High-Tech Santé Médecine Droit-Finances

Grippe A

Que dois-je faire ?

Rechercher : dans
Par :

Virus TR/TDss.yux

Dernière réponse le 6 jui 2009 à 19:08:46 eloitalia, le 5 jui 2009 à 00:53:04 
 Signaler ce message aux modérateurs

Bonjour,
Voici mon rapport Hijackthis ! Fait parce que antivir me signale un virus mais qu'il n'est pas capable de supprimer, quelqu'un pourrait-il y jeter un coup d'oeil et me dire auoi faire ?? D'avance merci !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:05, on 30/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Pauline\AppData\Local\Google\Update\GoogleUpdate.ex­e
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pauline\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [wewckmw] "c:\users\pauline\appdata\local\wewckmw.exe" wewckmw
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.53 Safari/525.19" -"http://www.aufeminin.com/beaute/outilcoiffure/outilcoiffure2b.asp?vid=16373708C69005"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O13 - Gopher Prefix:
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/SKIP-BO%20Castaway%20Caper/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/SKIP-BO%20Castaway%20Caper/Images/armhelper.ocx
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
End of file - 8767 bytes


--
Ptite fée est passée par là ... 

Configuration: Windows Vista
Safari 530.5

Posez votre question Répondre

1

gen-hackman, le 5 jui 2009 à 01:19:26

Salut :

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.

Tuto

ensuite :

Désactiver le TeaTimer de Spybot (Merci à Nico):

Pour désactiver le TeaTimer :
=> Ouvrir Spybot S&D
=> Dans le menu "Mode", séléctionner le mode avancé.
=> Une fenêtre demande confirmation cliquer sur "oui".
=> Une fois le mode avancé actif, ouvrir l'onglet "Outils".
=> Cliquer sur Résident.
=> La partie Résident comporte deux lignes qui sont normalement cochées :
*Résident "SDHelper" (bloqueur de téléchargements nuisibles pour Internet Explorer) actif.

* Résident "TeaTimer" (Protection des réglages système fondamentaux) actif.

=> Décocher la ligne TeaTimer.
=> Redémarrer Spybot (le fermer et le réouvrir)
=> Retourner dans le menu Résident et vérifier qu'il soit bien désactivé.

ensuite :

desinstalle spybot

ensuite :


/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\

_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

>> Reviens sur le forum, et

copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.


--
♦G3и-н@¢км@и™©®♦

   
Répondre à gen-hackman

2

eloitalia, le 5 jui 2009 à 23:34:58

Donc voilà, j'ai effectué ce que tu m'as dit et voici le résultat :

ComboFix 09-07-05.01 - Pauline 05/07/2009 23:05.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.352.1036.18.2008.1297 [GMT 2:00]
Lancé depuis: c:\users\Pauline\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1243321965-3589882168-3296649825-10­01
c:\$recycle.bin\S-1-5-21-75162790-1064007011-202293021-500
c:\windows\Installer\216b4.msi
c:\windows\Installer\51473e7.msi
c:\windows\system32\drivers\msqpdxmbcbcrrx.sys
c:\windows\system32\drivers\SKYNETysnjrfmw.sys
c:\windows\system32\msqpdxrfppntlv.dll
c:\windows\system32\msqpdxwqsctmei.dll
c:\windows\TEMP\jqoypqbkks.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSQPDXSERV.SYS
-------\Service_Boonty Games
-------\Legacy_msqpdxserv.sys
-------\Service_AeLookupSvcAGWinService
-------\Service_msqpdxserv.sys
-------\Service_SKYNETdpqnugyp


((((((((((((((((((((((((((((( Fichiers créés du 2009-06-05 au 2009-07-05 ))))))))))))))))))))))))))))))))))))
.

2009-07-05 07:04 . 2009-07-05 07:04 -------- d-----w- c:\users\Invité
2009-07-04 22:39 . 2009-07-05 20:54 18944 ----a-w- c:\windows\system32\SKYNETqptuupdn.dll
2009-07-04 22:18 . 2009-07-04 22:18 -------- d-----w- c:\users\Pauline\AppData\Roaming\Sam­sung
2009-07-04 21:59 . 2007-05-02 09:12 15112 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sy­s
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_whnt.sy­s
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_wh.sys
2009-07-04 21:59 . 2007-05-02 09:12 109704 ----a-w- c:\windows\system32\drivers\ssm_mdm.sy­s
2009-07-04 21:59 . 2007-05-02 09:12 83592 ----a-w- c:\windows\system32\drivers\ssm_bus.sys­
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sy­s
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cm.sys
2009-07-04 21:58 . 2009-07-04 22:39 -------- d-----w- c:\windows\system32\Samsung_USB_Driv­ers
2009-07-04 21:57 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys­
2009-07-04 21:57 . 2009-07-04 21:57 -------- d-----w- c:\program files\Samsung
2009-06-29 04:45 . 2009-07-05 20:54 93 ----a-w- c:\windows\system32\SKYNETerrmifpw.dat
2009-06-29 04:40 . 2009-06-29 04:40 -------- d-----w- c:\program files\LeeGTs Games
2009-06-29 04:38 . 2009-07-05 21:11 102613 ----a-w- c:\windows\system32\SKYNEToxxqxtbs.dat­
2009-06-29 04:38 . 2009-06-29 04:38 45056 ----a-w- c:\windows\system32\SKYNETpvpptmky.dll
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\program files\Kiwee Toolbar
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\programdata\Kiwee Toolbar
2009-06-16 19:25 . 2009-06-16 19:26 -------- d-----w- c:\users\Pauline\AppData\Roaming\agi­
2009-06-16 19:25 . 2009-06-16 19:25 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-06-16 19:25 . 2009-06-16 19:25 2117632 ----a-w- c:\windows\system32\python25.dll
2009-06-16 19:25 . 2009-06-16 19:25 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-06-16 19:24 . 2008-09-16 16:26 1332197 ----a-w- c:\windows\system32\pythondll.zip
2009-06-16 19:24 . 2009-06-16 19:25 -------- d-----w- c:\programdata\AGI
2009-06-16 19:24 . 2009-06-16 19:24 -------- d-----w- c:\program files\AGI
2009-06-14 20:42 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Roaming\Son­y
2009-06-14 20:42 . 2009-06-14 20:42 -------- d-----w- c:\programdata\Sony
2009-06-14 20:41 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Local\Sony
2009-06-14 20:39 . 2009-06-14 20:39 -------- d-----w- c:\program files\Common Files\Sony Shared
2009-06-14 20:35 . 2009-06-14 20:37 -------- d-----w- c:\program files\QuickTime
2009-06-14 08:32 . 2009-06-14 08:32 -------- d-----w- c:\program files\Rockstar Games
2009-06-13 14:49 . 2009-06-13 14:49 -------- d-----w- c:\programdata\BVRP Software
2009-06-13 14:25 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sy­s
2009-06-13 14:25 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.s­ys
2009-06-13 14:25 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.­sys
2009-06-13 14:25 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sy­s
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.s­ys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys­
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.s­ys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys­
2009-06-13 14:25 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.s­ys
2009-06-13 14:25 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.­sys
2009-06-13 14:25 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.­sys
2009-06-13 14:25 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys­
2009-06-12 19:21 . 2009-06-12 19:22 -------- d-----w- c:\users\Pauline\AppData\Local\Ludi
2009-06-12 19:21 . 2009-06-12 19:21 -------- d-----w- c:\program files\Ludi
2009-06-11 13:26 . 2009-04-24 16:05 827904 ----a-w- c:\windows\system32\wininet.dll
2009-06-11 13:26 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-11 13:26 . 2009-04-24 13:44 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-06-11 12:51 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-11 12:45 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-11 12:40 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-09 14:12 . 2009-06-09 14:12 -------- d-----w- c:\program files\uTorrent
2009-06-09 14:11 . 2009-07-04 22:08 -------- d-----w- c:\users\Pauline\AppData\Roaming\uTo­rrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 21:16 . 2009-07-05 21:16 421 ----a-w- c:\windows\system32\SKYNETiobjxenu.dat
2009-07-05 21:07 . 2008-05-26 15:53 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-05 21:07 . 2008-05-26 15:53 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-05 20:56 . 2008-10-10 18:02 1356 ----a-w- c:\users\Pauline\AppData\Local\d3d9caps.­dat
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-05 19:10 . 2008-05-26 06:48 -------- d-----w- c:\program files\Google
2009-07-05 19:10 . 2008-05-26 06:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-05 19:08 . 2008-10-12 19:27 -------- d-----w- c:\users\Pauline\AppData\Roaming\skypePM
2009-07-04 18:59 . 2008-10-21 19:08 -------- d-----w- c:\program files\Sony
2009-07-02 19:50 . 2008-10-13 21:24 1 ----a-w- c:\users\Pauline\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-30 23:21 . 2008-11-07 11:48 -------- d-----w- c:\users\Pauline\AppData\Roaming\dvdcss
2009-06-30 00:06 . 2008-10-09 20:53 -------- d-----w- c:\program files\Windows Live
2009-06-25 20:58 . 2008-10-12 19:26 -------- d-----w- c:\users\Pauline\AppData\Roaming\Skype
2009-06-14 20:35 . 2008-11-18 17:48 -------- d-----w- c:\programdata\Apple Computer
2009-06-13 14:18 . 2008-05-26 06:31 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-10 17:58 . 2009-05-28 12:07 -------- d-----w- c:\program files\Warcraft III
2009-05-28 12:25 . 2009-05-28 12:12 55358 ----a-w- c:\windows\War3Unin.dat
2009-05-28 12:25 . 2009-05-28 12:12 2829 ----a-w- c:\windows\War3Unin.pif
2009-05-28 12:25 . 2009-05-28 12:12 139264 ----a-w- c:\windows\War3Unin.exe
2009-05-24 21:28 . 2009-05-24 21:27 -------- d-----r- c:\program files\Skype
2009-05-24 21:28 . 2009-05-24 21:28 -------- d-----w- c:\program files\Common Files\Skype
2009-05-24 21:28 . 2008-05-26 07:17 -------- d-----w- c:\programdata\Skype
2009-05-21 17:01 . 2008-12-22 18:47 -------- d-----w- c:\program files\DivX
2009-05-21 17:01 . 2008-10-21 19:13 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-21 17:00 . 2009-05-21 16:59 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-21 12:53 . 2009-05-21 12:53 -------- d-----w- c:\program files\Chaos Shredder2.3FR
2009-05-20 21:03 . 2008-12-15 21:36 -------- d-----w- c:\users\Pauline\AppData\Roaming\ESTsoft
2009-05-20 21:03 . 2009-05-20 21:02 -------- d-----w- c:\program files\ESTsoft
2009-05-14 01:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 08:33 . 2009-05-09 08:33 -------- d-----w- c:\program files\Avira
2009-05-09 08:33 . 2009-04-07 06:57 -------- d-----w- c:\programdata\Avira
2009-04-23 20:28 . 2009-04-23 20:27 21878064 ----a-w- c:\users\Pauline\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2008-06-30 11:44 . 2008-10-10 05:16 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-05-26 15:58 . 2008-05-26 15:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-06-16 19:26 277648 ----a-w- c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Does wait"="c:\programdata\mapi rule rule.rbrxv" [X]
"Hope Draw Obj Funk"="c:\programdata\HOPE LIES DART.l4op9a7" [X]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664]
"Google Update"="c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-12-05 133104]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-11 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-11 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-11 145944]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-26 29744]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-28 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.9.201\kwtbaim.exe" [2009-06-16 56456]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{21AEC2E7-FEE5-47FD-BB06-BA93600638EA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{769EDCAB-AA23-4F50-AE37-D6B23D09AE7B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1F20F986-497B-4045-ABBA-5A98D5B27A05}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{68DB0F74-AC44-4DB0-B62D-6D8FA4C93A83}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{7B6CE150-E3DA-42AE-9774-650A5DD88C01}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule Plus
"UDP Query User{330A880B-300E-4EE0-BDFE-9B3B1BE39849}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule Plus
"TCP Query User{C550615A-4F0E-4732-B148-0EE7A9B952AE}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"UDP Query User{CA001725-C64F-4363-A426-98D44B951943}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"{3B8FFFBB-C972-47F6-BD28-15D97DD551A9}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{8DC75970-59CB-4989-92E6-0C3DF54FCFEB}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{BED62AC2-D99B-4F2D-8062-30CD3150736E}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{40B030FC-38DF-4493-84F5-51999FCCB504}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{86AA4F51-44B0-45FB-9DBC-A09655FEA866}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"{C55D61F4-A160-4B2F-99ED-CAFBAF1ABEAE}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{D2FE08EB-D132-4862-A942-A853367BDD2C}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{43204573-6B06-4303-9AE3-3653AD56756A}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"{5F7B623A-4F43-4381-9236-B4F00BAD88DF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{C1B43801-204F-45FF-B358-784ABDF97736}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{C019811F-D531-431D-BBF8-07845CAF14C4}"= UDP:44535:Torrent
"{8F3BAC46-AD77-46C6-A406-BEED2F8B0877}"= TCP:44535:Torrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [16/06/2009 21:25 10240]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [09/05/2009 10:33 108289]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/05/2008 17:46 489984]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [13/05/2008 06:48 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [13/05/2008 03:48 43736]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\System32\drivers\IcdUsb2.sys [21/10/2008 21:09 39048]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [13/06/2009 16:25 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [13/06/2009 16:25 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [13/06/2009 16:25 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [13/06/2009 16:25 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [13/06/2009 16:25 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [13/06/2009 16:25 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [13/06/2009 16:25 115752]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - Ndisprot.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contenu du dossier 'Tâches planifiées'

