Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Infecté par backdoor.win32.bifrose


Messages recommandés

Bonjour,

Mon pc a été infecté par le (Cheval de troie?) backdoor.win32.bifrose et depuis je ne peux plus : Restaurer mon systeme, acceder au gestionnaire des taches... etc.. a chaque fois que j'essay j'ai un message d'erreur "Impossible de trouver le fichier script... ".

J'ai visiter une topic traitant du meme sujet ici : http://forum.zebulon.fr/infection-backdoorwin32bifrose-resolu-t159232.html&pid=1349286&mode=threaded#entry1349286

 

Voila mon info.txt:

 

info.txt logfile of random's system information tool 1.06 2009-05-08 12:28:17

 

======Uninstall list======

 

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->MsiExec /X{7104189A-C592-4A56-AC9E-7C0CA135DA3C}

-->MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

ACDSee Pro-->MsiExec.exe /I{F99F74B4-972B-4B06-B893-6B3B0DB0128B}

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}

Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe

AGEIA PhysX v6.10.25-->MsiExec.exe /X{7104189A-C592-4A56-AC9E-7C0CA135DA3C}

AP Tuner 3.08-->"D:\Program Files\AP Tuner\AP Tuner 3.08\uninstall.exe"

Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

ArchiCAD 12 FRA-->C:\Program Files\Graphisoft\ArchiCAD 12\Uninstall.AC\uninstaller.exe

ASIO4ALL-->D:\Program Files\ASIO4ALL v2\uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

Audacity 1.3.5 (Unicode)-->"D:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Bazooka Scanner-->"C:\Program Files\Bazooka Scanner\Uninstall.exe" "C:\Program Files\Bazooka Scanner\install.log"

Blender (remove only)-->"D:\Program Files\Blender Foundation\Blender\uninstall.exe"

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe

CursorXP-->C:\Program Files\CursorXP\CurXPUtil.exe -u

EasyPHP 2.0b1-->"D:\Program Files\EasyPHP 2.0b1\unins000.exe"

eMulev0.49a.-MorphXTv11.0-->"D:\eMule\unins000.exe"

EnGenius Wireless LAN-->C:\Program Files\InstallShield Installation Information\{34CD65DD-3271-4C7B-B029-1670A65DA381}\setup.exe -runfromtemp -l0x0009 -removeonly

EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

FileZilla Client 3.2.2.1-->D:\Program Files\FileZilla FTP Client\uninstall.exe

FL Studio 8-->D:\Program Files\Image-Line\FL Studio 8\uninstall.exe

FlashGet 2.0-->C:\Program Files\FlashGet Network\FlashGet universal\uninst.exe

GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"

Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly

Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly

Guitar Pro 5.0-->"D:\Program Files\Guitar Pro 5\unins000.exe"

HijackThis 2.0.2-->"C:\Documents and Settings\BoB\Bureau\Downloads\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe

Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}

Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}

K-Lite Codec Pack 2.89 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe

Loop12 V2-->D:\Program Files\Loop12 V2\Uninstal.exe

Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3}

Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}

Magic ISO Maker v5.5 (build 0276)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

Notepad++-->C:\Program Files\Notepad++\uninstall.exe

PC Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}\setup.exe" -l0x9 -removeonly

PDFCreator PL 0.8.0-->C:\Program Files\PDFCreator PL\unins000.exe

PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe

QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}

REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709

Skype 1.1-->"C:\Program Files\Skype\Phone\unins000.exe"

SolidWorks 2009 SP0-->MsiExec.exe /I{95317473-83DB-4E17-9848-353924D66813}

The Sims 2 University - Crack-->D:\Program Files\EA GAMES\Les Sims 2 Académie\crack_uninst.exe

Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe

Ubuntu-->F:\ubuntu\Uninstall-Ubuntu.exe

VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}

VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Webcam Surveyor 1.7.5-->"D:\Program Files\Webcam Surveyor\unins000.exe"

WIBU-KEY Setup (WIBU-KEY Remove)-->C:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161}

Winamp-->"C:\Program Files\Winamp\UninstWA.exe"

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

winLAME prerelease4-->MsiExec.exe /I{062BFFA1-0CCC-400B-B840-F162328D8C00}

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

 

======Security center information======

 

AV: AntiVir Desktop

AV: Kaspersky Anti-Virus (disabled)

 

======System event log======

 

Computer Name: BOB

Event Code: 20158

Message: L'utilisateur hamzalyes a établi une connexion à Easy Adsl en utilisant le périphérique PPPoE4-0.

 

Record Number: 7840

Source Name: RemoteAccess

Time Written: 20090415110733.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 7036

Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution.

 

Record Number: 7839

Source Name: Service Control Manager

Time Written: 20090415110729.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL.

 

Record Number: 7838

Source Name: Service Control Manager

Time Written: 20090415110729.000000+060

Event Type: Informations

User: AUTORITE NT\SERVICE LOCAL

 

Computer Name: BOB

Event Code: 7036

Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution.

 

Record Number: 7837

Source Name: Service Control Manager

Time Written: 20090415110729.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service Hôte de périphérique universel Plug-and-Play.

 

Record Number: 7836

Source Name: Service Control Manager

Time Written: 20090415110729.000000+060

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

=====Application event log=====

 

Computer Name: BOB

Event Code: 101

Message: msnmsgr (2544) Le moteur de base de données est arrêté.

 

Record Number: 2120

Source Name: ESENT

Time Written: 20090424211802.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 103

Message: msnmsgr (2544) \\.\C:\Documents and Settings\Bob_\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_E41C_DAB0_1CDA_7D4C\dfsr.db: Le moteur de base de données a arrêté une instance (0).

 

Record Number: 2119

Source Name: ESENT

Time Written: 20090424211802.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 7

Message: Récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 

Record Number: 2118

Source Name: crypt32

Time Written: 20090424164823.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 102

Message: msnmsgr (2544) \\.\C:\Documents and Settings\Bob_\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_E41C_DAB0_1CDA_7D4C\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

 

Record Number: 2117

Source Name: ESENT

Time Written: 20090424164805.000000+060

Event Type: Informations

User:

 

Computer Name: BOB

Event Code: 100

Message: msnmsgr (2544) Le moteur de base de données 5.01.2600.5512 est démarré.

 

Record Number: 2116

Source Name: ESENT

Time Written: 20090424164805.000000+060

Event Type: Informations

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

"PROCESSOR_REVISION"=0f0d

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

 

 

et log.txt

 

 

--------------------------------------

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Bob_ at 2009-05-08 12:27:55

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 11 GB (29%) free of 38 GB

Total RAM: 1015 MB (24% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:28:15, on 08/05/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\PixArt\PAC207\Monitor.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe

C:\Program Files\Avira\AntiVir Desktop\avnotify.exe

D:\eMule\emule.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Bob_\Bureau\downthmall\RSIT.exe

C:\Documents and Settings\BoB\Bureau\Downloads\Bob_.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - K:\PROGRA~1\FlashGet\jccatch.dll (file missing)

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [regdiit] C:\WINDOWS\system32\winxp.exe

O4 - HKLM\..\Run: [CTFMON] C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg

O4 - HKLM\..\Run: [svchost2] C:\WINDOWS\system32\winxp.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe

O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm

O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm

O8 - Extra context menu item: &Tout télécharger avec FlashGet - K:\PROGRA~1\FlashGet\jc_all.htm

O8 - Extra context menu item: &Télécharger avec FlashGet - K:\PROGRA~1\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{F5D79831-1767-4B49-8D11-11492C360F56}: NameServer = 208.67.222.222 193.55.10.102

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe

O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

 

--

End of file - 8428 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]

FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]

FGCatchUrl - K:\PROGRA~1\FlashGet\jccatch.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-03-03 206088]

"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-04-01 36352]

"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-14 99840]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-10-19 286720]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

"regdiit"=C:\WINDOWS\system32\winxp.exe []

"CTFMON"=C:\WINDOWS\system32\wscript.exe [2008-04-13 155648]

"svchost2"=C:\WINDOWS\system32\winxp.exe []

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]

"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

 

C:\Documents and Settings\Bob_\Menu Démarrer\Programmes\Démarrage

Moteur du Planificateur de tâches SolidWorks.lnk - C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"D:\eMule\emule.exe"="D:\eMule\emule.exe:*:Enabled:eMuleMorphXT"

"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"

"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"

"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

"K:\Program Files\FlashGet\flashget.exe"="K:\Program Files\FlashGet\flashget.exe:*:Enabled:FlashGet"

"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}]

shell\AutoRun\command - J:\setupSNK.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9814a31e-3b02-11de-a7e3-001fd010b3e5}]

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a406b914-22da-11de-a780-806d6172696f}]

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}]

shell\AutoRun\command - L:\setupSNK.exe

 

 

======File associations======

 

.reg - open - "regedit.exe" "%1"

 

======List of files/folders created in the last 1 months======

 

2009-05-08 12:27:55 ----D---- C:\rsit

2009-05-08 11:10:19 ----A---- C:\WINDOWS\system32\igfxres.dll

2009-05-08 11:08:26 ----D---- C:\WINDOWS\Prefetch

2009-05-08 10:51:30 ----A---- C:\AUTOEXEC.BAT

2009-05-08 10:51:20 ----A---- C:\WINDOWS\OEWABLog.txt

2009-05-08 10:50:23 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2009-05-08 10:40:01 ----A---- C:\WINDOWS\system32\spxcoins.dll

2009-05-08 10:40:01 ----A---- C:\WINDOWS\system32\irclass.dll

2009-05-08 10:39:38 ----RA---- C:\WINDOWS\SET89.tmp

2009-05-08 10:39:36 ----RA---- C:\WINDOWS\SET7D.tmp

2009-05-08 10:39:34 ----RA---- C:\WINDOWS\SET7A.tmp

2009-05-08 10:38:59 ----A---- C:\WINDOWS\setuplog.txt

2009-05-08 01:14:09 ----A---- C:\WINDOWS\ntbtlog.txt

2009-05-07 23:33:44 ----D---- C:\Program Files\Bazooka Scanner

2009-05-02 16:23:08 ----N---- C:\rs422.txt

2009-05-02 16:22:32 ----N---- C:\rs422.txt~

2009-05-01 21:59:26 ----D---- C:\Documents and Settings\Bob_\Application Data\Skype

