Se connecter / S'enregistrer
Votre question

Infection Bagle coriace?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
17 Janvier 2009 08:45:37

Bonjour,

J'ai chopé une saleté, voici les symptomes:
- Message "application win32 non valide" lors du lancement d'Avast et des autres logiciels sensés scanner mon PC.
- Impossible de redémarrer en mode sans échec.
- Impossible de lancer Elibagla.

Est-ce que je peux lancer ComboFix et poster le rapport ici?
Merci de votre aide

Autres pages sur : infection bagle coriace

17 Janvier 2009 13:09:02

J'ai lancé ComboFix et pu lancer HiJackthis ensuite. Voila le rapport de ce dernier.
Suis-je vraiment débarassée du truc ou y a-t-il des fichiers à supprimer manuellement?
merci !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:11, on 17/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\Céline\Bureau\Jako.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe
O4 - HKLM\..\Run: [SPC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TrayMin230.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--
End of file - 8718 bytes
m
0
l
a b 8 Sécurité
17 Janvier 2009 13:16:18

Bonjour,

Tu as le rapport Combofix ?
m
0
l
Contenus similaires
18 Janvier 2009 11:49:09

Bonjour,

Entre-temps, j'ai installé Antivir, lancé un scan complet, plein de choses ont été supprimées. Puis j'ai pu lancer Elibagle qui a supprimé "srosa2".

Voici le rapport de combofix, première action que j'avais effectuée.