2009-07-05 c:\windows\Tasks\Extension de garantie-Pauline.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-05-26 10:13]

2009-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000Core.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000UA.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{7DD4461A-AF1A-409F-A9A7-CE23A63F1F23}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{A7BEE8AB-23DD-48DE-8AF7-A0AA78AFE1E7}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Examen supplémentaire -------
.
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Pauline\AppData\Roaming\Mozilla\Firefox\Profiles\gt3se141.default\
FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\users\Pauline\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-05 23:19
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\users\Pauline\AppData\Local\Temp\~DF730D.tmp 16384 bytes
c:\users\Pauline\AppData\Local\Temp\~DF7D54.tmp 512 bytes
c:\users\Pauline\AppData\Roaming\Microsoft\Windows\Cookies\pauline@kiwee[1].txt 1243 bytes
c:\users\Pauline\AppData\Roaming\Microsoft\Windows\Cookies\pauline@www1.kiwee[2].txt 542 bytes

Scan terminé avec succès
Fichiers cachés: 4

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SKYNETdpqnugyp]
"imagepath"="\systemroot\system32\drivers\SKYNETysnjrfmw.sys"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SKYNETdpqnugyp]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"group"="file system"
"imagepath"=expand:"\\systemroot\\system32\\drivers\\SKYNETysnjrfmw.sys"
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\windows\System32\IoctlSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\conime.exe
c:\windows\System32\igfxsrvc.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Heure de fin: 2009-07-05 23:27 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-07-05 21:27

Avant-CF: 97 595 076 608 octets libres
Après-CF: 97 615 900 672 octets libres

312 --- E O F --- 2009-07-02 16:41
Ptite fée est passée par là ... 

   
Répondre à eloitalia

3

gen-hackman, le 5 jui 2009 à 23:45:51


__________________________________________________________
=>/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement cet ordinateur,<=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=====|
---------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

• Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
• Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
File::
c:\windows\system32\SKYNETqptuupdn.dll
c:\windows\system32\SKYNETerrmifpw.dat
c:\windows\system32\SKYNEToxxqxtbs.dat
c:\windows\system32\SKYNETpvpptmky.dll
c:\windows\system32\drivers\SKYNETysnjrfmw.sys

Folder::
c:\users\Pauline\AppData\Roaming\agi
c:\programdata\AGI
c:\program files\AGI

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000000
"InternetSettingsDisableNotify"=dword:00000000
"AutoUpdateDisableNotify"=dword:00000000
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SKYNETdpqnugyp]

Driver::
SKYNETdpqnugyp
------------------------------------------------------------------

• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
• Quitte le Bloc Notes

• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) Comme ceci

• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

ensuite :

Télécharge TOOLBAR S&D ( de Eric_71/Team IDN ) sur ton bureau :


!! Déconnecte toi,desactive tes protections résidentes, et ferme toutes tes applications en cours le temps de la manip. !!

* clique droit "en tant qu'administrateur" sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...

--> Tapes ( option " recherche " ) puis tape sur [Entrée].

Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse

( le rapport est en outre sauvegardé ici -> C:\TB.txt )

Tutoriel

ensuite :


télécharge LOP S&D sur ton Bureau.

* clique droit "en tant qu'administrateur" dessus pour lancer l'installation
* Puis clique droit "en tant qu'administrateur" sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan

* Poste le rapport généré (C:\lopR.txt) ♦G3и-н@¢км@и™©®♦

   
Répondre à gen-hackman

4

eloitalia, le 6 jui 2009 à 07:29:47

Voilà le second rapport Combo fix

ComboFix 09-07-05.01 - Pauline 05/07/2009 23:59.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.352.1036.18.2008.1122 [GMT 2:00]
Lancé depuis: c:\users\Pauline\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Pauline\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\system32\drivers\SKYNETysnjrfmw.sys"
"c:\windows\system32\SKYNETerrmifpw.dat"
"c:\windows\system32\SKYNEToxxqxtbs.dat"
"c:\windows\system32\SKYNETpvpptmky.dll"
"c:\windows\system32\SKYNETqptuupdn.dll"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AGI
c:\program files\AGI\common\agcutils.dll
c:\program files\AGI\common\bootstrapper.exe
c:\program files\AGI\common\common.zip
c:\program files\AGI\common\comtypes\__init__.py
c:\program files\AGI\common\comtypes\__init__.pyc
c:\program files\AGI\common\comtypes\_comobject.py
c:\program files\AGI\common\comtypes\_comobject.pyc
c:\program files\AGI\common\comtypes\_meta.py
c:\program files\AGI\common\comtypes\_meta.pyc
c:\program files\AGI\common\comtypes\_safearray.py
c:\program files\AGI\common\comtypes\_safearray.pyc
c:\program files\AGI\common\comtypes\automation.py
c:\program files\AGI\common\comtypes\automation.pyc
c:\program files\AGI\common\comtypes\client\__init__.py
c:\program files\AGI\common\comtypes\client\__init__.pyc
c:\program files\AGI\common\comtypes\client\_events.py
c:\program files\AGI\common\comtypes\client\_events.pyc
c:\program files\AGI\common\comtypes\client\_generate.py
c:\program files\AGI\common\comtypes\client\_generate.pyc
c:\program files\AGI\common\comtypes\client\dynamic.py
c:\program files\AGI\common\comtypes\client\dynamic.pyc
c:\program files\AGI\common\comtypes\connectionpoints.py
c:\program files\AGI\common\comtypes\connectionpoints.pyc
c:\program files\AGI\common\comtypes\errorinfo.py
c:\program files\AGI\common\comtypes\errorinfo.pyc
c:\program files\AGI\common\comtypes\gen\__init__.py
c:\program files\AGI\common\comtypes\gen\__init__.pyc
c:\program files\AGI\common\comtypes\gen\_00020430_0000_0000_C000_000000000046_0_2_0.py
c:\program files\AGI\common\comtypes\git.py
c:\program files\AGI\common\comtypes\GUID.py
c:\program files\AGI\common\comtypes\GUID.pyc
c:\program files\AGI\common\comtypes\hresult.py
c:\program files\AGI\common\comtypes\hresult.pyc
c:\program files\AGI\common\comtypes\logutil.py
c:\program files\AGI\common\comtypes\messageloop.py
c:\program files\AGI\common\comtypes\partial.py
c:\program files\AGI\common\comtypes\partial.pyc
c:\program files\AGI\common\comtypes\persist.py
c:\program files\AGI\common\comtypes\safearray.py
c:\program files\AGI\common\comtypes\safearray.pyc
c:\program files\AGI\common\comtypes\server\__init__.py
c:\program files\AGI\common\comtypes\server\__init__.pyc
c:\program files\AGI\common\comtypes\server\automation.py
c:\program files\AGI\common\comtypes\server\automation.pyc
c:\program files\AGI\common\comtypes\server\connectionpoints.py
c:\program files\AGI\common\comtypes\server\inprocserver.py
c:\program files\AGI\common\comtypes\server\inprocserver.pyc
c:\program files\AGI\common\comtypes\server\localserver.py
c:\program files\AGI\common\comtypes\server\register.py
c:\program files\AGI\common\comtypes\server\register.pyc
c:\program files\AGI\common\comtypes\server\w_getopt.py
c:\program files\AGI\common\comtypes\server\w_getopt.pyc
c:\program files\AGI\common\comtypes\tools\__init__.py
c:\program files\AGI\common\comtypes\tools\codegenerator.py
c:\program files\AGI\common\comtypes\tools\tlbparser.py
c:\program files\AGI\common\comtypes\tools\typedesc.py
c:\program files\AGI\common\comtypes\tools\typedesc_base.py
c:\program files\AGI\common\comtypes\typeinfo.py
c:\program files\AGI\common\comtypes\typeinfo.pyc
c:\program files\AGI\common\comtypes\util.py
c:\program files\AGI\common\configobj.py
c:\program files\AGI\common\configobj.pyc
c:\program files\AGI\common\dateutil\__init__.py
c:\program files\AGI\common\dateutil\__init__.pyc
c:\program files\AGI\common\dateutil\easter.py
c:\program files\AGI\common\dateutil\parser.py
c:\program files\AGI\common\dateutil\parser.pyc
c:\program files\AGI\common\dateutil\relativedelta.py
c:\program files\AGI\common\dateutil\relativedelta.pyc
c:\program files\AGI\common\dateutil\rrule.py
c:\program files\AGI\common\dateutil\tz.py
c:\program files\AGI\common\dateutil\tz.pyc
c:\program files\AGI\common\dateutil\tzwin.py
c:\program files\AGI\common\dateutil\tzwin.pyc
c:\program files\AGI\common\dateutil\zoneinfo\__init__.py
c:\program files\AGI\common\dateutil\zoneinfo\zoneinfo-2005q.tar.gz
c:\program files\AGI\common\dependencies.zip
c:\program files\AGI\common\pyagcore\__init__.pyc
c:\program files\AGI\common\pyagcore\agservice.pyc
c:\program files\AGI\common\pyagcore\config\__init__.pyc
c:\program files\AGI\common\pyagcore\config\appconfig.pyc
c:\program files\AGI\common\pyagcore\config\config.pyc
c:\program files\AGI\common\pyagcore\cookieutil.pyc
c:\program files\AGI\common\pyagcore\install\__init__.pyc
c:\program files\AGI\common\pyagcore\install\agcustomactions.pyc
c:\program files\AGI\common\pyagcore\install\appupdate.pyc
c:\program files\AGI\common\pyagcore\install\autoupdate.pyc
c:\program files\AGI\common\pyagcore\install\dependency\__init__.pyc
c:\program files\AGI\common\pyagcore\install\dependency\KiweeToolbar.pyc
c:\program files\AGI\common\pyagcore\install\dependencychecker.pyc
c:\program files\AGI\common\pyagcore\install\dependencythread.pyc
c:\program files\AGI\common\pyagcore\install\installers\__init__.pyc
c:\program files\AGI\common\pyagcore\install\installers\KiweeToolbar.pyc
c:\program files\AGI\common\pyagcore\install\installers\WebshotsDesktop.pyc
c:\program files\AGI\common\pyagcore\install\installers\WebshotsToolbar.pyc
c:\program files\AGI\common\pyagcore\install\installutil.pyc
c:\program files\AGI\common\pyagcore\install\pythonchecker.pyc
c:\program files\AGI\common\pyagcore\install\windows.pyc
c:\program files\AGI\common\pyagcore\installer.pyc
c:\program files\AGI\common\pyagcore\lilw\__init__.pyc
c:\program files\AGI\common\pyagcore\lilw\AGCoreLib.pyc
c:\program files\AGI\common\pyagcore\lilw\lilw.tlb
c:\program files\AGI\common\pyagcore\lilw\lilwconfig.pyc
c:\program files\AGI\common\pyagcore\lilw\lilwsearchdetection.pyc
c:\program files\AGI\common\pyagcore\lilw\lilwsearchhook.pyc
c:\program files\AGI\common\pyagcore\logwrangler.pyc
c:\program files\AGI\common\pyagcore\msiecookiejar.pyc
c:\program files\AGI\common\pyagcore\process\__init__.pyc
c:\program files\AGI\common\pyagcore\process\winprocess.pyc
c:\program files\AGI\common\pyagcore\protection\__init__.pyc
c:\program files\AGI\common\pyagcore\protection\agimonitor.pyc
c:\program files\AGI\common\pyagcore\protection\monitor.pyc
c:\program files\AGI\common\pyagcore\protection\protection.pyc
c:\program files\AGI\common\pyagcore\regspy.pyc
c:\program files\AGI\common\pyagcore\regutil.pyc
c:\program files\AGI\common\pyagcore\search\__init__.pyc
c:\program files\AGI\common\pyagcore\search\algorithm\__init__.pyc
c:\program files\AGI\common\pyagcore\search\iesearchprotection.pyc
c:\program files\AGI\common\pyagcore\search\provider\__init__.pyc
c:\program files\AGI\common\pyagcore\search\provider\MSN.pyc
c:\program files\AGI\common\pyagcore\search\searchdetection.pyc
c:\program files\AGI\common\pyagcore\search\searchgenerator.pyc
c:\program files\AGI\common\pyagcore\search\searchprotection.pyc
c:\program files\AGI\common\pyagcore\search\urlprotect.pyc
c:\program files\AGI\common\pyagcore\setenv.pyc
c:\program files\AGI\common\pyagcore\uiutil.pyc
c:\program files\AGI\common\pyagcore\updateui.pyc
c:\program files\AGI\common\pyagcore\urlutil.pyc
c:\program files\AGI\common\pyagcore\versionnumber.pyc
c:\program files\AGI\common\pythoncom.py
c:\program files\AGI\common\pythoncom.pyc
c:\program files\AGI\common\validate.py
c:\program files\AGI\common\win32\_win32sysloader.pyd
c:\program files\AGI\common\win32\_winxptheme.pyd
c:\program files\AGI\common\win32\dbi.pyd
c:\program files\AGI\common\win32\lib\afxres.py
c:\program files\AGI\common\win32\lib\commctrl.py
c:\program files\AGI\common\win32\lib\mmsystem.py
c:\program files\AGI\common\win32\lib\netbios.py
c:\program files\AGI\common\win32\lib\ntsecuritycon.py
c:\program files\AGI\common\win32\lib\ntsecuritycon.pyc
c:\program files\AGI\common\win32\lib\pywintypes.py
c:\program files\AGI\common\win32\lib\pywintypes.pyc
c:\program files\AGI\common\win32\lib\rasutil.py
c:\program files\AGI\common\win32\lib\regcheck.py
c:\program files\AGI\common\win32\lib\regutil.py
c:\program files\AGI\common\win32\lib\sspi.py
c:\program files\AGI\common\win32\lib\sspicon.py
c:\program files\AGI\common\win32\lib\win32con.py
c:\program files\AGI\common\win32\lib\win32con.pyc
c:\program files\AGI\common\win32\lib\win32cryptcon.py
c:\program files\AGI\common\win32\lib\win32evtlogutil.py
c:\program files\AGI\common\win32\lib\win32gui_struct.py
c:\program files\AGI\common\win32\lib\win32inetcon.py
c:\program files\AGI\common\win32\lib\win32netcon.py
c:\program files\AGI\common\win32\lib\win32pdhquery.py
c:\program files\AGI\common\win32\lib\win32pdhutil.py
c:\program files\AGI\common\win32\lib\win32pdhutil.pyc
c:\program files\AGI\common\win32\lib\win32rcparser.py
c:\program files\AGI\common\win32\lib\win32serviceutil.py
c:\program files\AGI\common\win32\lib\win32serviceutil.pyc
c:\program files\AGI\common\win32\lib\win32timezone.py
c:\program files\AGI\common\win32\lib\win32traceutil.py
c:\program files\AGI\common\win32\lib\win32verstamp.py
c:\program files\AGI\common\win32\lib\winerror.py
c:\program files\AGI\common\win32\lib\winerror.pyc