2009-05-01 21:59:26 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2009-05-01 21:59:17 ----D---- C:\Program Files\Skype

2009-04-27 21:25:34 ----D---- C:\Program Files\WinAVI MP4 Converter

2009-04-24 12:51:19 ----D---- C:\Documents and Settings\All Users\Application Data\WebacamSurveyor

2009-04-18 20:32:23 ----D---- C:\Documents and Settings\Bob_\Application Data\PDFCreator

2009-04-18 20:32:23 ----A---- C:\WINDOWS\system32\PDFSpooler.exe

2009-04-18 20:32:23 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll

2009-04-18 20:32:22 ----D---- C:\Program Files\PDFCreator PL

2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\VB6DE.DLL

2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL

2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\MSCMCDE.DLL

2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\MSCC2DE.DLL

2009-04-18 20:32:22 ----A---- C:\WINDOWS\system32\CMDLGDE.DLL

2009-04-17 22:31:10 ----D---- C:\Program Files\MagicISO

2009-04-15 17:17:59 ----D---- C:\Program Files\winLAME

2009-04-13 20:51:17 ----D---- C:\Documents and Settings\Bob_\Application Data\Audacity

2009-04-13 09:33:35 ----D---- C:\WINDOWS\system32\Adobe

2009-04-12 20:17:29 ----D---- C:\Documents and Settings\Bob_\Application Data\SolidWorks 2009

2009-04-12 20:15:01 ----D---- C:\Documents and Settings\Bob_\Application Data\SolidWorks

2009-04-12 19:55:36 ----D---- C:\Program Files\Fichiers communs\SolidWorks Shared

2009-04-12 19:55:22 ----D---- C:\WINDOWS\system32\GroupPolicy

2009-04-12 19:55:21 ----D---- C:\Program Files\Fichiers communs\eDrawings2009

2009-04-12 19:55:17 ----D---- C:\Documents and Settings\All Users\Application Data\SolidWorks

2009-04-11 19:04:07 ----D---- C:\rdm6

2009-04-11 18:29:28 ----D---- C:\Documents and Settings\Bob_\Application Data\Sun

2009-04-11 18:10:17 ----D---- C:\Toolbox Parts

2009-04-11 18:10:17 ----D---- C:\Program Files\SolidWorks

2009-04-10 10:11:40 ----D---- C:\Documents and Settings\Bob_\Application Data\Graphisoft

2009-04-10 10:10:15 ----D---- C:\Documents and Settings\Bob_\Application Data\Notepad++

 

======List of files/folders modified in the last 1 months======

 

2009-05-08 12:06:07 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files

2009-05-08 11:37:02 ----D---- C:\WINDOWS\system

2009-05-08 11:37:01 ----D---- C:\WINDOWS\system32\Setup

2009-05-08 11:37:00 ----D---- C:\WINDOWS\Help

2009-05-08 11:36:55 ----D---- C:\WINDOWS\L2Schemas

2009-05-08 11:36:54 ----D---- C:\WINDOWS\system32\usmt

2009-05-08 11:36:54 ----D---- C:\WINDOWS\system32\drivers

2009-05-08 11:36:44 ----D---- C:\WINDOWS\AppPatch

2009-05-08 11:36:43 ----D---- C:\WINDOWS\ehome

2009-05-08 11:36:42 ----D---- C:\WINDOWS\ime

2009-05-08 11:36:41 ----RSD---- C:\WINDOWS\Fonts

2009-05-08 11:36:41 ----D---- C:\WINDOWS\Media

2009-05-08 11:36:40 ----D---- C:\WINDOWS\Network Diagnostic

2009-05-08 11:36:38 ----D---- C:\WINDOWS\system32\fr-fr

2009-05-08 11:36:29 ----D---- C:\WINDOWS\PeerNet

2009-05-08 11:36:18 ----D---- C:\WINDOWS\system32\npp

2009-05-08 11:36:11 ----D---- C:\WINDOWS\msagent

2009-05-08 11:36:07 ----D---- C:\WINDOWS\system32\fr

2009-05-08 11:34:26 ----D---- C:\WINDOWS\system32\1036

2009-05-08 11:34:20 ----D---- C:\WINDOWS\twain_32

2009-05-08 11:34:11 ----D---- C:\WINDOWS\system32\icsxml

2009-05-08 11:33:49 ----D---- C:\WINDOWS\system32\1033

2009-05-08 11:32:56 ----D---- C:\WINDOWS\WinSxS

2009-05-08 11:32:56 ----D---- C:\WINDOWS\Driver Cache

2009-05-08 11:24:23 ----D---- C:\Program Files\Mozilla Firefox

2009-05-08 11:23:35 ----D---- C:\WINDOWS\Temp

2009-05-08 11:10:27 ----D---- C:\WINDOWS\Registration

2009-05-08 11:10:19 ----D---- C:\WINDOWS\system32

2009-05-08 11:10:03 ----HD---- C:\WINDOWS\inf

2009-05-08 11:09:36 ----D---- C:\WINDOWS\system32\CatRoot2

2009-05-08 11:09:34 ----SHD---- C:\System Volume Information

2009-05-08 11:09:34 ----D---- C:\WINDOWS\system32\Restore

2009-05-08 11:08:26 ----D---- C:\WINDOWS

2009-05-08 10:56:54 ----D---- C:\WINDOWS\system32\config

2009-05-08 10:54:59 ----D---- C:\WINDOWS\repair

2009-05-08 10:54:17 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-05-08 10:51:15 ----A---- C:\WINDOWS\ODBCINST.INI

2009-05-08 10:51:08 ----D---- C:\WINDOWS\Debug

2009-05-08 10:50:50 ----D---- C:\WINDOWS\system32\ias

2009-05-08 10:50:26 ----RD---- C:\WINDOWS\Web

2009-05-08 10:50:26 ----RD---- C:\Program Files

2009-05-08 10:50:17 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2009-05-08 10:50:06 ----A---- C:\WINDOWS\win.ini

2009-05-08 10:49:57 ----D---- C:\Program Files\Windows Media Player

2009-05-08 10:49:52 ----D---- C:\WINDOWS\system32\oobe

2009-05-08 10:49:47 ----D---- C:\Program Files\Internet Explorer

2009-05-08 10:49:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-05-08 10:49:11 ----D---- C:\WINDOWS\system32\Com

2009-05-08 10:48:45 ----D---- C:\WINDOWS\system32\wbem

2009-05-08 10:48:43 ----SHD---- C:\WINDOWS\Installer

2009-05-08 10:47:48 ----D---- C:\WINDOWS\security

2009-05-08 10:47:26 ----SH---- C:\boot.ini

2009-05-08 10:40:07 ----A---- C:\WINDOWS\system.ini

2009-05-08 10:39:54 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2009-05-08 10:39:40 ----D---- C:\WINDOWS\system32\CatRoot

2009-05-08 09:54:16 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-05-07 20:30:47 ----D---- C:\Documents and Settings\Bob_\Application Data\BITS

2009-05-07 18:25:20 ----A---- C:\WINDOWS\NeroDigital.ini

2009-05-07 17:55:50 ----D---- C:\Downloads

2009-04-25 17:39:21 ----D---- C:\Documents and Settings\Bob_\Application Data\dvdcss

2009-04-23 16:12:25 ----SHD---- C:\Config.Msi

2009-04-23 16:12:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2009-04-23 16:12:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-04-23 16:11:30 ----D---- C:\Program Files\MSN Messenger

2009-04-23 16:11:19 ----DC---- C:\WINDOWS\system32\DRVSTORE

2009-04-23 16:10:25 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2009-04-23 15:20:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2009-04-21 15:58:46 ----D---- C:\Documents and Settings\Bob_\Application Data\Adobe

2009-04-21 15:58:41 ----D---- C:\WINDOWS\system32\Macromed

2009-04-13 18:52:02 ----D---- C:\Documents and Settings\Bob_\Application Data\BraCa_Soft

2009-04-12 20:06:24 ----RSD---- C:\WINDOWS\assembly

2009-04-12 20:03:35 ----D---- C:\WINDOWS\system32\ShellExt

2009-04-12 19:55:36 ----D---- C:\Program Files\Fichiers communs

2009-04-12 19:55:21 ----D---- C:\Program Files\AGEIA Technologies

2009-04-11 18:12:53 ----D---- C:\Program Files\Fichiers communs\DESIGNER

2009-04-11 18:10:41 ----D---- C:\Program Files\Microsoft Office

2009-04-10 09:51:22 ----SD---- C:\Documents and Settings\Bob_\Application Data\Microsoft

2009-04-09 11:06:13 ----SHD---- C:\RECYCLER

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-04-29 96104]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]

R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-03-03 226832]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-04-29 55640]

R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2009-03-31 72704]

R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2005-12-18 44416]

R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]

R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288]

R3 PAC207;PC Camera; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2007-10-25 616064]

R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-03-02 10368]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-11-09 452480]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-29 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]

R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]

R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]

S2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-03-03 206088]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe [2008-09-09 79144]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]

S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-04-12 79360]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

 

Voila ! Merci d'avance.

 

PS : je suis sous Winxp Pro SP3, j'ai Avira Antivir comme antivirus et Ubuntu 8.1 en dualboot

Lien vers le commentaire
Partager sur d’autres sites

Bonjour Cayzer :P

 

Messages: 1
Bienvenue sur les forums de Zebulon.

 

Quelques liens pour t'aider à commencer :

 

On va voir ensemble ce qui se passe sur ton PC ; comme tous les intervenants ici, nous aidons bénévolement en fonction de nos activités personnelles. On va essayer d'aller au plus vite, mais il faudra peut-être parfois être patient pour attendre une réponse, pas d'affolement :P

 

Tes rapports révèlent en effet des traces infectieuses. Au boulot :P

 

Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.

  • Double-clique combofix.exe afin de l'exécuter et suis les instructions.
  • Lorsque l'analyse sera complétée, un rapport apparaîtra.
  • Copie-colle ce rapport dans ta prochaine réponse.