ComboFix 09-01-13.04 - C‚line 2009-01-17 12:25:51.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.255.67 [GMT 1:00]
Running from: c:\documents and settings\C‚line\Bureau\Combo-Fix.exe
Command switches used :: c:\documents and settings\C‚line\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\C‚line\Application Data\drivers\downld
c:\documents and settings\C‚line\Application Data\drivers\srosa.sys
c:\documents and settings\C‚line\Application Data\drivers\srosa2.sys
c:\documents and settings\C‚line\Application Data\drivers\winupgro.exe
c:\documents and settings\C‚line\Application Data\m
c:\documents and settings\C‚line\Application Data\m\shared
c:\documents and settings\Céline\Application Data\drivers\downld\1002187.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1004203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1032546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1037546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1038281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1057734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1076828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1120250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1120953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1121406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1137421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1140687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1142062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1143406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1144578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1145921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1176250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1178062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1178765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1191578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1240234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1260921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1262656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\1263203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\167031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\180500.exe
c:\documents and settings\Céline\Application Data\drivers\downld\180796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\186015.exe
c:\documents and settings\Céline\Application Data\drivers\downld\186234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\186250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\187140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\191312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\191343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\191859.exe
c:\documents and settings\Céline\Application Data\drivers\downld\191921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\192875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\193546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\193562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\195281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\195312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\197468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\197671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\197921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\198421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\199890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\200140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\200515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\200921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\201125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\201500.exe
c:\documents and settings\Céline\Application Data\drivers\downld\202484.exe
c:\documents and settings\Céline\Application Data\drivers\downld\202640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203812.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\203968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\205125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\205312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\205968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\206031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\206234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\206343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\206781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207046.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\207828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\208156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\208625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\208796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\208953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\210406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\210421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\210640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\210828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\210890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\212875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\214250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\214828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\214953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\216875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\217468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\219625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\221562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\222187.exe
c:\documents and settings\Céline\Application Data\drivers\downld\223968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\224343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\225156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\225515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\228953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\230250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\230953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\232937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\233734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\234156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\234218.exe
c:\documents and settings\Céline\Application Data\drivers\downld\234265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\234359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\234406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\235437.exe
c:\documents and settings\Céline\Application Data\drivers\downld\235625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\235750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\235765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\235843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\235953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\236281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\236359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\236750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\236843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\236859.exe
c:\documents and settings\Céline\Application Data\drivers\downld\236875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\237265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\237609.exe
c:\documents and settings\Céline\Application Data\drivers\downld\237640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\237718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\238546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\242437.exe
c:\documents and settings\Céline\Application Data\drivers\downld\242937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\244140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\245031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\246046.exe
c:\documents and settings\Céline\Application Data\drivers\downld\246500.exe
c:\documents and settings\Céline\Application Data\drivers\downld\247171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\247421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\247921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\248921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\249000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\249343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\249656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\249750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\249765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\249828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\250031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\251125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\251765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\251828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\252531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\252578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\253781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\254578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\254781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\254843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\255515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\256031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\259515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\265750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\266218.exe
c:\documents and settings\Céline\Application Data\drivers\downld\266875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\271593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\272000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\272156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\272796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\274656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\276578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\278937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\281000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\281281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\281671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\282703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\282875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\284953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\285765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\286500.exe
c:\documents and settings\Céline\Application Data\drivers\downld\286937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\287015.exe
c:\documents and settings\Céline\Application Data\drivers\downld\288140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\289093.exe
c:\documents and settings\Céline\Application Data\drivers\downld\289562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\293156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\298406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\300890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\301953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\302796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\303187.exe
c:\documents and settings\Céline\Application Data\drivers\downld\305765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\307687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\308156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\310281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\310343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\315687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\318343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\319031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\323640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\326703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\327593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\327796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\328265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\339734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\341968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\342718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\343000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\343062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\343656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\355234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\355671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\356718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\357359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\357843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\358015.exe
c:\documents and settings\Céline\Application Data\drivers\downld\359078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\359609.exe