c:\program files\AGI\common\win32\lib\winioctlcon.py
c:\program files\AGI\common\win32\lib\winnt.py
c:\program files\AGI\common\win32\lib\winperf.py
c:\program files\AGI\common\win32\lib\winxptheme.py
c:\program files\AGI\common\win32\license.txt
c:\program files\AGI\common\win32\mmapfile.pyd
c:\program files\AGI\common\win32\odbc.pyd
c:\program files\AGI\common\win32\perfmon.pyd
c:\program files\AGI\common\win32\perfmondata.dll
c:\program files\AGI\common\win32\pythonservice.exe
c:\program files\AGI\common\win32\scripts\backupEventLog.py
c:\program files\AGI\common\win32\scripts\ControlService.py
c:\program files\AGI\common\win32\scripts\killProcName.py
c:\program files\AGI\common\win32\scripts\rasutil.py
c:\program files\AGI\common\win32\scripts\regsetup.py
c:\program files\AGI\common\win32\scripts\setup_d.py
c:\program files\AGI\common\win32\servicemanager.pyd
c:\program files\AGI\common\win32\timer.pyd
c:\program files\AGI\common\win32\win2kras.pyd
c:\program files\AGI\common\win32\win32api.pyd
c:\program files\AGI\common\win32\win32clipboard.pyd
c:\program files\AGI\common\win32\win32console.pyd
c:\program files\AGI\common\win32\win32cred.pyd
c:\program files\AGI\common\win32\win32crypt.pyd
c:\program files\AGI\common\win32\win32event.pyd
c:\program files\AGI\common\win32\win32evtlog.pyd
c:\program files\AGI\common\win32\win32file.pyd
c:\program files\AGI\common\win32\win32gui.pyd
c:\program files\AGI\common\win32\win32help.pyd
c:\program files\AGI\common\win32\win32inet.pyd
c:\program files\AGI\common\win32\win32job.pyd
c:\program files\AGI\common\win32\win32lz.pyd
c:\program files\AGI\common\win32\win32net.pyd
c:\program files\AGI\common\win32\win32pdh.pyd
c:\program files\AGI\common\win32\win32pipe.pyd
c:\program files\AGI\common\win32\win32popenWin9x.exe
c:\program files\AGI\common\win32\win32print.pyd
c:\program files\AGI\common\win32\win32process.pyd
c:\program files\AGI\common\win32\win32profile.pyd
c:\program files\AGI\common\win32\win32ras.pyd
c:\program files\AGI\common\win32\win32security.pyd
c:\program files\AGI\common\win32\win32service.pyd
c:\program files\AGI\common\win32\win32trace.pyd
c:\program files\AGI\common\win32\win32transaction.pyd
c:\program files\AGI\common\win32\win32ts.pyd
c:\program files\AGI\common\win32\win32wnet.pyd
c:\program files\AGI\common\win32\winxpgui.pyd
c:\program files\AGI\common\win32com\__init__.py
c:\program files\AGI\common\win32com\__init__.pyc
c:\program files\AGI\common\win32com\client\__init__.py
c:\program files\AGI\common\win32com\client\build.py
c:\program files\AGI\common\win32com\client\CLSIDToClass.py
c:\program files\AGI\common\win32com\client\combrowse.py
c:\program files\AGI\common\win32com\client\connect.py
c:\program files\AGI\common\win32com\client\dynamic.py
c:\program files\AGI\common\win32com\client\gencache.py
c:\program files\AGI\common\win32com\client\genpy.py
c:\program files\AGI\common\win32com\client\makepy.py
c:\program files\AGI\common\win32com\client\selecttlb.py
c:\program files\AGI\common\win32com\client\tlbrowse.py
c:\program files\AGI\common\win32com\client\util.py
c:\program files\AGI\common\win32com\decimal_23.py
c:\program files\AGI\common\win32com\License.txt
c:\program files\AGI\common\win32com\olectl.py
c:\program files\AGI\common\win32com\readme.htm
c:\program files\AGI\common\win32com\server\__init__.py
c:\program files\AGI\common\win32com\server\connect.py
c:\program files\AGI\common\win32com\server\dispatcher.py
c:\program files\AGI\common\win32com\server\exception.py
c:\program files\AGI\common\win32com\server\factory.py
c:\program files\AGI\common\win32com\server\localserver.py
c:\program files\AGI\common\win32com\server\policy.py
c:\program files\AGI\common\win32com\server\register.py
c:\program files\AGI\common\win32com\server\util.py
c:\program files\AGI\common\win32com\storagecon.py
c:\program files\AGI\common\win32com\universal.py
c:\program files\AGI\common\win32com\util.py
c:\program files\AGI\common\win32comext\adsi\__init__.py
c:\program files\AGI\common\win32comext\adsi\adsi.pyd
c:\program files\AGI\common\win32comext\adsi\adsicon.py
c:\program files\AGI\common\win32comext\authorization\__init__.py
c:\program files\AGI\common\win32comext\authorization\authorization.pyd
c:\program files\AGI\common\win32comext\axcontrol\__init__.py
c:\program files\AGI\common\win32comext\axcontrol\axcontrol.pyd
c:\program files\AGI\common\win32comext\shell\__init__.py
c:\program files\AGI\common\win32comext\shell\__init__.pyc
c:\program files\AGI\common\win32comext\shell\shell.pyd
c:\program files\AGI\common\win32comext\shell\shellcon.py
c:\program files\AGI\common\win32comext\shell\shellcon.pyc
c:\program files\AGI\common\windows.zip
c:\program files\AGI\Python25\DLLs\_ctypes.pyd
c:\program files\AGI\Python25\DLLs\_ctypes_test.pyd
c:\program files\AGI\Python25\DLLs\_elementtree.pyd
c:\program files\AGI\Python25\DLLs\_hashlib.pyd
c:\program files\AGI\Python25\DLLs\_msi.pyd
c:\program files\AGI\Python25\DLLs\_socket.pyd
c:\program files\AGI\Python25\DLLs\_ssl.pyd
c:\program files\AGI\Python25\DLLs\bz2.pyd
c:\program files\AGI\Python25\DLLs\py.ico
c:\program files\AGI\Python25\DLLs\pyc.ico
c:\program files\AGI\Python25\DLLs\pyexpat.pyd
c:\program files\AGI\Python25\DLLs\select.pyd
c:\program files\AGI\Python25\DLLs\unicodedata.pyd
c:\program files\AGI\Python25\DLLs\winsound.pyd
c:\program files\AGI\Python25\Lib\__future__.py
c:\program files\AGI\Python25\Lib\__future__.pyc
c:\program files\AGI\Python25\Lib\__phello__.foo.py
c:\program files\AGI\Python25\Lib\_LWPCookieJar.py
c:\program files\AGI\Python25\Lib\_LWPCookieJar.pyc
c:\program files\AGI\Python25\Lib\_MozillaCookieJar.py
c:\program files\AGI\Python25\Lib\_MozillaCookieJar.pyc
c:\program files\AGI\Python25\Lib\_strptime.py
c:\program files\AGI\Python25\Lib\_threading_local.py
c:\program files\AGI\Python25\Lib\aifc.py
c:\program files\AGI\Python25\Lib\anydbm.py
c:\program files\AGI\Python25\Lib\asynchat.py
c:\program files\AGI\Python25\Lib\asyncore.py
c:\program files\AGI\Python25\Lib\atexit.py
c:\program files\AGI\Python25\Lib\atexit.pyc
c:\program files\AGI\Python25\Lib\audiodev.py
c:\program files\AGI\Python25\Lib\base64.py
c:\program files\AGI\Python25\Lib\base64.pyc
c:\program files\AGI\Python25\Lib\BaseHTTPServer.py
c:\program files\AGI\Python25\Lib\Bastion.py
c:\program files\AGI\Python25\Lib\bdb.py
c:\program files\AGI\Python25\Lib\binhex.py
c:\program files\AGI\Python25\Lib\bisect.py
c:\program files\AGI\Python25\Lib\bisect.pyc
c:\program files\AGI\Python25\Lib\calendar.py
c:\program files\AGI\Python25\Lib\calendar.pyc
c:\program files\AGI\Python25\Lib\cgi.py
c:\program files\AGI\Python25\Lib\cgi.pyc
c:\program files\AGI\Python25\Lib\CGIHTTPServer.py
c:\program files\AGI\Python25\Lib\cgitb.py
c:\program files\AGI\Python25\Lib\chunk.py
c:\program files\AGI\Python25\Lib\cmd.py
c:\program files\AGI\Python25\Lib\code.py
c:\program files\AGI\Python25\Lib\codecs.py
c:\program files\AGI\Python25\Lib\codecs.pyc
c:\program files\AGI\Python25\Lib\codeop.py
c:\program files\AGI\Python25\Lib\colorsys.py
c:\program files\AGI\Python25\Lib\commands.py
c:\program files\AGI\Python25\Lib\compileall.py
c:\program files\AGI\Python25\Lib\compiler\__init__.py
c:\program files\AGI\Python25\Lib\compiler\__init__.pyc
c:\program files\AGI\Python25\Lib\compiler\ast.py
c:\program files\AGI\Python25\Lib\compiler\ast.pyc
c:\program files\AGI\Python25\Lib\compiler\consts.py
c:\program files\AGI\Python25\Lib\compiler\consts.pyc
c:\program files\AGI\Python25\Lib\compiler\future.py
c:\program files\AGI\Python25\Lib\compiler\future.pyc
c:\program files\AGI\Python25\Lib\compiler\misc.py
c:\program files\AGI\Python25\Lib\compiler\misc.pyc
c:\program files\AGI\Python25\Lib\compiler\pyassem.py
c:\program files\AGI\Python25\Lib\compiler\pyassem.pyc
c:\program files\AGI\Python25\Lib\compiler\pycodegen.py
c:\program files\AGI\Python25\Lib\compiler\pycodegen.pyc
c:\program files\AGI\Python25\Lib\compiler\symbols.py
c:\program files\AGI\Python25\Lib\compiler\symbols.pyc
c:\program files\AGI\Python25\Lib\compiler\syntax.py
c:\program files\AGI\Python25\Lib\compiler\syntax.pyc
c:\program files\AGI\Python25\Lib\compiler\transformer.py
c:\program files\AGI\Python25\Lib\compiler\transformer.pyc
c:\program files\AGI\Python25\Lib\compiler\visitor.py
c:\program files\AGI\Python25\Lib\compiler\visitor.pyc
c:\program files\AGI\Python25\Lib\ConfigParser.py
c:\program files\AGI\Python25\Lib\contextlib.py
c:\program files\AGI\Python25\Lib\Cookie.py
c:\program files\AGI\Python25\Lib\cookielib.py
c:\program files\AGI\Python25\Lib\cookielib.pyc
c:\program files\AGI\Python25\Lib\copy.py
c:\program files\AGI\Python25\Lib\copy.pyc
c:\program files\AGI\Python25\Lib\copy_reg.py
c:\program files\AGI\Python25\Lib\copy_reg.pyc
c:\program files\AGI\Python25\Lib\cProfile.py
c:\program files\AGI\Python25\Lib\csv.py
c:\program files\AGI\Python25\Lib\ctypes\__init__.py
c:\program files\AGI\Python25\Lib\ctypes\__init__.pyc
c:\program files\AGI\Python25\Lib\ctypes\_endian.py
c:\program files\AGI\Python25\Lib\ctypes\_endian.pyc
c:\program files\AGI\Python25\Lib\ctypes\util.py
c:\program files\AGI\Python25\Lib\ctypes\util.pyc
c:\program files\AGI\Python25\Lib\ctypes\wintypes.py
c:\program files\AGI\Python25\Lib\ctypes\wintypes.pyc
c:\program files\AGI\Python25\Lib\dbhash.py
c:\program files\AGI\Python25\Lib\decimal.py
c:\program files\AGI\Python25\Lib\decimal.pyc
c:\program files\AGI\Python25\Lib\difflib.py
c:\program files\AGI\Python25\Lib\dircache.py
c:\program files\AGI\Python25\Lib\dis.py
c:\program files\AGI\Python25\Lib\dis.pyc
c:\program files\AGI\Python25\Lib\doctest.py
c:\program files\AGI\Python25\Lib\DocXMLRPCServer.py
c:\program files\AGI\Python25\Lib\dumbdbm.py
c:\program files\AGI\Python25\Lib\dummy_thread.py