Lien vers le commentaire
Partager sur d’autres sites

Merci pour la rapidité de la reponse j'arrive déja a acceder au gestionnaire des taches et autres je n'ai plus que le message au démarrage sinon ça semble déja aller mieux lol, pour le rapport voila ce que ça donne:

 

 

ComboFix 09-05-07.A0 - Bob_ 08/05/2009 14:30.1 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.374 [GMT 1:00]

Lancé depuis: c:\documents and settings\Bob_\Bureau\downthmall\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated)

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Bob_\Application Data\BITS

c:\documents and settings\Bob_\Application Data\BITS\BITS.ini

c:\documents and settings\Bob_\Application Data\BITS\DHTTable.dat

c:\documents and settings\Bob_\Application Data\BITS\ProxyList.ini

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304120347.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090304132029.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072907.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305072931.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305162604.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305162901.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090305164341.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090306134007.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090312102055.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314080642.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314081200.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314133559.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182318.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182704.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090314182712.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090315130414.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090315130414.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090315130414.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180816.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180831.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090316180838.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090321142914.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090325142032.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090327111932.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090330100917.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090331123411.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090331123411.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401171329.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401171329.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090401181329.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403161702.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403161702.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403171702.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090403171702.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090404071558.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090411191800.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131857.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131901.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090414131904.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415132844.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090415192217.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090416073349.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103514.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090417103554.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090418194626.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090418194626.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090418194626.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090422105251.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072833.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423072836.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090423073136.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090424111951.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090425174240.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072516.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090427072711.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428191223.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090428222738.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090430072020.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090501153125.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502075948.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192106.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090502192110.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503084550.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503232955.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233001.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233001.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233001.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233024.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233028.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090503233032.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506080004.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.~tmp

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.bits

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.filelist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.hybridlist

c:\documents and settings\Bob_\Application Data\BITS\Torrent\20090506222828.torrent.seeds

c:\documents and settings\Bob_\Application Data\BITS\UPnP.ini

c:\documents and settings\INTER\Application Data\BITS

c:\documents and settings\INTER\Application Data\BITS\BITS.ini

c:\documents and settings\INTER\Application Data\BITS\DHTTable.dat

c:\documents and settings\INTER\Application Data\BITS\ProxyList.ini

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.~tmp

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090302110017.torrent.seeds

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090304120347.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090304120347.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090312102055.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090312102055.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314080642.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314080642.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314081200.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314081200.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182318.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182318.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182318.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182704.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182704.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090314182712.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090315130414.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090315130414.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180816.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180816.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180831.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180831.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180838.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090316180838.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090321142914.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090321142914.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090325142032.torrent.seeds

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent.~tmp

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090327111932.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090331123411.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401171329.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401171329.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401181329.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090401181329.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403161702.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403161702.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.~tmp

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090403171702.torrent.seeds

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090411191800.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090411191800.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131857.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131857.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131901.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131901.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131904.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090414131904.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415132844.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415132844.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.~tmp

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090415192217.torrent.seeds

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416073349.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416073349.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.~tmp

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090416214636.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103514.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103514.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103554.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090417103554.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090418194626.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090418194626.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090422105251.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072833.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072833.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072836.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423072836.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423073136.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090423073136.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.~tmp

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.bits

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.filelist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.hybridlist

c:\documents and settings\INTER\Application Data\BITS\Torrent\20090424111951.torrent.seeds

c:\documents and settings\INTER\Application Data\BITS\UPnP.ini

c:\program files\FlashGet Network

c:\program files\FlashGet Network\FlashGet universal\btcore.dll

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49abae31.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ae6013.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ae720d.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49af7133.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49af714b.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49afef0c.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49afefbd.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49aff32d.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49b119a7.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49b8d3f7.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bb5782.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bb58c0.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bba4af.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bbe806.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bbe8e8.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bbe8f0.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49bceebe.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49be8780.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49be878f.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49be8796.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49c4ebaa.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ca2fa0.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49cca834.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d07e2d.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d1f1a3.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d392a9.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d6286e.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49d6ed0e.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e0ded8.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e47f31.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e47f35.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e47f38.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e5d2fc.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e625d9.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e6d14d.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e7992c.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e84d52.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49e84d7a.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49ea2002.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49eee8f3.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f00a91.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f00a94.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f00b48.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f19247.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f33d80.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f54fcc.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f5503f.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f74707.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f774ca.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49f94324.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fb07bd.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fbef64.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fc8f12.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fc8f16.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fd4bae.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1ae3.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1ae9.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1b00.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1b04.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49fe1b08.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4a013574.torrent

c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4a0200fc.torrent

c:\program files\FlashGet Network\FlashGet universal\btwrap.dll

c:\program files\FlashGet Network\FlashGet universal\BugReport.dll

c:\program files\FlashGet Network\FlashGet universal\BugReport.exe

c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm

c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll

c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini

c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm

c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini

c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi

c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll

c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt

c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll

c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll

c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log

c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe

c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll

c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll

c:\program files\FlashGet Network\FlashGet universal\fgoption.ini

c:\program files\FlashGet Network\FlashGet universal\FGVer.dll

c:\program files\FlashGet Network\FlashGet universal\flashget.exe

c:\program files\FlashGet Network\FlashGet universal\gt.exe

c:\program files\FlashGet Network\FlashGet universal\hashgen.dll

c:\program files\FlashGet Network\FlashGet universal\Help\license.txt

c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt

c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini

c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini

c:\program files\FlashGet Network\FlashGet universal\libupnp.dll

c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll

c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll

c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll

c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll

c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db

c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll

c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll

c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml

c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_0.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_1.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_2.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_3.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_4.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_5.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_6.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_7.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_8.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\9D3C46095AA7C034A6109F3C26B776E74A5F6CF7_9.jpg

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll

c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll

c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini

c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll

c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini

c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll

c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll

c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll

c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll

c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini

c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll

c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll

c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini

c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat

c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat

c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav

c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp

c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db

c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo.ini

c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo.jpg

c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo.zip

c:\program files\FlashGet Network\FlashGet universal\Skins\Water Yubo\Thumbs.db

c:\program files\FlashGet Network\FlashGet universal\storage.dll

c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe

c:\program files\FlashGet Network\FlashGet universal\transaction.log

c:\program files\FlashGet Network\FlashGet universal\uninst.exe

c:\program files\FlashGet Network\FlashGet universal\zlib.dll

F:\Autorun.inf

 

.

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 ))))))))))))))))))))))))))))))))))))

.

 

2009-05-08 11:27 . 2009-05-08 11:28 -------- d-----w C:\rsit

2009-05-08 10:10 . 2008-02-15 11:49 184320 ----a-w c:\windows\system32\igfxres.dll

2009-05-08 09:54 . 2002-09-07 00:00 31360 -c--a-w c:\windows\system32\dllcache\weitekp9.sys

2009-05-08 09:54 . 2002-09-07 00:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll

2009-05-08 09:54 . 2008-04-13 17:33 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll

2009-05-08 09:54 . 2002-09-07 00:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll

2009-05-08 09:54 . 2008-04-13 17:33 77824 -c--a-w c:\windows\system32\dllcache\wam51.dll

2009-05-08 09:54 . 2008-04-13 17:33 367104 -c--a-w c:\windows\system32\dllcache\w3svc.dll

2009-05-08 09:54 . 2002-09-07 00:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll

2009-05-08 09:54 . 2002-09-07 00:00 74240 -c--a-w c:\windows\system32\dllcache\w3ext.dll

2009-05-08 09:54 . 2002-09-07 00:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll

2009-05-08 09:54 . 2002-09-07 00:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll

2009-05-08 09:54 . 2008-04-13 17:32 86073 -c--a-w c:\windows\system32\dllcache\voicesub.dll

2009-05-08 09:54 . 2008-04-13 17:32 426041 -c--a-w c:\windows\system32\dllcache\voicepad.dll

2009-05-08 09:52 . 2008-04-13 17:33 23040 -c--a-w c:\windows\system32\dllcache\lpdsvc.dll

2009-05-08 09:51 . 2002-09-07 00:00 7168 -c--a-w c:\windows\system32\dllcache\wamregps.dll

2009-05-08 09:40 . 2002-09-07 00:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll

2009-05-08 09:40 . 2002-09-07 00:00 13312 ----a-w c:\windows\system32\irclass.dll

2009-05-08 09:40 . 2002-09-07 00:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll

2009-05-08 09:40 . 2002-09-07 00:00 24661 ----a-w c:\windows\system32\spxcoins.dll

2009-05-07 22:33 . 2009-05-07 22:33 -------- d-----w c:\program files\Bazooka Scanner

2009-05-07 22:22 . 2009-05-07 22:22 -------- d-sh--w c:\documents and settings\LocalService\IETldCache

2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\documents and settings\Bob_\Application Data\Skype

2009-05-01 20:59 . 2009-05-01 21:03 -------- d-----w c:\documents and settings\All Users\Application Data\Skype

2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Skype

2009-04-27 20:25 . 2009-04-27 20:25 -------- d-----w c:\program files\WinAVI MP4 Converter

2009-04-24 11:51 . 2009-04-24 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor

2009-04-24 11:33 . 2009-04-24 11:33 230432 ----a-w C:\PA207.DAT

2009-04-23 13:35 . 2009-04-24 11:50 -------- d-----w c:\documents and settings\INTER\Application Data\GetRightToGo

2009-04-19 07:41 . 2009-04-19 07:41 -------- d-----w c:\windows\system32\config\systemprofile\Application DataPDFcreator

2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\documents and settings\Bob_\Application Data\PDFCreator

2009-04-18 19:32 . 2005-04-20 19:08 196608 ----a-w c:\windows\system32\PDFSpooler.exe

2009-04-18 19:32 . 2001-10-28 16:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll

2009-04-18 19:32 . 1998-07-06 16:56 125712 ----a-w c:\windows\system32\VB6DE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 158208 ----a-w c:\windows\system32\MSCMCDE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 64512 ----a-w c:\windows\system32\MSCC2DE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 33792 ----a-w c:\windows\system32\CMDLGDE.DLL

