Se connecter / S'enregistrer
Votre question

Virus inconnu !

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Novembre 2009 19:49:02

Bonsoir à tous.

Alors voila, j'ai un problème qui me laisse pensé a un virus.
Je ne peux plus installer aucun anti-virus, j'ai quelque problème de son ( en jeu il a tendance a ce coupé complétement jusqu'au reboot de l'ordi ) et quelques fois au démarrage, il affiche un écran bleu disant un erreur et fait redémarrer mon pc.
Je suis également joueur de call of duty 2 ( old school si vous voulez :kaola:  )
mais depuis il met beaucoup plus de temps a se lancé et ne charge pas de map, donc ne marche plus. Idem pour cod4, Risen, CHampions Online.
Si vous pouvez trouver l' origine de ces problèmes je vous en serait très reconnaissant, merci de votre aide.

Cordialement, iZar.

Autres pages sur : virus inconnu

a c 294 8 Sécurité
2 Novembre 2009 19:52:56

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    2 Novembre 2009 19:57:00

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by PENA at 2009-11-02 19:54:20
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 73 GB (48%) free of 153 GB
    Total RAM: 2047 MB (48% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:54:34, on 02/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    E:\Cam\Quickcam.exe
    E:\Winamp\winampa.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DNA\btdna.exe
    E:\steam\steam.exe
    C:\Program Files\SFR\Kit\9props.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\RaUI.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\explorer.exe
    e:\steam\steamapps\common\champions online\Champions Online.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    E:\FireFox\firefox.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Documents and Settings\PENA\Mes documents\Téléchargements\RSIT.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\trend micro\PENA.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Cam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "E:\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] E:\Winamp\winampa.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ANTI LITE TITLE DEBUG] C:\Documents and Settings\All Users\Application Data\Okay meta anti lite\film hole.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Steam] "e:\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [stupid hope] C:\DOCUME~1\PENA\APPLIC~1\HECKOO~1\Setuplitebrowse.exe
    O4 - HKCU\..\Run: [Palringo] "E:\Parlingo\Palringo\palringo.exe" /hidden
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [flec003.exe] C:\Documents and Settings\PENA\Application Data\hidires\flec003.exe
    O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xfire.lnk = E:\Xfire\Xfire.exe
    O4 - Global Startup: Hawking Wireless Utility.lnk = ?
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

    --
    End of file - 11565 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\A82150419372FEC1.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Norton Security Scan for PENA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-03-27 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
    Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-12 761840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-12 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll []
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
    "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]
    "LogitechQuickCamRibbon"=E:\Cam\Quickcam.exe [2008-08-14 2407184]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-09 148888]
    "UnlockerAssistant"=E:\Unlocker\UnlockerAssistant.exe [2009-11-02 15872]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=E:\iTunes\iTunesHelper.exe [2009-03-12 342312]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "WinampAgent"=E:\Winamp\winampa.exe [2009-04-10 37888]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ANTI LITE TITLE DEBUG"=C:\Documents and Settings\All Users\Application Data\Okay meta anti lite\film hole.exe [2009-11-02 815104]
    "WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe [2000-07-12 24576]
    "Microsoft Works Portfolio"=C:\Program Files\Microsoft Works\WksSb.exe [2000-07-12 311350]
    "Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe [2000-08-04 28739]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-23 342848]
    "Steam"=e:\steam\steam.exe [2009-10-30 1217808]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-26 39408]
    "stupid hope"=C:\DOCUME~1\PENA\APPLIC~1\HECKOO~1\Setuplitebrowse.exe [2009-07-08 546304]
    "Palringo"=E:\Parlingo\Palringo\palringo.exe /hidden []
    "DriverMax"= []
    "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
    "flec003.exe"=C:\Documents and Settings\PENA\Application Data\hidires\flec003.exe [2009-10-30 2557956]
    "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Hawking Wireless Utility.lnk - C:\Program Files\Hawking\Common\RaUI.exe
    Ralink Wireless Utility.lnk - C:\WINDOWS\RaUI.exe
    Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    C:\Documents and Settings\PENA\Menu Démarrer\Programmes\Démarrage
    Xfire.lnk - E:\Xfire\Xfire.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "E:\Xfire\Xfire.exe"="E:\Xfire\Xfire.exe:*:Enabled:Xfire"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "E:\Bit torrent\BitTorrent\bittorrent.exe"="E:\Bit torrent\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "E:\Call of Duty 2\CoD2MP_s.exe"="E:\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
    "E:\Emule\emule.exe"="E:\Emule\emule.exe:*:Enabled:eMule"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "E:\Steam\SteamApps\maxvs81\counter-strike source\hl2.exe"="E:\Steam\SteamApps\maxvs81\counter-strike source\hl2.exe:*:Enabled:hl2"
    "E:\mIRC\mirc.exe"="E:\mIRC\mirc.exe:*:Enabled:mIRC"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "E:\HLSW\hlsw.exe"="E:\HLSW\hlsw.exe:*:Enabled:HLSW Application"
    "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
    "E:\Left 4 dead\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe"="E:\Left 4 dead\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
    "E:\Steam\SteamApps\common\left 4 dead\left4dead.exe"="E:\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:left4dead"
    "E:\Steam\Steam.exe"="E:\Steam\Steam.exe:*:Enabled:Steam"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "E:\iTunes\iTunes.exe"="E:\iTunes\iTunes.exe:*:Enabled:iTunes"
    "E:\Track Mania Nations Forever\TmNationsForever\TmForever.exe"="E:\Track Mania Nations Forever\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
    "E:\Steam\SteamApps\maxvs81\counter-strike\hl.exe"="E:\Steam\SteamApps\maxvs81\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
    "E:\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe"="E:\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
    "E:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe"="E:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "E:\Grand Theft Auto IV\Grand Theft Auto IV\GTAIV.exe"="E:\Grand Theft Auto IV\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "E:\Copie de Grand Theft Auto IV\Grand Theft Auto IV\GTAIV.exe"="E:\Copie de Grand Theft Auto IV\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
    "E:\Dead.Space.Multi-5.Repack.Skullptura\Dead Space\Dead Space.exe"="E:\Dead.Space.Multi-5.Repack.Skullptura\Dead Space\Dead Space.exe:*:Enabled:D ead Space ™"
    "E:\Steam\SteamApps\maxvs81\day of defeat\hl.exe"="E:\Steam\SteamApps\maxvs81\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
    "E:\Ventilo\Ventrilo.exe"="E:\Ventilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
    "E:\Prince.of.Persia-SKIDROW[www.TmasGames.com]\Prince of Persia.exe"="E:\Prince.of.Persia-SKIDROW[www.TmasGames.com]\Prince of Persia.exe:*:Enabled:p rince of Persia Dx"
    "E:\Prince.of.Persia-SKIDROW[www.TmasGames.com]\PrinceOfPersia_Launcher.exe"="E:\Prince.of.Persia-SKIDROW[www.TmasGames.com]\PrinceOfPersia_Launcher.exe:*:Enabled:p rince of Persia Update"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "E:\Florensia\Florensia\Bin\Launcher.exe"="E:\Florensia\Florensia\Bin\Launcher.exe:*:Enabled:Florensia"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05837041-d03f-11dd-9e10-806d6172696f}]
    shell\AutoRun\command - D:\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25034fa9-d12f-11dd-9e23-002215808f2b}]
    shell\AutoRun\command - setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bed1e4d2-3435-11de-9ec5-001d1a02b49d}]
    shell\AutoRun\command - F:\USBAutoRun.exe


    ======List of files/folders created in the last 1 months======

    2009-11-02 19:54:21 ----D---- C:\Program Files\trend micro
    2009-11-02 19:54:20 ----D---- C:\rsit
    2009-11-02 19:13:05 ----D---- C:\Program Files\World of Warcraft
    2009-11-02 10:41:06 ----A---- C:\WINDOWS\system32\ban_list.txt
    2009-10-31 14:30:10 ----D---- C:\Program Files\GTA San Andreas
    2009-10-31 14:20:55 ----D---- C:\Program Files\Devil.May.Cry.4.Full-Rip.Skullptura
    2009-10-31 12:12:02 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
    2009-10-31 12:12:02 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
    2009-10-31 12:12:01 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
    2009-10-31 12:12:01 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
    2009-10-31 12:12:00 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
    2009-10-31 12:12:00 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
    2009-10-31 12:11:59 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
    2009-10-31 02:00:59 ----D---- C:\Program Files\Steam
    2009-10-31 00:53:36 ----A---- C:\WINDOWS\game.ini
    2009-10-30 13:26:40 ----D---- C:\Program Files\IVCsoft
    2009-10-18 17:50:57 ----D---- C:\Program Files\DAEMON Tools Toolbar
    2009-10-18 17:50:55 ----D---- C:\Program Files\DAEMON Tools Lite
    2009-10-18 17:21:11 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-10-18 13:22:12 ----D---- C:\Program Files\Microsoft Works
    2009-10-18 12:59:21 ----A---- C:\WINDOWS\Instaler Setup Log.txt
    2009-10-11 10:44:59 ----D---- C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP

    ======List of files/folders modified in the last 1 months======

    2009-11-02 19:54:24 ----D---- C:\WINDOWS\Prefetch
    2009-11-02 19:54:21 ----RD---- C:\Program Files
    2009-11-02 19:53:35 ----D---- C:\WINDOWS\system32
    2009-11-02 19:50:59 ----D---- C:\Documents and Settings\PENA\Application Data\DNA
    2009-11-02 19:10:46 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
    2009-11-02 19:10:42 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
    2009-11-02 17:05:32 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-11-02 10:41:14 ----HD---- C:\WINDOWS\system32\drivers
    2009-11-02 10:41:10 ----D---- C:\Documents and Settings\PENA\Application Data\Xfire
    2009-11-02 10:41:03 ----D---- C:\WINDOWS\Temp
    2009-11-02 10:40:04 ----D---- C:\Program Files\DNA
    2009-11-02 00:25:16 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-11-01 12:54:38 ----D---- C:\Documents and Settings\PENA\Application Data\Winamp
    2009-10-31 12:12:02 ----HD---- C:\WINDOWS\inf
    2009-10-31 12:11:58 ----D---- C:\WINDOWS\LastGood
    2009-10-31 12:11:20 ----RSD---- C:\WINDOWS\assembly
    2009-10-31 12:10:52 ----D---- C:\WINDOWS\system32\DirectX
    2009-10-31 12:08:32 ----D---- C:\WINDOWS\Minidump
    2009-10-31 12:08:32 ----D---- C:\WINDOWS
    2009-10-31 00:53:31 ----SHD---- C:\WINDOWS\Installer
    2009-10-31 00:53:31 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-10-31 00:53:30 ----SHD---- C:\Config.Msi
    2009-10-31 00:38:27 ----D---- C:\Program Files\Activision
    2009-10-30 20:46:25 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
    2009-10-30 13:34:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-10-26 14:24:16 ----D---- C:\Documents and Settings\PENA\Application Data\BitTorrent
    2009-10-25 12:41:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-10-18 17:17:12 ----D---- C:\WINDOWS\WinSxS
    2009-10-18 17:06:51 ----D---- C:\Program Files\ATI Technologies
    2009-10-18 16:56:31 ----D---- C:\Program Files\ma-config.com
    2009-10-18 16:56:31 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-10-18 13:24:10 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-10-18 13:22:40 ----RSD---- C:\WINDOWS\Fonts
    2009-10-18 13:22:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-10-18 13:04:40 ----SD---- C:\Documents and Settings\PENA\Application Data\Microsoft
    2009-10-18 12:29:03 ----D---- C:\Documents and Settings\PENA\Application Data\dvdcss
    2009-10-18 12:14:45 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-10-11 10:44:56 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-11 10:37:15 ----D---- C:\Documents and Settings\PENA\Application Data\DAEMON Tools Pro
    2009-10-04 19:38:33 ----A---- C:\WINDOWS\BlendSettings.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R1 sK9Ou0s;sK9Ou0s; \??\C:\Documents and Settings\PENA\Application Data\drivers\srosa2.sys []
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-23 20747]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-11 281760]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-11 25888]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-30 93696]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
    R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2009-03-31 38400]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
    R3 RT61;Hawking HWPG1 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-10-27 356096]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S3 acb57bx2;acb57bx2; C:\WINDOWS\system32\drivers\acb57bx2.sys []
    S3 acb57bx2;acb57bx2; C:\WINDOWS\system32\drivers\acb57bx2.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-09 152984]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-02 75064]
    R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-02 189768]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2009-03-01 69120]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-12 2837916]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------



    Je pense avoir mis ce que tu voulais, merci de ton aide. :bounce: 
    Contenus similaires
    a c 294 8 Sécurité
    2 Novembre 2009 20:12:23

    Ton PC est infecté par Bagle.

  • Télécharge FindyKill (de Chiquitine29 & C_XX) sur ton Bureau.
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Tape F puis Entrée pour Français.
  • Au menu principal, choisis l'option 1 (Recherche).
  • Poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    2 Novembre 2009 21:43:48

    C'est long, je me demande si ça ne vas pas etre inutile ?
    Il inspecte tout le disque dur C:
    Alors que j'ai vu d' où l' on peut attrapé un virus Bagle, c' est pas très joli de ma part mais c'est sur mon 2 eme disque dur E: que je sauvegarde les fichiés crackés.
    a c 294 8 Sécurité
    2 Novembre 2009 21:49:17

    Normalement, le scan aurait dû être fini.

    Essaie de faire l'option 2 de FindyKill directement.
    2 Novembre 2009 23:15:56

    Il ne c'est pas fini, j'ai lancé l' option 2.
    L' ordinateur effectue le redémarrage, 10 % suppression d'un fichier infecté, 20% suppression d' un fichier infecté en 5 min.
    Après plus de 30 min bloqué à 20%.

    Une soluce ?
    a c 294 8 Sécurité
    2 Novembre 2009 23:36:04

    On va tenter autre chose :

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    3 Novembre 2009 00:04:09

    Je l'ai téléchargé, il a bug. J' ai reboot je double clique dessus il ne se lance pas et mon dossier télécharments ne donne plus de réponse.
    Je le retélécharge, tout va bien jusqu'a sa que je mette oui et là il me sort " Erreur "

    Vous ne pouvez pas renommer ComboFix en ComboFix(2)
    Veuillez choisir un autre nom, de préférence composé de caractères aplhanumériques.
    a c 294 8 Sécurité
    3 Novembre 2009 00:07:58

    Renomme-le en KillBagle puis exécute-le.
    3 Novembre 2009 01:36:10

    Le pc a redémarrer pour exécuter l'analyse.
    Sa fait une heure qu'il trouve C:\Documents and settings/PENA/Applicationd data/drivers/downld/637944.exe

    Il en est a 708451 ...


    a c 294 8 Sécurité
    3 Novembre 2009 01:43:36

    Citation :
    C:\Documents and settings/PENA/Applicationd data/drivers

    --> C'est un dossier de l'infection Bagle.
    3 Novembre 2009 01:49:15

    Destrio5 a dit :
    Citation :
    C:\Documents and settings/PENA/Applicationd data/drivers

    --> C'est un dossier de l'infection Bagle.



    Ceci est terminé

    maintenant on m'indique compte-rendu en cours de préparation.
    Ne lancez aucun programme tant que combofix n'est pas fini .
    a c 294 8 Sécurité
    3 Novembre 2009 01:54:32