c:\program files\AGI\Python25\Lib\dummy_threading.py
c:\program files\AGI\Python25\Lib\email\__init__.py
c:\program files\AGI\Python25\Lib\email\_parseaddr.py
c:\program files\AGI\Python25\Lib\email\base64mime.py
c:\program files\AGI\Python25\Lib\email\charset.py
c:\program files\AGI\Python25\Lib\email\encoders.py
c:\program files\AGI\Python25\Lib\email\errors.py
c:\program files\AGI\Python25\Lib\email\feedparser.py
c:\program files\AGI\Python25\Lib\email\generator.py
c:\program files\AGI\Python25\Lib\email\header.py
c:\program files\AGI\Python25\Lib\email\iterators.py
c:\program files\AGI\Python25\Lib\email\message.py
c:\program files\AGI\Python25\Lib\email\mime\__init__.py
c:\program files\AGI\Python25\Lib\email\mime\application.py
c:\program files\AGI\Python25\Lib\email\mime\audio.py
c:\program files\AGI\Python25\Lib\email\mime\base.py
c:\program files\AGI\Python25\Lib\email\mime\image.py
c:\program files\AGI\Python25\Lib\email\mime\message.py
c:\program files\AGI\Python25\Lib\email\mime\multipart.py
c:\program files\AGI\Python25\Lib\email\mime\nonmultipart.py
c:\program files\AGI\Python25\Lib\email\mime\text.py
c:\program files\AGI\Python25\Lib\email\parser.py
c:\program files\AGI\Python25\Lib\email\quoprimime.py
c:\program files\AGI\Python25\Lib\email\utils.py
c:\program files\AGI\Python25\Lib\encodings\__init__.py
c:\program files\AGI\Python25\Lib\encodings\__init__.pyc
c:\program files\AGI\Python25\Lib\encodings\aliases.py
c:\program files\AGI\Python25\Lib\encodings\aliases.pyc
c:\program files\AGI\Python25\Lib\encodings\ascii.py
c:\program files\AGI\Python25\Lib\encodings\ascii.pyc
c:\program files\AGI\Python25\Lib\encodings\base64_codec.py
c:\program files\AGI\Python25\Lib\encodings\big5.py
c:\program files\AGI\Python25\Lib\encodings\big5hkscs.py
c:\program files\AGI\Python25\Lib\encodings\bz2_codec.py
c:\program files\AGI\Python25\Lib\encodings\charmap.py
c:\program files\AGI\Python25\Lib\encodings\cp037.py
c:\program files\AGI\Python25\Lib\encodings\cp1006.py
c:\program files\AGI\Python25\Lib\encodings\cp1026.py
c:\program files\AGI\Python25\Lib\encodings\cp1140.py
c:\program files\AGI\Python25\Lib\encodings\cp1250.py
c:\program files\AGI\Python25\Lib\encodings\cp1251.py
c:\program files\AGI\Python25\Lib\encodings\cp1252.py
c:\program files\AGI\Python25\Lib\encodings\cp1252.pyc
c:\program files\AGI\Python25\Lib\encodings\cp1253.py
c:\program files\AGI\Python25\Lib\encodings\cp1254.py
c:\program files\AGI\Python25\Lib\encodings\cp1255.py
c:\program files\AGI\Python25\Lib\encodings\cp1256.py
c:\program files\AGI\Python25\Lib\encodings\cp1257.py
c:\program files\AGI\Python25\Lib\encodings\cp1258.py
c:\program files\AGI\Python25\Lib\encodings\cp424.py
c:\program files\AGI\Python25\Lib\encodings\cp437.py
c:\program files\AGI\Python25\Lib\encodings\cp500.py
c:\program files\AGI\Python25\Lib\encodings\cp737.py
c:\program files\AGI\Python25\Lib\encodings\cp775.py
c:\program files\AGI\Python25\Lib\encodings\cp850.py
c:\program files\AGI\Python25\Lib\encodings\cp852.py
c:\program files\AGI\Python25\Lib\encodings\cp855.py
c:\program files\AGI\Python25\Lib\encodings\cp856.py
c:\program files\AGI\Python25\Lib\encodings\cp857.py
c:\program files\AGI\Python25\Lib\encodings\cp860.py
c:\program files\AGI\Python25\Lib\encodings\cp861.py
c:\program files\AGI\Python25\Lib\encodings\cp862.py
c:\program files\AGI\Python25\Lib\encodings\cp863.py
c:\program files\AGI\Python25\Lib\encodings\cp864.py
c:\program files\AGI\Python25\Lib\encodings\cp865.py
c:\program files\AGI\Python25\Lib\encodings\cp866.py
c:\program files\AGI\Python25\Lib\encodings\cp869.py
c:\program files\AGI\Python25\Lib\encodings\cp874.py
c:\program files\AGI\Python25\Lib\encodings\cp875.py
c:\program files\AGI\Python25\Lib\encodings\cp932.py
c:\program files\AGI\Python25\Lib\encodings\cp949.py
c:\program files\AGI\Python25\Lib\encodings\cp950.py
c:\program files\AGI\Python25\Lib\encodings\euc_jis_2004.py
c:\program files\AGI\Python25\Lib\encodings\euc_jisx0213.py
c:\program files\AGI\Python25\Lib\encodings\euc_jp.py
c:\program files\AGI\Python25\Lib\encodings\euc_kr.py
c:\program files\AGI\Python25\Lib\encodings\gb18030.py
c:\program files\AGI\Python25\Lib\encodings\gb2312.py
c:\program files\AGI\Python25\Lib\encodings\gbk.py
c:\program files\AGI\Python25\Lib\encodings\hex_codec.py
c:\program files\AGI\Python25\Lib\encodings\hp_roman8.py
c:\program files\AGI\Python25\Lib\encodings\hz.py
c:\program files\AGI\Python25\Lib\encodings\idna.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_1.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_2.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_2004.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_3.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_jp_ext.py
c:\program files\AGI\Python25\Lib\encodings\iso2022_kr.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_1.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_10.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_11.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_13.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_14.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_15.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_16.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_2.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_3.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_4.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_5.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_6.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_7.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_8.py
c:\program files\AGI\Python25\Lib\encodings\iso8859_9.py
c:\program files\AGI\Python25\Lib\encodings\johab.py
c:\program files\AGI\Python25\Lib\encodings\koi8_r.py
c:\program files\AGI\Python25\Lib\encodings\koi8_u.py
c:\program files\AGI\Python25\Lib\encodings\latin_1.py
c:\program files\AGI\Python25\Lib\encodings\mac_arabic.py
c:\program files\AGI\Python25\Lib\encodings\mac_centeuro.py
c:\program files\AGI\Python25\Lib\encodings\mac_croatian.py
c:\program files\AGI\Python25\Lib\encodings\mac_cyrillic.py
c:\program files\AGI\Python25\Lib\encodings\mac_farsi.py
c:\program files\AGI\Python25\Lib\encodings\mac_greek.py
c:\program files\AGI\Python25\Lib\encodings\mac_iceland.py
c:\program files\AGI\Python25\Lib\encodings\mac_latin2.py
c:\program files\AGI\Python25\Lib\encodings\mac_roman.py
c:\program files\AGI\Python25\Lib\encodings\mac_romanian.py
c:\program files\AGI\Python25\Lib\encodings\mac_turkish.py
c:\program files\AGI\Python25\Lib\encodings\mbcs.py
c:\program files\AGI\Python25\Lib\encodings\palmos.py
c:\program files\AGI\Python25\Lib\encodings\ptcp154.py
c:\program files\AGI\Python25\Lib\encodings\punycode.py
c:\program files\AGI\Python25\Lib\encodings\quopri_codec.py
c:\program files\AGI\Python25\Lib\encodings\raw_unicode_escape.py
c:\program files\AGI\Python25\Lib\encodings\rot_13.py
c:\program files\AGI\Python25\Lib\encodings\shift_jis.py
c:\program files\AGI\Python25\Lib\encodings\shift_jis_2004.py
c:\program files\AGI\Python25\Lib\encodings\shift_jisx0213.py
c:\program files\AGI\Python25\Lib\encodings\string_escape.py
c:\program files\AGI\Python25\Lib\encodings\string_escape.pyc
c:\program files\AGI\Python25\Lib\encodings\tis_620.py
c:\program files\AGI\Python25\Lib\encodings\undefined.py
c:\program files\AGI\Python25\Lib\encodings\unicode_escape.py
c:\program files\AGI\Python25\Lib\encodings\unicode_internal.py
c:\program files\AGI\Python25\Lib\encodings\utf_16.py
c:\program files\AGI\Python25\Lib\encodings\utf_16_be.py
c:\program files\AGI\Python25\Lib\encodings\utf_16_le.py
c:\program files\AGI\Python25\Lib\encodings\utf_7.py
c:\program files\AGI\Python25\Lib\encodings\utf_8.py
c:\program files\AGI\Python25\Lib\encodings\utf_8.pyc
c:\program files\AGI\Python25\Lib\encodings\utf_8_sig.py
c:\program files\AGI\Python25\Lib\encodings\uu_codec.py
c:\program files\AGI\Python25\Lib\encodings\zlib_codec.py
c:\program files\AGI\Python25\Lib\filecmp.py
c:\program files\AGI\Python25\Lib\fileinput.py
c:\program files\AGI\Python25\Lib\fnmatch.py
c:\program files\AGI\Python25\Lib\fnmatch.pyc
c:\program files\AGI\Python25\Lib\formatter.py
c:\program files\AGI\Python25\Lib\fpformat.py
c:\program files\AGI\Python25\Lib\ftplib.py
c:\program files\AGI\Python25\Lib\functools.py
c:\program files\AGI\Python25\Lib\getopt.py
c:\program files\AGI\Python25\Lib\getpass.py
c:\program files\AGI\Python25\Lib\gettext.py
c:\program files\AGI\Python25\Lib\gettext.pyc
c:\program files\AGI\Python25\Lib\glob.py
c:\program files\AGI\Python25\Lib\glob.pyc
c:\program files\AGI\Python25\Lib\gopherlib.py
c:\program files\AGI\Python25\Lib\gzip.py
c:\program files\AGI\Python25\Lib\hashlib.py
c:\program files\AGI\Python25\Lib\hashlib.pyc
c:\program files\AGI\Python25\Lib\heapq.py
c:\program files\AGI\Python25\Lib\hmac.py
c:\program files\AGI\Python25\Lib\hotshot\__init__.py
c:\program files\AGI\Python25\Lib\hotshot\log.py
c:\program files\AGI\Python25\Lib\hotshot\stats.py
c:\program files\AGI\Python25\Lib\hotshot\stones.py
c:\program files\AGI\Python25\Lib\htmlentitydefs.py
c:\program files\AGI\Python25\Lib\htmllib.py
c:\program files\AGI\Python25\Lib\HTMLParser.py
c:\program files\AGI\Python25\Lib\httplib.py
c:\program files\AGI\Python25\Lib\httplib.pyc
c:\program files\AGI\Python25\Lib\ihooks.py
c:\program files\AGI\Python25\Lib\imaplib.py
c:\program files\AGI\Python25\Lib\imghdr.py
c:\program files\AGI\Python25\Lib\imputil.py
c:\program files\AGI\Python25\Lib\inspect.py
c:\program files\AGI\Python25\Lib\keyword.py
c:\program files\AGI\Python25\Lib\linecache.py
c:\program files\AGI\Python25\Lib\linecache.pyc
c:\program files\AGI\Python25\Lib\locale.py