2009-04-18 19:32 . 1998-07-06 00:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL

2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\program files\PDFCreator PL

2009-04-17 21:31 . 2009-04-17 21:31 -------- d-----w c:\program files\MagicISO

2009-04-15 16:17 . 2009-04-15 16:18 -------- d-----w c:\program files\winLAME

2009-04-13 19:51 . 2009-04-17 12:19 -------- d-----w c:\documents and settings\Bob_\Application Data\Audacity

2009-04-13 08:33 . 2009-04-21 14:59 -------- d-----w c:\windows\system32\Adobe

2009-04-12 19:17 . 2009-04-12 19:17 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009

2009-04-12 19:15 . 2009-05-07 16:28 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks

2009-04-12 18:55 . 2009-04-12 19:03 -------- d-----w c:\program files\Fichiers communs\SolidWorks Shared

2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\windows\system32\GroupPolicy

2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\program files\Fichiers communs\eDrawings2009

2009-04-12 18:55 . 2009-04-12 19:15 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks

2009-04-11 18:04 . 2009-04-11 18:04 -------- d-----w C:\rdm6

2009-04-11 17:10 . 2009-05-05 16:35 -------- d-----w C:\Toolbox Parts

2009-04-11 17:10 . 2009-04-12 19:19 -------- d-----w c:\program files\SolidWorks

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Graphisoft

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Graphisoft

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Application Data\Graphisoft

2009-04-10 09:10 . 2009-04-10 09:10 -------- d-----w c:\documents and settings\Bob_\Application Data\Notepad++

2009-04-10 08:51 . 2009-04-10 08:51 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Identities

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.idx

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.dat

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.idx

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.dat

2009-05-08 12:47 . 2002-09-07 00:00 80748 ----a-w c:\windows\system32\perfc00C.dat

2009-05-08 12:47 . 2002-09-07 00:00 500900 ----a-w c:\windows\system32\perfh00C.dat

2009-05-08 10:10 . 2009-03-01 13:42 96648 ----a-w c:\documents and settings\Bob_\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-08 09:50 . 2002-09-07 00:00 67 --sha-w c:\windows\Fonts\desktop.ini

2009-05-08 09:49 . 2009-03-01 12:12 23032 ----a-w c:\windows\system32\emptyregdb.dat

2009-05-05 21:23 . 2009-03-22 12:14 1210264 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-05-05 10:21 . 2009-03-01 14:07 96648 ----a-w c:\documents and settings\INTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-04-29 10:21 . 2009-04-04 09:47 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys

2009-04-23 15:11 . 2009-03-02 07:30 -------- d-----w c:\program files\MSN Messenger

2009-04-23 15:10 . 2009-03-06 19:32 -------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller

2009-04-12 18:55 . 2009-03-09 18:20 -------- d-----w c:\program files\AGEIA Technologies

2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Fichiers communs\PAC207

2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Aitinc

2009-04-08 10:27 . 2009-03-01 13:36 -------- d--h--w c:\program files\InstallShield Installation Information

2009-04-04 09:47 . 2009-04-04 09:47 -------- d-----w c:\program files\Avira

2009-04-04 08:34 . 2009-04-04 08:34 -------- d-----w c:\program files\Kaspersky Lab

2009-04-04 08:09 . 2009-04-04 08:26 1310720 ----a-w c:\windows\Internet Logs\xDBF.tmp

2009-04-04 08:09 . 2009-04-04 08:26 8192 ----a-w c:\windows\Internet Logs\xDBE.tmp

2009-04-04 08:08 . 2009-04-04 08:09 1384960 ----a-w c:\windows\Internet Logs\xDBD.tmp

2009-04-04 08:08 . 2009-04-04 08:09 32768 ----a-w c:\windows\Internet Logs\xDBC.tmp

2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBB.tmp

2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBA.tmp

2009-04-04 07:51 . 2009-04-04 08:05 15360 ----a-w c:\windows\Internet Logs\xDB9.tmp

2009-04-04 07:49 . 2009-04-04 07:51 1355264 ----a-w c:\windows\Internet Logs\xDB8.tmp

2009-04-04 07:49 . 2009-04-04 07:51 27136 ----a-w c:\windows\Internet Logs\xDB7.tmp

2009-04-04 07:44 . 2009-04-04 07:46 13824 ----a-w c:\windows\Internet Logs\xDB5.tmp

2009-04-04 07:44 . 2009-04-04 07:46 1328640 ----a-w c:\windows\Internet Logs\xDB6.tmp

2009-04-04 07:43 . 2009-04-04 07:44 43008 ----a-w c:\windows\Internet Logs\xDB2.tmp

2009-04-04 07:43 . 2009-04-04 07:44 1871872 ----a-w c:\windows\Internet Logs\xDB3.tmp

2009-04-04 07:41 . 2009-04-04 07:42 1875968 ----a-w c:\windows\Internet Logs\xDB1.tmp

2009-04-04 07:38 . 2009-04-04 07:44 1870848 ----a-w c:\windows\Internet Logs\xDB4.tmp

2009-04-04 07:38 . 2009-04-04 07:36 4212 ---ha-w c:\windows\system32\zllictbl.dat

2009-04-03 18:43 . 2009-04-03 18:43 -------- d-----w c:\program files\Zone Labs

2009-04-02 17:49 . 2009-04-02 17:49 83008 ----a-w c:\documents and settings\Papa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-04-02 15:32 . 2009-04-02 15:32 155648 ----a-w c:\windows\system32\SDCtrls.dll

2009-04-01 21:37 . 2009-04-01 21:37 290816 ------w c:\windows\Setup1.exe

2009-04-01 21:37 . 2009-04-01 21:37 74752 ----a-w c:\windows\ST6UNST.EXE

2009-04-01 11:28 . 2009-04-01 11:27 -------- d-----w c:\program files\QuickTime

2009-04-01 11:23 . 2009-03-31 09:41 -------- d-----w c:\program files\Graphisoft

2009-03-31 18:02 . 2009-03-31 18:00 -------- d-----w c:\program files\Fichiers communs\Ahead

2009-03-31 18:00 . 2009-03-31 18:00 -------- d-----w c:\program files\Nero

2009-03-31 11:16 . 2009-03-31 11:16 -------- d-----w c:\program files\WIBUKEY

2009-03-31 11:11 . 2009-03-31 11:17 57552 ----a-w c:\windows\system32\WkDos.exe

2009-03-31 11:11 . 2009-03-31 11:17 516096 ----a-w c:\windows\system32\WibuXpm4J32.dll

2009-03-31 11:11 . 2009-03-31 11:17 479232 ----a-w c:\windows\system32\wibuKJni.dll

2009-03-31 11:11 . 2009-03-31 11:17 348160 ----a-w c:\windows\system32\WkExt32.dll

2009-03-31 11:11 . 2009-03-31 11:17 16384 ----a-w c:\windows\system32\drivers\Wibukey2.sys

2009-03-31 11:11 . 2009-03-31 11:17 72704 ----a-w c:\windows\system32\drivers\WibuKey.sys

2009-03-31 11:11 . 2009-03-31 11:17 159744 ----a-w c:\windows\system32\WkWin32.dll

2009-03-31 09:45 . 2009-03-31 09:45 -------- d-----w c:\program files\WIBU-SYSTEMS

2009-03-31 09:44 . 2009-03-31 09:44 -------- d-----w c:\program files\Apple Software Update

2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Java

2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Fichiers communs\Java

2009-03-26 15:11 . 2009-03-26 15:11 -------- d-----w c:\program files\EnGenius

2009-03-25 12:28 . 2009-03-25 12:28 -------- d-----w c:\program files\EPSON

2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\program files\ma-config.com

2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com

2009-03-24 17:10 . 2009-03-24 17:10 -------- d-----w c:\program files\DigitalPeers

2009-03-22 12:14 . 2009-03-22 12:14 -------- d-----w c:\program files\MSBuild

2009-03-22 12:13 . 2009-03-22 12:13 -------- d-----w c:\program files\Reference Assemblies

2009-03-18 10:55 . 2009-03-02 07:42 -------- d-----w c:\program files\Messenger Plus! Live

2009-03-16 11:53 . 2009-03-16 11:53 -------- d-----w c:\program files\GIMP-2.0

2009-03-10 18:26 . 2009-03-10 18:26 -------- d-----w c:\program files\EA GAMES

2009-03-10 12:22 . 2009-03-02 07:08 -------- d-----w c:\program files\Winamp

2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Fichiers communs\Macromedia

2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Macromedia

2009-03-10 12:19 . 2009-03-02 07:16 -------- d-----w c:\program files\Fichiers communs\InstallShield

2009-03-09 18:19 . 2009-03-09 18:19 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard

2009-03-09 18:19 . 2009-03-09 18:19 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys

2009-03-05 12:34 . 2009-03-05 12:34 717296 ----a-w c:\windows\system32\drivers\sptd.sys

2009-03-03 12:25 . 2009-03-01 12:14 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-03-03 11:05 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys

2009-03-02 07:16 . 2009-03-02 07:16 319488 ----a-w c:\windows\HideWin.exe

2009-03-02 07:06 . 2009-03-02 07:04 10368 ----a-w c:\windows\system32\drivers\pfc.sys

2009-03-01 17:12 . 2009-03-01 17:12 0 ----a-w c:\windows\nsreg.dat

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-03 206088]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352]

"EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 99840]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]

"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"CTFMON"="c:\windows\system32\wscript.exe" [2008-04-13 155648]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\Bob_\Menu D‚marrer\Programmes\D‚marrage\

Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-9-9 841000]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"d:\\eMule\\emule.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2009 10:47 108289]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592]

R3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [08/04/2009 11:27 616064]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [09/09/2008 06:01 79144]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}]

\Shell\AutoRun\command - J:\setupSNK.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9814a31e-3b02-11de-a7e3-001fd010b3e5}]

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}]

\Shell\AutoRun\command - L:\setupSNK.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8CD3B31D-716D-5F87-05D4-10885C63CAA1}]

c:\windows\system32\winxp.exe

.

Contenu du dossier 'Tâches planifiées'

 

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

 

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

.

------- Examen supplémentaire -------

.

IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm

IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm

IE: &Tout télécharger avec FlashGet - k:\progra~1\FlashGet\jc_all.htm

IE: &Télécharger avec FlashGet - k:\progra~1\FlashGet\jc_link.htm

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {F5D79831-1767-4B49-8D11-11492C360F56} = 208.67.222.222 193.55.10.102

FF - ProfilePath - c:\documents and settings\Bob_\Application Data\Mozilla\Firefox\Profiles\wyo4od69.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.google.fr

FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-08 14:36

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-1177238915-1500820517-1606980848-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]

"GameDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\games"

"ShortlistDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\shortlists"

"ScreenshotsDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009"

"SaveDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\"

"HistoryDir"="c:\\Documents and Settings\\Bob_\\Bureau\\fm\\FM-Genie-Scout-1.0-b103\\History Points"

"LangDB"=""

"LastSaveGame"=""

"Language"="English"

"LoadLangDB"=dword:00000000

"CompressHistoryPoints"=dword:00000000

"HighlightedAttributes"=dword:00000000

"MinCondition"=dword:00000050

"GraphStep"=dword:00000000

"SkinName"="Champions League"

"LastUpdateCheck"=dword:00000000

"HighQualityGUI"=dword:00000001

"AutomaticallyUpdateCheck"=dword:00000001

"AdvancedGeneration"=dword:00000000

"TranslateStaffSkills"=dword:00000001

"TranslatePlayerSkills"=dword:00000001

"TranslatePositions"=dword:00000001

"ShowHistory"=dword:00000001

"Version"=dword:00000067

"UniqueID"="34-8400-E71F"

"UseProxy"=dword:00000000

"ProxyHost"=""

"ProxyPort"=""

"UseAuthentication"=dword:00000000

"UserName"=""

"UserPassword"=""

"Currency"=dword:0000001c

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'explorer.exe'(316)

c:\windows\system32\ieframe.dll

c:\windows\system32\eappprxy.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

c:\program files\WIBU-SYSTEMS\System\WibuShellExt.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

c:\program files\Graphisoft\ArchiCAD 12\GSShellX32.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\windows\system32\PAStiSvc.exe

c:\windows\system32\igfxsrvc.exe

c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Heure de fin: 2009-05-08 14:38 - La machine a redémarré

ComboFix-quarantined-files.txt 2009-05-08 13:38

 

Avant-CF: 11 913 191 424 octets libres

Après-CF: 12 805 779 456 octets libres

 

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

c:\wubildr.mbr="Ubuntu"

 

1006 --- E O F --- 2009-03-06 17:43

Lien vers le commentaire
Partager sur d’autres sites

Bien, on continue.

 

Télécharge CFScript.txt et enregistre le sur ton bureau.

  • Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture
     
    CFScriptB-4.gif
  • Une fenêtre bleue va apparaître, valide.
  • Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

 

Télécharge SystemLook de jpshortstuff sur ton Bureau.

  • Double-clique dessus afin de l'exécuter.
  • L'outil va s'ouvrir.
  • Assure toi que tes périphériques amovibles soient branchés, et allumés si nécessaire.
  • Copie-colle ce qui suit (en rouge dans mon post) dans la fenêtre de saisie de l'outil :

    • :filefind
      winfile.jpg
      *winfile.jpg*

  • Puis, clique sur Look
  • L'outil va travailler, et va ouvrir le Bloc-Notes contenant son rapport
  • Poste le contenu complet du rapport à la suite

 

A quoi correspond le lecteur F, à quel type de lecteur ?

Lien vers le commentaire
Partager sur d’autres sites

le lecteur F est une partition (NTFS) que j'ai crée pour y installer Ubuntu il est installé depuis le livecd sous windows, je te post ce que me renvoi Systeme look tout de suite..

 

 

EDIT:

Voila :

 

 

SystemLook v1.0 by jpshortstuff (24.04.09)

Log created at 15:13 on 08/05/2009 by Bob_ (Administrator - Elevation successful)

 

========== filefind ==========

 

Searching for "winfile.jpg"

No files found.

 

Searching for "*winfile.jpg*"

No files found.

 

-=End Of File=-

Modifié par Cayzer
Lien vers le commentaire
Partager sur d’autres sites

Ok. J'attends l'autre rapport, on voit ensuite.

Lien vers le commentaire
Partager sur d’autres sites

Ah j'avais oublié de le poster désolé, Voila :

 

---

 

ComboFix 09-05-07.A0 - Bob_ 08/05/2009 15:40.3 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.475 [GMT 1:00]

Lancé depuis: c:\documents and settings\Bob_\Bureau\downthmall\ComboFix.exe

Commutateurs utilisés :: c:\documents and settings\Bob_\Bureau\downthmall\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated)

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)

 

FILE ::

c:\windows\system32\winxp.exe

.

 

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 ))))))))))))))))))))))))))))))))))))

.

 

2009-05-08 11:27 . 2009-05-08 11:28 -------- d-----w C:\rsit

2009-05-08 10:10 . 2008-02-15 11:49 184320 ----a-w c:\windows\system32\igfxres.dll

2009-05-08 09:54 . 2002-09-07 00:00 31360 -c--a-w c:\windows\system32\dllcache\weitekp9.sys

2009-05-08 09:54 . 2002-09-07 00:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll

2009-05-08 09:54 . 2008-04-13 17:33 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll

2009-05-08 09:54 . 2002-09-07 00:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll

2009-05-08 09:54 . 2008-04-13 17:33 77824 -c--a-w c:\windows\system32\dllcache\wam51.dll

2009-05-08 09:54 . 2008-04-13 17:33 367104 -c--a-w c:\windows\system32\dllcache\w3svc.dll

2009-05-08 09:54 . 2002-09-07 00:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll

2009-05-08 09:54 . 2002-09-07 00:00 74240 -c--a-w c:\windows\system32\dllcache\w3ext.dll

2009-05-08 09:54 . 2002-09-07 00:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll

2009-05-08 09:54 . 2002-09-07 00:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll

2009-05-08 09:54 . 2008-04-13 17:32 86073 -c--a-w c:\windows\system32\dllcache\voicesub.dll

2009-05-08 09:54 . 2008-04-13 17:32 426041 -c--a-w c:\windows\system32\dllcache\voicepad.dll

2009-05-08 09:52 . 2008-04-13 17:33 23040 -c--a-w c:\windows\system32\dllcache\lpdsvc.dll

2009-05-08 09:51 . 2002-09-07 00:00 7168 -c--a-w c:\windows\system32\dllcache\wamregps.dll

2009-05-08 09:40 . 2002-09-07 00:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll

2009-05-08 09:40 . 2002-09-07 00:00 13312 ----a-w c:\windows\system32\irclass.dll

2009-05-08 09:40 . 2002-09-07 00:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll

2009-05-08 09:40 . 2002-09-07 00:00 24661 ----a-w c:\windows\system32\spxcoins.dll

2009-05-07 22:33 . 2009-05-07 22:33 -------- d-----w c:\program files\Bazooka Scanner

2009-05-07 22:22 . 2009-05-07 22:22 -------- d-sh--w c:\documents and settings\LocalService\IETldCache

2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\documents and settings\Bob_\Application Data\Skype

2009-05-01 20:59 . 2009-05-01 21:03 -------- d-----w c:\documents and settings\All Users\Application Data\Skype

2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Skype

2009-04-27 20:25 . 2009-04-27 20:25 -------- d-----w c:\program files\WinAVI MP4 Converter

2009-04-24 11:51 . 2009-04-24 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor

2009-04-24 11:33 . 2009-04-24 11:33 230432 ----a-w C:\PA207.DAT

2009-04-23 13:35 . 2009-04-24 11:50 -------- d-----w c:\documents and settings\INTER\Application Data\GetRightToGo

2009-04-19 07:41 . 2009-04-19 07:41 -------- d-----w c:\windows\system32\config\systemprofile\Application DataPDFcreator

2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\documents and settings\Bob_\Application Data\PDFCreator

2009-04-18 19:32 . 2005-04-20 19:08 196608 ----a-w c:\windows\system32\PDFSpooler.exe

2009-04-18 19:32 . 2001-10-28 16:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll

2009-04-18 19:32 . 1998-07-06 16:56 125712 ----a-w c:\windows\system32\VB6DE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 158208 ----a-w c:\windows\system32\MSCMCDE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 64512 ----a-w c:\windows\system32\MSCC2DE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 33792 ----a-w c:\windows\system32\CMDLGDE.DLL

2009-04-18 19:32 . 1998-07-06 00:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL

2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\program files\PDFCreator PL

2009-04-17 21:31 . 2009-04-17 21:31 -------- d-----w c:\program files\MagicISO

2009-04-15 16:17 . 2009-04-15 16:18 -------- d-----w c:\program files\winLAME

2009-04-13 19:51 . 2009-04-17 12:19 -------- d-----w c:\documents and settings\Bob_\Application Data\Audacity

2009-04-13 08:33 . 2009-04-21 14:59 -------- d-----w c:\windows\system32\Adobe

2009-04-12 19:17 . 2009-04-12 19:17 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009

2009-04-12 19:15 . 2009-05-07 16:28 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks

2009-04-12 18:55 . 2009-04-12 19:03 -------- d-----w c:\program files\Fichiers communs\SolidWorks Shared

2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\windows\system32\GroupPolicy

2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\program files\Fichiers communs\eDrawings2009

2009-04-12 18:55 . 2009-04-12 19:15 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks

2009-04-11 18:04 . 2009-04-11 18:04 -------- d-----w C:\rdm6

2009-04-11 17:10 . 2009-05-05 16:35 -------- d-----w C:\Toolbox Parts

2009-04-11 17:10 . 2009-04-12 19:19 -------- d-----w c:\program files\SolidWorks

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Graphisoft

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Graphisoft

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Application Data\Graphisoft

2009-04-10 09:10 . 2009-04-10 09:10 -------- d-----w c:\documents and settings\Bob_\Application Data\Notepad++

2009-04-10 08:51 . 2009-04-10 08:51 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Identities

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.idx

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.dat

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.idx

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.dat

2009-05-08 12:47 . 2002-09-07 00:00 80748 ----a-w c:\windows\system32\perfc00C.dat

2009-05-08 12:47 . 2002-09-07 00:00 500900 ----a-w c:\windows\system32\perfh00C.dat

2009-05-08 10:10 . 2009-03-01 13:42 96648 ----a-w c:\documents and settings\Bob_\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-08 09:50 . 2002-09-07 00:00 67 --sha-w c:\windows\Fonts\desktop.ini

2009-05-08 09:49 . 2009-03-01 12:12 23032 ----a-w c:\windows\system32\emptyregdb.dat

2009-05-05 21:23 . 2009-03-22 12:14 1210264 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-05-05 10:21 . 2009-03-01 14:07 96648 ----a-w c:\documents and settings\INTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-04-29 10:21 . 2009-04-04 09:47 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys

2009-04-23 15:11 . 2009-03-02 07:30 -------- d-----w c:\program files\MSN Messenger

2009-04-23 15:10 . 2009-03-06 19:32 -------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller

2009-04-12 18:55 . 2009-03-09 18:20 -------- d-----w c:\program files\AGEIA Technologies

2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Fichiers communs\PAC207

2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Aitinc

2009-04-08 10:27 . 2009-03-01 13:36 -------- d--h--w c:\program files\InstallShield Installation Information

2009-04-04 09:47 . 2009-04-04 09:47 -------- d-----w c:\program files\Avira

2009-04-04 08:34 . 2009-04-04 08:34 -------- d-----w c:\program files\Kaspersky Lab

2009-04-04 08:09 . 2009-04-04 08:26 1310720 ----a-w c:\windows\Internet Logs\xDBF.tmp

2009-04-04 08:09 . 2009-04-04 08:26 8192 ----a-w c:\windows\Internet Logs\xDBE.tmp

2009-04-04 08:08 . 2009-04-04 08:09 1384960 ----a-w c:\windows\Internet Logs\xDBD.tmp

2009-04-04 08:08 . 2009-04-04 08:09 32768 ----a-w c:\windows\Internet Logs\xDBC.tmp

2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBB.tmp

2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBA.tmp

2009-04-04 07:51 . 2009-04-04 08:05 15360 ----a-w c:\windows\Internet Logs\xDB9.tmp

2009-04-04 07:49 . 2009-04-04 07:51 1355264 ----a-w c:\windows\Internet Logs\xDB8.tmp

2009-04-04 07:49 . 2009-04-04 07:51 27136 ----a-w c:\windows\Internet Logs\xDB7.tmp

2009-04-04 07:44 . 2009-04-04 07:46 13824 ----a-w c:\windows\Internet Logs\xDB5.tmp

2009-04-04 07:44 . 2009-04-04 07:46 1328640 ----a-w c:\windows\Internet Logs\xDB6.tmp

2009-04-04 07:43 . 2009-04-04 07:44 43008 ----a-w c:\windows\Internet Logs\xDB2.tmp

2009-04-04 07:43 . 2009-04-04 07:44 1871872 ----a-w c:\windows\Internet Logs\xDB3.tmp

2009-04-04 07:41 . 2009-04-04 07:42 1875968 ----a-w c:\windows\Internet Logs\xDB1.tmp

2009-04-04 07:38 . 2009-04-04 07:44 1870848 ----a-w c:\windows\Internet Logs\xDB4.tmp

2009-04-04 07:38 . 2009-04-04 07:36 4212 ---ha-w c:\windows\system32\zllictbl.dat

2009-04-03 18:43 . 2009-04-03 18:43 -------- d-----w c:\program files\Zone Labs

2009-04-02 17:49 . 2009-04-02 17:49 83008 ----a-w c:\documents and settings\Papa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-04-02 15:32 . 2009-04-02 15:32 155648 ----a-w c:\windows\system32\SDCtrls.dll

2009-04-01 21:37 . 2009-04-01 21:37 290816 ------w c:\windows\Setup1.exe

2009-04-01 21:37 . 2009-04-01 21:37 74752 ----a-w c:\windows\ST6UNST.EXE

2009-04-01 11:28 . 2009-04-01 11:27 -------- d-----w c:\program files\QuickTime

2009-04-01 11:23 . 2009-03-31 09:41 -------- d-----w c:\program files\Graphisoft

2009-03-31 18:02 . 2009-03-31 18:00 -------- d-----w c:\program files\Fichiers communs\Ahead

2009-03-31 18:00 . 2009-03-31 18:00 -------- d-----w c:\program files\Nero

2009-03-31 11:16 . 2009-03-31 11:16 -------- d-----w c:\program files\WIBUKEY

2009-03-31 11:11 . 2009-03-31 11:17 57552 ----a-w c:\windows\system32\WkDos.exe

2009-03-31 11:11 . 2009-03-31 11:17 516096 ----a-w c:\windows\system32\WibuXpm4J32.dll

2009-03-31 11:11 . 2009-03-31 11:17 479232 ----a-w c:\windows\system32\wibuKJni.dll

2009-03-31 11:11 . 2009-03-31 11:17 348160 ----a-w c:\windows\system32\WkExt32.dll

2009-03-31 11:11 . 2009-03-31 11:17 16384 ----a-w c:\windows\system32\drivers\Wibukey2.sys

2009-03-31 11:11 . 2009-03-31 11:17 72704 ----a-w c:\windows\system32\drivers\WibuKey.sys

2009-03-31 11:11 . 2009-03-31 11:17 159744 ----a-w c:\windows\system32\WkWin32.dll

2009-03-31 09:45 . 2009-03-31 09:45 -------- d-----w c:\program files\WIBU-SYSTEMS

2009-03-31 09:44 . 2009-03-31 09:44 -------- d-----w c:\program files\Apple Software Update

2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Java

2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Fichiers communs\Java

2009-03-26 15:11 . 2009-03-26 15:11 -------- d-----w c:\program files\EnGenius

2009-03-25 12:28 . 2009-03-25 12:28 -------- d-----w c:\program files\EPSON

2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\program files\ma-config.com

2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com

2009-03-24 17:10 . 2009-03-24 17:10 -------- d-----w c:\program files\DigitalPeers

2009-03-22 12:14 . 2009-03-22 12:14 -------- d-----w c:\program files\MSBuild

2009-03-22 12:13 . 2009-03-22 12:13 -------- d-----w c:\program files\Reference Assemblies

2009-03-18 10:55 . 2009-03-02 07:42 -------- d-----w c:\program files\Messenger Plus! Live

2009-03-16 11:53 . 2009-03-16 11:53 -------- d-----w c:\program files\GIMP-2.0

2009-03-10 18:26 . 2009-03-10 18:26 -------- d-----w c:\program files\EA GAMES

2009-03-10 12:22 . 2009-03-02 07:08 -------- d-----w c:\program files\Winamp

2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Fichiers communs\Macromedia

2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Macromedia

2009-03-10 12:19 . 2009-03-02 07:16 -------- d-----w c:\program files\Fichiers communs\InstallShield

2009-03-09 18:19 . 2009-03-09 18:19 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard

2009-03-09 18:19 . 2009-03-09 18:19 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys

2009-03-05 12:34 . 2009-03-05 12:34 717296 ----a-w c:\windows\system32\drivers\sptd.sys

2009-03-03 12:25 . 2009-03-01 12:14 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-03-03 11:05 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys

2009-03-02 07:16 . 2009-03-02 07:16 319488 ----a-w c:\windows\HideWin.exe

2009-03-02 07:06 . 2009-03-02 07:04 10368 ----a-w c:\windows\system32\drivers\pfc.sys

2009-03-01 17:12 . 2009-03-01 17:12 0 ----a-w c:\windows\nsreg.dat

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-03 206088]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352]

"EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 99840]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]

"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\Bob_\Menu D‚marrer\Programmes\D‚marrage\

Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-9-9 841000]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"d:\\eMule\\emule.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2009 10:47 108289]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592]

R3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [08/04/2009 11:27 616064]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [09/09/2008 06:01 79144]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}]

\Shell\AutoRun\command - J:\setupSNK.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}]

\Shell\AutoRun\command - L:\setupSNK.exe

.

Contenu du dossier 'Tâches planifiées'

 

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

 

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

.

------- Examen supplémentaire -------

.

IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm

IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm

IE: &Tout télécharger avec FlashGet - k:\progra~1\FlashGet\jc_all.htm

IE: &Télécharger avec FlashGet - k:\progra~1\FlashGet\jc_link.htm

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {F5D79831-1767-4B49-8D11-11492C360F56} = 208.67.222.222 193.55.10.102

FF - ProfilePath - c:\documents and settings\Bob_\Application Data\Mozilla\Firefox\Profiles\wyo4od69.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.google.fr

FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-08 15:41

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-1177238915-1500820517-1606980848-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]

"GameDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\games"

"ShortlistDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\shortlists"

"ScreenshotsDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009"

"SaveDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\"

"HistoryDir"="c:\\Documents and Settings\\Bob_\\Bureau\\fm\\FM-Genie-Scout-1.0-b103\\History Points"

"LangDB"=""

"LastSaveGame"=""

"Language"="English"

"LoadLangDB"=dword:00000000

"CompressHistoryPoints"=dword:00000000

"HighlightedAttributes"=dword:00000000

"MinCondition"=dword:00000050

"GraphStep"=dword:00000000

"SkinName"="Champions League"

"LastUpdateCheck"=dword:00000000

"HighQualityGUI"=dword:00000001

"AutomaticallyUpdateCheck"=dword:00000001

"AdvancedGeneration"=dword:00000000

"TranslateStaffSkills"=dword:00000001

"TranslatePlayerSkills"=dword:00000001

"TranslatePositions"=dword:00000001

"ShowHistory"=dword:00000001

"Version"=dword:00000067

"UniqueID"="34-8400-E71F"

"UseProxy"=dword:00000000

"ProxyHost"=""

"ProxyPort"=""

"UseAuthentication"=dword:00000000

"UserName"=""

"UserPassword"=""

"Currency"=dword:0000001c

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'explorer.exe'(3972)

c:\windows\system32\ieframe.dll

c:\windows\system32\eappprxy.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

c:\program files\WIBU-SYSTEMS\System\WibuShellExt.dll

c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll

c:\program files\Graphisoft\ArchiCAD 12\GSShellX32.dll

c:\windows\system32\igfxpph.dll

c:\windows\system32\hccutils.DLL

.

Heure de fin: 2009-05-08 15:42

ComboFix-quarantined-files.txt 2009-05-08 14:42

ComboFix2.txt 2009-05-08 14:08

ComboFix3.txt 2009-05-08 13:38

 

Avant-CF: 12 789 465 088 octets libres

Après-CF: 12 776 800 256 octets libres

 

292 --- E O F --- 2009-03-06 17:43

Lien vers le commentaire
Partager sur d’autres sites

Bien. Le message d'erreur a disparu normalement à présent du démarrage.

 

Trouve le fichier suivant et poste moi le contenu du fichier texte : c:\ComboFix2.txt ou c:\qoobox\ComboFix2.txt

Pour cela tu double-cliques sur le fichier quand tu l'as trouvé. Le Bloc-notes s'ouvrira, il te suffira de copier-coller son contenu.

 

FlashGet. Je te conseille de t'en débarasser, c'est un pourvoyeur de malwares. Je te conseille Free Download Manager (gratuit) qui lui est sain sans ambigüités.

Je t'invite à consulter cette page de Spybot et cette page d'Assiste où tu le trouveras dans la liste pour t'en convaincre.

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Branche tes supports amovibles (clés USB, lecteurs MP3, cartes Flash, etc.) sans les ouvrir.
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Lien vers le commentaire
Partager sur d’autres sites

Voila ce que donne ComboFix2.txt :

ComboFix 09-05-07.A0 - Bob_ 08/05/2009 15:06.2 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.455 [GMT 1:00]

Lancé depuis: c:\documents and settings\Bob_\Bureau\downthmall\ComboFix.exe

Commutateurs utilisés :: c:\documents and settings\Bob_\Bureau\downthmall\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated)

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)

 

FILE ::

c:\windows\system32\winxp.exe

.

 

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 ))))))))))))))))))))))))))))))))))))

.

 

2009-05-08 11:27 . 2009-05-08 11:28 -------- d-----w C:\rsit

2009-05-08 10:10 . 2008-02-15 11:49 184320 ----a-w c:\windows\system32\igfxres.dll

2009-05-08 09:54 . 2002-09-07 00:00 31360 -c--a-w c:\windows\system32\dllcache\weitekp9.sys

2009-05-08 09:54 . 2002-09-07 00:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll

2009-05-08 09:54 . 2008-04-13 17:33 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll

2009-05-08 09:54 . 2002-09-07 00:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll

2009-05-08 09:54 . 2008-04-13 17:33 77824 -c--a-w c:\windows\system32\dllcache\wam51.dll

2009-05-08 09:54 . 2008-04-13 17:33 367104 -c--a-w c:\windows\system32\dllcache\w3svc.dll

2009-05-08 09:54 . 2002-09-07 00:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll

2009-05-08 09:54 . 2002-09-07 00:00 74240 -c--a-w c:\windows\system32\dllcache\w3ext.dll

2009-05-08 09:54 . 2002-09-07 00:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll

2009-05-08 09:54 . 2002-09-07 00:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll

2009-05-08 09:54 . 2008-04-13 17:32 86073 -c--a-w c:\windows\system32\dllcache\voicesub.dll

2009-05-08 09:54 . 2008-04-13 17:32 426041 -c--a-w c:\windows\system32\dllcache\voicepad.dll

2009-05-08 09:52 . 2008-04-13 17:33 23040 -c--a-w c:\windows\system32\dllcache\lpdsvc.dll

2009-05-08 09:51 . 2002-09-07 00:00 7168 -c--a-w c:\windows\system32\dllcache\wamregps.dll

2009-05-08 09:40 . 2002-09-07 00:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll

2009-05-08 09:40 . 2002-09-07 00:00 13312 ----a-w c:\windows\system32\irclass.dll

2009-05-08 09:40 . 2002-09-07 00:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll

2009-05-08 09:40 . 2002-09-07 00:00 24661 ----a-w c:\windows\system32\spxcoins.dll

2009-05-07 22:33 . 2009-05-07 22:33 -------- d-----w c:\program files\Bazooka Scanner

2009-05-07 22:22 . 2009-05-07 22:22 -------- d-sh--w c:\documents and settings\LocalService\IETldCache

2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\documents and settings\Bob_\Application Data\Skype

2009-05-01 20:59 . 2009-05-01 21:03 -------- d-----w c:\documents and settings\All Users\Application Data\Skype

2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Skype

2009-04-27 20:25 . 2009-04-27 20:25 -------- d-----w c:\program files\WinAVI MP4 Converter

2009-04-24 11:51 . 2009-04-24 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\WebacamSurveyor

2009-04-24 11:33 . 2009-04-24 11:33 230432 ----a-w C:\PA207.DAT

2009-04-23 13:35 . 2009-04-24 11:50 -------- d-----w c:\documents and settings\INTER\Application Data\GetRightToGo

2009-04-19 07:41 . 2009-04-19 07:41 -------- d-----w c:\windows\system32\config\systemprofile\Application DataPDFcreator

2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\documents and settings\Bob_\Application Data\PDFCreator

2009-04-18 19:32 . 2005-04-20 19:08 196608 ----a-w c:\windows\system32\PDFSpooler.exe

2009-04-18 19:32 . 2001-10-28 16:42 116224 ----a-w c:\windows\system32\pdfcmnnt.dll

2009-04-18 19:32 . 1998-07-06 16:56 125712 ----a-w c:\windows\system32\VB6DE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 158208 ----a-w c:\windows\system32\MSCMCDE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 64512 ----a-w c:\windows\system32\MSCC2DE.DLL

2009-04-18 19:32 . 1998-07-06 16:55 33792 ----a-w c:\windows\system32\CMDLGDE.DLL

2009-04-18 19:32 . 1998-07-06 00:00 23552 ----a-w c:\windows\system32\MSMPIDE.DLL

2009-04-18 19:32 . 2009-04-18 19:32 -------- d-----w c:\program files\PDFCreator PL

2009-04-17 21:31 . 2009-04-17 21:31 -------- d-----w c:\program files\MagicISO

2009-04-15 16:17 . 2009-04-15 16:18 -------- d-----w c:\program files\winLAME

2009-04-13 19:51 . 2009-04-17 12:19 -------- d-----w c:\documents and settings\Bob_\Application Data\Audacity

2009-04-13 08:33 . 2009-04-21 14:59 -------- d-----w c:\windows\system32\Adobe

2009-04-12 19:17 . 2009-04-12 19:17 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks 2009

2009-04-12 19:15 . 2009-05-07 16:28 -------- d-----w c:\documents and settings\Bob_\Application Data\SolidWorks

2009-04-12 18:55 . 2009-04-12 19:03 -------- d-----w c:\program files\Fichiers communs\SolidWorks Shared

2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\windows\system32\GroupPolicy

2009-04-12 18:55 . 2009-04-12 18:55 -------- d-----w c:\program files\Fichiers communs\eDrawings2009

2009-04-12 18:55 . 2009-04-12 19:15 -------- d-----w c:\documents and settings\All Users\Application Data\SolidWorks

2009-04-11 18:04 . 2009-04-11 18:04 -------- d-----w C:\rdm6

2009-04-11 17:10 . 2009-05-05 16:35 -------- d-----w C:\Toolbox Parts

2009-04-11 17:10 . 2009-04-12 19:19 -------- d-----w c:\program files\SolidWorks

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Graphisoft

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Graphisoft

2009-04-10 09:11 . 2009-04-10 09:14 -------- d-----w c:\documents and settings\Bob_\Application Data\Graphisoft

2009-04-10 09:10 . 2009-04-10 09:10 -------- d-----w c:\documents and settings\Bob_\Application Data\Notepad++

2009-04-10 08:51 . 2009-04-10 08:51 -------- d-----w c:\documents and settings\Bob_\Local Settings\Application Data\Identities

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.idx

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox2.dat

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.idx

2009-05-08 13:34 . 2009-04-04 07:34 32 --sha-w c:\windows\system32\drivers\fidbox.dat

2009-05-08 12:47 . 2002-09-07 00:00 80748 ----a-w c:\windows\system32\perfc00C.dat

2009-05-08 12:47 . 2002-09-07 00:00 500900 ----a-w c:\windows\system32\perfh00C.dat

2009-05-08 10:10 . 2009-03-01 13:42 96648 ----a-w c:\documents and settings\Bob_\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-08 09:50 . 2002-09-07 00:00 67 --sha-w c:\windows\Fonts\desktop.ini

2009-05-08 09:49 . 2009-03-01 12:12 23032 ----a-w c:\windows\system32\emptyregdb.dat

2009-05-05 21:23 . 2009-03-22 12:14 1210264 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-05-05 10:21 . 2009-03-01 14:07 96648 ----a-w c:\documents and settings\INTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-04-29 10:21 . 2009-04-04 09:47 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys

2009-04-23 15:11 . 2009-03-02 07:30 -------- d-----w c:\program files\MSN Messenger

2009-04-23 15:10 . 2009-03-06 19:32 -------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller

2009-04-12 18:55 . 2009-03-09 18:20 -------- d-----w c:\program files\AGEIA Technologies

2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Fichiers communs\PAC207

2009-04-08 10:27 . 2009-04-08 10:27 -------- d-----w c:\program files\Aitinc

2009-04-08 10:27 . 2009-03-01 13:36 -------- d--h--w c:\program files\InstallShield Installation Information

2009-04-04 09:47 . 2009-04-04 09:47 -------- d-----w c:\program files\Avira

2009-04-04 08:34 . 2009-04-04 08:34 -------- d-----w c:\program files\Kaspersky Lab

2009-04-04 08:09 . 2009-04-04 08:26 1310720 ----a-w c:\windows\Internet Logs\xDBF.tmp

