.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\327343.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\329968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\330531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\330625.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\340156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\340812.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\340843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\341781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\342093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\343343.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\344015.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\344031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\344609.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\345312.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\345421.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\361468.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\363187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\363328.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\364031.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\364546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\365312.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\365734.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\366046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\366562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\367828.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\368843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\369265.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37830656.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37830781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37866765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37866812.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37869296.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37869343.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37887046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37888562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37889093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37890109.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37890968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37891453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37914750.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37915375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37915703.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37935187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37935203.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37935218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37973687.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37974281.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\37974437.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\389484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\390406.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\390765.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\407828.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\408218.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\43987453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\43987781.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\43987796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\43998203.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\43998890.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\43999265.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44000093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44001312.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44001656.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44101546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44171265.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44171531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44208406.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44208921.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44211156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44211843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44224968.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44226546.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44227093.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44228046.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44228843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44229421.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44502234.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44502500.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44502531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44599390.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44599906.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\44600000.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\447875.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\450187.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\450375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\73531.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\76562.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\77156.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\77203.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\80750.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\82796.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\83296.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\87359.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\87671.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\87687.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\88171.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\89140.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\89453.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\94109.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\95359.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\96375.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\98843.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\downld\99484.exe

c:\documents and settings\Philippe Stansky\Application Data\drivers\winupgro.exe

c:\documents and settings\Philippe Stansky\Application Data\m

c:\documents and settings\Philippe Stansky\Application Data\m\data.oct

c:\documents and settings\Philippe Stansky\Application Data\m\list.oct

c:\documents and settings\Philippe Stansky\Application Data\m\shared

c:\documents and settings\Philippe Stansky\Application Data\m\shared\[PPC] Voce_in_Dialetto_Napoletano_per_TomTom_Mobile_5_e_Navigator_5.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\01.SOPHOS.ANTIVIRUS.V4.08.NTW2KXP2k3.MULTILANGUAGE-DWP.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\24.04.04.-.Kaspersky.Antivirus.Avp.5.0.121.Personnal.Francais.Key.Valide.1.An.By.Rx-1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\3click Budget 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\A-one Video to Audio Ripper 6.2.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\AAA DVD To Apple TV Converter 2.12.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Active Whois 3.1.4489.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Advanced Retail POS 1.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Alien Sun Clock Screensaver 2.4.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Almeza MultiSet Professional 6.3 Build 110.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Androsa FileProtector 1.4.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Anti-Sircam 1.000.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Aspect 2.1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\AV Bros. Puzzle Pro 2.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\AVG.Anti-Virus7.1.375.Incl.Keygen-SSG.[DivXForever.Com].zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\AVICapture 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\AzureTray 2.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\BackTrax USA toolbar for Firefox 1.5.37.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Baseball Predictor 1.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Basic Text Editor 2.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Battleship 1.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\BiblePromise