c:\program files\AGI\Python25\Lib\locale.pyc
c:\program files\AGI\Python25\Lib\logging\__init__.py
c:\program files\AGI\Python25\Lib\logging\__init__.pyc
c:\program files\AGI\Python25\Lib\logging\config.py
c:\program files\AGI\Python25\Lib\logging\handlers.py
c:\program files\AGI\Python25\Lib\logging\handlers.pyc
c:\program files\AGI\Python25\Lib\macpath.py
c:\program files\AGI\Python25\Lib\macurl2path.py
c:\program files\AGI\Python25\Lib\mailbox.py
c:\program files\AGI\Python25\Lib\mailcap.py
c:\program files\AGI\Python25\Lib\markupbase.py
c:\program files\AGI\Python25\Lib\md5.py
c:\program files\AGI\Python25\Lib\mhlib.py
c:\program files\AGI\Python25\Lib\mimetools.py
c:\program files\AGI\Python25\Lib\mimetools.pyc
c:\program files\AGI\Python25\Lib\mimetypes.py
c:\program files\AGI\Python25\Lib\MimeWriter.py
c:\program files\AGI\Python25\Lib\mimify.py
c:\program files\AGI\Python25\Lib\modulefinder.py
c:\program files\AGI\Python25\Lib\multifile.py
c:\program files\AGI\Python25\Lib\mutex.py
c:\program files\AGI\Python25\Lib\netrc.py
c:\program files\AGI\Python25\Lib\new.py
c:\program files\AGI\Python25\Lib\new.pyc
c:\program files\AGI\Python25\Lib\nntplib.py
c:\program files\AGI\Python25\Lib\ntpath.py
c:\program files\AGI\Python25\Lib\ntpath.pyc
c:\program files\AGI\Python25\Lib\nturl2path.py
c:\program files\AGI\Python25\Lib\nturl2path.pyc
c:\program files\AGI\Python25\Lib\opcode.py
c:\program files\AGI\Python25\Lib\opcode.pyc
c:\program files\AGI\Python25\Lib\optparse.py
c:\program files\AGI\Python25\Lib\optparse.pyc
c:\program files\AGI\Python25\Lib\os.py
c:\program files\AGI\Python25\Lib\os.pyc
c:\program files\AGI\Python25\Lib\os2emxpath.py
c:\program files\AGI\Python25\Lib\pdb.py
c:\program files\AGI\Python25\Lib\pickle.py
c:\program files\AGI\Python25\Lib\pickle.pyc
c:\program files\AGI\Python25\Lib\pickletools.py
c:\program files\AGI\Python25\Lib\pipes.py
c:\program files\AGI\Python25\Lib\pkgutil.py
c:\program files\AGI\Python25\Lib\platform.py
c:\program files\AGI\Python25\Lib\popen2.py
c:\program files\AGI\Python25\Lib\poplib.py
c:\program files\AGI\Python25\Lib\posixfile.py
c:\program files\AGI\Python25\Lib\posixpath.py
c:\program files\AGI\Python25\Lib\posixpath.pyc
c:\program files\AGI\Python25\Lib\pprint.py
c:\program files\AGI\Python25\Lib\profile.py
c:\program files\AGI\Python25\Lib\pstats.py
c:\program files\AGI\Python25\Lib\pty.py
c:\program files\AGI\Python25\Lib\py_compile.py
c:\program files\AGI\Python25\Lib\pyclbr.py
c:\program files\AGI\Python25\Lib\pydoc.py
c:\program files\AGI\Python25\Lib\Queue.py
c:\program files\AGI\Python25\Lib\quopri.py
c:\program files\AGI\Python25\Lib\random.py
c:\program files\AGI\Python25\Lib\random.pyc
c:\program files\AGI\Python25\Lib\re.py
c:\program files\AGI\Python25\Lib\re.pyc
c:\program files\AGI\Python25\Lib\repr.py
c:\program files\AGI\Python25\Lib\rexec.py
c:\program files\AGI\Python25\Lib\rfc822.py
c:\program files\AGI\Python25\Lib\rfc822.pyc
c:\program files\AGI\Python25\Lib\rlcompleter.py
c:\program files\AGI\Python25\Lib\robotparser.py
c:\program files\AGI\Python25\Lib\runpy.py
c:\program files\AGI\Python25\Lib\sched.py
c:\program files\AGI\Python25\Lib\sets.py
c:\program files\AGI\Python25\Lib\sgmllib.py
c:\program files\AGI\Python25\Lib\sha.py
c:\program files\AGI\Python25\Lib\shelve.py
c:\program files\AGI\Python25\Lib\shlex.py
c:\program files\AGI\Python25\Lib\shutil.py
c:\program files\AGI\Python25\Lib\shutil.pyc
c:\program files\AGI\Python25\Lib\SimpleHTTPServer.py
c:\program files\AGI\Python25\Lib\SimpleXMLRPCServer.py
c:\program files\AGI\Python25\Lib\site.py
c:\program files\AGI\Python25\Lib\site.pyc
c:\program files\AGI\Python25\Lib\smtpd.py
c:\program files\AGI\Python25\Lib\smtplib.py
c:\program files\AGI\Python25\Lib\sndhdr.py
c:\program files\AGI\Python25\Lib\socket.py
c:\program files\AGI\Python25\Lib\socket.pyc
c:\program files\AGI\Python25\Lib\SocketServer.py
c:\program files\AGI\Python25\Lib\sre.py
c:\program files\AGI\Python25\Lib\sre_compile.py
c:\program files\AGI\Python25\Lib\sre_compile.pyc
c:\program files\AGI\Python25\Lib\sre_constants.py
c:\program files\AGI\Python25\Lib\sre_constants.pyc
c:\program files\AGI\Python25\Lib\sre_parse.py
c:\program files\AGI\Python25\Lib\sre_parse.pyc
c:\program files\AGI\Python25\Lib\stat.py
c:\program files\AGI\Python25\Lib\stat.pyc
c:\program files\AGI\Python25\Lib\statvfs.py
c:\program files\AGI\Python25\Lib\string.py
c:\program files\AGI\Python25\Lib\string.pyc
c:\program files\AGI\Python25\Lib\StringIO.py
c:\program files\AGI\Python25\Lib\StringIO.pyc
c:\program files\AGI\Python25\Lib\stringold.py
c:\program files\AGI\Python25\Lib\stringprep.py
c:\program files\AGI\Python25\Lib\struct.py
c:\program files\AGI\Python25\Lib\struct.pyc
c:\program files\AGI\Python25\Lib\subprocess.py
c:\program files\AGI\Python25\Lib\subprocess.pyc
c:\program files\AGI\Python25\Lib\sunau.py
c:\program files\AGI\Python25\Lib\sunaudio.py
c:\program files\AGI\Python25\Lib\symbol.py
c:\program files\AGI\Python25\Lib\symbol.pyc
c:\program files\AGI\Python25\Lib\symtable.py
c:\program files\AGI\Python25\Lib\tabnanny.py
c:\program files\AGI\Python25\Lib\tarfile.py
c:\program files\AGI\Python25\Lib\telnetlib.py
c:\program files\AGI\Python25\Lib\tempfile.py
c:\program files\AGI\Python25\Lib\tempfile.pyc
c:\program files\AGI\Python25\Lib\textwrap.py
c:\program files\AGI\Python25\Lib\textwrap.pyc
c:\program files\AGI\Python25\Lib\this.py
c:\program files\AGI\Python25\Lib\threading.py
c:\program files\AGI\Python25\Lib\threading.pyc
c:\program files\AGI\Python25\Lib\timeit.py
c:\program files\AGI\Python25\Lib\toaiff.py
c:\program files\AGI\Python25\Lib\token.py
c:\program files\AGI\Python25\Lib\token.pyc
c:\program files\AGI\Python25\Lib\tokenize.py
c:\program files\AGI\Python25\Lib\trace.py
c:\program files\AGI\Python25\Lib\traceback.py
c:\program files\AGI\Python25\Lib\traceback.pyc
c:\program files\AGI\Python25\Lib\tty.py
c:\program files\AGI\Python25\Lib\types.py
c:\program files\AGI\Python25\Lib\types.pyc
c:\program files\AGI\Python25\Lib\unittest.py
c:\program files\AGI\Python25\Lib\urllib.py
c:\program files\AGI\Python25\Lib\urllib.pyc
c:\program files\AGI\Python25\Lib\urllib2.py
c:\program files\AGI\Python25\Lib\urllib2.pyc
c:\program files\AGI\Python25\Lib\urlparse.py
c:\program files\AGI\Python25\Lib\urlparse.pyc
c:\program files\AGI\Python25\Lib\user.py
c:\program files\AGI\Python25\Lib\UserDict.py
c:\program files\AGI\Python25\Lib\UserDict.pyc
c:\program files\AGI\Python25\Lib\UserList.py
c:\program files\AGI\Python25\Lib\UserString.py
c:\program files\AGI\Python25\Lib\uu.py
c:\program files\AGI\Python25\Lib\uuid.py
c:\program files\AGI\Python25\Lib\uuid.pyc
c:\program files\AGI\Python25\Lib\warnings.py
c:\program files\AGI\Python25\Lib\warnings.pyc
c:\program files\AGI\Python25\Lib\wave.py
c:\program files\AGI\Python25\Lib\weakref.py
c:\program files\AGI\Python25\Lib\weakref.pyc
c:\program files\AGI\Python25\Lib\webbrowser.py
c:\program files\AGI\Python25\Lib\whichdb.py
c:\program files\AGI\Python25\Lib\xdrlib.py
c:\program files\AGI\Python25\Lib\xml\__init__.py
c:\program files\AGI\Python25\Lib\xml\__init__.pyc
c:\program files\AGI\Python25\Lib\xml\dom\__init__.py
c:\program files\AGI\Python25\Lib\xml\dom\domreg.py
c:\program files\AGI\Python25\Lib\xml\dom\expatbuilder.py
c:\program files\AGI\Python25\Lib\xml\dom\minicompat.py
c:\program files\AGI\Python25\Lib\xml\dom\minidom.py
c:\program files\AGI\Python25\Lib\xml\dom\NodeFilter.py
c:\program files\AGI\Python25\Lib\xml\dom\pulldom.py
c:\program files\AGI\Python25\Lib\xml\dom\xmlbuilder.py
c:\program files\AGI\Python25\Lib\xml\etree\__init__.py
c:\program files\AGI\Python25\Lib\xml\etree\__init__.pyc
c:\program files\AGI\Python25\Lib\xml\etree\cElementTree.py
c:\program files\AGI\Python25\Lib\xml\etree\cElementTree.pyc
c:\program files\AGI\Python25\Lib\xml\etree\ElementInclude.py
c:\program files\AGI\Python25\Lib\xml\etree\ElementPath.py
c:\program files\AGI\Python25\Lib\xml\etree\ElementPath.pyc
c:\program files\AGI\Python25\Lib\xml\etree\ElementTree.py
c:\program files\AGI\Python25\Lib\xml\etree\ElementTree.pyc
c:\program files\AGI\Python25\Lib\xml\parsers\__init__.py
c:\program files\AGI\Python25\Lib\xml\parsers\expat.py
c:\program files\AGI\Python25\Lib\xml\sax\__init__.py
c:\program files\AGI\Python25\Lib\xml\sax\_exceptions.py
c:\program files\AGI\Python25\Lib\xml\sax\expatreader.py
c:\program files\AGI\Python25\Lib\xml\sax\handler.py
c:\program files\AGI\Python25\Lib\xml\sax\saxutils.py
c:\program files\AGI\Python25\Lib\xml\sax\xmlreader.py
c:\program files\AGI\Python25\Lib\xmllib.py
c:\program files\AGI\Python25\Lib\xmlrpclib.py
c:\program files\AGI\Python25\Lib\zipfile.py
c:\program files\AGI\Python25\Lib\zipfile.pyc
c:\program files\AGI\Python25\LICENSE.txt
c:\program files\AGI\Python25\python.exe
c:\program files\AGI\Python25\pythonw.exe
c:\program files\AGI\tmp\installShell.log
c:\program files\AGI\tmp\python25.zip
c:\programdata\AGI
c:\programdata\AGI\config\desktopconfig.cfg
c:\programdata\AGI\config\desktopdata.cfg
c:\programdata\AGI\config\logging.cfg
c:\programdata\AGI\KiweeToolbar\config\appconfig.cfg
c:\programdata\AGI\KiweeToolbar\config\appdata.cfg
c:\programdata\AGI\logs\bootstrapper0.log
c:\users\Pauline\AppData\Roaming\agi
c:\users\Pauline\AppData\Roaming\agi\config\userconfig.cfg
c:\users\Pauline\AppData\Roaming\agi\KiweeToolbar\config\appuserconfig.cfg
c:\users\Pauline\AppData\Roaming\agi\logs\pyagcore.log
c:\windows\system32\SKYNETerrmifpw.dat
c:\windows\system32\SKYNETiobjxenu.dat
c:\windows\system32\SKYNEToxxqxtbs.dat
c:\windows\system32\SKYNETpvpptmky.dll
c:\windows\system32\SKYNETqptuupdn.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-06-05 au 2009-07-05 ))))))))))))))))))))))))))))))))))))
.

2009-07-05 20:02 . 2009-07-05 20:03 -------- d-----w- C:\32788R22FWJFW.0.tmp
2009-07-05 07:04 . 2009-07-05 07:04 -------- d-----w- c:\users\Invité
2009-07-04 22:18 . 2009-07-04 22:18 -------- d-----w- c:\users\Pauline\AppData\Roaming\Samsung
2009-07-04 21:59 . 2007-05-02 09:12 15112 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_wh.sys
2009-07-04 21:59 . 2007-05-02 09:12 109704 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys
2009-07-04 21:59 . 2007-05-02 09:12 83592 ----a-w- c:\windows\system32\drivers\ssm_bus.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys
2009-07-04 21:59 . 2007-05-02 09:12 12424 ----a-w- c:\windows\system32\drivers\ssm_cm.sys
2009-07-04 21:58 . 2009-07-04 22:39 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-07-04 21:57 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-07-04 21:57 . 2009-07-04 21:57 -------- d-----w- c:\program files\Samsung
2009-06-29 04:40 . 2009-06-29 04:40 -------- d-----w- c:\program files\LeeGTs Games
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\program files\Kiwee Toolbar
2009-06-16 19:26 . 2009-06-16 19:26 -------- d-----w- c:\programdata\Kiwee Toolbar
2009-06-16 19:25 . 2009-06-16 19:25 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-06-16 19:25 . 2009-06-16 19:25 2117632 ----a-w- c:\windows\system32\python25.dll
2009-06-16 19:25 . 2009-06-16 19:25 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-06-16 19:24 . 2008-09-16 16:26 1332197 ----a-w- c:\windows\system32\pythondll.zip
2009-06-14 20:42 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Roaming\Sony
2009-06-14 20:42 . 2009-06-14 20:42 -------- d-----w- c:\programdata\Sony
2009-06-14 20:41 . 2009-07-04 18:57 -------- d-----w- c:\users\Pauline\AppData\Local\Sony
2009-06-14 20:39 . 2009-06-14 20:39 -------- d-----w- c:\program files\Common Files\Sony Shared
2009-06-14 20:35 . 2009-06-14 20:37 -------- d-----w- c:\program files\QuickTime
2009-06-14 08:32 . 2009-06-14 08:32 -------- d-----w- c:\program files\Rockstar Games
2009-06-13 14:49 . 2009-06-13 14:49 -------- d-----w- c:\programdata\BVRP Software
2009-06-13 14:25 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2009-06-13 14:25 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2009-06-13 14:25 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2009-06-13 14:25 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2009-06-13 14:25 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2009-06-13 14:25 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2009-06-13 14:25 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2009-06-13 14:25 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2009-06-13 14:25 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2009-06-12 19:21 . 2009-06-12 19:22 -------- d-----w- c:\users\Pauline\AppData\Local\Ludi
2009-06-12 19:21 . 2009-06-12 19:21 -------- d-----w- c:\program files\Ludi
2009-06-11 13:26 . 2009-04-24 16:05 827904 ----a-w- c:\windows\system32\wininet.dll
2009-06-11 13:26 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-11 13:26 . 2009-04-24 13:44 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-06-11 12:51 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-11 12:45 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-11 12:40 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-09 14:12 . 2009-06-09 14:12 -------- d-----w- c:\program files\uTorrent
2009-06-09 14:11 . 2009-07-04 22:08 -------- d-----w- c:\users\Pauline\AppData\Roaming\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 22:02 . 2008-10-12 19:27 -------- d-----w- c:\users\Pauline\AppData\Roaming\skypePM
2009-07-05 21:25 . 2008-05-26 15:53 669566 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-05 21:25 . 2008-05-26 15:53 123556 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-05 20:56 . 2008-10-10 18:02 1356 ----a-w- c:\users\Pauline\AppData\Local\d3d9caps.dat
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-05 19:36 . 2009-02-08 11:28 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-05 19:10 . 2008-05-26 06:48 -------- d-----w- c:\program files\Google
2009-07-05 19:10 . 2008-05-26 06:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-04 18:59 . 2008-10-21 19:08 -------- d-----w- c:\program files\Sony
2009-07-02 19:50 . 2008-10-13 21:24 1 ----a-w- c:\users\Pauline\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-30 23:21 . 2008-11-07 11:48 -------- d-----w- c:\users\Pauline\AppData\Roaming\dvdcss
2009-06-30 00:06 . 2008-10-09 20:53 -------- d-----w- c:\program files\Windows Live
2009-06-25 20:58 . 2008-10-12 19:26 -------- d-----w- c:\users\Pauline\AppData\Roaming\Skype
2009-06-14 20:35 . 2008-11-18 17:48 -------- d-----w- c:\programdata\Apple Computer
2009-06-13 14:18 . 2008-05-26 06:31 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-10 17:58 . 2009-05-28 12:07 -------- d-----w- c:\program files\Warcraft III
2009-05-28 12:25 . 2009-05-28 12:12 55358 ----a-w- c:\windows\War3Unin.dat
2009-05-28 12:25 . 2009-05-28 12:12 2829 ----a-w- c:\windows\War3Unin.pif
2009-05-28 12:25 . 2009-05-28 12:12 139264 ----a-w- c:\windows\War3Unin.exe
2009-05-24 21:28 . 2009-05-24 21:27 -------- d-----r- c:\program files\Skype
2009-05-24 21:28 . 2009-05-24 21:28 -------- d-----w- c:\program files\Common Files\Skype
2009-05-24 21:28 . 2008-05-26 07:17 -------- d-----w- c:\programdata\Skype
2009-05-21 17:01 . 2008-12-22 18:47 -------- d-----w- c:\program files\DivX
2009-05-21 17:01 . 2008-10-21 19:13 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-21 17:00 . 2009-05-21 16:59 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-21 12:53 . 2009-05-21 12:53 -------- d-----w- c:\program files\Chaos Shredder2.3FR
2009-05-20 21:03 . 2008-12-15 21:36 -------- d-----w- c:\users\Pauline\AppData\Roaming\ESTsoft
2009-05-20 21:03 . 2009-05-20 21:02 -------- d-----w- c:\program files\ESTsoft
2009-05-14 01:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-09 08:33 . 2009-05-09 08:33 -------- d-----w- c:\program files\Avira
2009-05-09 08:33 . 2009-04-07 06:57 -------- d-----w- c:\programdata\Avira
2009-04-23 20:28 . 2009-04-23 20:27 21878064 ----a-w- c:\users\Pauline\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2008-06-30 11:44 . 2008-10-10 05:16 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-05-26 15:58 . 2008-05-26 15:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-07-05_21.19.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 13:02 . 2009-07-05 21:20 75812 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-09 19:22 . 2009-07-05 21:20 13156 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1243321965-3589882168-3296649825-1000_UserData.bin
+ 2006-11-02 10:33 . 2009-07-05 21:25 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-05 21:07 587178 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-07-05 21:25 101250 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-07-05 21:07 101250 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-06-16 19:26 277648 ----a-w- c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Does wait"="c:\programdata\mapi rule rule.rbrxv" [X]
"Hope Draw Obj Funk"="c:\programdata\HOPE LIES DART.l4op9a7" [X]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664]
"Google Update"="c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-12-05 133104]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-11 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-11 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-11 145944]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-26 29744]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-28 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.9.201\kwtbaim.exe" [2009-06-16 56456]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{21AEC2E7-FEE5-47FD-BB06-BA93600638EA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{769EDCAB-AA23-4F50-AE37-D6B23D09AE7B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1F20F986-497B-4045-ABBA-5A98D5B27A05}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{68DB0F74-AC44-4DB0-B62D-6D8FA4C93A83}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{7B6CE150-E3DA-42AE-9774-650A5DD88C01}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule Plus
"UDP Query User{330A880B-300E-4EE0-BDFE-9B3B1BE39849}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule Plus
"TCP Query User{C550615A-4F0E-4732-B148-0EE7A9B952AE}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"UDP Query User{CA001725-C64F-4363-A426-98D44B951943}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Packard Bell - Skype
"{3B8FFFBB-C972-47F6-BD28-15D97DD551A9}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{8DC75970-59CB-4989-92E6-0C3DF54FCFEB}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{BED62AC2-D99B-4F2D-8062-30CD3150736E}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{40B030FC-38DF-4493-84F5-51999FCCB504}c:\\ut2004\\system\\ut2004.exe"= UDP:c:\ut2004\system\ut2004.exe:UT2004
"UDP Query User{86AA4F51-44B0-45FB-9DBC-A09655FEA866}c:\\ut2004\\system\\ut2004.exe"= TCP:c:\ut2004\system\ut2004.exe:UT2004
"{C55D61F4-A160-4B2F-99ED-CAFBAF1ABEAE}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{D2FE08EB-D132-4862-A942-A853367BDD2C}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{43204573-6B06-4303-9AE3-3653AD56756A}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"{5F7B623A-4F43-4381-9236-B4F00BAD88DF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{C1B43801-204F-45FF-B358-784ABDF97736}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{C019811F-D531-431D-BBF8-07845CAF14C4}"= UDP:44535:Torrent
"{8F3BAC46-AD77-46C6-A406-BEED2F8B0877}"= TCP:44535:Torrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [09/05/2009 10:33 108289]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr73.sys [26/05/2008 17:46 489984]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [13/05/2008 06:48 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [13/05/2008 03:48 43736]
S2 AGWinService;AG Windows Service;"c:\program files\AGI\common\win32\PythonService.exe" --> c:\program files\AGI\common\win32\PythonService.exe [?]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\System32\drivers\IcdUsb2.sys [21/10/2008 21:09 39048]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [13/06/2009 16:25 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [13/06/2009 16:25 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [13/06/2009 16:25 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [13/06/2009 16:25 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [13/06/2009 16:25 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [13/06/2009 16:25 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [13/06/2009 16:25 115752]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - Ndisprot.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contenu du dossier 'Tâches planifiées'