c:\documents and settings\Céline\Application Data\drivers\downld\370671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\370968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\371640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\373093.exe
c:\documents and settings\Céline\Application Data\drivers\downld\373250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\373515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\373718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\374281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\374312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\375296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\375390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\376718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\376906.exe
c:\documents and settings\Céline\Application Data\drivers\downld\377328.exe
c:\documents and settings\Céline\Application Data\drivers\downld\377781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\379203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\380750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\381203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\390468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\397125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\398531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\399359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\400046.exe
c:\documents and settings\Céline\Application Data\drivers\downld\400109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\408484.exe
c:\documents and settings\Céline\Application Data\drivers\downld\409937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\410250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\410468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\411562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\411859.exe
c:\documents and settings\Céline\Application Data\drivers\downld\417796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\418265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\418953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\419000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\419015.exe
c:\documents and settings\Céline\Application Data\drivers\downld\419078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\421062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\422312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\422437.exe
c:\documents and settings\Céline\Application Data\drivers\downld\423296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\423578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\427296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\429671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\429828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\430656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\430750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\431390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\433296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\434703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\435312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\436156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\436484.exe
c:\documents and settings\Céline\Application Data\drivers\downld\437187.exe
c:\documents and settings\Céline\Application Data\drivers\downld\437984.exe
c:\documents and settings\Céline\Application Data\drivers\downld\438375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\438640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\439843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\440515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\440781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\440875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\441359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\441421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\442171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\442390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\442703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\443125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\443406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\444781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\445546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\446031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\446500.exe
c:\documents and settings\Céline\Application Data\drivers\downld\446578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\446593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447218.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\447984.exe
c:\documents and settings\Céline\Application Data\drivers\downld\448546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\449921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\451296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\452296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\452921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\453218.exe
c:\documents and settings\Céline\Application Data\drivers\downld\453687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\454093.exe
c:\documents and settings\Céline\Application Data\drivers\downld\454640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\455296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\455375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\455890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\455921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\456078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\456203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\456828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\457140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\457703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\457843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458015.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\458906.exe
c:\documents and settings\Céline\Application Data\drivers\downld\460109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\461125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\462328.exe
c:\documents and settings\Céline\Application Data\drivers\downld\462968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\463375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\463453.exe
c:\documents and settings\Céline\Application Data\drivers\downld\463593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\464265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\464312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\464843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\465171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\465390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\465703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\466109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\466484.exe
c:\documents and settings\Céline\Application Data\drivers\downld\467640.exe
c:\documents and settings\Céline\Application Data\drivers\downld\468859.exe
c:\documents and settings\Céline\Application Data\drivers\downld\469078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\469531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\470406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\470421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\470437.exe
c:\documents and settings\Céline\Application Data\drivers\downld\470921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\471171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\471187.exe
c:\documents and settings\Céline\Application Data\drivers\downld\471390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\471625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\471828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\472812.exe
c:\documents and settings\Céline\Application Data\drivers\downld\473078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\473265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\473296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\473765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\474046.exe
c:\documents and settings\Céline\Application Data\drivers\downld\474437.exe
c:\documents and settings\Céline\Application Data\drivers\downld\474703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\474875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\475078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\475296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\475687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\475984.exe
c:\documents and settings\Céline\Application Data\drivers\downld\476312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\477281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\477578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\477593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\478531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\478578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\478687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\478875.exe
c:\documents and settings\Céline\Application Data\drivers\downld\479296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\479906.exe
c:\documents and settings\Céline\Application Data\drivers\downld\480312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\480500.exe
c:\documents and settings\Céline\Application Data\drivers\downld\480671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\481421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\481515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\482000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\482125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\482828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\483218.exe
c:\documents and settings\Céline\Application Data\drivers\downld\483265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\484312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\484828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\485812.exe
c:\documents and settings\Céline\Application Data\drivers\downld\486031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\486250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\487656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\488468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\489406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\490203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\490343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\491031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\492296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\492515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\493265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\493281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\494968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\495156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\495921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\497109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\498062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\498453.exe
c:\documents and settings\Céline\Application Data\drivers\downld\503656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\505937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\506968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\507562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\507734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\508187.exe
c:\documents and settings\Céline\Application Data\drivers\downld\509281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\509390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\509953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\511000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\511015.exe
c:\documents and settings\Céline\Application Data\drivers\downld\511703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\511968.exe
c:\documents and settings\Céline\Application Data\drivers\downld\512468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\512984.exe
c:\documents and settings\Céline\Application Data\drivers\downld\513078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\513265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\513375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\513546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\513609.exe
c:\documents and settings\Céline\Application Data\drivers\downld\513937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\514203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\514265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\514546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\514578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\515343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\516265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\516703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\516890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\517234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\518078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\518359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\518531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\518593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\518937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\519734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\520359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\521531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\522375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\523000.exe
c:\documents and settings\Céline\Application Data\drivers\downld\523562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\526687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\532265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\532281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\533031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\533250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\536171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\536281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\537343.exe
c:\documents and settings\Céline\Application Data\drivers\downld\537750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\538375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\539281.exe
c:\documents and settings\Céline\Application Data\drivers\downld\539625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\539687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\540328.exe
c:\documents and settings\Céline\Application Data\drivers\downld\540859.exe
c:\documents and settings\Céline\Application Data\drivers\downld\541140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\541234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\542750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\543078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\543218.exe
c:\documents and settings\Céline\Application Data\drivers\downld\543734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\544765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\546390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\547687.exe
c:\documents and settings\Céline\Application Data\drivers\downld\548562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\550375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\550390.exe
c:\documents and settings\Céline\Application Data\drivers\downld\553031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\555953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\557515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\557578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\557671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\557718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\558921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\559093.exe
c:\documents and settings\Céline\Application Data\drivers\downld\559312.exe
c:\documents and settings\Céline\Application Data\drivers\downld\559515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\560359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\560890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\561078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\561718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\562031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\562078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\562515.exe
c:\documents and settings\Céline\Application Data\drivers\downld\566796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\567625.exe
c:\documents and settings\Céline\Application Data\drivers\downld\568171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\568718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\569062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\572062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\576718.exe
c:\documents and settings\Céline\Application Data\drivers\downld\578750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\579171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\581265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\581953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\583734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\584921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\585265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\590250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\602781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\604203.exe
c:\documents and settings\Céline\Application Data\drivers\downld\605359.exe
c:\documents and settings\Céline\Application Data\drivers\downld\607421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\607765.exe
c:\documents and settings\Céline\Application Data\drivers\downld\608890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\609046.exe
c:\documents and settings\Céline\Application Data\drivers\downld\609156.exe
c:\documents and settings\Céline\Application Data\drivers\downld\615546.exe
c:\documents and settings\Céline\Application Data\drivers\downld\617078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\617484.exe
c:\documents and settings\Céline\Application Data\drivers\downld\617734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\618828.exe
c:\documents and settings\Céline\Application Data\drivers\downld\619578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\619750.exe
c:\documents and settings\Céline\Application Data\drivers\downld\620140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\621140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\621531.exe
c:\documents and settings\Céline\Application Data\drivers\downld\627046.exe
c:\documents and settings\Céline\Application Data\drivers\downld\629671.exe
c:\documents and settings\Céline\Application Data\drivers\downld\630593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\630609.exe
c:\documents and settings\Céline\Application Data\drivers\downld\642250.exe
c:\documents and settings\Céline\Application Data\drivers\downld\642781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\643078.exe
c:\documents and settings\Céline\Application Data\drivers\downld\646421.exe
c:\documents and settings\Céline\Application Data\drivers\downld\650437.exe
c:\documents and settings\Céline\Application Data\drivers\downld\652140.exe
c:\documents and settings\Céline\Application Data\drivers\downld\653578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\655843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\657906.exe
c:\documents and settings\Céline\Application Data\drivers\downld\658265.exe
c:\documents and settings\Céline\Application Data\drivers\downld\660578.exe
c:\documents and settings\Céline\Application Data\drivers\downld\663031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\675812.exe
c:\documents and settings\Céline\Application Data\drivers\downld\680703.exe
c:\documents and settings\Céline\Application Data\drivers\downld\681953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\682468.exe
c:\documents and settings\Céline\Application Data\drivers\downld\682484.exe
c:\documents and settings\Céline\Application Data\drivers\downld\683296.exe
c:\documents and settings\Céline\Application Data\drivers\downld\683734.exe
c:\documents and settings\Céline\Application Data\drivers\downld\690109.exe
c:\documents and settings\Céline\Application Data\drivers\downld\717406.exe
c:\documents and settings\Céline\Application Data\drivers\downld\718796.exe
c:\documents and settings\Céline\Application Data\drivers\downld\718953.exe
c:\documents and settings\Céline\Application Data\drivers\downld\724375.exe
c:\documents and settings\Céline\Application Data\drivers\downld\737843.exe
c:\documents and settings\Céline\Application Data\drivers\downld\740031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\740656.exe
c:\documents and settings\Céline\Application Data\drivers\downld\741812.exe
c:\documents and settings\Céline\Application Data\drivers\downld\743093.exe
c:\documents and settings\Céline\Application Data\drivers\downld\744125.exe
c:\documents and settings\Céline\Application Data\drivers\downld\753062.exe
c:\documents and settings\Céline\Application Data\drivers\downld\761234.exe
c:\documents and settings\Céline\Application Data\drivers\downld\765171.exe
c:\documents and settings\Céline\Application Data\drivers\downld\765562.exe
c:\documents and settings\Céline\Application Data\drivers\downld\766781.exe
c:\documents and settings\Céline\Application Data\drivers\downld\767453.exe
c:\documents and settings\Céline\Application Data\drivers\downld\767890.exe
c:\documents and settings\Céline\Application Data\drivers\downld\820593.exe
c:\documents and settings\Céline\Application Data\drivers\downld\820921.exe
c:\documents and settings\Céline\Application Data\drivers\downld\820984.exe
c:\documents and settings\Céline\Application Data\drivers\downld\995031.exe
c:\documents and settings\Céline\Application Data\drivers\downld\998937.exe
c:\documents and settings\Céline\Application Data\drivers\downld\999015.exe
c:\documents and settings\Céline\Application Data\m\data.oct
c:\documents and settings\Céline\Application Data\m\list.oct
c:\documents and settings\Céline\Application Data\m\shared\#1 Smart Audio Converter 4.11.zip
c:\documents and settings\Céline\Application Data\m\shared\1Click CD Ripper 1.05.zip
c:\documents and settings\Céline\Application Data\m\shared\3660 3650 Symbian Java - Mobiloads Group(2).zip
c:\documents and settings\Céline\Application Data\m\shared\A123 AVI WMV ASF MOV MP4 FLV to MPEG Converter 3.7.zip
c:\documents and settings\Céline\Application Data\m\shared\Active Loader 1.0.zip
c:\documents and settings\Céline\Application Data\m\shared\All In One Computer Tools 2.43.zip
c:\documents and settings\Céline\Application Data\m\shared\Amazing Waterfalls 3.4.0.zip
c:\documents and settings\Céline\Application Data\m\shared\C-Organizer Pro 3.7.0.zip
c:\documents and settings\Céline\Application Data\m\shared\Custom Menus 1.0.zip
c:\documents and settings\Céline\Application Data\m\shared\Flowerz Screensaver.zip
c:\documents and settings\Céline\Application Data\m\shared\Folder Watcher 1.0.1.zip
c:\documents and settings\Céline\Application Data\m\shared\Free Vertical Scroller - Multiple Message Scroller 3.5.zip
c:\documents and settings\Céline\Application Data\m\shared\Glu Mobile Tom And Jerry Pinball Pursuit 176x208 v1.0.1 s60v3 j2Me Retail-Binpda.zip
c:\documents and settings\Céline\Application Data\m\shared\Inside Keylogger 4.1.zip
c:\documents and settings\Céline\Application Data\m\shared\KasperSky.Anti-Virus.Personal.v5.0.388-KEY.(llave.buena.para.octubre.2007).zip
c:\documents and settings\Céline\Application Data\m\shared\MP3 Search Premium 3.29.zip
c:\documents and settings\Céline\Application Data\m\shared\PageCreator 1.0.0.zip
c:\documents and settings\Céline\Application Data\m\shared\Panda.AntiVirus.Platinum.7.03.(español).-.por.escroto.-.zip
c:\documents and settings\Céline\Application Data\m\shared\Panda.Platinum.Internet.Security.2005.v.09.02.00.Spanish.solo.el.crack.y.serial.czip
c:\documents and settings\Céline\Application Data\m\shared\Panda.Platinum.Internet.Security.2005.v.09.02.00.Spanish.solo.el.crack.y.serial.zip
c:\documents and settings\Céline\Application Data\m\shared\Priore Crypt-X ActiveX 2.0.zip
c:\documents and settings\Céline\Application Data\m\shared\RecImageViewer 0.8.0.3.zip
c:\documents and settings\Céline\Application Data\m\shared\ReportMill 8.zip
c:\documents and settings\Céline\Application Data\m\shared\Security and News toolbar for IE 4.5.132.0.zip
c:\documents and settings\Céline\Application Data\m\shared\simpleCal 1.2.4.zip
c:\documents and settings\Céline\Application Data\m\shared\Slice 3.0.3.zip
c:\documents and settings\Céline\Application Data\m\shared\SoundEngine 4.12.zip
c:\documents and settings\Céline\Application Data\m\shared\Space Reader.zip
c:\documents and settings\Céline\Application Data\m\shared\Su-Test 1.0.zip
c:\documents and settings\Céline\Application Data\m\shared\Task Plus 3.9.9.4.zip
c:\documents and settings\Céline\Application Data\m\shared\Text Area Word Counter 1.2.zip
c:\documents and settings\Céline\Application Data\m\shared\WideBug 1.0.0.zip
c:\documents and settings\Céline\Application Data\m\shared\WindowSpy 1.0.zip
c:\documents and settings\Céline\Application Data\m\shared\YAAI - Yet Another Avi Info 2.0.2.485.zip
c:\documents and settings\Céline\Application Data\m\srvlist.oct
C:\InfoSat.txt
c:\program files\DAEMON Tools Lite\daemon.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SK9OU0S
-------\Legacy_SROSA
-------\Service_sK9Ou0s


((((((((((((((((((((((((( Files Created from 2008-12-17 to 2009-01-17 )))))))))))))))))))))))))))))))
.

2009-01-17 12:18 . 2009-01-17 12:19 <REP> d-------- C:\32788R22FWJFW
2009-01-14 19:44 . 2009-01-14 19:44 <REP> d-------- C:\Muestras
2009-01-13 20:37 . 2009-01-13 20:37 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-01-13 20:37 . 2009-01-13 20:37 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-13 20:07 . <REP> c:\documents and settings\Céline\Application Data\drivers
2009-01-12 18:33 . 2009-01-12 18:33 <REP> d-------- c:\program files\Bonjour
2009-01-11 16:51 . 2004-08-19 16:10 16,384 --a------ c:\windows\system32\ipsink.ax
2009-01-11 16:51 . 2004-08-19 16:10 16,384 --a--c--- c:\windows\system32\dllcache\ipsink.ax
2009-01-11 16:51 . 2004-08-03 23:10 15,360 --a------ c:\windows\system32\drivers\StreamIP.sys
2009-01-11 16:51 . 2004-08-03 23:10 15,360 --a--c--- c:\windows\system32\dllcache\streamip.sys
2009-01-11 16:51 . 2004-08-03 23:10 11,136 --a------ c:\windows\system32\drivers\SLIP.sys
2009-01-11 16:51 . 2004-08-03 23:10 11,136 --a--c--- c:\windows\system32\dllcache\slip.sys
2009-01-11 16:51 . 2004-08-03 23:10 10,880 --a------ c:\windows\system32\drivers\NdisIP.sys
2009-01-11 16:51 . 2004-08-03 23:10 10,880 --a--c--- c:\windows\system32\dllcache\ndisip.sys
2009-01-11 16:51 . 2004-08-03 22:58 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys
2009-01-11 16:51 . 2004-08-03 22:58 5,504 --a--c--- c:\windows\system32\dllcache\mstee.sys
2009-01-11 16:50 . <REP> c:\documents and settings\Céline\Application Data\ArcSoft
2009-01-11 16:50 . 2004-08-03 23:10 85,376 --a------ c:\windows\system32\drivers\NABTSFEC.sys
2009-01-11 16:50 . 2004-08-03 23:10 85,376 --a--c--- c:\windows\system32\dllcache\nabtsfec.sys
2009-01-11 16:50 . 2004-08-03 23:10 19,328 --a------ c:\windows\system32\drivers\WSTCODEC.SYS
2009-01-11 16:50 . 2004-08-03 23:10 19,328 --a--c--- c:\windows\system32\dllcache\wstcodec.sys
2009-01-11 16:50 . 2004-08-03 23:10 17,024 --a------ c:\windows\system32\drivers\CCDECODE.sys
2009-01-11 16:50 . 2004-08-03 23:10 17,024 --a--c--- c:\windows\system32\dllcache\ccdecode.sys
2009-01-11 16:49 . 2004-08-19 16:10 91,648 --a------ c:\windows\system32\kswdmcap.ax
2009-01-11 16:49 . 2004-08-19 16:10 91,648 --a--c--- c:\windows\system32\dllcache\kswdmcap.ax
2009-01-11 16:49 . 2004-08-19 16:10 61,952 --a------ c:\windows\system32\kstvtune.ax
2009-01-11 16:49 . 2004-08-19 16:10 61,952 --a--c--- c:\windows\system32\dllcache\kstvtune.ax
2009-01-11 16:49 . 2004-08-19 16:09 54,784 --a------ c:\windows\system32\vfwwdm32.dll
2009-01-11 16:49 . 2004-08-19 16:09 54,784 --a--c--- c:\windows\system32\dllcache\vfwwdm32.dll
2009-01-11 16:49 . 2004-08-19 16:10 43,008 --a------ c:\windows\system32\ksxbar.ax
2009-01-11 16:49 . 2004-08-19 16:10 43,008 --a--c--- c:\windows\system32\dllcache\ksxbar.ax
2009-01-11 16:47 . 2009-01-11 16:47 <REP> d-------- c:\documents and settings\All Users\Application Data\Philips
2008-12-21 13:40 . 2008-12-21 13:40 <REP> d-------- c:\program files\ArcSoft
2008-12-21 13:40 . 1995-08-01 04:44 212,480 --a------ c:\windows\PCDLIB32.DLL
2008-12-21 13:39 . 2008-12-21 13:39 <REP> d-------- c:\windows\Philips
2008-12-21 13:39 . 2008-12-21 13:41 <REP> d-------- c:\program files\Philips
2008-12-21 13:39 . 2007-12-31 16:19 461,056 --a------ c:\windows\system32\drivers\SPC230NC.SYS
2008-12-21 13:39 . 2008-01-04 10:25 135,680 --a------ c:\windows\system32\SPC230NC.AX
2008-12-21 13:39 . 2007-09-26 14:28 8,576 --a------ c:\windows\system32\drivers\PAEAFLT.sys
2008-12-21 13:39 . 2007-11-02 11:07 6,656 --a------ c:\windows\system32\CoInst.dll
2008-12-21 13:39 . 2007-12-10 16:08 842 --a------ c:\windows\system32\SPC230NC.INI
2008-12-21 13:36 . <REP> c:\documents and settings\Céline\Application Data\InstallShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-17 11:40 --------- d-----w c:\program files\Wanadoo
2009-01-17 11:32 --------- d-----w c:\program files\DAEMON Tools Lite
2008-12-21 12:40 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-14 14:05 --------- d-----w c:\program files\Auralog
2008-12-14 09:20 --------- d-----w c:\documents and settings\Céline\Application Data\Skype
2008-12-14 09:17 --------- d-----w c:\program files\Skype
2008-12-14 09:16 --------- d-----w c:\program files\Fichiers communs\Skype
2008-12-14 09:16 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-12-10 18:51 --------- d-----w c:\program files\LSEF7
2008-12-08 19:05 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-12-08 19:04 --------- d-----w c:\documents and settings\Céline\Application Data\DAEMON Tools
2008-12-03 17:55 --------- d-----w c:\program files\Java
2008-12-01 18:17 --------- d-----w c:\program files\iTunes
2008-12-01 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-01 18:15 --------- d-----w c:\program files\iPod
2008-12-01 18:15 --------- d-----w c:\program files\Fichiers communs\Apple
2008-12-01 18:05 --------- d-----w c:\program files\QuickTime
2008-11-25 09:51 --------- d-----w c:\documents and settings\Céline\Application Data\Adobe
2008-11-22 14:15 --------- d-----w c:\documents and settings\Céline\Application Data\Sun
2008-10-04 16:32 278,528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"WOOKIT"="c:\progra~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"Philips Intelligent Agent"="c:\program files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" [2008-02-21 613792]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-14 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroCheck"="c:\windows\System32\NeroCheck.exe" [2001-07-09 155648]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-01-17 81000]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-11-07 185872]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"SPC230NC_Monitor"="c:\windows\Philips\SPC230NC\Monitor.exe" [2009-01-17 323584]
"SPC_Monitor"="c:\windows\Philips\SPC230NC\Monitor.exe" [2009-01-17 323584]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 c:\windows\SOUNDMAN.EXE]
"AtiPTA"="atiptaxx.exe" [2002-07-26 c:\windows\system32\atiptaxx.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Philips\\Intelligent Agent\\Philips Intelligent Agent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R1 aswSP;avast! Self Protection; [x]
R2 aswFsBlk;aswFsBlk; [x]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-09-02 191656]
R3 SetupNTGLM7X;SetupNTGLM7X; [x]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\DRIVERS\PAEAFLT.sys [2007-09-26 8576]
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\DRIVERS\SPC230NC.SYS [2007-12-31 461056]


--- Other Services/Drivers In Memory ---

*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - Apple Mobile Device
*Deregistered* - ATI Smart
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - dmserver
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - FTRTSVC
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - iPod Service
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - MSIServer
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PCANDIS5
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - Wlancfg
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62e14cfa-9e88-11dd-9f6a-00032f44e201}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
.
Contents of the 'Scheduled Tasks' folder

2009-01-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe


.
------- Supplementary Scan -------
.
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-17 12:38:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"C040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\æHôwæ*]
"DisplayName"="\09"
"DeviceDesc"="\09"
"ProviderName"=""
"MFG"="?"
"ReinstallString"="2002, 6.13.10.6143"
"DeviceInstanceIds"=multi:"\00"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\progra~1\Wanadoo\TaskBarIcon.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\program files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-01-17 12:58:19 - machine was rebooted [C‚line]
ComboFix-quarantined-files.txt 2009-01-17 11:58:08

Pre-Run: 26ÿ709ÿ319ÿ680 octets libres
Post-Run: 26,783,997,952 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

916 --- E O F --- 2008-12-19 05:44:07

m
0
l
18 Janvier 2009 11:50:28

Je suis désolée, ce truc m'a un peu titillée et du coup je me suis défoulée pour lui casser la gueule, ce qui n'étais pas forcément malin sans l'aide d'un pro ...
m
0
l
18 Janvier 2009 12:09:21

Autre chose, Antivir avait détecté une infection Trash.Gen, j'ai tout mis en quarantaine.
m
0
l
a b 8 Sécurité
18 Janvier 2009 13:17:50

Re;

Télécharge FindyKill ([#ff0000]Chiquitine29[/#ff]) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de FindyKill.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré dans ta prochaine réponse.

    NB : La barre des tâches et les icônes vont disparaître pendant la recherche.
    m
    0
    l
    18 Janvier 2009 13:30:55

    Le voila :



    ----------------- FindyKill V4.713 ------------------

    * User : C‚line - BLAH
    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 17/01/09 par Chiquitine29
    * Recherche effectuée à 13:28:13 le 18/01/2009
    * Windows XP - Internet Explorer 7.0.5730.13

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))


    --------------- [ Processus actifs ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\atiptaxx.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

    --------------- [ Fichiers/Dossiers infectieux ] ----------------


    »»»» Presence des fichiers dans C:

    Found ! [17/01/2009 14:23] - "C:\Muestras"
    Found ! [18/01/2009 11:37] - C:\InfoSat.txt

    »»»» Presence des fichiers dans C:\WINDOWS


    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

    Found ! - C:\WINDOWS\prefetch\223968.EXE-16652020.pf
    Found ! - C:\WINDOWS\prefetch\284953.EXE-2C4032F0.pf
    Found ! - C:\WINDOWS\prefetch\319031.EXE-09B179CB.pf
    Found ! - C:\WINDOWS\prefetch\514578.EXE-24C693F8.pf
    Found ! - C:\WINDOWS\prefetch\553031.EXE-1C54A4EE.pf
    Found ! - C:\WINDOWS\prefetch\562078.EXE-32294C4A.pf
    Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0D852B44.pf
    Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
    Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
    Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf
    Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-32F993F2.pf

    »»»» Presence des fichiers dans C:\WINDOWS\system32


    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


    »»»» Presence des fichiers dans C:\Documents and Settings\C‚line\Application Data


    »»»» Presence des fichiers dans C:\DOCUME~1\CLINE~1\LOCALS~1\Temp


    --------------- [ Registre / Startup ] ----------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
    WOOKIT=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    Philips Intelligent Agent="C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
    SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    SoundMan=SOUNDMAN.EXE
    AtiPTA=atiptaxx.exe
    NeroCheck=C:\WINDOWS\System32\NeroCheck.exe
    WOOWATCH=C:\PROGRA~1\Wanadoo\Watch.exe
    WOOTASKBARICON=C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    HP Software Update="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    HP Component Manager="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
    iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
    SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
    SPC230NC_Monitor=C:\WINDOWS\Philips\SPC230NC\Monitor.exe
    SPC_Monitor=C:\WINDOWS\Philips\SPC230NC\Monitor.exe
    avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
    NoChange=1
    Installed=1
    <NO NAME>=
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
    Installed=1
    <NO NAME>=

    [HKEY_CURRENT_USER\software\local appwizard-generated applications\daemon]
    [HKEY_CURRENT_USER\software\local appwizard-generated applications\DestComp]
    [HKEY_CURRENT_USER\software\local appwizard-generated applications\serial]
    [HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

    --------------- [ Registre / Clés infectieuses ] ----------------


    Found ! - HKEY_USERS\S-1-5-21-1060284298-152049171-725345543-1003\Software\Local AppWizard-Generated Applications\serial
    Found ! - HKEY_USERS\S-1-5-21-1060284298-152049171-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA


    --------------- [ Etat / Services ] ----------------



    +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

    /!\ Ndisuio - Type de démarrage = 4

    /!\ Ip6Fw - Type de démarrage = 4

    SharedAccess - Type de démarrage = 2

    wuauserv - Type de démarrage = 2

    wscsvc - Type de démarrage = 2


    --------------- [ Recherche dans supports amovibles] ----------------


    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe

    G: - Lecteur fixe


    +- presence des fichiers :



    --------------- [ Registre / Mountpoint2 ] ----------------


    -> Not found !


    ------------------- ! Fin du rapport ! --------------------

    m
    0
    l
    a b 8 Sécurité
    18 Janvier 2009 13:35:48

    Re,

    Relance FindyKill en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.

    NB : Un redémarrage est parfois nécessaire, FindyKill t'enverra un message si cela est nécessaire.
    m
    0
    l
    18 Janvier 2009 14:25:24



    ----------------- FindyKill V4.713 ------------------

    * User : C‚line - BLAH
    * Executed from : C:\Program Files\FindyKill
    * Update on 17/01/09 by Chiquitine29
    * Start at 13:58:46 the 18/01/2009
    * Windows XP - Internet Explorer 7.0.5730.13


    ((((((((((((((( *** deleting *** ))))))))))))))))))


    --------------- [ Active Processes ] ----------------


    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\ati2sgag.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe

    --------------- [ Infected files / folders ] ----------------


    »»»» Supression files in C:

    Deleted ! - "C:\Muestras"
    Deleted ! - C:\InfoSat.txt

    »»»» Supression files in C:\WINDOWS


    »»»» Supression files in C:\WINDOWS\Prefetch

    Deleted ! - C:\WINDOWS\prefetch\223968.EXE-16652020.pf
    Deleted ! - C:\WINDOWS\prefetch\284953.EXE-2C4032F0.pf
    Deleted ! - C:\WINDOWS\prefetch\319031.EXE-09B179CB.pf
    Deleted ! - C:\WINDOWS\prefetch\514578.EXE-24C693F8.pf
    Deleted ! - C:\WINDOWS\prefetch\553031.EXE-1C54A4EE.pf
    Deleted ! - C:\WINDOWS\prefetch\562078.EXE-32294C4A.pf
    Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-0D852B44.pf
    Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
    Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
    Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf
    Deleted ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-32F993F2.pf

    »»»» Supression files in C:\WINDOWS\system32


    »»»» Supression files in C:\WINDOWS\system32\drivers


    »»»» Supression files in C:\Documents and Settings\C‚line\Application Data


    »»»» Supression files in C:\DOCUME~1\CLINE~1\LOCALS~1\Temp


    »»»» Supression files in C:\Documents and Settings\C‚line\Local Settings\Temporary Internet Files\Content.IE5


    --------------- [ Registry / Infected keys ] ----------------

    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Deleted ! - HKEY_USERS\S-1-5-21-1060284298-152049171-725345543-1003\Software\Local AppWizard-Generated Applications\serial
    Deleted ! - HKEY_USERS\S-1-5-21-1060284298-152049171-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro

    --------------- [ States / Restarting of services ] ----------------



    +- Services : [ Auto=2 / Request=3 / Disable=4 ]

    Ndisuio - Type of startup = 3

    Ip6Fw - Type of startup = 2

    SharedAccess - Type of startup = 2

    wuauserv - Type of startup = 2

    wscsvc - Type of startup = 2


    --------------- [ Cleaning removable drives ] ----------------

    +- Informations :

    C: - Lecteur fixe

    D: - Lecteur fixe

    G: - Lecteur fixe


    +- deleting files :


    --------------- [ Registry / Mountpoint2 ] ----------------


    -> Not found !


    --------------- [ Searching Other Infections ] ----------------


    --------------- [ Searching Cracks / Keygen ] ----------------



    ---------------- ! End of report ! ------------------


    m
    0
    l
    a b 8 Sécurité
    18 Janvier 2009 19:11:42

    Reposte un rapport Hijackthis.
    m
    0
    l
    18 Janvier 2009 19:36:17

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:35:12, on 18/01/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wbem\wmiapsrv.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Inventel\Gateway\WLANCFG.EXE
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Céline\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [SPC230NC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe
    O4 - HKLM\..\Run: [SPC_Monitor] C:\WINDOWS\Philips\SPC230NC\Monitor.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: TrayMin230.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

    --
    End of file - 8691 bytes
    m
    0
    l
    a b 8 Sécurité
    19 Janvier 2009 22:00:43

    Tu as encore des soucis ?

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    m
    0
    l
    21 Janvier 2009 19:15:57

    Re,
    Tout a l'air d'être rentré dans l'ordre. Merci à toi et à tous les autres, vous faites du super boulot. J'ai lu vos conseils, plus de bêtises maintenant.

    Voila le rapport Kaspersky :

    -------------------------------------------------------------------------------
    KASPERSKY ON-LINE SCANNER REPORT
    Wednesday, January 21, 2009 7:01:55 PM
    Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.84.2
    Dernière mise à jour de la base antivirus Kaspersky : 21/01/2009
    Enregistrements dans la base antivirus Kaspersky : 1488601
    -------------------------------------------------------------------------------

    Paramètres d'analyse:
    Analyser avec la base antivirus suivante: standard
    Analyser les archives: vrai
    Analyser les bases de messagerie: vrai

    Cible de l'analyse - Poste de travail:
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\

    Statistiques de l'analyse:
    Total d'objets analysés: 170543
    Nombre de virus trouvés: 0
    Nombre d'objets infectés: 0 / 0
    Nombre d'objets suspects: 0
    Durée de l'analyse: 11:05:48

    Nom de l'objet infecté / Nom du virus / Dernière action
    C:\Documents and Settings\Céline\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Temp\Perflib_Perfdata_c98.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Temp\Perflib_Perfdata_f7c.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Temp\~DF280E.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\Céline\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{48FEAA63-41B1-49E4-871F-2771B13EA33B}\RP135\change.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\Temp\Perflib_Perfdata_714.dat L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
    D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
    D:\System Volume Information\_restore{48FEAA63-41B1-49E4-871F-2771B13EA33B}\RP135\change.log L'objet est verrouillé ignoré
    G:\System Volume Information\_restore{48FEAA63-41B1-49E4-871F-2771B13EA33B}\RP135\change.log L'objet est verrouillé ignoré

    Analyse terminée.
    m
    0
    l
    a b 8 Sécurité
    22 Janvier 2009 16:56:35

    C'est clean. des questions ?
    m
    0
    l
    22 Janvier 2009 21:12:28

    Bah j'ai bien lu toutes les recommandations du site, ça devrait aller. Et puis maintenant je vais réfléchir avant de cliquer ...
    Merci beaucoup ! :) 
    m
    0
    l
    a b 8 Sécurité
    23 Janvier 2009 19:20:39

    Bon surf.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS