Partager vos
astuces Bricolage
Posez votre question Signaler

Virus TR/TDss.yux

eloitalia 49Messages postés 17 juillet 2008Date d'inscription - Dernière réponse le 6 juil. 2009 à 19:08
Bonjour,
Voici mon rapport Hijackthis ! Fait parce que antivir me signale un virus mais qu'il n'est pas capable de supprimer, quelqu'un pourrait-il y jeter un coup d'oeil et me dire auoi faire ?? D'avance merci !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:05, on 30/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [wewckmw] "c:\users\pauline\appdata\local\wewckmw.exe" wewckmw
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.53 Safari/525.19" -"http://www.aufeminin.com/beaute/outilcoiffure/outilcoiffure2b.asp?vid=16373708C69005"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O13 - Gopher Prefix:
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/SKIP-BO%20Castaway%20Caper/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/SKIP-BO%20Castaway%20Caper/Images/armhelper.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
Lire la suite 

Virus TR/TDss.yux »

8 réponses
Réponse
+0
moins plus
gen-hackman 68344Messages postés 30 avril 2008Date d'inscription 11 juin 2011Dernière intervention 5 juil. 2009 à 01:19
salut :

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.

Tuto

ensuite :

Désactiver le TeaTimer de Spybot (Merci à Nico):

Pour désactiver le TeaTimer :
=> Ouvrir Spybot S&D
=> Dans le menu "Mode", séléctionner le mode avancé.
=> Une fenêtre demande confirmation cliquer sur "oui".
=> Une fois le mode avancé actif, ouvrir l'onglet "Outils".
=> Cliquer sur Résident.
=> La partie Résident comporte deux lignes qui sont normalement cochées :
*Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.

* Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.

=> Décocher la ligne TeaTimer.
=> Redémarrer Spybot (le fermer et le réouvrir)
=> Retourner dans le menu Résident et vérifier qu'il soit bien désactivé.

ensuite :

desinstalle spybot

ensuite :


/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\

_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

>> Reviens sur le forum, et

copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.


Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
eloitalia 49Messages postés 17 juillet 2008Date d'inscription 5 juil. 2009 à 23:34
Donc voilà, j'ai effectué ce que tu m'as dit et voici le résultat :

ComboFix 09-07-05.01 - Pauline 05/07/2009 23:05.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.352.1036.18.2008.1297 [GMT 2:00]
Lancé depuis: c:\users\Pauline\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1243321965-3589882168-3296649825-1001
c:\$recycle.bin\S-1-5-21-75162790-1064007011-202293021-500
c:\windows\Installer\216b4.msi
c:\windows\Installer\51473e7.msi
c:\windows\system32\drivers\msqpdxmbcbcrrx.sys
c:\windows\system32\drivers\SKYNETysnjrfmw.sys
c:\windows\system32\msqpdxrfppntlv.dll
c:\windows\system32\msqpdxwqsctmei.dll
c:\windows\TEMP\jqoypqbkks.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSQPDXSERV.SYS
-------\Service_Boonty Games
-------\Legacy_msqpdxserv.sys
-------\Service_AeLookupSvcAGWinService
-------\Service_msqpdxserv.sys
-------\Service_SKYNETdpqnugyp


((((((((((((((((((((((((((((( Fichiers créés du 2009-06-05 au 2009-07-05 ))))))))))))))))))))))))))))))))))))
.

2009-07-05 07:04 . 2009-07-05 07:04 -------- d-----w- c:\users\Invité
2009-07-04 22:39 . 2009-07-05 20:54 18944 ----a-w- c:\windows\system32\SKYNETqptuupdn.dll
2009-07-04 22:18 . 2009-07-04 22:18 -------- d-----w- c:\users\Pauline\AppData\Roaming\Samsung
2009-07-04 21:59 . 2007-05-02 09:12 15112 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_wh.sys
2009-07-04 21:59 . 2007-05-02 09:12 109704 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys
2009-07-04 21:59 . 2007-05-02 09:12 83592 ----a-w- c:\windows\system32\drivers\ssm_bus.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cm.sys
2009-07-04 21:58 . 2009-07-04 22:39 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-07-04 21:57 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-07-04 21:57 . 2009-07-04 21:57 -------- d-----w- c:\program files\Samsung
2009-06-29 04:45 . 2009-07-05 20:54 93 ----a-w- c:\windows\system32\SKYNETerrmifpw.dat
2009-06-29 04:40 . 2009-06-29 04:40 -------- d-----w- c:\program files\LeeGTs Games
2009-06-29 04:38 . 2009-07-05 21:11 102613 ----a-w- c:\windows\system32\SKYNEToxxqxtbs.dat
2009-06-29 04:38 . 2009-06-29 04:38 45056 ----a-w- c:\windows\system32\SKYNETpvpptmky.dll
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\program files\Kiwee Toolbar
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\programdata\Kiwee Toolbar
2009-06-16 19:25 . 2009-06-16 19:26 -------- d-----w- c:\users\Pauline\AppData\Roaming\agi
2009-06-16 19:25 . 2009-06-16 19:25 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-06-16 19:25 . 2009-06-16 19:25 2117632 ----a-w- c:\windows\system32\python25.dll
2009-06-16 19:25 . 2009-06-16 19:25 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-06-16 19:24 . 2008-09-16 16:26 1332197 ----a-w- c:\windows\system32\pythondll.zip
2009-06-16 19:24 . 2009-06-16 19:25 -------- d-----w- c:\programdata\AGI
2009-06-16 19:24 . 2009-06-16 19:24 -------- d-----w- c:\program files\AGI
2009-06-14 20:42 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Roaming\Sony
2009-06-14 20:42 . 2009-06-14 20:42 -------- d-----w- c:\programdata\Sony
2009-06-14 20:41 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Local\Sony
2009-06-14 20:39 . 2009-06-14 20:39 -------- d-----w- c:\program files\Common Files\Sony Shared
2009-06-14 20:35 . 2009-06-14 20:37 -------- d-----w- c:\program files\QuickTime
2009-06-14 08:32 . 2009-06-14 08:32 -------- d-----w- c:\program files\Rockstar Games
2009-06-13 14:49 . 2009-06-13 14:49 -------- d-----w- c:\programdata\BVRP Software
2009-06-13 14:25 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2009-06-13 14:25 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2009-06-13 14:25 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2009-06-13 14:25 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2009-06-13 14:25 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2009-06-13 14:25 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2009-06-13 14:25 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2009-06-13 14:25 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2009-06-12 19:21 . 2009-06-12 19:22 -------- d-----w- c:\users\Pauline\AppData\Local\Ludi
2009-06-12 19:21 . 2009-06-12 19:21 -------- d-----w- c:\program files\Ludi
2009-06-11 13:26 . 2009-04-24 16:05 827904 ----a-w- c:\windows\system32\wininet.dll
2009-06-11 13:26 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-11 13:26 . 2009-04-24 13:44 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-06-11 12:51 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-11 12:45 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-11 12:40 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-09 14:12 . 2009-06-09 14:12 -------- d-----w- c:\program files\uTorrent
2009-06-09 14:11 . 2009-07-04 22:08 -------- d-----w- c:\users\Pauline\AppData\Roaming\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 21:16 . 2009-07-05 21:16 421 ----a-w- c:\windows\system32\SKYNETiobjxenu.dat
2009-07-05 21:07 . 2008-05-26 15:53 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-05 21:07 . 2008-05-26 15:53 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-05 20:56 . 2008-10-10 18:02 1356 ----a-w- c:\users\Pauline\AppData\Local\d3d9caps.dat
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-05 19:10 . 2008-05-26 06:48 -------- d-----w- c:\program files\Google
2009-07-05 19:10 . 2008-05-26 06:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-05 19:08 . 2008-10-12 19:27 -------- d-----w- c:\users\Pauline\AppData\Roaming\skypePM
2009-07-04 18:59 . 2008-10-21 19:08 -------- d-----w- c:\program files\Sony
2009-07-02 19:50 . 2008-10-13 21:24 1 ----a-w- c:\users\Pauline\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-30 23:21 . 2008-11-07 11:48 -------- d-----w- c:\users\Pauline\AppData\Roaming\dvdcss
2009-06-30 00:06 . 2008-10-09 20:53 -------- d-----w- c:\program files\Windows Live
2009-06-25 20:58 . 2008-10-12 19:26 -------- d-----w- c:\users\Pauline\AppData\Roaming\Skype
2009-06-14 20:35 . 2008-11-18 17:48 -------- d-----w- c:\programdata\Apple Computer
2009-06-13 14:18 . 2008-05-26 06:31 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-10 17:58 . 2009-05-28 12:07 -------- d-----w- c:\program files\Warcraft III
2009-05-28 12:25 . 2009-05-28 12:12 55358 ----a-w- c:\windows\War3Unin.dat
2009-05-28 12:25 . 2009-05-28 12:12 2829 ----a-w- c:\windows\War3Unin.pif
2009-05-28 12:25 . 2009-05-28 12:12 139264 ----a-w- c:\windows\War3Unin.exe
2009-05-24 21:28 . 2009-05-24 21:27 -------- d-----r- c:\program files\Skype
2009-05-24 21:28 . 2009-05-24 21:28 -------- d-----w- c:\program files\Common Files\Skype
2009-05-24 21:28 . 2008-05-26 07:17 -------- d-----w- c:\programdata\Skype
2009-05-21 17:01 . 2008-12-22 18:47 -------- d-----w- c:\program files\DivX
2009-05-21 17:01 . 2008-10-21 19:13 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-21 17:00 . 2009-05-21 16:59 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-21 12:53 . 2009-05-21 12:53 -------- d-----w- c:\program files\Chaos Shredder2.3FR
2009-05-20 21:03 . 2008-12-15 21:36 -------- d-----w- c:\users\Pauline\AppData\Roaming\ESTsoft
2009-05-20 21:03 . 2009-05-20 21:02 -------- d-----w- c:\program files\ESTsoft
2009-05-14 01:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 08:33 . 2009-05-09 08:33 -------- d-----w- c:\program files\Avira
2009-05-09 08:33 . 2009-04-07 06:57 -------- d-----w- c:\programdata\Avira
2009-04-23 20:28 . 2009-04-23 20:27 21878064 ----a-w- c:\users\Pauline\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2008-06-30 11:44 . 2008-10-10 05:16 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-05-26 15:58 . 2008-05-26 15:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-06-16 19:26 277648 ----a-w- c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Does wait"="c:\programdata\mapi rule rule.rbrxv" [X]
"Hope Draw Obj Funk"="c:\programdata\HOPE LIES DART.l4op9a7" [X]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664]
"Google Update"="c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-12-05 133104]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-11 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-11 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-11 145944]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-26 29744]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-28 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.9.201\kwtbaim.exe" [2009-06-16 56456]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{21AEC2E7-FEE5-47FD-BB06-BA93600638EA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{769EDCAB-AA23-4F50-AE37-D6B23D09AE7B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1F20F986-497B-4045-ABBA-5A98D5B27A05}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{68DB0F74-AC44-4DB0-B62D-6D8FA4C93A83}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{7B6CE150-E3DA-42AE-9774-650A5DD88C01}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule Plus
"UDP Query User{330A880B-300E-4EE0-BDFE-9B3B1BE39849}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule Plus
"TCP Query User{C550615A-4F0E-4732-B148-0EE7A9B952AE}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"UDP Query User{CA001725-C64F-4363-A426-98D44B951943}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"{3B8FFFBB-C972-47F6-BD28-15D97DD551A9}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{8DC75970-59CB-4989-92E6-0C3DF54FCFEB}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{BED62AC2-D99B-4F2D-8062-30CD3150736E}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{40B030FC-38DF-4493-84F5-51999FCCB504}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{86AA4F51-44B0-45FB-9DBC-A09655FEA866}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"{C55D61F4-A160-4B2F-99ED-CAFBAF1ABEAE}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{D2FE08EB-D132-4862-A942-A853367BDD2C}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{43204573-6B06-4303-9AE3-3653AD56756A}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"{5F7B623A-4F43-4381-9236-B4F00BAD88DF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{C1B43801-204F-45FF-B358-784ABDF97736}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{C019811F-D531-431D-BBF8-07845CAF14C4}"= UDP:44535:Torrent
"{8F3BAC46-AD77-46C6-A406-BEED2F8B0877}"= TCP:44535:Torrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [16/06/2009 21:25 10240]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [09/05/2009 10:33 108289]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/05/2008 17:46 489984]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [13/05/2008 06:48 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [13/05/2008 03:48 43736]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\System32\drivers\IcdUsb2.sys [21/10/2008 21:09 39048]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [13/06/2009 16:25 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [13/06/2009 16:25 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [13/06/2009 16:25 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [13/06/2009 16:25 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [13/06/2009 16:25 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [13/06/2009 16:25 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [13/06/2009 16:25 115752]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - Ndisprot.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contenu du dossier 'Tâches planifiées'

2009-07-05 c:\windows\Tasks\Extension de garantie-Pauline.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-05-26 10:13]

2009-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000Core.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000UA.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{7DD4461A-AF1A-409F-A9A7-CE23A63F1F23}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{A7BEE8AB-23DD-48DE-8AF7-A0AA78AFE1E7}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Examen supplémentaire -------
.
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Pauline\AppData\Roaming\Mozilla\Firefox\Profiles\gt3se141.default\
FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\users\Pauline\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-05 23:19
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\users\Pauline\AppData\Local\Temp\~DF730D.tmp 16384 bytes
c:\users\Pauline\AppData\Local\Temp\~DF7D54.tmp 512 bytes
c:\users\Pauline\AppData\Roaming\Microsoft\Windows\Cookies\pauline@kiwee[1].txt 1243 bytes
c:\users\Pauline\AppData\Roaming\Microsoft\Windows\Cookies\pauline@www1.kiwee[2].txt 542 bytes

Scan terminé avec succès
Fichiers cachés: 4

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SKYNETdpqnugyp]
"imagepath"="\systemroot\system32\drivers\SKYNETysnjrfmw.sys"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SKYNETdpqnugyp]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"group"="file system"
"imagepath"=expand:"\\systemroot\\system32\\drivers\\SKYNETysnjrfmw.sys"
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\windows\System32\IoctlSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\conime.exe
c:\windows\System32\igfxsrvc.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Heure de fin: 2009-07-05 23:27 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-07-05 21:27

Avant-CF: 97 595 076 608 octets libres
Après-CF: 97 615 900 672 octets libres

312 --- E O F --- 2009-07-02 16:41

Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
gen-hackman 68344Messages postés 30 avril 2008Date d'inscription 11 juin 2011Dernière intervention 5 juil. 2009 à 23:45

__________________________________________________________
=>/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement cet ordinateur,<=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=====|
---------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

• Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
• Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
File::
c:\windows\system32\SKYNETqptuupdn.dll
c:\windows\system32\SKYNETerrmifpw.dat
c:\windows\system32\SKYNEToxxqxtbs.dat
c:\windows\system32\SKYNETpvpptmky.dll
c:\windows\system32\drivers\SKYNETysnjrfmw.sys

Folder::
c:\users\Pauline\AppData\Roaming\agi
c:\programdata\AGI
c:\program files\AGI

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000000
"InternetSettingsDisableNotify"=dword:00000000
"AutoUpdateDisableNotify"=dword:00000000
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SKYNETdpqnugyp]

Driver::
SKYNETdpqnugyp
------------------------------------------------------------------

• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
• Quitte le Bloc Notes

• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) Comme ceci

• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

ensuite :

Télécharge TOOLBAR S&D ( de Eric_71/Team IDN ) sur ton bureau :


!! Déconnecte toi,desactive tes protections résidentes, et ferme toutes tes applications en cours le temps de la manip. !!

* clique droit "en tant qu'administrateur" sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...

--> Tapes ( option " recherche " ) puis tape sur [Entrée].

Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse

( le rapport est en outre sauvegardé ici -> C:\TB.txt )

Tutoriel

ensuite :


télécharge LOP S&D sur ton Bureau.

* clique droit "en tant qu'administrateur" dessus pour lancer l'installation
* Puis clique droit "en tant qu'administrateur" sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan

* Poste le rapport généré (C:\lopR.txt)

Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
eloitalia 49Messages postés 17 juillet 2008Date d'inscription 6 juil. 2009 à 07:29
Voilà le second rapport Combo fix

ComboFix 09-07-05.01 - Pauline 05/07/2009 23:59.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.352.1036.18.2008.1122 [GMT 2:00]
Lancé depuis: c:\users\Pauline\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Pauline\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\system32\drivers\SKYNETysnjrfmw.sys"
"c:\windows\system32\SKYNETerrmifpw.dat"
"c:\windows\system32\SKYNEToxxqxtbs.dat"
"c:\windows\system32\SKYNETpvpptmky.dll"
"c:\windows\system32\SKYNETqptuupdn.dll"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AGI
c:\program files\AGI\common\agcutils.dll
c:\program files\AGI\common\bootstrapper.exe
c:\program files\AGI\common\common.zip
c:\program files\AGI\common\comtypes\__init__.py
c:\program files\AGI\common\comtypes\__init__.pyc
c:\program files\AGI\common\comtypes\_comobject.py
c:\program files\AGI\common\comtypes\_comobject.pyc
c:\program files\AGI\common\comtypes\_meta.py
c:\program files\AGI\common\comtypes\_meta.pyc
c:\program files\AGI\common\comtypes\_safearray.py
c:\program files\AGI\common\comtypes\_safearray.pyc
c:\program files\AGI\common\comtypes\automation.py
c:\program files\AGI\common\comtypes\automation.pyc
c:\program files\AGI\common\comtypes\client\__init__.py
c:\program files\AGI\common\comtypes\client\__init__.pyc
c:\program files\AGI\common\comtypes\client\_events.py
c:\program files\AGI\common\comtypes\client\_events.pyc
c:\program files\AGI\common\comtypes\client\_generate.py
c:\program files\AGI\common\comtypes\client\_generate.pyc
c:\program files\AGI\common\comtypes\client\dynamic.py
c:\program files\AGI\common\comtypes\client\dynamic.pyc
c:\program files\AGI\common\comtypes\connectionpoints.py
c:\program files\AGI\common\comtypes\connectionpoints.pyc
c:\program files\AGI\common\comtypes\errorinfo.py
c:\program files\AGI\common\comtypes\errorinfo.pyc
c:\program files\AGI\common\comtypes\gen\__init__.py
c:\program files\AGI\common\comtypes\gen\__init__.pyc
c:\program files\AGI\common\comtypes\gen\_00020430_0000_0000_C000_000000000046_0_2_0.py
c:\program files\AGI\common\comtypes\git.py
c:\program files\AGI\common\comtypes\GUID.py
c:\program files\AGI\common\comtypes\GUID.pyc
c:\program files\AGI\common\comtypes\hresult.py
c:\program files\AGI\common\comtypes\hresult.pyc
c:\program files\AGI\common\comtypes\logutil.py
c:\program files\AGI\common\comtypes\messageloop.py
c:\program files\AGI\common\comtypes\partial.py
c:\program files\AGI\common\comtypes\partial.pyc
c:\program files\AGI\common\comtypes\persist.py
c:\program files\AGI\common\comtypes\safearray.py
c:\program files\AGI\common\comtypes\safearray.pyc
c:\program files\AGI\common\comtypes\server\__init__.py
c:\program files\AGI\common\comtypes\server\__init__.pyc
c:\program files\AGI\common\comtypes\server\automation.py
c:\program files\AGI\common\comtypes\server\automation.pyc
c:\program files\AGI\common\comtypes\server\connectionpoints.py
c:\program files\AGI\common\comtypes\server\inprocserver.py
c:\program files\AGI\common\comtypes\server\inprocserver.pyc
c:\program files\AGI\common\comtypes\server\localserver.py
c:\program files\AGI\common\comtypes\server\register.py
c:\program files\AGI\common\comtypes\server\register.pyc
c:\program files\AGI\common\comtypes\server\w_getopt.py
c:\program files\AGI\common\comtypes\server\w_getopt.pyc
c:\program files\AGI\common\comtypes\tools\__init__.py
c:\program files\AGI\common\comtypes\tools\codegenerator.py
c:\program files\AGI\common\comtypes\tools\tlbparser.py
c:\program files\AGI\common\comtypes\tools\typedesc.py
c:\program files\AGI\common\comtypes\tools\typedesc_base.py
c:\program files\AGI\common\comtypes\typeinfo.py
c:\program files\AGI\common\comtypes\typeinfo.pyc
c:\program files\AGI\common\comtypes\util.py
c:\program files\AGI\common\configobj.py
c:\program files\AGI\common\configobj.pyc
c:\program files\AGI\common\dateutil\__init__.py
c:\program files\AGI\common\dateutil\__init__.pyc
c:\program files\AGI\common\dateutil\easter.py
c:\program files\AGI\common\dateutil\parser.py
c:\program files\AGI\common\dateutil\parser.pyc
c:\program files\AGI\common\dateutil\relativedelta.py
c:\program files\AGI\common\dateutil\relativedelta.pyc
c:\program files\AGI\common\dateutil\rrule.py
c:\program files\AGI\common\dateutil\tz.py
c:\program files\AGI\common\dateutil\tz.pyc
c:\program files\AGI\common\dateutil\tzwin.py
c:\program files\AGI\common\dateutil\tzwin.pyc
c:\program files\AGI\common\dateutil\zoneinfo\__init__.py
c:\program files\AGI\common\dateutil\zoneinfo\zoneinfo-2005q.tar.gz
c:\program files\AGI\common\dependencies.zip
c:\program files\AGI\common\pyagcore\__init__.pyc
c:\program files\AGI\common\pyagcore\agservice.pyc
c:\program files\AGI\common\pyagcore\config\__init__.pyc
c:\program files\AGI\common\pyagcore\config\appconfig.pyc
c:\program files\AGI\common\pyagcore\config\config.pyc
c:\program files\AGI\common\pyagcore\cookieutil.pyc
c:\program files\AGI\common\pyagcore\install\__init__.pyc
c:\program files\AGI\common\pyagcore\install\agcustomactions.pyc
c:\program files\AGI\common\pyagcore\install\appupdate.pyc
c:\program files\AGI\common\pyagcore\install\autoupdate.pyc
c:\program files\AGI\common\pyagcore\install\dependency\__init__.pyc
c:\program files\AGI\common\pyagcore\install\dependency\KiweeToolbar.pyc
c:\program files\AGI\common\pyagcore\install\dependencychecker.pyc
c:\program files\AGI\common\pyagcore\install\dependencythread.pyc
c:\program files\AGI\common\pyagcore\install\installers\__init__.pyc
c:\program files\AGI\common\pyagcore\install\installers\KiweeToolbar.pyc
c:\program files\AGI\common\pyagcore\install\installers\WebshotsDesktop.pyc
c:\program files\AGI\common\pyagcore\install\installers\WebshotsToolbar.pyc
c:\program files\AGI\common\pyagcore\install\installutil.pyc
c:\program files\AGI\common\pyagcore\install\pythonchecker.pyc
c:\program files\AGI\common\pyagcore\install\windows.pyc
c:\program files\AGI\common\pyagcore\installer.pyc
c:\program files\AGI\common\pyagcore\lilw\__init__.pyc
c:\program files\AGI\common\pyagcore\lilw\AGCoreLib.pyc
c:\program files\AGI\common\pyagcore\lilw\lilw.tlb
c:\program files\AGI\common\pyagcore\lilw\lilwconfig.pyc
c:\program files\AGI\common\pyagcore\lilw\lilwsearchdetection.pyc
c:\program files\AGI\common\pyagcore\lilw\lilwsearchhook.pyc
c:\program files\AGI\common\pyagcore\logwrangler.pyc
c:\program files\AGI\common\pyagcore\msiecookiejar.pyc
c:\program files\AGI\common\pyagcore\process\__init__.pyc
c:\program files\AGI\common\pyagcore\process\winprocess.pyc
c:\program files\AGI\common\pyagcore\protection\__init__.pyc
c:\program files\AGI\common\pyagcore\protection\agimonitor.pyc
c:\program files\AGI\common\pyagcore\protection\monitor.pyc
c:\program files\AGI\common\pyagcore\protection\protection.pyc
c:\program files\AGI\common\pyagcore\regspy.pyc
c:\program files\AGI\common\pyagcore\regutil.pyc
c:\program files\AGI\common\pyagcore\search\__init__.pyc
c:\program files\AGI\common\pyagcore\search\algorithm\__init__.pyc
c:\program files\AGI\common\pyagcore\search\iesearchprotection.pyc
c:\program files\AGI\common\pyagcore\search\provider\__init__.pyc
c:\program files\AGI\common\pyagcore\search\provider\MSN.pyc
c:\program files\AGI\common\pyagcore\search\searchdetection.pyc
c:\program files\AGI\common\pyagcore\search\searchgenerator.pyc
c:\program files\AGI\common\pyagcore\search\searchprotection.pyc
c:\program files\AGI\common\pyagcore\search\urlprotect.pyc
c:\program files\AGI\common\pyagcore\setenv.pyc
c:\program files\AGI\common\pyagcore\uiutil.pyc
c:\program files\AGI\common\pyagcore\updateui.pyc
c:\program files\AGI\common\pyagcore\urlutil.pyc
c:\program files\AGI\common\pyagcore\versionnumber.pyc
c:\program files\AGI\common\pythoncom.py
c:\program files\AGI\common\pythoncom.pyc
c:\program files\AGI\common\validate.py
c:\program files\AGI\common\win32\_win32sysloader.pyd
c:\program files\AGI\common\win32\_winxptheme.pyd
c:\program files\AGI\common\win32\dbi.pyd
c:\program files\AGI\common\win32\lib\afxres.py
c:\program files\AGI\common\win32\lib\commctrl.py
c:\program files\AGI\common\win32\lib\mmsystem.py
c:\program files\AGI\common\win32\lib\netbios.py
c:\program files\AGI\common\win32\lib\ntsecuritycon.py
c:\program files\AGI\common\win32\lib\ntsecuritycon.pyc
c:\program files\AGI\common\win32\lib\pywintypes.py
c:\program files\AGI\common\win32\lib\pywintypes.pyc
c:\program files\AGI\common\win32\lib\rasutil.py
c:\program files\AGI\common\win32\lib\regcheck.py
c:\program files\AGI\common\win32\lib\regutil.py
c:\program files\AGI\common\win32\lib\sspi.py
c:\program files\AGI\common\win32\lib\sspicon.py
c:\program files\AGI\common\win32\lib\win32con.py
c:\program files\AGI\common\win32\lib\win32con.pyc
c:\program files\AGI\common\win32\lib\win32cryptcon.py
c:\program files\AGI\common\win32\lib\win32evtlogutil.py
c:\program files\AGI\common\win32\lib\win32gui_struct.py
c:\program files\AGI\common\win32\lib\win32inetcon.py
c:\program files\AGI\common\win32\lib\win32netcon.py
c:\program files\AGI\common\win32\lib\win32pdhquery.py
c:\program files\AGI\common\win32\lib\win32pdhutil.py
c:\program files\AGI\common\win32\lib\win32pdhutil.pyc
c:\program files\AGI\common\win32\lib\win32rcparser.py
c:\program files\AGI\common\win32\lib\win32serviceutil.py
c:\program files\AGI\common\win32\lib\win32serviceutil.pyc
c:\program files\AGI\common\win32\lib\win32timezone.py
c:\program files\AGI\common\win32\lib\win32traceutil.py
c:\program files\AGI\common\win32\lib\win32verstamp.py
c:\program files\AGI\common\win32\lib\winerror.py
c:\program files\AGI\common\win32\lib\winerror.pyc
c:\program files\AGI\common\win32\lib\winioctlcon.py
c:\program files\AGI\common\win32\lib\winnt.py
c:\program files\AGI\common\win32\lib\winperf.py
c:\program files\AGI\common\win32\lib\winxptheme.py
c:\program files\AGI\common\win32\license.txt
c:\program files\AGI\common\win32\mmapfile.pyd
c:\program files\AGI\common\win32\odbc.pyd
c:\program files\AGI\common\win32\perfmon.pyd
c:\program files\AGI\common\win32\perfmondata.dll
c:\program files\AGI\common\win32\pythonservice.exe
c:\program files\AGI\common\win32\scripts\backupEventLog.py
c:\program files\AGI\common\win32\scripts\ControlService.py
c:\program files\AGI\common\win32\scripts\killProcName.py
c:\program files\AGI\common\win32\scripts\rasutil.py
c:\program files\AGI\common\win32\scripts\regsetup.py
c:\program files\AGI\common\win32\scripts\setup_d.py
c:\program files\AGI\common\win32\servicemanager.pyd
c:\program files\AGI\common\win32\timer.pyd
c:\program files\AGI\common\win32\win2kras.pyd
c:\program files\AGI\common\win32\win32api.pyd
c:\program files\AGI\common\win32\win32clipboard.pyd
c:\program files\AGI\common\win32\win32console.pyd
c:\program files\AGI\common\win32\win32cred.pyd
c:\program files\AGI\common\win32\win32crypt.pyd
c:\program files\AGI\common\win32\win32event.pyd
c:\program files\AGI\common\win32\win32evtlog.pyd
c:\program files\AGI\common\win32\win32file.pyd
c:\program files\AGI\common\win32\win32gui.pyd
c:\program files\AGI\common\win32\win32help.pyd
c:\program files\AGI\common\win32\win32inet.pyd
c:\program files\AGI\common\win32\win32job.pyd
c:\program files\AGI\common\win32\win32lz.pyd
c:\program files\AGI\common\win32\win32net.pyd
c:\program files\AGI\common\win32\win32pdh.pyd
c:\program files\AGI\common\win32\win32pipe.pyd
c:\program files\AGI\common\win32\win32popenWin9x.exe
c:\program files\AGI\common\win32\win32print.pyd
c:\program files\AGI\common\win32\win32process.pyd
c:\program files\AGI\common\win32\win32profile.pyd
c:\program files\AGI\common\win32\win32ras.pyd
c:\program files\AGI\common\win32\win32security.pyd
c:\program files\AGI\common\win32\win32service.pyd
c:\program files\AGI\common\win32\win32trace.pyd
c:\program files\AGI\common\win32\win32transaction.pyd
c:\program files\AGI\common\win32\win32ts.pyd
c:\program files\AGI\common\win32\win32wnet.pyd
c:\program files\AGI\common\win32\winxpgui.pyd
c:\program files\AGI\common\win32com\__init__.py
c:\program files\AGI\common\win32com\__init__.pyc
c:\program files\AGI\common\win32com\client\__init__.py
c:\program files\AGI\common\win32com\client\build.py
c:\program files\AGI\common\win32com\client\CLSIDToClass.py
c:\program files\AGI\common\win32com\client\combrowse.py
c:\program files\AGI\common\win32com\client\connect.py
c:\program files\AGI\common\win32com\client\dynamic.py
c:\program files\AGI\common\win32com\client\gencache.py
c:\program files\AGI\common\win32com\client\genpy.py
c:\program files\AGI\common\win32com\client\makepy.py
c:\program files\AGI\common\win32com\client\selecttlb.py
c:\program files\AGI\common\win32com\client\tlbrowse.py
c:\program files\AGI\common\win32com\client\util.py
c:\program files\AGI\common\win32com\decimal_23.py
c:\program files\AGI\common\win32com\License.txt
c:\program files\AGI\common\win32com\olectl.py
c:\program files\AGI\common\win32com\readme.htm
c:\program files\AGI\common\win32com\server\__init__.py
c:\program files\AGI\common\win32com\server\connect.py
c:\program files\AGI\common\win32com\server\dispatcher.py
c:\program files\AGI\common\win32com\server\exception.py
c:\program files\AGI\common\win32com\server\factory.py
c:\program files\AGI\common\win32com\server\localserver.py
c:\program files\AGI\common\win32com\server\policy.py
c:\program files\AGI\common\win32com\server\register.py
c:\program files\AGI\common\win32com\server\util.py
c:\program files\AGI\common\win32com\storagecon.py
c:\program files\AGI\common\win32com\universal.py
c:\program files\AGI\common\win32com\util.py
c:\program files\AGI\common\win32comext\adsi\__init__.py
c:\program files\AGI\common\win32comext\adsi\adsi.pyd
c:\program files\AGI\common\win32comext\adsi\adsicon.py
c:\program files\AGI\common\win32comext\authorization\__init__.py
c:\program files\AGI\common\win32comext\authorization\authorization.pyd
c:\program files\AGI\common\win32comext\axcontrol\__init__.py
c:\program files\AGI\common\win32comext\axcontrol\axcontrol.pyd
c:\program files\AGI\common\win32comext\shell\__init__.py
c:\program files\AGI\common\win32comext\shell\__init__.pyc
c:\program files\AGI\common\win32comext\shell\shell.pyd
c:\program files\AGI\common\win32comext\shell\shellcon.py
c:\program files\AGI\common\win32comext\shell\shellcon.pyc
c:\program files\AGI\common\windows.zip
c:\program files\AGI\Python25\DLLs\_ctypes.pyd
c:\program files\AGI\Python25\DLLs\_ctypes_test.pyd
c:\program files\AGI\Python25\DLLs\_elementtree.pyd
c:\program files\AGI\Python25\DLLs\_hashlib.pyd
c:\program files\AGI\Python25\DLLs\_msi.pyd
c:\program files\AGI\Python25\DLLs\_socket.pyd
c:\program files\AGI\Python25\DLLs\_ssl.pyd
c:\program files\AGI\Python25\DLLs\bz2.pyd
c:\program files\AGI\Python25\DLLs\py.ico
c:\program files\AGI\Python25\DLLs\pyc.ico
c:\program files\AGI\Python25\DLLs\pyexpat.pyd
c:\program files\AGI\Python25\DLLs\select.pyd
c:\program files\AGI\Python25\DLLs\unicodedata.pyd
c:\program files\AGI\Python25\DLLs\winsound.pyd
c:\program files\AGI\Python25\Lib\__future__.py
c:\program files\AGI\Python25\Lib\__future__.pyc
c:\program files\AGI\Python25\Lib\__phello__.foo.py
c:\program files\AGI\Python25\Lib\_LWPCookieJar.py
c:\program files\AGI\Python25\Lib\_LWPCookieJar.pyc
c:\program files\AGI\Python25\Lib\_MozillaCookieJar.py
c:\program files\AGI\Python25\Lib\_MozillaCookieJar.pyc
c:\program files\AGI\Python25\Lib\_strptime.py
c:\program files\AGI\Python25\Lib\_threading_local.py
c:\program files\AGI\Python25\Lib\aifc.py
c:\program files\AGI\Python25\Lib\anydbm.py
c:\program files\AGI\Python25\Lib\asynchat.py
c:\program files\AGI\Python25\Lib\asyncore.py
c:\program files\AGI\Python25\Lib\atexit.py
c:\program files\AGI\Python25\Lib\atexit.pyc
c:\program files\AGI\Python25\Lib\audiodev.py
c:\program files\AGI\Python25\Lib\base64.py
c:\program files\AGI\Python25\Lib\base64.pyc
c:\program files\AGI\Python25\Lib\BaseHTTPServer.py
c:\program files\AGI\Python25\Lib\Bastion.py
c:\program files\AGI\Python25\Lib\bdb.py
c:\program files\AGI\Python25\Lib\binhex.py
c:\program files\AGI\Python25\Lib\bisect.py
c:\program files\AGI\Python25\Lib\bisect.pyc
c:\program files\AGI\Python25\Lib\calendar.py
c:\program files\AGI\Python25\Lib\calendar.pyc
c:\program files\AGI\Python25\Lib\cgi.py
c:\program files\AGI\Python25\Lib\cgi.pyc
c:\program files\AGI\Python25\Lib\CGIHTTPServer.py
c:\program files\AGI\Python25\Lib\cgitb.py
c:\program files\AGI\Python25\Lib\chunk.py
c:\program files\AGI\Python25\Lib\cmd.py
c:\program files\AGI\Python25\Lib\code.py
c:\program files\AGI\Python25\Lib\codecs.py
c:\program files\AGI\Python25\Lib\codecs.pyc
c:\program files\AGI\Python25\Lib\codeop.py
c:\program files\AGI\Python25\Lib\colorsys.py
c:\program files\AGI\Python25\Lib\commands.py
c:\program files\AGI\Python25\Lib\compileall.py
c:\program files\AGI\Python25\Lib\compiler\__init__.py
c:\program files\AGI\Python25\Lib\compiler\__init__.pyc
c:\program files\AGI\Python25\Lib\compiler\ast.py
c:\program files\AGI\Python25\Lib\compiler\ast.pyc
c:\program files\AGI\Python25\Lib\compiler\consts.py
c:\program files\AGI\Python25\Lib\compiler\consts.pyc
c:\program files\AGI\Python25\Lib\compiler\future.py
c:\program files\AGI\Python25\Lib\compiler\future.pyc
c:\program files\AGI\Python25\Lib\compiler\misc.py
c:\program files\AGI\Python25\Lib\compiler\misc.pyc
c:\program files\AGI\Python25\Lib\compiler\pyassem.py
c:\program files\AGI\Python25\Lib\compiler\pyassem.pyc
c:\program files\AGI\Python25\Lib\compiler\pycodegen.py
c:\program files\AGI\Python25\Lib\compiler\pycodegen.pyc
c:\program files\AGI\Python25\Lib\compiler\symbols.py
c:\program files\AGI\Python25\Lib\compiler\symbols.pyc
c:\program files\AGI\Python25\Lib\compiler\syntax.py
c:\program files\AGI\Python25\Lib\compiler\syntax.pyc
c:\program files\AGI\Python25\Lib\compiler\transformer.py
c:\program files\AGI\Python25\Lib\compiler\transformer.pyc
c:\program files\AGI\Python25\Lib\compiler\visitor.py
c:\program files\AGI\Python25\Lib\compiler\visitor.pyc
c:\program files\AGI\Python25\Lib\ConfigParser.py
c:\program files\AGI\Python25\Lib\contextlib.py
c:\program files\AGI\Python25\Lib\Cookie.py
c:\program files\AGI\Python25\Lib\cookielib.py
c:\program files\AGI\Python25\Lib\cookielib.pyc
c:\program files\AGI\Python25\Lib\copy.py
c:\program files\AGI\Python25\Lib\copy.pyc
c:\program files\AGI\Python25\Lib\copy_reg.py
c:\program files\AGI\Python25\Lib\copy_reg.pyc
c:\program files\AGI\Python25\Lib\cProfile.py
c:\program files\AGI\Python25\Lib\csv.py
c:\program files\AGI\Python25\Lib\ctypes\__init__.py
c:\program files\AGI\Python25\Lib\ctypes\__init__.pyc
c:\program files\AGI\Python25\Lib\ctypes\_endian.py
c:\program files\AGI\Python25\Lib\ctypes\_endian.pyc
c:\program files\AGI\Python25\Lib\ctypes\util.py
c:\program files\AGI\Python25\Lib\ctypes\util.pyc
c:\program files\AGI\Python25\Lib\ctypes\wintypes.py
c:\program files\AGI\Python25\Lib\ctypes\wintypes.pyc
c:\program files\AGI\Python25\Lib\dbhash.py
c:\program files\AGI\Python25\Lib\decimal.py
c:\program files\AGI\Python25\Lib\decimal.pyc
c:\program files\AGI\Python25\Lib\difflib.py
c:\program files\AGI\Python25\Lib\dircache.py
c:\program files\AGI\Python25\Lib\dis.py
c:\program files\AGI\Python25\Lib\dis.pyc
c:\program files\AGI\Python25\Lib\doctest.py
c:\program files\AGI\Python25\Lib\DocXMLRPCServer.py
c:\program files\AGI\Python25\Lib\dumbdbm.py
c:\program files\AGI\Python25\Lib\dummy_thread.py
c:\program files\AGI\Python25\Lib\dummy_threading.py
c:\program files\AGI\Python25\Lib\email\__init__.py
c:\program files\AGI\Python25\Lib\email\_parseaddr.py
c:\program files\AGI\Python25\Lib\email\base64mime.py
c:\program files\AGI\Python25\Lib\email\charset.py
c:\program files\AGI\Python25\Lib\email\encoders.py
c:\program files\AGI\Python25\Lib\email\errors.py
c:\program files\AGI\Python25\Lib\email\feedparser.py
c:\program files\AGI\Python25\Lib\email\generator.py
c:\program files\AGI\Python25\Lib\email\header.py
c:\program files\AGI\Python25\Lib\email\iterators.py
c:\program files\AGI\Python25\Lib\email\message.py
c:\program files\AGI\Python25\Lib\email\mime\__init__.py
c:\program files\AGI\Python25\Lib\email\mime\application.py
c:\program files\AGI\Python25\Lib\email\mime\audio.py
c:\program files\AGI\Python25\Lib\email\mime\base.py
c:\program files\AGI\Python25\Lib\email\mime\image.py
c:\program files\AGI\Python25\Lib\email\mime\message.py
c:\program files\AGI\Python25\Lib\email\mime\multipart.py
c:\program files\AGI\Python25\Lib\email\mime\nonmultipart.py
c:\program files\AGI\Python25\Lib\email\mime\text.py
c:\program files\AGI\Python25\Lib\email\parser.py
c:\program files\AGI\Python25\Lib\email\quoprimime.py
c:\program files\AGI\Python25\Lib\email\utils.py
c:\program files\AGI\Python25\Lib\encodings\__init__.py
c:\program files\AGI\Python25\Lib\encodings\__init__.pyc
c:\program files\AGI\Python25\Lib\encodings\aliases.py
c:\program files\AGI\Python25\Lib\encodings\aliases.pyc
c:\program files\AGI\Python25\Lib\encodings\ascii.py
c:\program files\AGI\Python25\Lib\encodings\ascii.pyc
c:\program files\AGI\Python25\Lib\encodings\base64_codec.py
c:\program files\AGI\Python25\Lib\encodings\big5.py
c:\program files\AGI\Python25\Lib\encodings\big5hkscs.py
c:\program files\AGI\Python25\Lib\encodings\bz2_codec.py
c:\program files\AGI\Python25\Lib\encodings\charmap.py
c:\program files\AGI\Python25\Lib\encodings\cp037.py
c:\program files\AGI\Python25\Lib\encodings\cp1006.py
c:\program files\AGI\Python25\Lib\encodings\cp1026.py
c:\program files\AGI\Python25\Lib\encodings\cp1140.py
c:\program files\AGI\Python25\Lib\encodings\cp1250.py
c:\program files\AGI\Python25\Lib\encodings\cp1251.py
c:\program files\AGI\Python25\Lib\encodings\cp1252.py
c:\program files\AGI\Python25\Lib\encodings\cp1252.pyc
c:\program files\AGI\Python25\Lib\encodings\cp1253.py
c:\program files\AGI\Python25\Lib\encodings\cp1254.py
c:\program files\AGI\Python25\Lib\encodings\cp1255.py
c:\program files\AGI\Python25\Lib\encodings\cp1256.py
c:\program files\AGI\Python25\Lib\encodings\cp1257.py
c:\program files\AGI\Python25\Lib\encodings\cp1258.py
c:\program files\AGI\Python25\Lib\encodings\cp424.py
c:\program files\AGI\Python25\Lib\encodings\cp437.py
c:\program files\AGI\Python25\Lib\encodings\cp500.py
c:\program files\AGI\Python25\Lib\encodings\cp737.py
c:\program files\AGI\Python25\Lib\encodings\cp775.py
c:\program files\AGI\Python25\Lib\encodings\cp850.py
c:\program files\AGI\Python25\Lib\encodings\cp852.py
c:\program files\AGI\Python25\Lib\encodings\cp855.py
c:\program files\AGI\Python25\Lib\encodings\cp856.py
c:\program files\AGI\Python25\Lib\encodings\cp857.py
c:\program files\AGI\Python25\Lib\encodings\cp860.py
c:\program files\AGI\Python25\Lib\encodings\cp861.py
c:\program files\AGI\Python25\Lib\encodings\cp862.py
c:\program files\AGI\Python25\Lib\encodings\cp863.py
c:\program files\AGI\Python25\Lib\encodings\cp864.py
c:\program files\AGI\Python25\Lib\encodings\cp865.py
c:\program files\AGI\Python25\Lib\encodings\cp866.py
c:\program files\AGI\Python25\Lib\encodings\cp869.py
c:\program files\AGI\Python25\Lib\encodings\cp874.py
c:\program files\AGI\Python25\Lib\encodings\cp875.py
c:\program files\AGI\Python25\Lib\encodings\cp932.py
c:\program files\AGI\Python25\Lib\encodings\cp949.py
c:\program files\AGI\Python25\Lib\encodings\cp950.py
c:\program files\AGI\Python25\Lib\encodings\euc_jis_2004.py
c:\program files\AGI\Python25\Lib\encodings\euc_jisx0213.py
c:\program files\AGI\Python25\Lib\encodings\euc_jp.py
c:\program files\AGI\Python25\Lib\encodings\euc_kr.py
c:\program files\AGI\Python25\Lib\encodings\gb18030.py
c:\program files\AGI\Python25\Lib\encodings\gb2312.py
c:\program files\AGI\Python25\Lib\encodings\gbk.py
c:\program files\AGI\Python25\Lib\encodings\hex_codec.py
c:\program files\AGI\Python25\Lib\encodings\hp_roman8.py
c:\program files\AGI\Python25\Lib\encodings\hz.py
c:\program files\AGI\Python25\Lib\encodings\idna.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_1.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_2.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_2004.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_3.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_ext.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_kr.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_1.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_10.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_11.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_13.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_14.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_15.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_16.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_2.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_3.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_4.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_5.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_6.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_7.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_8.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_9.py
c:\program files\AGI\Python25\Lib\encodings\johab.py
c:\program files\AGI\Python25\Lib\encodings\koi8_r.py
c:\program files\AGI\Python25\Lib\encodings\koi8_u.py
c:\program files\AGI\Python25\Lib\encodings\latin_1.py
c:\program files\AGI\Python25\Lib\encodings\mac_arabic.py
c:\program files\AGI\Python25\Lib\encodings\mac_centeuro.py
c:\program files\AGI\Python25\Lib\encodings\mac_croatian.py
c:\program files\AGI\Python25\Lib\encodings\mac_cyrillic.py
c:\program files\AGI\Python25\Lib\encodings\mac_farsi.py
c:\program files\AGI\Python25\Lib\encodings\mac_greek.py
c:\program files\AGI\Python25\Lib\encodings\mac_iceland.py
c:\program files\AGI\Python25\Lib\encodings\mac_latin2.py
c:\program files\AGI\Python25\Lib\encodings\mac_roman.py
c:\program files\AGI\Python25\Lib\encodings\mac_romanian.py
c:\program files\AGI\Python25\Lib\encodings\mac_turkish.py
c:\program files\AGI\Python25\Lib\encodings\mbcs.py
c:\program files\AGI\Python25\Lib\encodings\palmos.py
c:\program files\AGI\Python25\Lib\encodings\ptcp154.py
c:\program files\AGI\Python25\Lib\encodings\punycode.py
c:\program files\AGI\Python25\Lib\encodings\quopri_codec.py
c:\program files\AGI\Python25\Lib\encodings\raw_unicode_escape.py
c:\program files\AGI\Python25\Lib\encodings\rot_13.py
c:\program files\AGI\Python25\Lib\encodings\shift_jis.py
c:\program files\AGI\Python25\Lib\encodings\shift_jis_2004.py
c:\program files\AGI\Python25\Lib\encodings\shift_jisx0213.py
c:\program files\AGI\Python25\Lib\encodings\string_escape.py
c:\program files\AGI\Python25\Lib\encodings\string_escape.pyc
c:\program files\AGI\Python25\Lib\encodings\tis_620.py
c:\program files\AGI\Python25\Lib\encodings\undefined.py
c:\program files\AGI\Python25\Lib\encodings\unicode_escape.py
c:\program files\AGI\Python25\Lib\encodings\unicode_internal.py
c:\program files\AGI\Python25\Lib\encodings\utf_16.py
c:\program files\AGI\Python25\Lib\encodings\utf_16_be.py
c:\program files\AGI\Python25\Lib\encodings\utf_16_le.py
c:\program files\AGI\Python25\Lib\encodings\utf_7.py
c:\program files\AGI\Python25\Lib\encodings\utf_8.py
c:\program files\AGI\Python25\Lib\encodings\utf_8.pyc
c:\program files\AGI\Python25\Lib\encodings\utf_8_sig.py
c:\program files\AGI\Python25\Lib\encodings\uu_codec.py
c:\program files\AGI\Python25\Lib\encodings\zlib_codec.py
c:\program files\AGI\Python25\Lib\filecmp.py
c:\program files\AGI\Python25\Lib\fileinput.py
c:\program files\AGI\Python25\Lib\fnmatch.py
c:\program files\AGI\Python25\Lib\fnmatch.pyc
c:\program files\AGI\Python25\Lib\formatter.py
c:\program files\AGI\Python25\Lib\fpformat.py
c:\program files\AGI\Python25\Lib\ftplib.py
c:\program files\AGI\Python25\Lib\functools.py
c:\program files\AGI\Python25\Lib\getopt.py
c:\program files\AGI\Python25\Lib\getpass.py
c:\program files\AGI\Python25\Lib\gettext.py
c:\program files\AGI\Python25\Lib\gettext.pyc
c:\program files\AGI\Python25\Lib\glob.py
c:\program files\AGI\Python25\Lib\glob.pyc
c:\program files\AGI\Python25\Lib\gopherlib.py
c:\program files\AGI\Python25\Lib\gzip.py
c:\program files\AGI\Python25\Lib\hashlib.py
c:\program files\AGI\Python25\Lib\hashlib.pyc
c:\program files\AGI\Python25\Lib\heapq.py
c:\program files\AGI\Python25\Lib\hmac.py
c:\program files\AGI\Python25\Lib\hotshot\__init__.py
c:\program files\AGI\Python25\Lib\hotshot\log.py
c:\program files\AGI\Python25\Lib\hotshot\stats.py
c:\program files\AGI\Python25\Lib\hotshot\stones.py
c:\program files\AGI\Python25\Lib\htmlentitydefs.py
c:\program files\AGI\Python25\Lib\htmllib.py
c:\program files\AGI\Python25\Lib\HTMLParser.py
c:\program files\AGI\Python25\Lib\httplib.py
c:\program files\AGI\Python25\Lib\httplib.pyc
c:\program files\AGI\Python25\Lib\ihooks.py
c:\program files\AGI\Python25\Lib\imaplib.py
c:\program files\AGI\Python25\Lib\imghdr.py
c:\program files\AGI\Python25\Lib\imputil.py
c:\program files\AGI\Python25\Lib\inspect.py
c:\program files\AGI\Python25\Lib\keyword.py
c:\program files\AGI\Python25\Lib\linecache.py
c:\program files\AGI\Python25\Lib\linecache.pyc
c:\program files\AGI\Python25\Lib\locale.py
c:\program files\AGI\Python25\Lib\locale.pyc
c:\program files\AGI\Python25\Lib\logging\__init__.py
c:\program files\AGI\Python25\Lib\logging\__init__.pyc
c:\program files\AGI\Python25\Lib\logging\config.py
c:\program files\AGI\Python25\Lib\logging\handlers.py
c:\program files\AGI\Python25\Lib\logging\handlers.pyc
c:\program files\AGI\Python25\Lib\macpath.py
c:\program files\AGI\Python25\Lib\macurl2path.py
c:\program files\AGI\Python25\Lib\mailbox.py
c:\program files\AGI\Python25\Lib\mailcap.py
c:\program files\AGI\Python25\Lib\markupbase.py
c:\program files\AGI\Python25\Lib\md5.py
c:\program files\AGI\Python25\Lib\mhlib.py
c:\program files\AGI\Python25\Lib\mimetools.py
c:\program files\AGI\Python25\Lib\mimetools.pyc
c:\program files\AGI\Python25\Lib\mimetypes.py
c:\program files\AGI\Python25\Lib\MimeWriter.py
c:\program files\AGI\Python25\Lib\mimify.py
c:\program files\AGI\Python25\Lib\modulefinder.py
c:\program files\AGI\Python25\Lib\multifile.py
c:\program files\AGI\Python25\Lib\mutex.py
c:\program files\AGI\Python25\Lib\netrc.py
c:\program files\AGI\Python25\Lib\new.py
c:\program files\AGI\Python25\Lib\new.pyc
c:\program files\AGI\Python25\Lib\nntplib.py
c:\program files\AGI\Python25\Lib\ntpath.py
c:\program files\AGI\Python25\Lib\ntpath.pyc
c:\program files\AGI\Python25\Lib\nturl2path.py
c:\program files\AGI\Python25\Lib\nturl2path.pyc
c:\program files\AGI\Python25\Lib\opcode.py
c:\program files\AGI\Python25\Lib\opcode.pyc
c:\program files\AGI\Python25\Lib\optparse.py
c:\program files\AGI\Python25\Lib\optparse.pyc
c:\program files\AGI\Python25\Lib\os.py
c:\program files\AGI\Python25\Lib\os.pyc
c:\program files\AGI\Python25\Lib\os2emxpath.py
c:\program files\AGI\Python25\Lib\pdb.py
c:\program files\AGI\Python25\Lib\pickle.py
c:\program files\AGI\Python25\Lib\pickle.pyc
c:\program files\AGI\Python25\Lib\pickletools.py
c:\program files\AGI\Python25\Lib\pipes.py
c:\program files\AGI\Python25\Lib\pkgutil.py
c:\program files\AGI\Python25\Lib\platform.py
c:\program files\AGI\Python25\Lib\popen2.py
c:\program files\AGI\Python25\Lib\poplib.py
c:\program files\AGI\Python25\Lib\posixfile.py
c:\program files\AGI\Python25\Lib\posixpath.py
c:\program files\AGI\Python25\Lib\posixpath.pyc
c:\program files\AGI\Python25\Lib\pprint.py
c:\program files\AGI\Python25\Lib\profile.py
c:\program files\AGI\Python25\Lib\pstats.py
c:\program files\AGI\Python25\Lib\pty.py
c:\program files\AGI\Python25\Lib\py_compile.py
c:\program files\AGI\Python25\Lib\pyclbr.py
c:\program files\AGI\Python25\Lib\pydoc.py
c:\program files\AGI\Python25\Lib\Queue.py
c:\program files\AGI\Python25\Lib\quopri.py
c:\program files\AGI\Python25\Lib\random.py
c:\program files\AGI\Python25\Lib\random.pyc
c:\program files\AGI\Python25\Lib\re.py
c:\program files\AGI\Python25\Lib\re.pyc
c:\program files\AGI\Python25\Lib\repr.py
c:\program files\AGI\Python25\Lib\rexec.py
c:\program files\AGI\Python25\Lib\rfc822.py
c:\program files\AGI\Python25\Lib\rfc822.pyc
c:\program files\AGI\Python25\Lib\rlcompleter.py
c:\program files\AGI\Python25\Lib\robotparser.py
c:\program files\AGI\Python25\Lib\runpy.py
c:\program files\AGI\Python25\Lib\sched.py
c:\program files\AGI\Python25\Lib\sets.py
c:\program files\AGI\Python25\Lib\sgmllib.py
c:\program files\AGI\Python25\Lib\sha.py
c:\program files\AGI\Python25\Lib\shelve.py
c:\program files\AGI\Python25\Lib\shlex.py
c:\program files\AGI\Python25\Lib\shutil.py
c:\program files\AGI\Python25\Lib\shutil.pyc
c:\program files\AGI\Python25\Lib\SimpleHTTPServer.py
c:\program files\AGI\Python25\Lib\SimpleXMLRPCServer.py
c:\program files\AGI\Python25\Lib\site.py
c:\program files\AGI\Python25\Lib\site.pyc
c:\program files\AGI\Python25\Lib\smtpd.py
c:\program files\AGI\Python25\Lib\smtplib.py
c:\program files\AGI\Python25\Lib\sndhdr.py
c:\program files\AGI\Python25\Lib\socket.py
c:\program files\AGI\Python25\Lib\socket.pyc
c:\program files\AGI\Python25\Lib\SocketServer.py
c:\program files\AGI\Python25\Lib\sre.py
c:\program files\AGI\Python25\Lib\sre_compile.py
c:\program files\AGI\Python25\Lib\sre_compile.pyc
c:\program files\AGI\Python25\Lib\sre_constants.py
c:\program files\AGI\Python25\Lib\sre_constants.pyc
c:\program files\AGI\Python25\Lib\sre_parse.py
c:\program files\AGI\Python25\Lib\sre_parse.pyc
c:\program files\AGI\Python25\Lib\stat.py
c:\program files\AGI\Python25\Lib\stat.pyc
c:\program files\AGI\Python25\Lib\statvfs.py
c:\program files\AGI\Python25\Lib\string.py
c:\program files\AGI\Python25\Lib\string.pyc
c:\program files\AGI\Python25\Lib\StringIO.py
c:\program files\AGI\Python25\Lib\StringIO.pyc
c:\program files\AGI\Python25\Lib\stringold.py
c:\program files\AGI\Python25\Lib\stringprep.py
c:\program files\AGI\Python25\Lib\struct.py
c:\program files\AGI\Python25\Lib\struct.pyc
c:\program files\AGI\Python25\Lib\subprocess.py
c:\program files\AGI\Python25\Lib\subprocess.pyc
c:\program files\AGI\Python25\Lib\sunau.py
c:\program files\AGI\Python25\Lib\sunaudio.py
c:\program files\AGI\Python25\Lib\symbol.py
c:\program files\AGI\Python25\Lib\symbol.pyc
c:\program files\AGI\Python25\Lib\symtable.py
c:\program files\AGI\Python25\Lib\tabnanny.py
c:\program files\AGI\Python25\Lib\tarfile.py
c:\program files\AGI\Python25\Lib\telnetlib.py
c:\program files\AGI\Python25\Lib\tempfile.py
c:\program files\AGI\Python25\Lib\tempfile.pyc
c:\program files\AGI\Python25\Lib\textwrap.py
c:\program files\AGI\Python25\Lib\textwrap.pyc
c:\program files\AGI\Python25\Lib\this.py
c:\program files\AGI\Python25\Lib\threading.py
c:\program files\AGI\Python25\Lib\threading.pyc
c:\program files\AGI\Python25\Lib\timeit.py
c:\program files\AGI\Python25\Lib\toaiff.py
c:\program files\AGI\Python25\Lib\token.py
c:\program files\AGI\Python25\Lib\token.pyc
c:\program files\AGI\Python25\Lib\tokenize.py
c:\program files\AGI\Python25\Lib\trace.py
c:\program files\AGI\Python25\Lib\traceback.py
c:\program files\AGI\Python25\Lib\traceback.pyc
c:\program files\AGI\Python25\Lib\tty.py
c:\program files\AGI\Python25\Lib\types.py
c:\program files\AGI\Python25\Lib\types.pyc
c:\program files\AGI\Python25\Lib\unittest.py
c:\program files\AGI\Python25\Lib\urllib.py
c:\program files\AGI\Python25\Lib\urllib.pyc
c:\program files\AGI\Python25\Lib\urllib2.py
c:\program files\AGI\Python25\Lib\urllib2.pyc
c:\program files\AGI\Python25\Lib\urlparse.py
c:\program files\AGI\Python25\Lib\urlparse.pyc
c:\program files\AGI\Python25\Lib\user.py
c:\program files\AGI\Python25\Lib\UserDict.py
c:\program files\AGI\Python25\Lib\UserDict.pyc
c:\program files\AGI\Python25\Lib\UserList.py
c:\program files\AGI\Python25\Lib\UserString.py
c:\program files\AGI\Python25\Lib\uu.py
c:\program files\AGI\Python25\Lib\uuid.py
c:\program files\AGI\Python25\Lib\uuid.pyc
c:\program files\AGI\Python25\Lib\warnings.py
c:\program files\AGI\Python25\Lib\warnings.pyc
c:\program files\AGI\Python25\Lib\wave.py
c:\program files\AGI\Python25\Lib\weakref.py
c:\program files\AGI\Python25\Lib\weakref.pyc
c:\program files\AGI\Python25\Lib\webbrowser.py
c:\program files\AGI\Python25\Lib\whichdb.py
c:\program files\AGI\Python25\Lib\xdrlib.py
c:\program files\AGI\Python25\Lib\xml\__init__.py
c:\program files\AGI\Python25\Lib\xml\__init__.pyc
c:\program files\AGI\Python25\Lib\xml\dom\__init__.py
c:\program files\AGI\Python25\Lib\xml\dom\domreg.py
c:\program files\AGI\Python25\Lib\xml\dom\expatbuilder.py
c:\program files\AGI\Python25\Lib\xml\dom\minicompat.py
c:\program files\AGI\Python25\Lib\xml\dom\minidom.py
c:\program files\AGI\Python25\Lib\xml\dom\NodeFilter.py
c:\program files\AGI\Python25\Lib\xml\dom\pulldom.py
c:\program files\AGI\Python25\Lib\xml\dom\xmlbuilder.py
c:\program files\AGI\Python25\Lib\xml\etree\__init__.py
c:\program files\AGI\Python25\Lib\xml\etree\__init__.pyc
c:\program files\AGI\Python25\Lib\xml\etree\cElementTree.py
c:\program files\AGI\Python25\Lib\xml\etree\cElementTree.pyc
c:\program files\AGI\Python25\Lib\xml\etree\ElementInclude.py
c:\program files\AGI\Python25\Lib\xml\etree\ElementPath.py
c:\program files\AGI\Python25\Lib\xml\etree\ElementPath.pyc
c:\program files\AGI\Python25\Lib\xml\etree\ElementTree.py
c:\program files\AGI\Python25\Lib\xml\etree\ElementTree.pyc
c:\program files\AGI\Python25\Lib\xml\parsers\__init__.py
c:\program files\AGI\Python25\Lib\xml\parsers\expat.py
c:\program files\AGI\Python25\Lib\xml\sax\__init__.py
c:\program files\AGI\Python25\Lib\xml\sax\_exceptions.py
c:\program files\AGI\Python25\Lib\xml\sax\expatreader.py
c:\program files\AGI\Python25\Lib\xml\sax\handler.py
c:\program files\AGI\Python25\Lib\xml\sax\saxutils.py
c:\program files\AGI\Python25\Lib\xml\sax\xmlreader.py
c:\program files\AGI\Python25\Lib\xmllib.py
c:\program files\AGI\Python25\Lib\xmlrpclib.py
c:\program files\AGI\Python25\Lib\zipfile.py
c:\program files\AGI\Python25\Lib\zipfile.pyc
c:\program files\AGI\Python25\LICENSE.txt
c:\program files\AGI\Python25\python.exe
c:\program files\AGI\Python25\pythonw.exe
c:\program files\AGI\tmp\installShell.log
c:\program files\AGI\tmp\python25.zip
c:\programdata\AGI
c:\programdata\AGI\config\desktopconfig.cfg
c:\programdata\AGI\config\desktopdata.cfg
c:\programdata\AGI\config\logging.cfg
c:\programdata\AGI\KiweeToolbar\config\appconfig.cfg
c:\programdata\AGI\KiweeToolbar\config\appdata.cfg
c:\programdata\AGI\logs\bootstrapper0.log
c:\users\Pauline\AppData\Roaming\agi
c:\users\Pauline\AppData\Roaming\agi\config\userconfig.cfg
c:\users\Pauline\AppData\Roaming\agi\KiweeToolbar\config\appuserconfig.cfg
c:\users\Pauline\AppData\Roaming\agi\logs\pyagcore.log
c:\windows\system32\SKYNETerrmifpw.dat
c:\windows\system32\SKYNETiobjxenu.dat
c:\windows\system32\SKYNEToxxqxtbs.dat
c:\windows\system32\SKYNETpvpptmky.dll
c:\windows\system32\SKYNETqptuupdn.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-06-05 au 2009-07-05 ))))))))))))))))))))))))))))))))))))
.

2009-07-05 20:02 . 2009-07-05 20:03 -------- d-----w- C:\32788R22FWJFW.0.tmp
2009-07-05 07:04 . 2009-07-05 07:04 -------- d-----w- c:\users\Invité
2009-07-04 22:18 . 2009-07-04 22:18 -------- d-----w- c:\users\Pauline\AppData\Roaming\Samsung
2009-07-04 21:59 . 2007-05-02 09:12 15112 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_wh.sys
2009-07-04 21:59 . 2007-05-02 09:12 109704 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys
2009-07-04 21:59 . 2007-05-02 09:12 83592 ----a-w- c:\windows\system32\drivers\ssm_bus.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cm.sys
2009-07-04 21:58 . 2009-07-04 22:39 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-07-04 21:57 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-07-04 21:57 . 2009-07-04 21:57 -------- d-----w- c:\program files\Samsung
2009-06-29 04:40 . 2009-06-29 04:40 -------- d-----w- c:\program files\LeeGTs Games
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\program files\Kiwee Toolbar
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\programdata\Kiwee Toolbar
2009-06-16 19:25 . 2009-06-16 19:25 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-06-16 19:25 . 2009-06-16 19:25 2117632 ----a-w- c:\windows\system32\python25.dll
2009-06-16 19:25 . 2009-06-16 19:25 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-06-16 19:24 . 2008-09-16 16:26 1332197 ----a-w- c:\windows\system32\pythondll.zip
2009-06-14 20:42 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Roaming\Sony
2009-06-14 20:42 . 2009-06-14 20:42 -------- d-----w- c:\programdata\Sony
2009-06-14 20:41 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Local\Sony
2009-06-14 20:39 . 2009-06-14 20:39 -------- d-----w- c:\program files\Common Files\Sony Shared
2009-06-14 20:35 . 2009-06-14 20:37 -------- d-----w- c:\program files\QuickTime
2009-06-14 08:32 . 2009-06-14 08:32 -------- d-----w- c:\program files\Rockstar Games
2009-06-13 14:49 . 2009-06-13 14:49 -------- d-----w- c:\programdata\BVRP Software
2009-06-13 14:25 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2009-06-13 14:25 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2009-06-13 14:25 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2009-06-13 14:25 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2009-06-13 14:25 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2009-06-13 14:25 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2009-06-13 14:25 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2009-06-13 14:25 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2009-06-12 19:21 . 2009-06-12 19:22 -------- d-----w- c:\users\Pauline\AppData\Local\Ludi
2009-06-12 19:21 . 2009-06-12 19:21 -------- d-----w- c:\program files\Ludi
2009-06-11 13:26 . 2009-04-24 16:05 827904 ----a-w- c:\windows\system32\wininet.dll
2009-06-11 13:26 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-11 13:26 . 2009-04-24 13:44 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-06-11 12:51 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-11 12:45 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-11 12:40 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-09 14:12 . 2009-06-09 14:12 -------- d-----w- c:\program files\uTorrent
2009-06-09 14:11 . 2009-07-04 22:08 -------- d-----w- c:\users\Pauline\AppData\Roaming\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 22:02 . 2008-10-12 19:27 -------- d-----w- c:\users\Pauline\AppData\Roaming\skypePM
2009-07-05 21:25 . 2008-05-26 15:53 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-05 21:25 . 2008-05-26 15:53 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-05 20:56 . 2008-10-10 18:02 1356 ----a-w- c:\users\Pauline\AppData\Local\d3d9caps.dat
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-05 19:10 . 2008-05-26 06:48 -------- d-----w- c:\program files\Google
2009-07-05 19:10 . 2008-05-26 06:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-04 18:59 . 2008-10-21 19:08 -------- d-----w- c:\program files\Sony
2009-07-02 19:50 . 2008-10-13 21:24 1 ----a-w- c:\users\Pauline\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-30 23:21 . 2008-11-07 11:48 -------- d-----w- c:\users\Pauline\AppData\Roaming\dvdcss
2009-06-30 00:06 . 2008-10-09 20:53 -------- d-----w- c:\program files\Windows Live
2009-06-25 20:58 . 2008-10-12 19:26 -------- d-----w- c:\users\Pauline\AppData\Roaming\Skype
2009-06-14 20:35 . 2008-11-18 17:48 -------- d-----w- c:\programdata\Apple Computer
2009-06-13 14:18 . 2008-05-26 06:31 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-10 17:58 . 2009-05-28 12:07 -------- d-----w- c:\program files\Warcraft III
2009-05-28 12:25 . 2009-05-28 12:12 55358 ----a-w- c:\windows\War3Unin.dat
2009-05-28 12:25 . 2009-05-28 12:12 2829 ----a-w- c:\windows\War3Unin.pif
2009-05-28 12:25 . 2009-05-28 12:12 139264 ----a-w- c:\windows\War3Unin.exe
2009-05-24 21:28 . 2009-05-24 21:27 -------- d-----r- c:\program files\Skype
2009-05-24 21:28 . 2009-05-24 21:28 -------- d-----w- c:\program files\Common Files\Skype
2009-05-24 21:28 . 2008-05-26 07:17 -------- d-----w- c:\programdata\Skype
2009-05-21 17:01 . 2008-12-22 18:47 -------- d-----w- c:\program files\DivX
2009-05-21 17:01 . 2008-10-21 19:13 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-21 17:00 . 2009-05-21 16:59 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-21 12:53 . 2009-05-21 12:53 -------- d-----w- c:\program files\Chaos Shredder2.3FR
2009-05-20 21:03 . 2008-12-15 21:36 -------- d-----w- c:\users\Pauline\AppData\Roaming\ESTsoft
2009-05-20 21:03 . 2009-05-20 21:02 -------- d-----w- c:\program files\ESTsoft
2009-05-14 01:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 08:33 . 2009-05-09 08:33 -------- d-----w- c:\program files\Avira
2009-05-09 08:33 . 2009-04-07 06:57 -------- d-----w- c:\programdata\Avira
2009-04-23 20:28 . 2009-04-23 20:27 21878064 ----a-w- c:\users\Pauline\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2008-06-30 11:44 . 2008-10-10 05:16 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-05-26 15:58 . 2008-05-26 15:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-07-05_21.19.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 13:02 . 2009-07-05 21:20 75812 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-09 19:22 . 2009-07-05 21:20 13156 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1243321965-3589882168-3296649825-1000_UserData.bin
+ 2006-11-02 10:33 . 2009-07-05 21:25 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-05 21:07 587178 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-07-05 21:25 101250 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-07-05 21:07 101250 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-06-16 19:26 277648 ----a-w- c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Does wait"="c:\programdata\mapi rule rule.rbrxv" [X]
"Hope Draw Obj Funk"="c:\programdata\HOPE LIES DART.l4op9a7" [X]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664]
"Google Update"="c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-12-05 133104]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-11 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-11 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-11 145944]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-26 29744]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-28 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.9.201\kwtbaim.exe" [2009-06-16 56456]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{21AEC2E7-FEE5-47FD-BB06-BA93600638EA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{769EDCAB-AA23-4F50-AE37-D6B23D09AE7B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1F20F986-497B-4045-ABBA-5A98D5B27A05}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{68DB0F74-AC44-4DB0-B62D-6D8FA4C93A83}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{7B6CE150-E3DA-42AE-9774-650A5DD88C01}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule Plus
"UDP Query User{330A880B-300E-4EE0-BDFE-9B3B1BE39849}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule Plus
"TCP Query User{C550615A-4F0E-4732-B148-0EE7A9B952AE}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"UDP Query User{CA001725-C64F-4363-A426-98D44B951943}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"{3B8FFFBB-C972-47F6-BD28-15D97DD551A9}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{8DC75970-59CB-4989-92E6-0C3DF54FCFEB}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{BED62AC2-D99B-4F2D-8062-30CD3150736E}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{40B030FC-38DF-4493-84F5-51999FCCB504}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{86AA4F51-44B0-45FB-9DBC-A09655FEA866}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"{C55D61F4-A160-4B2F-99ED-CAFBAF1ABEAE}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{D2FE08EB-D132-4862-A942-A853367BDD2C}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{43204573-6B06-4303-9AE3-3653AD56756A}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"{5F7B623A-4F43-4381-9236-B4F00BAD88DF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{C1B43801-204F-45FF-B358-784ABDF97736}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{C019811F-D531-431D-BBF8-07845CAF14C4}"= UDP:44535:Torrent
"{8F3BAC46-AD77-46C6-A406-BEED2F8B0877}"= TCP:44535:Torrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [09/05/2009 10:33 108289]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/05/2008 17:46 489984]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [13/05/2008 06:48 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [13/05/2008 03:48 43736]
S2 AGWinService;AG Windows Service;"c:\program files\AGI\common\win32\PythonService.exe" --> c:\program files\AGI\common\win32\PythonService.exe [?]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\System32\drivers\IcdUsb2.sys [21/10/2008 21:09 39048]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [13/06/2009 16:25 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [13/06/2009 16:25 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [13/06/2009 16:25 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [13/06/2009 16:25 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [13/06/2009 16:25 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [13/06/2009 16:25 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [13/06/2009 16:25 115752]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - Ndisprot.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contenu du dossier 'Tâches planifiées'

2009-07-05 c:\windows\Tasks\Extension de garantie-Pauline.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-05-26 10:13]

2009-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000Core.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000UA.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{7DD4461A-AF1A-409F-A9A7-CE23A63F1F23}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{A7BEE8AB-23DD-48DE-8AF7-A0AA78AFE1E7}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Examen supplémentaire -------
.
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Pauline\AppData\Roaming\Mozilla\Firefox\Profiles\gt3se141.default\
FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF

Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
gen-hackman 68344Messages postés 30 avril 2008Date d'inscription 11 juin 2011Dernière intervention 6 juil. 2009 à 10:39
salut ton rapport est trop long pour etre complet sur le forum fais le passer par ici : http://www.cijoint.fr/ puis donne le lien obtenu

on y voit deja beaucoup plus clair ca devrait deja aller mieux

ensuite passe à la suite :)

Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
eloitalia 49Messages postés 17 juillet 2008Date d'inscription 6 juil. 2009 à 11:48
http://www.cijoint.fr/cjlink.php?file=cj200907/cijxDgiU86.txt

Oui ca va déjà mieux, l'ordi a arreté de s'éteindre tout seul ^^

Je continue ^^

Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
eloitalia 49Messages postés 17 juillet 2008Date d'inscription 6 juil. 2009 à 18:57
J'ai laissé le programme tourné toute la journée et il n'a rien fait ! Je viens de le couper pour ouvrir Mozilla et je voulais me connecter à MSN, je peux plus, il trouve plus mon programme. Que dois-je faire ??

Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
gen-hackman 68344Messages postés 30 avril 2008Date d'inscription 11 juin 2011Dernière intervention 6 juil. 2009 à 19:08
tu l'as bien lancé en tant qu'administrateur ?

Ajouter un commentaire
Ajouter un commentaire
Posez votre question
Ce document intitulé « Virus TR/TDss.yux » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
5 extensions si vous voulez revenir à l'ancien Facebook