2009-07-05 c:\windows\Tasks\Extension de garantie-Pauline.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-05-26 10:13]

2009-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000Core.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243321965-3589882168-3296649825-1000UA.job
- c:\users\Pauline\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-05 06:21]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{7DD4461A-AF1A-409F-A9A7-CE23A63F1F23}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{A7BEE8AB-23DD-48DE-8AF7-A0AA78AFE1E7}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]
.
.
------- Examen supplémentaire -------
.
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Pauline\AppData\Roaming\Mozilla\Firefox\Profiles\gt3se141.default\
FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF

   
Répondre à eloitalia

5

gen-hackman, le 6 jui 2009 à 10:39:21

Salut ton rapport est trop long pour etre complet sur le forum fais le passer par ici : http://www.cijoint.fr/ puis donne le lien obtenu

on y voit deja beaucoup plus clair ca devrait deja aller mieux

ensuite passe à la suite :) ♦G3и-н@¢км@и™©®♦

   
Répondre à gen-hackman

6

eloitalia, le 6 jui 2009 à 11:48:50

http://www.cijoint.fr/cjlink.php?file=cj200907/cijxDgiU86.tx­t

Oui ca va déjà mieux, l'ordi a arreté de s'éteindre tout seul ^^

Je continue ^^ Ptite fée est passée par là ... 

   
Répondre à eloitalia

7

eloitalia, le 6 jui 2009 à 18:57:57

J'ai laissé le programme tourné toute la journée et il n'a rien fait ! Je viens de le couper pour ouvrir Mozilla et je voulais me connecter à MSN, je peux plus, il trouve plus mon programme. Que dois-je faire ?? Ptite fée est passée par là ... 

   
Répondre à eloitalia

8

 gen-hackman, le 6 jui 2009 à 19:08:46

Tu l'as bien lancé en tant qu'administrateur ? ♦G3и-н@¢км@и™©®♦

   
Répondre à gen-hackman
Posez votre question Répondre
Ils ont besoin de votre aide