    Ok ;) 
    3 Novembre 2009 02:01:22

    ComboFix 09-11-01.04 - PENA 03/11/2009 0:41.1.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1679 [GMT 1:00]
    Lancé depuis: c:\documents and settings\PENA\Mes documents\Téléchargements\KillBagle.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    c:\documents and settings\PENA\Application Data\Desktopicon
    c:\documents and settings\PENA\Application Data\Desktopicon\config.ini
    c:\documents and settings\PENA\Application Data\Desktopicon\eBayShortcuts.exe
    c:\documents and settings\PENA\Application Data\drivers\downld
    c:\documents and settings\PENA\Application Data\drivers\downld\136062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\136703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\136765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\138453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\140703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\141500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\141656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\141953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\151609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\152875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15341875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15341890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15341921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15342343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15342609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15342859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15342968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15343031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15343046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15343171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15343343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15343953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15344765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15345906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15346875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15347875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15348828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15349875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15350093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15350140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15350265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15350375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15350875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15351375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15351546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15351843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15352000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15352171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15352234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15352343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15352640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15353140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15353203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15353218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15353234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15353390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15353421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15354953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15355000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15355031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15355140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15355156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15355843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15356906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15356937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15357109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15357359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15357453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15357765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15357781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15358250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15358281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15358562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15359218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15359281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15359296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15359531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15359843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15359968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15360015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15360078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15360187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15360265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15360437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15360578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15361093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15361750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15361796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15361812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15361828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15362984.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15363031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15363046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15363234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15363453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15363671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15363859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15364109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15364203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15364734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15364828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15365640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15366046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15366187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15366203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15366265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15366640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15366875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15367343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15368140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15368625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15369515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15370968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15371375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15371437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15371625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15372703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15373093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15373937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15374328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15374390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15374593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15374656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15375109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15375218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15375515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15375750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15375796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15376156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15376250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15376359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15376609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15376890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15376968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15377843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15378203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15378328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15378406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15378703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15378796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15379250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15379546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15379750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15379796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15380953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15381062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15381078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15381812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15382078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15382328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15383171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15383203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15383640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15384312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15384421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15384578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15385687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15386890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15387546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15388187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15388484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15388546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15388625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15388640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15388859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15389093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15389578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15389609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15390500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15391000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15391234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15391640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15391703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15391812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15391859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15392734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15393109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15393250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15393265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15393281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15393484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15394156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15394296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15394781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15394843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15395687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15396046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15396140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15396171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15396187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15396625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15396843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15397171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15397187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15397671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15397734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15397968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15398062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15398281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\153984.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15398625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15398640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15398734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15398781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15399015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15399062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15400531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15400625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15401937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15402562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15403765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15404078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15404500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15404640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15405140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15405171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15405187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15405203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15405609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15405890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15406812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15407000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15407171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15407250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15407281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15407406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15407515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15408250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15408781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15408843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15408890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15409968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15410328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15410765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15410781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15410906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15411984.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15412156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15412218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15412468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15412515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15412531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15413937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15414546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15414656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15414703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15414750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15414953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15415656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15416171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15416250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15416687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15416750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15416781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15416812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15417390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15418015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15418125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15418203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15418312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15418531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15419000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15419093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15419640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15420078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15420093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15420500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15420515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15420656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15420781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15421984.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15422718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15423437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15423531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15424140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15424359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15425609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15425890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15426921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15427421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15427671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15427781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15428093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15428640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15428796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15429218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15429312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15429593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15429687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15429703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15429765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15430671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15430734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15431796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15432843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15433140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15433187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15433234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15433984.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15434093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15434296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15434390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15434859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15435250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15435390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15435546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15435640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15435656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15435750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15436296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15437062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15437140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15437187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15437828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15438421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15439046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15439500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15439937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15440000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15440562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15440625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15441937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15442062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15442531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15442609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15442656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15442687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15442703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15443046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15443062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15443093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15443218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15443843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15444343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15444593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15444671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15445906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15446203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15446218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15446234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15446609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15446812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15446828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15447031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15447046.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15447250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15447718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15448140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15448578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15448765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15449500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15449859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15450359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15450406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15450421.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15450750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15450906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15451234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15451265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15452828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15453078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15453125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15453968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15454250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15454468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15454656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15454718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15454781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15454828.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15455812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15456062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15456203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15456921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457375.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15457953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15458234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15458265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15458296.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15458515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15458531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15459234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15459562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15459609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15459640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15459812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15459921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15461062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15461390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15461734.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15461812.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15461890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15462109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15462203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15462218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15462500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15462546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15463093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15463234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15464953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15465250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15465265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15465328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15465515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15465546.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15466125.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15466140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15466171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15466250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15466781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15466890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15467406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15467593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15468156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15468484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15468500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15468781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15469078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15469390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15469953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15470609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15471875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15472187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15472203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15472453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15472484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15473203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15473250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15473265.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15473500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15473890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15474093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15474218.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15474468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15474578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15474937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475656.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15475671.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15476312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15476328.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15476343.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15476562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15477109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15477578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15477750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15477796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15477968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154781.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15478593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154796.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15479968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15480093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15480171.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15480187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15480453.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15480687.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15481109.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15481156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15481203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15481640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15481843.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15482062.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15482468.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15482500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15482859.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483531.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483593.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15483640.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15484390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15484750.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15485156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15485437.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15485718.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15486000.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15486156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15486359.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15486890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15487250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15487406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154875.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15487515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15488015.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15488250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15488312.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15488390.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15488625.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15489078.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15489187.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15489406.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15489703.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15489765.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15490156.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154906.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15490609.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15490890.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15490921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15490937.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15490953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15491031.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15491968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154921.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15492140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15492515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15493234.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15493968.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494093.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494140.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494203.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494484.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494500.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494515.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494562.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15494578.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15495250.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15495281.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\154953.exe
    c:\documents and settings\PENA\Application Data\drivers\downld\15495
    a c 294 8 Sécurité
    3 Novembre 2009 02:03:44

    Le rapport est incomplet.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie ce lien dans ta réponse.
    a c 294 8 Sécurité
    3 Novembre 2009 02:17:44

    Cool. Tu peux faire l'option 2 de FindyKill ?
    3 Novembre 2009 04:58:58

    C"est en cour combien de temps sa va durée ?
    a c 294 8 Sécurité
    3 Novembre 2009 05:01:03

    Normalement moins de 30 minutes mais ça dépend du PC.
    3 Novembre 2009 05:04:29

    c'est bloqué a 30% depuis 20 a 25 minutes
    mais il travaille toujours.
    3 Novembre 2009 10:04:58

    Il a tourné jusqu'à maintenant, soit 10h et toujours à 30 % ; je l'ai arreté.
    a c 294 8 Sécurité
    3 Novembre 2009 19:16:21

  • Relance FindyKill et choisis l'option 4 pour le désinstaller.

  • Refais un scan RSIT et poste le rapport log.
    3 Novembre 2009 20:49:51

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by PENA at 2009-11-03 20:48:29
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 78 GB (51%) free of 153 GB
    Total RAM: 2047 MB (50% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:48:45, on 03/11/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16915)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    E:\Cam\Quickcam.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    E:\iTunes\iTunesHelper.exe
    E:\Winamp\winampa.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\DNA\btdna.exe
    E:\steam\steam.exe
    C:\Program Files\SFR\Kit\9props.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\RaUI.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    E:\Xfire\Xfire.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    E:\FireFox\firefox.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    e:\cam\lu\lulnchr.exe
    c:\program files\fichiers communs\logitech\lu\lulnchr.exe
    c:\program files\fichiers communs\logitech\lu\LogitechUpdate.exe
    E:\Mumble\dbus-daemon.exe
    E:\Mumble\mumble.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\PENA\Mes documents\Téléchargements\RSIT(2).exe
    C:\Program Files\trend micro\PENA.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Cam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "E:\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] E:\Winamp\winampa.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ANTI LITE TITLE DEBUG] C:\Documents and Settings\All Users\Application Data\Okay meta anti lite\film hole.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Steam] "e:\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [stupid hope] C:\DOCUME~1\PENA\APPLIC~1\HECKOO~1\Setuplitebrowse.exe
    O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Xfire.lnk = E:\Xfire\Xfire.exe
    O4 - Global Startup: Hawking Wireless Utility.lnk = ?
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe
    O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 10914 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\A82150419372FEC1.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Norton Security Scan for PENA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-03-27 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
    Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-12 761840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-12 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
    "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]
    "LogitechQuickCamRibbon"=E:\Cam\Quickcam.exe [2008-08-14 2407184]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-09 148888]
    "UnlockerAssistant"=E:\Unlocker\UnlockerAssistant.exe [2009-11-02 15872]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=E:\iTunes\iTunesHelper.exe [2009-03-12 342312]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "WinampAgent"=E:\Winamp\winampa.exe [2009-04-10 37888]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
    "ANTI LITE TITLE DEBUG"=C:\Documents and Settings\All Users\Application Data\Okay meta anti lite\film hole.exe [2009-11-03 815104]
    "WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe [2000-07-12 24576]
    "Microsoft Works Portfolio"=C:\Program Files\Microsoft Works\WksSb.exe [2000-07-12 311350]
    "Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe [2000-08-04 28739]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    ""= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-23 342848]
    "Steam"=e:\steam\steam.exe [2009-10-30 1217808]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-26 39408]
    "stupid hope"=C:\DOCUME~1\PENA\APPLIC~1\HECKOO~1\Setuplitebrowse.exe [2009-07-08 546304]
    "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Hawking Wireless Utility.lnk - C:\Program Files\Hawking\Common\RaUI.exe
    Ralink Wireless Utility.lnk - C:\WINDOWS\RaUI.exe
    Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    C:\Documents and Settings\PENA\Menu Démarrer\Programmes\Démarrage
    Xfire.lnk - E:\Xfire\Xfire.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "E:\Xfire\Xfire.exe"="E:\Xfire\Xfire.exe:*:Enabled:Xfire"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "E:\Bit torrent\BitTorrent\bittorrent.exe"="E:\Bit torrent\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "E:\Steam\SteamApps\maxvs81\counter-strike source\hl2.exe"="E:\Steam\SteamApps\maxvs81\counter-strike source\hl2.exe:*:Enabled:hl2"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "E:\Steam\Steam.exe"="E:\Steam\Steam.exe:*:Enabled:Steam"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "E:\iTunes\iTunes.exe"="E:\iTunes\iTunes.exe:*:Enabled:iTunes"
    "E:\Track Mania Nations Forever\TmNationsForever\TmForever.exe"="E:\Track Mania Nations Forever\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
    "E:\Steam\SteamApps\maxvs81\counter-strike\hl.exe"="E:\Steam\SteamApps\maxvs81\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
    "E:\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe"="E:\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
    "E:\Steam\SteamApps\maxvs81\day of defeat\hl.exe"="E:\Steam\SteamApps\maxvs81\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
    "E:\Ventilo\Ventrilo.exe"="E:\Ventilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a26a4978-8429-11de-9f66-002215808f2b}]
    shell\AutoRun\command - F:\AUTOSTARTER.EXE