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Big Voice Email 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\BigBlogZoo 1.0.9.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\BitDefender.Enterprise.Manager.v2.6.0.Incl.Keymaker-EMBRACE.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\BitDefender.Pro.plus.v.9.Multilangue.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Calculator 0.6.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\CarHomePage 1.0 Beta.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Catholic Random Aspirations Widget 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\CFX Adder 1.5.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Chameleon Icons 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Christmas Cursors Set 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Comics Widget 1.4.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Contacto CRM 4.3e Light.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Corner 1.52.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Dark Net Target Practice 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Database Oasis 2.92.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\DataPig Instant TreeView 1.3.1.4.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Deva xFTP 4.0.0 Build 1600.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Dialup Password Recovery 1.0.5.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Diskimager 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\DOSPrinter 3.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\DropUpLoad 1.83.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\DWG Export for Solid Edge 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Email plus Voice for Microsoft Outlook 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\eMeSeNe 0.2.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Enterprise IP - Address Manager 3.3.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\ESBUnitConv - Freeware Unit Conversion 7.0.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\eSearch for eBay 2.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Excel File Size Reduce Software 7.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Fairies Journey Clock Screensaver 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Falling Rose The Years Between Screensaver 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Fdg Mobile Bowling Xxx j2Me Nokia n92 n93 n73 e61 n71 e50 240x320 Symbian Os9 3D(1).zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Firefox 2 icon pack.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Fireworks Screen Saver 1.0.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\FlexiServer 1.64.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Flobo Free Anti Spyware Clean 1.5.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Free Photo Slideshow Screensaver 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\FRS Score Collector 1.0.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\FusionDesk Starter Edition 1.1.49.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Gameloft Might And Magic Ii v1.1.1 Nokia n73 Retail-Toby.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\GifArt's Button Maker 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\HappyChecker 1.5.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\iCoke 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\iFetcher 1.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\ImageKlebor 1.10.0072.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Informatik Archiver 2006 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\ISP Monitor 5.5.0 Beta.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\iText Toolbox 2.01.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\JavaPowUpload 1.0 Beta.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\JH Shudown 1.0.1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Job Cost Calculators (Framing) 3.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Joboshare MPEG to DVD Converter 2.1.8.1202.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Kaspersky.Anti-Virus.v6.0.1.411.WinAll-TWK.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\KeepEmOut 2.0.0.15 Beta.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Keyboard King 1.11.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\KickItBack.com eBay search Widget 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Launch Admin 20080109.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\LC Batch Renamer 3.05.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\LingvoSoft Learning PhraseBook 2008 English - Bosnian 2.3.90.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\LogoTools 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Macro ToolsWorks Professional Edition 7.2.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Mail Master 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Mayra Filter 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\McAfee_Internet_Security_Suite_2006v8.0.113+McAfee.AntiSpyware.v2.0.167.GER

MAN.by.eddi88.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Mileages 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Movie Shooter 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Multi Renamer 1.2 beta.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\MyPasswords 3.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\NOD32.v2.70.16.for.Vista.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Nokia Monitor Test 1.0.0.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Nokia Traductor.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\OBJ Export for AutoCAD 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Ocean Life 3 Screensaver.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Osiris 0.11.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Portable SMarmotte UPXShell 1.45.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Printer Changer 4.00.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Private Dancer Screensaver 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\QTFairUse for ITunes 2.4.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Question Writer - Quiz Edition 2.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Quiz of the States 1.0 Rev. 2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\rebuilt.Symantec.Norton.Systemworks.2007.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Recover Deleted Files 3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Red Eye Pilot Plugin 3.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Reflet 2.6.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\SayPad 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\SilverSoft Fontastic 2005.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Sony [176x220] Gameloft Pro Rally Racing Mobile [w550I].zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\SP TimeSync 2.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Speak! 0.92.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Speed Math 3.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Swifty Compress & Swifty Decompress 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Tall Tales and Wedding Veils 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Tattoo screensaver 1.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\timeEdition 1.1.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Tomtom Mobile 5 Per Nokia 6600 Mappe Italia Full No Key-Gen Voce Italiana.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\TreePad Business Edition 7.4.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Treeview - JavaScript Tree Menu 4.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\USB Barcode Scanner Application Integration Guide 2006.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\vclinic_mobile v1.6 J2ME.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Visual-Search Extension 1.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\WinASO EasyTweak 2.14.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Windows Server 2003 Administration Tools Pack Final Build 3790.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\WinDriver Linux 6.22.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\Wise 3GP Video Converter 4.0.2.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\WMA to MP3 Converter Pro 3.0.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\WriterPad 0.9.2.16780.zip

c:\documents and settings\Philippe Stansky\Application Data\m\shared\ZD Soft Movie Screensaver 1.0.3.zip

c:\documents and settings\Philippe Stansky\Application Data\m\srvlist.oct

c:\documents and settings\Philippe Stansky\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

c:\windows\IE4 Error Log.txt

c:\windows\system32\ban_list.txt

c:\windows\system32\dllcache\http.sys

c:\windows\system32\drivers\downld

c:\windows\system32\SOCKETX.DLL

c:\windows\system32\wintems.exe

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_SK9OU0S

-------\Legacy_SROSA

-------\Legacy_XPROTECTOR

-------\Service_sK9Ou0s

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2009-01-16 au 2009-02-16 ))))))))))))))))))))))))))))))))))))

.

 

2009-02-16 15:33 . 2002-04-15 12:28 102,912 --------- c:\windows\system32\drivers\FWDRV.SYS

2009-02-15 21:38 . 2009-02-15 22:49 <REP> d-------- c:\program files\Acro Software

2009-02-15 16:32 . 2009-02-15 16:32 <REP> d-------- C:\d3temp

2009-02-15 16:32 . 2009-02-15 16:32 136,452 --a------ C:\temp2

2009-02-15 16:32 . 2009-02-15 16:32 984 --a------ c:\windows\ssconf2.bin

2009-02-15 16:26 . 2009-02-15 22:48 <REP> d-------- c:\program files\Prolific Publishing, Inc

2009-02-15 13:13 . 2004-10-27 15:26 245,760 --------- c:\windows\system32\Aqua Garden.ocx

2009-02-15 11:43 . 2009-02-16 13:45 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater

2009-02-15 09:29 . 2009-02-17 00:14 <REP> d--h----- c:\documents and settings\Philippe Stansky\Application Data\drivers

2009-02-11 23:01 . 2009-02-11 23:01 1,374 --a------ c:\windows\imsins.BAK

2009-02-05 18:52 . 2009-02-16 18:36 <REP> d-------- c:\documents and settings\Philippe Stansky\Tracing

2009-02-05 18:52 . 2008-12-08 17:01 55,136 --------- c:\windows\system32\drivers\fssfltr_tdi.sys

2009-02-05 18:43 . 2009-02-05 18:43 <REP> d-------- c:\program files\Windows Live SkyDrive

2009-02-05 18:43 . 2009-02-05 18:43 <REP> d-------- c:\program files\Microsoft

2009-02-05 18:41 . 2009-02-05 18:41 <REP> d-------- c:\program files\Fichiers communs\Windows Live

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-02-16 22:48 --------- d-----w c:\program files\Mozilla Thunderbird

2009-02-16 14:33 --------- d--h--w c:\program files\InstallShield Installation Information

2009-02-16 14:33 --------- d-----w c:\program files\Kerio

2009-02-16 09:35 --------- d-----w c:\program files\Spybot - Search & Destroy

2009-02-16 09:35 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-02-16 09:33 --------- d-----w c:\program files\SpywareGuard

2009-02-16 09:30 --------- d-----w c:\documents and settings\All Users\Application Data\Pinnacle

2009-02-15 16:33 --------- d-----w c:\program files\eMule

2009-02-15 10:46 --------- d-----w c:\program files\Google

2009-02-14 05:54 --------- d-----w c:\program files\Dl_cats

2009-02-05 17:52 --------- d-----w c:\program files\Windows Live

2009-01-20 22:40 --------- d-----w c:\program files\Panda Security

2009-01-17 08:59 --------- d-----w c:\program files\BeClean

2009-01-04 08:24 --------- d-----w c:\documents and settings\Philippe Stansky\Application Data\Creative

2009-01-04 08:19 --------- d--h--w c:\program files\Creative Installation Information

2009-01-04 08:18 --------- d-----w c:\program files\Creative

2009-01-04 08:18 --------- d-----w c:\documents and settings\All Users\Application Data\Creative

2008-12-30 17:35 --------- d-----w c:\program files\QuickTime

2008-12-30 17:34 --------- d-----w c:\program files\ArcSoft

2008-12-28 21:54 --------- d-----w c:\program files\Samsung

2008-12-28 21:47 --------- d-----w c:\documents and settings\Philippe Stansky\Application Data\ZoomBrowser EX

2008-12-28 21:47 --------- d-----w c:\documents and settings\Philippe Stansky\Application Data\CameraWindowDC