2009-04-04 08:09 . 2009-04-04 08:26 8192 ----a-w c:\windows\Internet Logs\xDBE.tmp

2009-04-04 08:08 . 2009-04-04 08:09 1384960 ----a-w c:\windows\Internet Logs\xDBD.tmp

2009-04-04 08:08 . 2009-04-04 08:09 32768 ----a-w c:\windows\Internet Logs\xDBC.tmp

2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBB.tmp

2009-04-04 07:52 . 2009-04-04 08:05 1326592 ----a-w c:\windows\Internet Logs\xDBA.tmp

2009-04-04 07:51 . 2009-04-04 08:05 15360 ----a-w c:\windows\Internet Logs\xDB9.tmp

2009-04-04 07:49 . 2009-04-04 07:51 1355264 ----a-w c:\windows\Internet Logs\xDB8.tmp

2009-04-04 07:49 . 2009-04-04 07:51 27136 ----a-w c:\windows\Internet Logs\xDB7.tmp

2009-04-04 07:44 . 2009-04-04 07:46 13824 ----a-w c:\windows\Internet Logs\xDB5.tmp

2009-04-04 07:44 . 2009-04-04 07:46 1328640 ----a-w c:\windows\Internet Logs\xDB6.tmp

2009-04-04 07:43 . 2009-04-04 07:44 43008 ----a-w c:\windows\Internet Logs\xDB2.tmp

2009-04-04 07:43 . 2009-04-04 07:44 1871872 ----a-w c:\windows\Internet Logs\xDB3.tmp

2009-04-04 07:41 . 2009-04-04 07:42 1875968 ----a-w c:\windows\Internet Logs\xDB1.tmp

2009-04-04 07:38 . 2009-04-04 07:44 1870848 ----a-w c:\windows\Internet Logs\xDB4.tmp

2009-04-04 07:38 . 2009-04-04 07:36 4212 ---ha-w c:\windows\system32\zllictbl.dat

2009-04-03 18:43 . 2009-04-03 18:43 -------- d-----w c:\program files\Zone Labs

2009-04-02 17:49 . 2009-04-02 17:49 83008 ----a-w c:\documents and settings\Papa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-04-02 15:32 . 2009-04-02 15:32 155648 ----a-w c:\windows\system32\SDCtrls.dll

2009-04-01 21:37 . 2009-04-01 21:37 290816 ------w c:\windows\Setup1.exe

2009-04-01 21:37 . 2009-04-01 21:37 74752 ----a-w c:\windows\ST6UNST.EXE

2009-04-01 11:28 . 2009-04-01 11:27 -------- d-----w c:\program files\QuickTime

2009-04-01 11:23 . 2009-03-31 09:41 -------- d-----w c:\program files\Graphisoft

2009-03-31 18:02 . 2009-03-31 18:00 -------- d-----w c:\program files\Fichiers communs\Ahead

2009-03-31 18:00 . 2009-03-31 18:00 -------- d-----w c:\program files\Nero

2009-03-31 11:16 . 2009-03-31 11:16 -------- d-----w c:\program files\WIBUKEY

2009-03-31 11:11 . 2009-03-31 11:17 57552 ----a-w c:\windows\system32\WkDos.exe

2009-03-31 11:11 . 2009-03-31 11:17 516096 ----a-w c:\windows\system32\WibuXpm4J32.dll

2009-03-31 11:11 . 2009-03-31 11:17 479232 ----a-w c:\windows\system32\wibuKJni.dll

2009-03-31 11:11 . 2009-03-31 11:17 348160 ----a-w c:\windows\system32\WkExt32.dll

2009-03-31 11:11 . 2009-03-31 11:17 16384 ----a-w c:\windows\system32\drivers\Wibukey2.sys

2009-03-31 11:11 . 2009-03-31 11:17 72704 ----a-w c:\windows\system32\drivers\WibuKey.sys

2009-03-31 11:11 . 2009-03-31 11:17 159744 ----a-w c:\windows\system32\WkWin32.dll

2009-03-31 09:45 . 2009-03-31 09:45 -------- d-----w c:\program files\WIBU-SYSTEMS

2009-03-31 09:44 . 2009-03-31 09:44 -------- d-----w c:\program files\Apple Software Update

2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Java

2009-03-30 17:31 . 2009-03-30 17:31 -------- d-----w c:\program files\Fichiers communs\Java

2009-03-26 15:11 . 2009-03-26 15:11 -------- d-----w c:\program files\EnGenius

2009-03-25 12:28 . 2009-03-25 12:28 -------- d-----w c:\program files\EPSON

2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\program files\ma-config.com

2009-03-25 11:06 . 2009-03-25 11:06 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com

2009-03-24 17:10 . 2009-03-24 17:10 -------- d-----w c:\program files\DigitalPeers

2009-03-22 12:14 . 2009-03-22 12:14 -------- d-----w c:\program files\MSBuild

2009-03-22 12:13 . 2009-03-22 12:13 -------- d-----w c:\program files\Reference Assemblies

2009-03-18 10:55 . 2009-03-02 07:42 -------- d-----w c:\program files\Messenger Plus! Live

2009-03-16 11:53 . 2009-03-16 11:53 -------- d-----w c:\program files\GIMP-2.0

2009-03-10 18:26 . 2009-03-10 18:26 -------- d-----w c:\program files\EA GAMES

2009-03-10 12:22 . 2009-03-02 07:08 -------- d-----w c:\program files\Winamp

2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Fichiers communs\Macromedia

2009-03-10 12:19 . 2009-03-10 12:19 -------- d-----w c:\program files\Macromedia

2009-03-10 12:19 . 2009-03-02 07:16 -------- d-----w c:\program files\Fichiers communs\InstallShield

2009-03-09 18:19 . 2009-03-09 18:19 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard

2009-03-09 18:19 . 2009-03-09 18:19 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys

2009-03-05 12:34 . 2009-03-05 12:34 717296 ----a-w c:\windows\system32\drivers\sptd.sys

2009-03-03 12:25 . 2009-03-01 12:14 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-03-03 11:05 . 2008-01-29 16:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys

2009-03-02 07:16 . 2009-03-02 07:16 319488 ----a-w c:\windows\HideWin.exe

2009-03-02 07:06 . 2009-03-02 07:04 10368 ----a-w c:\windows\system32\drivers\pfc.sys

2009-03-01 17:12 . 2009-03-01 17:12 0 ----a-w c:\windows\nsreg.dat

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-03 206088]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352]

"EPSON Stylus C45 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 99840]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]

"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\Bob_\Menu D‚marrer\Programmes\D‚marrage\

Moteur du Planificateur de tƒches SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2008-9-9 841000]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"d:\\eMule\\emule.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

 

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 33808]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04/04/2009 10:47 108289]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 24592]

R3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [08/04/2009 11:27 616064]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [09/09/2008 06:01 79144]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11ee89ea-1ab8-11de-86e2-001fd010b3e5}]

\Shell\AutoRun\command - J:\setupSNK.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a257c-1783-11de-86d3-001fd010b3e5}]

\Shell\AutoRun\command - L:\setupSNK.exe

.

Contenu du dossier 'Tâches planifiées'

 

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{2B1D3B09-E8BC-440A-B3B4-3034D81396A8}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

 

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{EDE16183-2AE1-4BAA-90A1-170567949D30}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

.

------- Examen supplémentaire -------

.

IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm

IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm

IE: &Tout télécharger avec FlashGet - k:\progra~1\FlashGet\jc_all.htm

IE: &Télécharger avec FlashGet - k:\progra~1\FlashGet\jc_link.htm

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {F5D79831-1767-4B49-8D11-11492C360F56} = 208.67.222.222 193.55.10.102

FF - ProfilePath - c:\documents and settings\Bob_\Application Data\Mozilla\Firefox\Profiles\wyo4od69.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.google.fr

FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-08 15:07

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-1177238915-1500820517-1606980848-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]

"GameDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\games"

"ShortlistDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\shortlists"

"ScreenshotsDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009"

"SaveDir"="c:\\Documents and Settings\\Bob_\\Mes documents\\Sports Interactive\\Football Manager 2009\\"

"HistoryDir"="c:\\Documents and Settings\\Bob_\\Bureau\\fm\\FM-Genie-Scout-1.0-b103\\History Points"

"LangDB"=""

"LastSaveGame"=""

"Language"="English"

"LoadLangDB"=dword:00000000

"CompressHistoryPoints"=dword:00000000

"HighlightedAttributes"=dword:00000000

"MinCondition"=dword:00000050

"GraphStep"=dword:00000000

"SkinName"="Champions League"

"LastUpdateCheck"=dword:00000000

"HighQualityGUI"=dword:00000001

"AutomaticallyUpdateCheck"=dword:00000001

"AdvancedGeneration"=dword:00000000

"TranslateStaffSkills"=dword:00000001

"TranslatePlayerSkills"=dword:00000001

"TranslatePositions"=dword:00000001

"ShowHistory"=dword:00000001

"Version"=dword:00000067

"UniqueID"="34-8400-E71F"

"UseProxy"=dword:00000000

"ProxyHost"=""

"ProxyPort"=""

"UseAuthentication"=dword:00000000

"UserName"=""

"UserPassword"=""

"Currency"=dword:0000001c

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'explorer.exe'(2452)

c:\windows\system32\ieframe.dll

c:\windows\system32\eappprxy.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Heure de fin: 2009-05-08 15:08

ComboFix-quarantined-files.txt 2009-05-08 14:08

ComboFix2.txt 2009-05-08 13:38

 

Avant-CF: 12 791 652 352 octets libres

Après-CF: 12 787 544 064 octets libres

 

283 --- E O F --- 2009-03-06 17:43

 

 

Merci pour ton aide pour Flashget, je m'en débarasse tout de suite je te crois sur parole :P MBAM est en cour de mise a jour (avec la connection que j'ai ça devrait prendre du temps) je t'envoi le rapport dés que je l'ai.. Encore une fois Merci pour tout

Lien vers le commentaire
Partager sur d’autres sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

 Share

  • En ligne récemment   0 membre est en ligne

    Aucun utilisateur enregistré regarde cette page.

×
×
  • Créer...