    ======List of files/folders created in the last 1 months======

    2009-11-03 03:16:16 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-11-03 03:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-11-03 03:15:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
    2009-11-03 03:12:14 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-11-03 03:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-11-03 03:12:07 ----D---- C:\Program Files\Microsoft Office
    2009-11-03 03:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-11-03 03:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-11-03 03:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-11-03 03:11:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-11-03 03:11:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
    2009-11-03 03:11:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
    2009-11-03 03:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-11-03 03:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-11-03 03:10:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-11-03 03:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-11-03 03:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-11-03 03:10:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-11-03 03:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2009-11-03 03:09:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-11-03 03:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-11-03 03:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-11-03 03:09:22 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
    2009-11-03 03:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-11-03 03:03:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
    2009-11-03 03:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-11-03 03:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-11-03 03:01:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-11-03 03:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-11-03 03:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-11-03 03:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
    2009-11-03 03:01:18 ----D---- C:\Program Files\MSXML 4.0
    2009-11-03 03:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-11-03 03:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-11-03 03:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-11-03 03:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-11-03 01:58:25 ----A---- C:\ComboFix.txt
    2009-11-03 01:40:35 ----D---- C:\WINDOWS\temp
    2009-11-03 00:32:25 ----A---- C:\Boot.bak
    2009-11-03 00:32:13 ----RASHD---- C:\cmdcons
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\zip.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\SWSC.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\SWREG.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\sed.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\PEV.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\MBR.exe
    2009-11-03 00:30:47 ----A---- C:\WINDOWS\grep.exe
    2009-11-03 00:30:32 ----D---- C:\WINDOWS\ERDNT
    2009-11-02 23:54:21 ----D---- C:\Qoobox
    2009-11-02 20:27:38 ----D---- C:\FindyKill
    2009-11-02 19:54:21 ----D---- C:\Program Files\trend micro
    2009-11-02 19:54:20 ----D---- C:\rsit
    2009-11-02 19:13:05 ----D---- C:\Program Files\World of Warcraft
    2009-10-31 14:30:10 ----D---- C:\Program Files\GTA San Andreas
    2009-10-31 14:20:55 ----D---- C:\Program Files\Devil.May.Cry.4.Full-Rip.Skullptura
    2009-10-31 12:12:02 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
    2009-10-31 12:12:02 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
    2009-10-31 12:12:01 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
    2009-10-31 12:12:01 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
    2009-10-31 12:12:00 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
    2009-10-31 12:12:00 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
    2009-10-31 12:11:59 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
    2009-10-31 02:00:59 ----D---- C:\Program Files\Steam
    2009-10-31 00:53:36 ----A---- C:\WINDOWS\game.ini
    2009-10-30 13:26:40 ----D---- C:\Program Files\IVCsoft
    2009-10-18 17:50:57 ----D---- C:\Program Files\DAEMON Tools Toolbar
    2009-10-18 17:50:55 ----D---- C:\Program Files\DAEMON Tools Lite
    2009-10-18 17:21:11 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-10-18 13:22:12 ----D---- C:\Program Files\Microsoft Works
    2009-10-18 12:59:21 ----A---- C:\WINDOWS\Instaler Setup Log.txt
    2009-10-15 00:58:06 ----A---- C:\WINDOWS\system32\xfcodec.dll
    2009-10-11 10:44:59 ----D---- C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP

    ======List of files/folders modified in the last 1 months======

    2009-11-03 20:48:25 ----D---- C:\WINDOWS\Prefetch
    2009-11-03 20:41:31 ----D---- C:\Documents and Settings\PENA\Application Data\DNA
    2009-11-03 20:40:33 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
    2009-11-03 16:51:29 ----D---- C:\Documents and Settings\PENA\Application Data\Mumble
    2009-11-03 16:31:06 ----D---- C:\Program Files\DNA
    2009-11-03 14:55:54 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-11-03 14:52:05 ----D---- C:\Documents and Settings\PENA\Application Data\Xfire
    2009-11-03 14:28:31 ----SHD---- C:\WINDOWS\Installer
    2009-11-03 14:28:31 ----D---- C:\Config.Msi
    2009-11-03 14:18:37 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-11-03 12:24:39 ----D---- C:\WINDOWS\Microsoft.NET
    2009-11-03 12:24:37 ----RSD---- C:\WINDOWS\assembly
    2009-11-03 06:49:04 ----D---- C:\Program Files\MSN Messenger
    2009-11-03 04:36:12 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-11-03 04:11:17 ----D---- C:\WINDOWS
    2009-11-03 04:10:59 ----D---- C:\WINDOWS\system32
    2009-11-03 04:10:46 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
    2009-11-03 04:08:59 ----D---- C:\WINDOWS\system32\wbem
    2009-11-03 04:08:59 ----D---- C:\Program Files\Internet Explorer
    2009-11-03 04:08:58 ----D---- C:\Program Files\Windows Desktop Search
    2009-11-03 04:08:58 ----D---- C:\Program Files\Outlook Express
    2009-11-03 04:08:58 ----D---- C:\Program Files\Microsoft Silverlight
    2009-11-03 03:16:19 ----HD---- C:\WINDOWS\inf
    2009-11-03 03:16:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-11-03 03:16:13 ----A---- C:\WINDOWS\imsins.BAK
    2009-11-03 03:15:31 ----D---- C:\WINDOWS\WinSxS
    2009-11-03 03:12:07 ----RD---- C:\Program Files
    2009-11-03 03:11:27 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-03 03:10:16 ----D---- C:\WINDOWS\system32\fr-fr
    2009-11-03 03:09:58 ----D---- C:\WINDOWS\ie7updates
    2009-11-03 03:07:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-11-03 03:00:45 ----HD---- C:\WINDOWS\system32\drivers
    2009-11-03 01:57:57 ----D---- C:\WINDOWS\repair
    2009-11-03 01:44:42 ----A---- C:\WINDOWS\system.ini
    2009-11-03 01:42:45 ----D---- C:\WINDOWS\system32\config
    2009-11-03 00:44:13 ----D---- C:\WINDOWS\AppPatch
    2009-11-03 00:44:06 ----D---- C:\Program Files\Fichiers communs
    2009-11-03 00:32:25 ----RASH---- C:\boot.ini
    2009-11-03 00:07:50 ----A---- C:\WINDOWS\AviSplitter.INI
    2009-11-02 23:10:16 ----D---- C:\WINDOWS\Minidump
    2009-11-01 12:54:38 ----D---- C:\Documents and Settings\PENA\Application Data\Winamp
    2009-10-31 12:10:52 ----D---- C:\WINDOWS\system32\DirectX
    2009-10-31 00:38:27 ----D---- C:\Program Files\Activision
    2009-10-30 20:46:25 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
    2009-10-26 14:24:16 ----D---- C:\Documents and Settings\PENA\Application Data\BitTorrent
    2009-10-18 17:06:51 ----D---- C:\Program Files\ATI Technologies
    2009-10-18 16:56:31 ----D---- C:\Program Files\ma-config.com
    2009-10-18 16:56:31 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-10-18 13:24:10 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-10-18 13:22:40 ----RSD---- C:\WINDOWS\Fonts
    2009-10-18 13:22:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-10-18 13:04:40 ----SD---- C:\Documents and Settings\PENA\Application Data\Microsoft
    2009-10-18 12:29:03 ----D---- C:\Documents and Settings\PENA\Application Data\dvdcss
    2009-10-18 12:14:45 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-10-11 10:44:56 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-11 10:37:15 ----D---- C:\Documents and Settings\PENA\Application Data\DAEMON Tools Pro
    2009-10-04 19:38:33 ----A---- C:\WINDOWS\BlendSettings.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-23 20747]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-11 281760]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-11 25888]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-30 93696]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
    R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2009-03-31 38400]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
    R3 RT61;Hawking HWPG1 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-10-27 356096]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S3 aewyb3j1;aewyb3j1; C:\WINDOWS\system32\drivers\aewyb3j1.sys []
    S3 catchme;catchme; \??\C:\KillBagle\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-09 152984]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-03 75064]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-12 2837916]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------
    a c 294 8 Sécurité
    3 Novembre 2009 20:51:51

    On va maintenant s'occuper de l'infection Lop/Swizzor.