2008-12-28 21:26 --------- d-----w c:\documents and settings\Philippe Stansky\Application Data\CANON INC

2008-12-28 21:17 --------- d-----w c:\program files\Canon

2008-12-28 21:15 --------- d-----w c:\documents and settings\All Users\Application Data\ZoomBrowser

2008-12-28 21:14 --------- d-----w c:\program files\Fichiers communs\Canon

2008-12-28 20:56 --------- d-----w c:\program files\USB Disk Win98 Driver

2008-12-27 20:05 --------- d-----w c:\documents and settings\Philippe Stansky\Application Data\Samsung

2008-12-25 11:37 --------- d-----w c:\program files\Audible

2008-12-17 20:22 --------- d-----w c:\program files\MSECACHE

2008-04-09 19:50 35,009 ----a-w c:\program files\history.txt

2006-08-25 17:34 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT

2006-03-29 16:20 2,843 -c--a-w c:\program files\DeIsL1.isu

2006-03-28 19:11 976 -c--a-w c:\program files\INSTALL1.LOG

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]

"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-06-03 180269]

"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-30 98304]

"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.I420"= i420vfw.dll

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Carte pour réseau sans fil WLAN (USB 2.0).lnk]

backup=c:\windows\pss\Carte pour réseau sans fil WLAN (USB 2.0).lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^Philippe Stansky^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

backup=c:\windows\pss\Adobe Gamma.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^Philippe Stansky^Menu Démarrer^Programmes^Démarrage^Diskeeper 10 Professional Edition Registration.lnk]

backup=c:\windows\pss\Diskeeper 10 Professional Edition Registration.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

--a--c--- 2005-08-05 22:05 344064 c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]

-----c--- 2004-12-06 02:05 127035 c:\windows\system32\dla\tfswctrl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2005-12-09 07:30 35328 c:\program files\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

--a--c--- 2005-03-23 01:20 339968 c:\windows\stsystra.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"FirewallOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Modules externes\\Filtres\\KPT effects\\Register\\RegisterKPTeffects.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Goto Software\\Catapulte\\catapulte.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

 

R1 fwdrv;Kerio Personal Firewall Driver;c:\windows\system32\drivers\FWDRV.SYS [2009-02-16 102912]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-05 55136]

S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys --> c:\windows\system32\drivers\pavboot.sys [?]

S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2005-12-25 26488]

S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2004-10-20 21344]

S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]

S4 PRISMSVC;PRISMSVC;c:\windows\system32\PRISMSVC.exe [2005-12-08 57344]

 

--- Autres Services/Pilotes en mémoire ---

 

*NewlyCreated* - PERSFW

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contenu du dossier 'Tâches planifiées'

 

2009-02-16 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe []

 

2009-02-16 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-15 11:43]

 

2009-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1103757592-900199106-2073969317-1006.job

- c:\documents and settings\Philippe Stansky\Local Settings\Application Data\Google\Update\GoogleUpdate.exe []

 

2009-02-06 c:\windows\Tasks\Maintenance en 1 clic.job

- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe []

 

2005-12-26 c:\windows\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job

- c:\windows\system32\OOBE\oobebaln.exe [2008-04-14 03:34]

.

- - - - ORPHELINS SUPPRIMES - - - -

 

HKCU-Run-Google Update - c:\documents and settings\Philippe Stansky\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://s7.gladiatus.fr/game/index.php?mod=overview&sh=0413aa057a121fc565b73ed2889ed923&web_redirected=1

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mWindow Title =

uInternet Settings,ProxyOverride = *.local

IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.81\AMVConverter\grab.html

IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xport to Microsoft Excel

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 3.81\MediaManager\grab.html

IE: Open with Scansoft PDF Converter 3.0

IE: Save Flash with Flash Catcher - c:\program files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm

IE: Sothink SWF Catcher - c:\program files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

IE: {{90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - res://c:\program files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm

LSP: c:\windows\system32\securenet.dll

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab

FF - ProfilePath - c:\documents and settings\Philippe Stansky\Application Data\Mozilla\Firefox\Profiles\f4zsk7ic.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr

FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=

FF - plugin: c:\documents and settings\Philippe Stansky\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll

FF - plugin: c:\program files\Opera\program\plugins\npqtplugin8.dll

FF - plugin: c:\program files\Panda Security\TotalScan\npwrapper.dll

 

---- PARAMETRES FIREFOX ----

FF - user.js: network.http.max-connections-per-server - 8

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: content.max.tokenizing.time - 200000

FF - user.js: content.notify.interval - 100000

FF - user.js: content.switch.threshold - 650000

FF - user.js: nglayout.initialpaint.delay - 300

FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.01.01.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-17 00:15:29

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ASFWHide]

"ImagePath"="\??\c:\docume~1\MANUEL~1\LOCALS~1\Temp\ASFWHide"

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-1103757592-900199106-2073969317-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A0DF471-6C8A-C16D-EF40-0BDFE23DB0B0}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"naiddhobafdebgjeckikkodagcjh"=hex:6a,61,6a,69,6a,6a,6b,70,6b,6a,63,61,6e,64,

65,65,6f,6c,6a,69,00,b9

"macmfhlkjfohidjcmioocjgpdh"=hex:6a,61,6a,69,6a,6a,6b,70,6b,6a,63,61,6e,64,65,

65,6f,6c,6a,69,00,00

"fbjiblchfjnnkdmendphkdkkdamacflbkifeekodhpfe"=hex:66,61,6a,69,6e,6b,6d,61,69,

70,61,68,00,f9

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,5a,87,72,60,ca,

c3,6b,18,e2,63,26,f1,3f,c8,ff,68,3e,db,92,07,c2,d0,24,00,e2,63,26,f1,3f,c8,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,86,56,e9,47,64,

74,67,5c,6a,9c,d6,61,af,45,84,18,c8,0a,5d,aa,9c,eb,02,be,6a,9c,d6,61,af,45,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,9a,82,ea,a1,51,

0f,68,1b,ff,7c,85,e0,43,d4,0e,fe,fe,28,a6,2a,3e,93,80,68,ff,7c,85,e0,43,d4,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,08,53,69,e6,5e,

91,83,ee,86,8c,21,01,be,91,eb,e7,2d,92,6c,10,bb,ef,93,93,86,8c,21,01,be,91,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7A0DF471-6C8A-C16D-EF40-0BDFE23DB0B0}\InProcServer32*]

"oagdkhejpbkomnbecnbmcfjlocdhdo"=hex:6a,61,6a,69,6a,6a,6b,70,6b,6a,63,61,6e,64,

65,65,6f,6c,6a,69,00,b9

"nagdmihjgjibdgcoipjbafffgkhc"=hex:6a,61,6a,69,6a,6a,6b,70,6b,6a,63,61,6e,64,

65,65,6f,6c,6a,69,00,b9

"gagdkhndjcofjn"=hex:66,61,6a,69,6e,6b,6d,61,69,70,61,68,00,f9

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,65,e5,93,d2,74,

3a,76,fe,f5,1d,4d,73,a8,13,5c,05,97,5f,c8,5a,aa,55,c8,00,f5,1d,4d,73,a8,13,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,85,be,8a,df,75,

e0,2e,ac,df,20,58,62,78,6b,cf,c8,1f,40,0c,ba,2c,ed,7a,05,df,20,58,62,78,6b,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,38,55,2a,99,64,

b3,b1,17,fb,a7,78,e6,12,2f,9a,ea,ea,40,7e,66,66,e8,bd,92,fb,a7,78,e6,12,2f,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BE08C2D3-409A-BA9A-CCC3BF5A93C4C5B2}\{31E0C4F5-10D2-2559-BD8FA6F8E4FD42BD}\{0C75E684-EF64-45D0-854DEF6D927DBB7D}*]

"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3,

6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"1d68fe701cdea33e477eb204b76f993d"=hex:aa,52,c6,00,84,3c,26,64,19,99,d2,56,b1,

f4,87,b9,01,3a,48,fc,e8,04,4a,f1,77,36,59,d5,26,d5,79,bc,01,3a,48,fc,e8,04,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,0f,23,02,f6,79,

08,1e,9d,f6,0f,4e,58,98,5b,89,c9,c6,c8,8a,15,6d,65,1f,02,f6,0f,4e,58,98,5b,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,ed,e8,5a,6b,bc,

33,10,10,3d,ce,ea,26,2d,45,aa,78,ff,71,b4,55,c2,9a,e8,2d,3d,ce,ea,26,2d,45,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,18,a0,b1,24,29,

93,e0,e1,2a,b7,cc,b5,b9,7f,41,e7,b3,03,b9,c0,5c,9b,6b,27,2a,b7,cc,b5,b9,7f,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,b9,45,2e,23,b9,

4e,45,94,6c,43,2d,1e,aa,22,2f,9c,05,b9,88,48,65,4c,c9,f1,6c,43,2d,1e,aa,22,\

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG08.00.00.01WORKSTATION"="FC88D14A5A8F8C972BDEA3F6091D797C42852C1E3B50A80C44BD61FEBC9E127BECC74CFEBC9

E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E

5BE2F6E667A6A0AC4980AC7933BA7FD869164D6794BA7FD869164D6794A0729B81B2128A55B11B171

99064E4A4AB6985FD1DAAE9B52F86644D3FFE6AB1E404C5FC26AC73212482DE9EF2BFA6629BA62D81

6BDBA1E293D92A9043EEFE35B9638B14742A5D6F03C9933322CE78D998087B520FCBD4F251125DB52

8277CBE4A2C39FE954145657C888D72E657B126F0C3EE92456BD2967AA24483B86549B208AD034A86

994E3E810D06CD0F104D77B7436CB7499D8F1160320D15C55A7389A5EAFCD4C8D43E4946551C8A6DA

16B104325390C603C233B9A9AC859A12BAD519C9CA052DE027DE54519513F562E4D472CB982AD5091

C981046A6993256FC92BA8AD4B4BD2A81B0DB93E8CDBA347DA89D207578DE4DFE3633DE4C9D92CB5C

2CC493E3E1B32C14848A6E2189EB2731ED4D6C6A972EAD77376277FA51615FEB57FC29F9FF18BBBDC

B4D0D6A21C66AE47BCA0655374352421E1EAE51B09C440E01F1EDC77D375795085C09E3FBFA368A86

9D8868D821BE0BA62F1F532C321E1AC1FA7AEB3978650C281437362C4D381B8156E7D795EF71C2D48

EC42512E18412003ED0627E8DD8973036BC067BAE353918F9355181E295B0FF7CD11C4021730E764C

68505489AE44B778BA70E884727F3BBBD4A532A929796E8CC5DBD4F9372D5704905E889E093526040

7DF565F2BD429028CF754219B91F29E4D5CF770441DDE95211CD54DABAB5D5E249A8DFDF49031BCF0

A2F7629242BD6545C74B365491AA4026717A4B4F4490118488ED50DEFE078F75212AD30AA5CA79F88

868A36AD460ABB7C88C81ED08221C26BF5007A4DAC5D25369521A1157B628C24C8DE7A01C39728F74

DE54D517A080CD61263AE71569023F716DD749F74E527AD5D62B9CE175F333572F37969EF1BE2E279

DE345EF56D7F0D53482279569FBDD64D1A7F90E9858DC468BE6006C355779C2623170BC6E28C1E6F1

32AC6D517640806635CBA0A43AAE705654283FC463EC2F5B36963A8746089F1C98E21CA6172DAD56B

62316566C397815B6334C40D714D2CEA41C59C39D4E048C9D692322B021DF334AACB1450537FFBE98

C5F6A630DE0EE74B8844B5D88E8BF458C1D293772D2F59650D84C761B7FF42B8A3D5D12535D48D1EB

687D9F5D9C8B403FB2755768315ABCF21AECE19EA852102F7DB476C9D027577E2B245379A7C49701B

C00F548A30124B54276AE26455D5BCC40AB0438015EAE15FB51DEC6ECE5766917D10D4047ADA0C0FB

8C8FBDD044263E1D1E41ABE62352597E3CBEF3814E5F92119D2E3CF08859C0E379C9357817DA5F9E0

FC777AD8F96F7C83E8173ADC0A81B"

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\system32\PRISMSVR.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\CTSVCCDA.EXE

c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files\LS_Duhem\lsdiorw\lsdiorw2.exe

c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\MDM.EXE

c:\windows\system32\fxssvc.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\progra~1\HIDEMY~1\SECURE~1.EXE

.

**************************************************************************

.

Heure de fin: 2009-02-17 0:28:43 - La machine a redémarré

ComboFix-quarantined-files.txt 2009-02-16 23:28:40

 

Avant-CF: 44 478 468 096 octets libres

Après-CF: 44,667,072,512 octets libres

 

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Edition familiale" /noexecute=optin /fastdetect

 

821 --- E O F --- 2009-02-11 22:06:49

[Jagaumo]

Je vais refaire un scan panda pour voir. Mon PC se comporte déjà mieux. Il a accepté que je réinstalle ANTIVIR et KERIO c'est déjà pas mal. Merki !

[Falkra]

Inutile, il faudra de toute façon réinstaller ces programmes, selon toute vraisemblance, car Bagle a dû les injecter.

Pareil pour HijackThis, il faudra le retélécharger.

 

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

• Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  
• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Sélectionne "Exécuter un examen rapide"
  
• Clique sur "Rechercher"
  
• L'analyse démarre, le scan est relativement long, c'est normal.
  
• A la fin de l'analyse, un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
  

 

NB : Si MBAM te demande à redémarrer, fais-le.

[Jagaumo]

Et voilà ! Merci encore.

 

 

Malwarebytes' Anti-Malware 1.34

Version de la base de données: 1768

Windows 5.1.2600 Service Pack 3

 

17/02/2009 12:34:18

mbam-log-2009-02-17 (12-34-18).txt

 

Type de recherche: Examen rapide

Eléments examinés: 78862

Temps écoulé: 4 minute(s), 7 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[Falkra]

Oki, poste un nouveau rapport HijackThis stp.

 

Clique sur ce lien pour télécharger HijackThis 2.0.2 :

http://www.trendsecure.com/portal/en-US/_d.../HiJackThis.exe

Remplace ta version par celle là pour les prochains rapports HijackThis, la tienne est sans doute injectée.

[Jagaumo]

A vos ordres chef !

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:17:00, on 17/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

C:\Program Files\LS_Duhem\lsdiorw\lsdiorw2.exe

C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\PRISMSVR.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\WINDOWS\UMStor\Res.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\RAMpage\RAMpage.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe

C:\PROGRA~1\HIDEMY~1\SECURE~1.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Documents and Settings\Philippe Stansky\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://s7.gladiatus.fr/game/index.php?mod=...eb_redirected=1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - blank (file missing)

O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - blank (file missing)

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - blank (file missing)

O3 - Toolbar: (no name) - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - (no file)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\WINDOWS\UMStor\Res.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [RAMpage] "C:\Program Files\RAMpage\RAMpage.exe" U=1 M=28 T=4 P="C:\Program Files\RAMpage\RAMpageConfig.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.81\AMVConverter\grab.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.81\MediaManager\grab.html

O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm

O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL

O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2...15106/CTPID.cab

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

O23 - Service: Lsdiorw - Logiciels & Services Duhem, Paris, France - C:\Program Files\LS_Duhem\lsdiorw\lsdiorw2.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O24 - Desktop Component 1: Aqua Garden - 6423CD5F-D089-4BF1-88B6-6A359339DAFF

 

--

End of file - 12550 bytes