  • Télécharge Lop S&D (par Eric_71) sur ton Bureau.
  • Puis double-clique sur Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    3 Novembre 2009 21:20:45


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
    BIOS : BIOS Date: 07/10/08 17:59:24 Ver: 08.00.14
    USER : PENA ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:149 Go (Free:76 Go)
    D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    E:\ (Local Disk) - NTFS - Total:465 Go (Free:263 Go)
    F:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 03/11/2009|21:18 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [21/03/2009|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    [30/12/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\~0
    [21/03/2009|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [16/01/2009|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [16/01/2009|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/10/2009|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
    [26/06/2009|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
    [01/03/2009|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [30/12/2008|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
    [11/06/2009|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [30/06/2009|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
    [26/01/2009|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [06/03/2009|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [30/12/2008|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [23/12/2008|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [09/01/2009|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [07/01/2009|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [18/10/2009|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [07/04/2009|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [18/10/2009|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [08/07/2009|23:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
    [06/04/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [18/10/2009|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [30/10/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
    [24/06/2009|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
    [23/12/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [18/03/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [18/03/2009|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [22/12/2008|15:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [23/12/2008|22:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [07/01/2009|17:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire

    [22/12/2008|15:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [23/12/2008|22:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    [30/12/2008|22:27] C:\DOCUME~1\PENA\APPLIC~1\Acreon
    [01/06/2009|15:23] C:\DOCUME~1\PENA\APPLIC~1\Adobe
    [03/05/2009|11:10] C:\DOCUME~1\PENA\APPLIC~1\Apple Computer
    [23/12/2008|09:35] C:\DOCUME~1\PENA\APPLIC~1\ATI
    [03/11/2009|21:17] C:\DOCUME~1\PENA\APPLIC~1\BitTorrent
    [30/12/2008|16:24] C:\DOCUME~1\PENA\APPLIC~1\DAEMON Tools
    [08/08/2009|15:43] C:\DOCUME~1\PENA\APPLIC~1\DAEMON Tools Lite
    [11/10/2009|10:37] C:\DOCUME~1\PENA\APPLIC~1\DAEMON Tools Pro
    [03/11/2009|21:11] C:\DOCUME~1\PENA\APPLIC~1\DNA
    [18/10/2009|12:29] C:\DOCUME~1\PENA\APPLIC~1\dvdcss
    [30/12/2008|10:44] C:\DOCUME~1\PENA\APPLIC~1\Google
    [08/07/2009|23:18] C:\DOCUME~1\PENA\APPLIC~1\heckoozebolt
    [18/03/2009|13:09] C:\DOCUME~1\PENA\APPLIC~1\Help
    [12/05/2009|18:24] C:\DOCUME~1\PENA\APPLIC~1\HLSW
    [22/12/2008|15:56] C:\DOCUME~1\PENA\APPLIC~1\Identities
    [11/04/2009|12:47] C:\DOCUME~1\PENA\APPLIC~1\InstallShield
    [07/01/2009|17:38] C:\DOCUME~1\PENA\APPLIC~1\Leadertech
    [11/04/2009|12:48] C:\DOCUME~1\PENA\APPLIC~1\LG Electronics
    [01/06/2009|15:23] C:\DOCUME~1\PENA\APPLIC~1\Macromedia
    [11/06/2009|20:20] C:\DOCUME~1\PENA\APPLIC~1\Media Player Classic
    [18/10/2009|13:04] C:\DOCUME~1\PENA\APPLIC~1\Microsoft
    [03/01/2009|17:40] C:\DOCUME~1\PENA\APPLIC~1\mIRC
    [18/02/2009|22:27] C:\DOCUME~1\PENA\APPLIC~1\Mount&Blade
    [23/12/2008|23:39] C:\DOCUME~1\PENA\APPLIC~1\Mozilla
    [03/11/2009|16:51] C:\DOCUME~1\PENA\APPLIC~1\Mumble
    [02/02/2009|20:01] C:\DOCUME~1\PENA\APPLIC~1\OpenOffice.org
    [25/12/2008|20:29] C:\DOCUME~1\PENA\APPLIC~1\SecuROM
    [12/07/2009|21:46] C:\DOCUME~1\PENA\APPLIC~1\Skype
    [12/07/2009|19:44] C:\DOCUME~1\PENA\APPLIC~1\skypePM
    [02/02/2009|19:53] C:\DOCUME~1\PENA\APPLIC~1\Sun
    [10/01/2009|20:17] C:\DOCUME~1\PENA\APPLIC~1\teamspeak2
    [11/03/2009|14:50] C:\DOCUME~1\PENA\APPLIC~1\Ventrilo
    [16/02/2009|00:30] C:\DOCUME~1\PENA\APPLIC~1\vlc
    [01/11/2009|12:54] C:\DOCUME~1\PENA\APPLIC~1\Winamp
    [23/12/2008|11:33] C:\DOCUME~1\PENA\APPLIC~1\Windows Desktop Search
    [23/12/2008|17:20] C:\DOCUME~1\PENA\APPLIC~1\Windows Search
    [23/12/2008|22:28] C:\DOCUME~1\PENA\APPLIC~1\WinRAR
    [03/11/2009|14:52] C:\DOCUME~1\PENA\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [03/11/2009 21:00][--ah-----] C:\WINDOWS\tasks\A82150419372FEC1.job
    [01/11/2009 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan for PENA.job
    [03/11/2009 09:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [03/11/2009 16:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [14/04/2008 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A82150419372FEC1.job )=( c:\docume~1\pena\applic~1\heckoo~1\MODETOOLPOKE.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [20/06/2009|10:09] C:\Program Files\7-Zip
    [31/10/2009|00:38] C:\Program Files\Activision
    [21/03/2009|19:03] C:\Program Files\Adobe
    [27/06/2009|18:15] C:\Program Files\AGEIA Technologies
    [19/03/2009|16:11] C:\Program Files\Alwil Software
    [16/01/2009|21:07] C:\Program Files\Apple Software Update
    [23/12/2008|23:31] C:\Program Files\AskBarDis
    [22/12/2008|16:14] C:\Program Files\ASUS
    [18/10/2009|17:06] C:\Program Files\ATI Technologies
    [17/04/2009|20:47] C:\Program Files\AviSynth 2.5
    [21/03/2009|10:27] C:\Program Files\Bonjour
    [01/03/2009|19:42] C:\Program Files\Boonty
    [01/03/2009|19:42] C:\Program Files\BoontyGames
    [18/03/2009|14:45] C:\Program Files\Circle Deelopement
    [23/01/2009|18:50] C:\Program Files\Common Files
    [22/12/2008|15:50] C:\Program Files\ComPlus Applications
    [18/10/2009|17:50] C:\Program Files\DAEMON Tools Lite
    [18/10/2009|17:50] C:\Program Files\DAEMON Tools Toolbar
    [31/10/2009|14:23] C:\Program Files\Devil.May.Cry.4.Full-Rip.Skullptura
    [26/09/2009|11:57] C:\Program Files\directx
    [13/07/2009|22:28] C:\Program Files\DivX
    [03/11/2009|16:31] C:\Program Files\DNA
    [11/06/2009|20:22] C:\Program Files\DVDVideoSoft
    [14/06/2009|19:12] C:\Program Files\Electronic Arts
    [03/11/2009|00:44] C:\Program Files\Fichiers communs
    [13/07/2009|22:28] C:\Program Files\Google
    [31/10/2009|14:30] C:\Program Files\GTA San Andreas
    [08/07/2009|23:17] C:\Program Files\heckoozebolt
    [03/11/2009|14:18] C:\Program Files\InstallShield Installation Information
    [22/12/2008|16:00] C:\Program Files\Intel
    [03/11/2009|04:08] C:\Program Files\Internet Explorer
    [21/03/2009|10:28] C:\Program Files\iPod
    [30/10/2009|13:26] C:\Program Files\IVCsoft
    [09/05/2009|18:49] C:\Program Files\Java
    [11/04/2009|12:50] C:\Program Files\LG Electronics
    [28/04/2009|21:45] C:\Program Files\LG PC Suite II
    [18/10/2009|16:56] C:\Program Files\ma-config.com
    [22/12/2008|16:12] C:\Program Files\Marvell
    [17/03/2009|20:11] C:\Program Files\Messenger
    [18/03/2009|23:44] C:\Program Files\Microsoft
    [08/01/2009|18:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [22/12/2008|15:52] C:\Program Files\microsoft frontpage
    [28/01/2009|18:03] C:\Program Files\Microsoft Games for Windows - LIVE
    [03/11/2009|03:12] C:\Program Files\Microsoft Office
    [03/11/2009|04:08] C:\Program Files\Microsoft Silverlight
    [26/12/2008|22:52] C:\Program Files\Microsoft SQL Server Compact Edition
    [18/03/2009|23:51] C:\Program Files\Microsoft Sync Framework
    [18/10/2009|13:23] C:\Program Files\Microsoft Works
    [14/06/2009|19:10] C:\Program Files\Microsoft WSE
    [03/07/2009|10:51] C:\Program Files\Movie Maker
    [23/12/2008|22:26] C:\Program Files\Mozilla Firefox
    [28/01/2009|14:55] C:\Program Files\MSBuild
    [26/12/2008|22:29] C:\Program Files\MSECACHE
    [22/12/2008|15:49] C:\Program Files\MSN
    [22/12/2008|15:50] C:\Program Files\MSN Gaming Zone
    [03/11/2009|06:49] C:\Program Files\MSN Messenger
    [03/11/2009|03:01] C:\Program Files\MSXML 4.0
    [22/12/2008|15:51] C:\Program Files\NetMeeting
    [28/08/2009|17:00] C:\Program Files\Norton Security Scan
    [03/11/2009|04:08] C:\Program Files\Outlook Express
    [18/03/2009|23:11] C:\Program Files\Panda Security
    [21/03/2009|10:27] C:\Program Files\QuickTime
    [23/12/2008|09:37] C:\Program Files\RALINK
    [22/12/2008|16:10] C:\Program Files\Realtek
    [28/01/2009|14:54] C:\Program Files\Reference Assemblies
    [17/04/2009|20:47] C:\Program Files\Regensoft
    [22/12/2008|15:51] C:\Program Files\Services en ligne
    [04/09/2009|17:50] C:\Program Files\SFR
    [06/04/2009|16:59] C:\Program Files\Skype
    [31/10/2009|02:00] C:\Program Files\Steam
    [03/11/2009|20:48] C:\Program Files\trend micro
    [22/12/2008|15:56] C:\Program Files\Uninstall Information
    [11/06/2009|20:14] C:\Program Files\VirginMega
    [24/06/2009|14:46] C:\Program Files\Winamp Toolbar
    [03/11/2009|04:08] C:\Program Files\Windows Desktop Search
    [26/12/2008|22:29] C:\Program Files\Windows Installer Clean Up
    [18/03/2009|23:52] C:\Program Files\Windows Live
    [26/12/2008|22:52] C:\Program Files\Windows Live Favorites
    [23/12/2008|21:52] C:\Program Files\Windows Live SkyDrive
    [19/03/2009|16:12] C:\Program Files\Windows Live Toolbar
    [09/05/2009|19:08] C:\Program Files\Windows Media Connect 2
    [24/09/2009|15:53] C:\Program Files\Windows Media Player
    [18/03/2009|13:50] C:\Program Files\Windows NT
    [22/12/2008|15:51] C:\Program Files\WindowsUpdate
    [09/05/2009|19:11] C:\Program Files\WinRAR
    [02/11/2009|19:23] C:\Program Files\World of Warcraft
    [22/12/2008|15:52] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [21/03/2009|19:03] C:\Program Files\Fichiers communs\Adobe
    [21/03/2009|10:28] C:\Program Files\Fichiers communs\Apple
    [06/07/2009|17:29] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [01/03/2009|19:43] C:\Program Files\Fichiers communs\BOONTY Shared
    [27/06/2009|18:17] C:\Program Files\Fichiers communs\DirectX
    [13/07/2009|22:28] C:\Program Files\Fichiers communs\DivX Shared
    [11/06/2009|20:22] C:\Program Files\Fichiers communs\DVDVideoSoft
    [23/12/2008|22:00] C:\Program Files\Fichiers communs\InstallShield
    [02/02/2009|19:53] C:\Program Files\Fichiers communs\Java
    [05/02/2009|19:11] C:\Program Files\Fichiers communs\logishrd
    [10/01/2009|20:03] C:\Program Files\Fichiers communs\Logitech
    [18/10/2009|13:24] C:\Program Files\Fichiers communs\Microsoft Shared
    [22/12/2008|15:51] C:\Program Files\Fichiers communs\MSSoap
    [22/12/2008|16:42] C:\Program Files\Fichiers communs\ODBC
    [22/12/2008|15:51] C:\Program Files\Fichiers communs\Services
    [06/04/2009|16:59] C:\Program Files\Fichiers communs\Skype
    [22/12/2008|16:42] C:\Program Files\Fichiers communs\SpeechEngines
    [02/05/2009|16:03] C:\Program Files\Fichiers communs\Symantec Shared
    [22/12/2008|15:50] C:\Program Files\Fichiers communs\System
    [23/12/2008|21:41] C:\Program Files\Fichiers communs\Windows Live
    [26/12/2008|22:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [11/10/2009|10:44] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 66 Processes )

    IEXPLORE.EXE ~ [PID:540]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\film hole.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\film hole.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\bthvzloo.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\mlgqkuhf.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\MODE TOOL POKE.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\Setuplitebrowse.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\syskqdss.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\Uploadbindteamrect.exe
    C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\ydajyzeq.exe
    C:\Program Files\heckoo~1
    C:\DOCUME~1\PENA\Cookies\pena@advertstream[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@d2.advertserve[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@advertising[2].txt
    C:\DOCUME~1\PENA\Cookies\pena@bigpoint[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@fr.deepolis.bigpoint[2].txt
    C:\DOCUME~1\PENA\Cookies\pena@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@seafight.bigpoint[2].txt
    C:\DOCUME~1\PENA\Cookies\pena@thepimps.bigpoint[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\PENA\Cookies\pena@cotedazurpalace[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@serve.cotedazurpalace[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@www.cotedazurpalace[2].txt
    C:\DOCUME~1\PENA\Cookies\pena@fr.pacificpoker[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@pacificpoker[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@partypoker[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@seafight.bigpoint[2].txt
    C:\DOCUME~1\PENA\Cookies\pena@2xmoinscher[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@www.2xmoinscher[1].txt
    C:\DOCUME~1\PENA\Cookies\pena@888[2].txt
    C:\WINDOWS\Tasks\A82150419372FEC1.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "stupid hope"="C:\\DOCUME~1\\PENA\\APPLIC~1\\HECKOO~1\\Setuplitebrowse.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ANTI LITE TITLE DEBUG"="C:\\Documents and Settings\\All Users\\Application Data\\Okay meta anti lite\\film hole.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-11-03 21:18:49
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\DOCUME~1\PENA\LOCALS~1\APPLIC~1\Mozilla\Firefox\Profiles\r25ko942.default\Cache\87A6D6C1d01 24650 bytes
    C:\DOCUME~1\PENA\LOCALS~1\APPLIC~1\Mozilla\Firefox\Profiles\r25ko942.default\Cache\72978F93d01 50909 bytes
    scan completed successfully
    hidden processes: 0
    hidden files: 6

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
    Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa]
    Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa]

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\PENA\Application Data\BitTorrent\cod4fr+generateur de cl‚+crackNOCD.torrent
    C:\DOCUME~1\PENA\Application Data\BitTorrent\Far Cry 2 with no CD or activation required crack.torrent
    C:\DOCUME~1\PENA\Application Data\BitTorrent\Far.Cry.2.CRACK-DARKCODER.rar.torrent
    C:\DOCUME~1\PENA\Mes documents\Rockstar Games\GTA IV\User Music\& 50 Cent - Crack A Bottle (Prod. By Dr. Dre) (Official) ( 2oo9).mp3
    C:\DOCUME~1\PENA\Mes documents\T‚l‚chargements\Alpha 5.20 - Mon Crack.mp3
    C:\DOCUME~1\PENA\Mes documents\T‚l‚chargements\cod4fr+generateur de cl‚+crackNOCD [mininova].torrent
    C:\DOCUME~1\PENA\Recent\cod4fr+generateur de cl‚+crackNOCD [mininova].lnk


    [F:48][D:8]-> C:\DOCUME~1\PENA\LOCALS~1\Temp
    [F:544][D:0]-> C:\DOCUME~1\PENA\Cookies
    [F:941][D:4]-> C:\DOCUME~1\PENA\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 03/11/2009|21:20 - Option : [1]

    --------------------\\ Fin du rapport a 21:20:09
    a c 294 8 Sécurité
    3 Novembre 2009 21:28:35

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    3 Novembre 2009 22:01:46


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
    BIOS : BIOS Date: 07/10/08 17:59:24 Ver: 08.00.14
    USER : PENA ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:149 Go (Free:76 Go)
    D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    E:\ (Local Disk) - NTFS - Total:465 Go (Free:263 Go)
    F:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 03/11/2009|21:58 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\film hole.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\film hole.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\bthvzloo.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\mlgqkuhf.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\MODE TOOL POKE.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\Setuplitebrowse.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\syskqdss.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\Uploadbindteamrect.exe
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1\ydajyzeq.exe
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@advertstream[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@d2.advertserve[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@advertising[2].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@fr.deepolis.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@fr.seafight.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@seafight.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@thepimps.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@serve.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@www.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@fr.pacificpoker[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@pacificpoker[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@partypoker[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@www.2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\PENA\Cookies\pena@888[2].txt
    Supprime! - C:\WINDOWS\Tasks\A82150419372FEC1.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
    Supprime! - C:\DOCUME~1\PENA\APPLIC~1\heckoo~1
    Supprime! - C:\Program Files\heckoo~1

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [21/03/2009|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    [30/12/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\~0
    [21/03/2009|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [16/01/2009|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [16/01/2009|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/10/2009|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
    [26/06/2009|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
    [01/03/2009|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [30/12/2008|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
    [11/06/2009|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [30/06/2009|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
    [26/01/2009|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [06/03/2009|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [30/12/2008|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [23/12/2008|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [09/01/2009|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [07/01/2009|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [18/10/2009|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [07/04/2009|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [18/10/2009|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/04/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [18/10/2009|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [30/10/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
    [24/06/2009|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
    [23/12/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [18/03/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [18/03/2009|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [22/12/2008|15:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [23/12/2008|22:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [07/01/2009|17:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire

    [22/12/2008|15:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [23/12/2008|22:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

    [30/12/2008|22:27] C:\DOCUME~1\PENA\APPLIC~1\Acreon
    [01/06/2009|15:23] C:\DOCUME~1\PENA\APPLIC~1\Adobe
    [03/05/2009|11:10] C:\DOCUME~1\PENA\APPLIC~1\Apple Computer
    [23/12/2008|09:35] C:\DOCUME~1\PENA\APPLIC~1\ATI
    [03/11/2009|21:18] C:\DOCUME~1\PENA\APPLIC~1\BitTorrent
    [30/12/2008|16:24] C:\DOCUME~1\PENA\APPLIC~1\DAEMON Tools
    [08/08/2009|15:43] C:\DOCUME~1\PENA\APPLIC~1\DAEMON Tools Lite
    [11/10/2009|10:37] C:\DOCUME~1\PENA\APPLIC~1\DAEMON Tools Pro
    [03/11/2009|21:51] C:\DOCUME~1\PENA\APPLIC~1\DNA
    [18/10/2009|12:29] C:\DOCUME~1\PENA\APPLIC~1\dvdcss
    [30/12/2008|10:44] C:\DOCUME~1\PENA\APPLIC~1\Google
    [18/03/2009|13:09] C:\DOCUME~1\PENA\APPLIC~1\Help
    [12/05/2009|18:24] C:\DOCUME~1\PENA\APPLIC~1\HLSW
    [22/12/2008|15:56] C:\DOCUME~1\PENA\APPLIC~1\Identities
    [11/04/2009|12:47] C:\DOCUME~1\PENA\APPLIC~1\InstallShield
    [07/01/2009|17:38] C:\DOCUME~1\PENA\APPLIC~1\Leadertech
    [11/04/2009|12:48] C:\DOCUME~1\PENA\APPLIC~1\LG Electronics
    [01/06/2009|15:23] C:\DOCUME~1\PENA\APPLIC~1\Macromedia
    [11/06/2009|20:20] C:\DOCUME~1\PENA\APPLIC~1\Media Player Classic
    [18/10/2009|13:04] C:\DOCUME~1\PENA\APPLIC~1\Microsoft
    [03/01/2009|17:40] C:\DOCUME~1\PENA\APPLIC~1\mIRC
    [18/02/2009|22:27] C:\DOCUME~1\PENA\APPLIC~1\Mount&Blade
    [23/12/2008|23:39] C:\DOCUME~1\PENA\APPLIC~1\Mozilla
    [03/11/2009|20:39] C:\DOCUME~1\PENA\APPLIC~1\Mumble
    [02/02/2009|20:01] C:\DOCUME~1\PENA\APPLIC~1\OpenOffice.org
    [25/12/2008|20:29] C:\DOCUME~1\PENA\APPLIC~1\SecuROM
    [12/07/2009|21:46] C:\DOCUME~1\PENA\APPLIC~1\Skype
    [12/07/2009|19:44] C:\DOCUME~1\PENA\APPLIC~1\skypePM
    [02/02/2009|19:53] C:\DOCUME~1\PENA\APPLIC~1\Sun
    [10/01/2009|20:17] C:\DOCUME~1\PENA\APPLIC~1\teamspeak2
    [11/03/2009|14:50] C:\DOCUME~1\PENA\APPLIC~1\Ventrilo
    [16/02/2009|00:30] C:\DOCUME~1\PENA\APPLIC~1\vlc
    [01/11/2009|12:54] C:\DOCUME~1\PENA\APPLIC~1\Winamp
    [23/12/2008|11:33] C:\DOCUME~1\PENA\APPLIC~1\Windows Desktop Search
    [23/12/2008|17:20] C:\DOCUME~1\PENA\APPLIC~1\Windows Search
    [23/12/2008|22:28] C:\DOCUME~1\PENA\APPLIC~1\WinRAR
    [03/11/2009|14:52] C:\DOCUME~1\PENA\APPLIC~1\Xfire

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [01/11/2009 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan for PENA.job
    [03/11/2009 09:45][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [03/11/2009 16:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [14/04/2008 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [20/06/2009|10:09] C:\Program Files\7-Zip
    [31/10/2009|00:38] C:\Program Files\Activision
    [21/03/2009|19:03] C:\Program Files\Adobe
    [27/06/2009|18:15] C:\Program Files\AGEIA Technologies
    [19/03/2009|16:11] C:\Program Files\Alwil Software
    [16/01/2009|21:07] C:\Program Files\Apple Software Update
    [23/12/2008|23:31] C:\Program Files\AskBarDis
    [22/12/2008|16:14] C:\Program Files\ASUS
    [18/10/2009|17:06] C:\Program Files\ATI Technologies
    [17/04/2009|20:47] C:\Program Files\AviSynth 2.5
    [21/03/2009|10:27] C:\Program Files\Bonjour
    [01/03/2009|19:42] C:\Program Files\Boonty
    [01/03/2009|19:42] C:\Program Files\BoontyGames
    [18/03/2009|14:45] C:\Program Files\Circle Deelopement
    [23/01/2009|18:50] C:\Program Files\Common Files
    [22/12/2008|15:50] C:\Program Files\ComPlus Applications
    [18/10/2009|17:50] C:\Program Files\DAEMON Tools Lite
    [18/10/2009|17:50] C:\Program Files\DAEMON Tools Toolbar
    [31/10/2009|14:23] C:\Program Files\Devil.May.Cry.4.Full-Rip.Skullptura
    [26/09/2009|11:57] C:\Program Files\directx
    [13/07/2009|22:28] C:\Program Files\DivX
    [03/11/2009|16:31] C:\Program Files\DNA
    [11/06/2009|20:22] C:\Program Files\DVDVideoSoft
    [14/06/2009|19:12] C:\Program Files\Electronic Arts
    [03/11/2009|00:44] C:\Program Files\Fichiers communs
    [13/07/2009|22:28] C:\Program Files\Google
    [31/10/2009|14:30] C:\Program Files\GTA San Andreas
    [03/11/2009|14:18] C:\Program Files\InstallShield Installation Information
    [22/12/2008|16:00] C:\Program Files\Intel
    [03/11/2009|04:08] C:\Program Files\Internet Explorer
    [21/03/2009|10:28] C:\Program Files\iPod
    [30/10/2009|13:26] C:\Program Files\IVCsoft
    [09/05/2009|18:49] C:\Program Files\Java
    [11/04/2009|12:50] C:\Program Files\LG Electronics
    [28/04/2009|21:45] C:\Program Files\LG PC Suite II
    [18/10/2009|16:56] C:\Program Files\ma-config.com
    [22/12/2008|16:12] C:\Program Files\Marvell
    [17/03/2009|20:11] C:\Program Files\Messenger
    [18/03/2009|23:44] C:\Program Files\Microsoft
    [08/01/2009|18:33] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [22/12/2008|15:52] C:\Program Files\microsoft frontpage
    [28/01/2009|18:03] C:\Program Files\Microsoft Games for Windows - LIVE
    [03/11/2009|03:12] C:\Program Files\Microsoft Office
    [03/11/2009|04:08] C:\Program Files\Microsoft Silverlight
    [26/12/2008|22:52] C:\Program Files\Microsoft SQL Server Compact Edition
    [18/03/2009|23:51] C:\Program Files\Microsoft Sync Framework
    [18/10/2009|13:23] C:\Program Files\Microsoft Works
    [14/06/2009|19:10] C:\Program Files\Microsoft WSE
    [03/07/2009|10:51] C:\Program Files\Movie Maker
    [23/12/2008|22:26] C:\Program Files\Mozilla Firefox
    [28/01/2009|14:55] C:\Program Files\MSBuild
    [26/12/2008|22:29] C:\Program Files\MSECACHE
    [22/12/2008|15:49] C:\Program Files\MSN
    [22/12/2008|15:50] C:\Program Files\MSN Gaming Zone
    [03/11/2009|06:49] C:\Program Files\MSN Messenger
    [03/11/2009|03:01] C:\Program Files\MSXML 4.0
    [22/12/2008|15:51] C:\Program Files\NetMeeting
    [28/08/2009|17:00] C:\Program Files\Norton Security Scan
    [03/11/2009|04:08] C:\Program Files\Outlook Express
    [18/03/2009|23:11] C:\Program Files\Panda Security
    [21/03/2009|10:27] C:\Program Files\QuickTime
    [23/12/2008|09:37] C:\Program Files\RALINK
    [22/12/2008|16:10] C:\Program Files\Realtek
    [28/01/2009|14:54] C:\Program Files\Reference Assemblies
    [17/04/2009|20:47] C:\Program Files\Regensoft
    [22/12/2008|15:51] C:\Program Files\Services en ligne
    [04/09/2009|17:50] C:\Program Files\SFR
    [06/04/2009|16:59] C:\Program Files\Skype
    [31/10/2009|02:00] C:\Program Files\Steam
    [03/11/2009|20:48] C:\Program Files\trend micro
    [22/12/2008|15:56] C:\Program Files\Uninstall Information
    [11/06/2009|20:14] C:\Program Files\VirginMega
    [24/06/2009|14:46] C:\Program Files\Winamp Toolbar
    [03/11/2009|04:08] C:\Program Files\Windows Desktop Search
    [26/12/2008|22:29] C:\Program Files\Windows Installer Clean Up
    [18/03/2009|23:52] C:\Program Files\Windows Live
    [26/12/2008|22:52] C:\Program Files\Windows Live Favorites
    [23/12/2008|21:52] C:\Program Files\Windows Live SkyDrive
    [19/03/2009|16:12] C:\Program Files\Windows Live Toolbar
    [09/05/2009|19:08] C:\Program Files\Windows Media Connect 2
    [24/09/2009|15:53] C:\Program Files\Windows Media Player
    [18/03/2009|13:50] C:\Program Files\Windows NT
    [22/12/2008|15:51] C:\Program Files\WindowsUpdate
    [09/05/2009|19:11] C:\Program Files\WinRAR
    [02/11/2009|19:23] C:\Program Files\World of Warcraft
    [22/12/2008|15:52] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [21/03/2009|19:03] C:\Program Files\Fichiers communs\Adobe
    [21/03/2009|10:28] C:\Program Files\Fichiers communs\Apple
    [06/07/2009|17:29] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [01/03/2009|19:43] C:\Program Files\Fichiers communs\BOONTY Shared
    [27/06/2009|18:17] C:\Program Files\Fichiers communs\DirectX
    [13/07/2009|22:28] C:\Program Files\Fichiers communs\DivX Shared
    [11/06/2009|20:22] C:\Program Files\Fichiers communs\DVDVideoSoft
    [23/12/2008|22:00] C:\Program Files\Fichiers communs\InstallShield
    [02/02/2009|19:53] C:\Program Files\Fichiers communs\Java
    [05/02/2009|19:11] C:\Program Files\Fichiers communs\logishrd
    [10/01/2009|20:03] C:\Program Files\Fichiers communs\Logitech
    [18/10/2009|13:24] C:\Program Files\Fichiers communs\Microsoft Shared
    [22/12/2008|15:51] C:\Program Files\Fichiers communs\MSSoap
    [22/12/2008|16:42] C:\Program Files\Fichiers communs\ODBC
    [22/12/2008|15:51] C:\Program Files\Fichiers communs\Services
    [06/04/2009|16:59] C:\Program Files\Fichiers communs\Skype
    [22/12/2008|16:42] C:\Program Files\Fichiers communs\SpeechEngines
    [02/05/2009|16:03] C:\Program Files\Fichiers communs\Symantec Shared
    [22/12/2008|15:50] C:\Program Files\Fichiers communs\System
    [23/12/2008|21:41] C:\Program Files\Fichiers communs\Windows Live
    [26/12/2008|22:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [11/10/2009|10:44] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 61 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-11-03 21:58:53
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 4

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
    Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa]
    Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa]

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\PENA\Application Data\BitTorrent\cod4fr+generateur de cl‚+crackNOCD.torrent
    C:\DOCUME~1\PENA\Application Data\BitTorrent\Far Cry 2 with no CD or activation required crack.torrent
    C:\DOCUME~1\PENA\Application Data\BitTorrent\Far.Cry.2.CRACK-DARKCODER.rar.torrent
    C:\DOCUME~1\PENA\Mes documents\Rockstar Games\GTA IV\User Music\& 50 Cent - Crack A Bottle (Prod. By Dr. Dre) (Official) ( 2oo9).mp3
    C:\DOCUME~1\PENA\Mes documents\T‚l‚chargements\Alpha 5.20 - Mon Crack.mp3
    C:\DOCUME~1\PENA\Mes documents\T‚l‚chargements\cod4fr+generateur de cl‚+crackNOCD [mininova].torrent
    C:\DOCUME~1\PENA\Recent\cod4fr+generateur de cl‚+crackNOCD [mininova].lnk


    [F:46][D:8]-> C:\DOCUME~1\PENA\LOCALS~1\Temp
    [F:526][D:0]-> C:\DOCUME~1\PENA\Cookies
    [F:941][D:4]-> C:\DOCUME~1\PENA\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 03/11/2009|21:20 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 03/11/2009|21:59 - Option : [2]

    --------------------\\ Fin du rapport a 21:59:57
    a c 294 8 Sécurité
    3 Novembre 2009 22:03:27

    Ok.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    3 Novembre 2009 22:37:42

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3095
    Windows 5.1.2600 Service Pack 3

    03/11/2009 22:37:23
    mbam-log-2009-11-03 (22-37-23).txt

    Type de recherche: Examen rapide
    Eléments examinés: 97288
    Temps écoulé: 5 minute(s), 31 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 294 8 Sécurité
    4 Novembre 2009 01:03:03

    Le mode sans échec fonctionne ?
    4 Novembre 2009 12:24:46

    Je ne sais pas du tout comment vérifier ça :sweat: 
    a c 294 8 Sécurité
    4 Novembre 2009 15:35:40

    Pour redémarrer en mode sans échec :
  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS