Sujet Précédent Sujet Suivant

VIrus worm bagle??

Fermé
navajo - 29 janv. 2009 à 00:54
 Utilisateur anonyme - 16 févr. 2010 à 01:26
Bonsoir,

voilà j'ai un petit souci. Quand je démarre mon pc, un message s'affiche pour windows defender :

échec de l'initialisation de l'application 0x800106ba; Un problème a provoqué l'arrêt du service de ce programme...

J'ai regardé pas mal de posts la dessus et apparement ce serait un virus assez ennuyeux, j'ai donc téléchargé Hijackthis, puisque apparement pour chaque personne le problème peut etre différent.
Voilà donc le résultat du scan :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:33:46, on 29/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\Windows\services.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wuauclt.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\HJ\HJ.exe
c:\program files\google\googletoolbar1user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
F3 - REG:win.ini: load=C:\Windows\svchost.exe
F3 - REG:win.ini: run=C:\Windows\services.exe
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, explorer.exe
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Microsoft Windows Update Client] C:\Windows\services.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Barsaka] explorer.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [flec003.exe] C:\Users\Françoise\AppData\Roaming\hidires\flec003.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: QuickSet.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm490YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/CursorManiaFWBInitialSetup1.0.1.0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

11 réponses

Réponse 1 / 11
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 janv. 2009 à 01:00
Salut,

--> Désactive l'UAC le temps de la désinfection.

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
0
navajo
29 janv. 2009 à 21:57
Bonsoir,

merci beaucoup pour ta rapidité de réponse et désolé pour la mienne. J'ai donc téléchargé Combofix et executé.
L'analyse a commencé, peu après il a détecté un "rootkit" je crois et a redemarré le pc. Le fichier trouvé était dans le répertoire C:\Windows\system32\drivers\srosa.sys. Une fois le pc redemarré, plus rien. Est ce que je dois le relancer?
dans le message d'avertissement, j'ai vu qu'après analyse, combofix supprimerai tout les fichiers infectés, est ce normal?

Désolé de toutes ces questions mais étant novice, je n'ai pas envie de faire de faux pas!

Merci d'avance.
0
Réponse 2 / 11
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 janv. 2009 à 21:58
"C:\Windows\system32\drivers\srosa.sys" ---> C'est un fichier Bagle.

Renomme ComboFix en CCM puis relance-le.
0
navajo
29 janv. 2009 à 22:01
Je renomme l'executable CCM, je l'avais déjà renommé CF, dois-je tout de même le renommer?
Merci beaucoup.
0
Réponse 3 / 11
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 janv. 2009 à 22:15
Pas besoin de le renommer dans ce cas-là.
0
navajo
29 janv. 2009 à 22:39
Alors voila le rapport à la fin de l'analyse :

ComboFix 09-01-21.04 - Françoise 2009-01-29 22:14:10.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1014.359 [GMT 1:00]
Lancé depuis: c:\users\Françoise\Desktop\CCM.exe
* Un nouveau point de restauration a été créé
.

Overlay interrompu ... Veuillez exécuter ComboFix une nouvelle fois
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\AdobeRd9.0.exe
C:\autorun.inf
c:\program files\FunWebProducts
c:\program files\Internet Explorer\msimg32.dll
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\scene.exe
c:\users\Françoise\AppData\Roaming\hidires
c:\users\Françoise\AppData\Roaming\hidires\flec003.exe
c:\users\Françoise\AppData\Roaming\hidires\names.txt
c:\users\Françoise\AppData\Roaming\m
c:\users\Françoise\AppData\Roaming\m\data.oct
c:\users\Françoise\AppData\Roaming\m\flec006.exe
c:\users\Françoise\AppData\Roaming\m\list.oct
c:\users\Françoise\AppData\Roaming\m\shared\101 Clips 9.02.zip
c:\users\Françoise\AppData\Roaming\m\shared\123 DVD Clone 2.6.1.9.zip
c:\users\Françoise\AppData\Roaming\m\shared\2_antivirus.kaspersky.avp.personal.pro.v4.5.0.58.spanish.+.key.hasta.2007.by.cajai.zip
c:\users\Françoise\AppData\Roaming\m\shared\2cTranslator 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\2D GhostForest Interactive Saver 04 3.5.zip
c:\users\Françoise\AppData\Roaming\m\shared\Abcc DVD to 3GP iPod Zune iPhone MP4 Ripper Pro 5.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Advanced Business Card Maker 4.6.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Advanced Midi Gate 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Advanced WordReplacer 1.0.0.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\AgileJ StructureViews 1.4.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\AllBalancesLink Excel Add-In for Peachtree 1.0 Build 004.zip
c:\users\Françoise\AppData\Roaming\m\shared\AllnView 3.7.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\Antivirus.Kaspersky.Nod32.Keys.&.Passwords.zip
c:\users\Françoise\AppData\Roaming\m\shared\ARashNaziBlurb 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Avast.4.1.Home.And.Pro.Edition.Skins.Keygen.zip
c:\users\Françoise\AppData\Roaming\m\shared\avast__Professional_Edition_4.7.844.zip
c:\users\Françoise\AppData\Roaming\m\shared\avg.internet.security.zip
c:\users\Françoise\AppData\Roaming\m\shared\Beauty Pilot 2.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Black and White Works 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\BlackBox 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\ChatProbe Home Edition 2.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Cherno Belia Album 0.03.zip
c:\users\Françoise\AppData\Roaming\m\shared\Chilkat IMAP ActiveX -.zip
c:\users\Françoise\AppData\Roaming\m\shared\Christina Applegate Screensaver3.zip
c:\users\Françoise\AppData\Roaming\m\shared\CobShell plus 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\CodeThatPacker 2.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Count Characters 3.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\CpuDj 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\CRACK.Symantec.Norton.internet.Security.2005.español.zip
c:\users\Françoise\AppData\Roaming\m\shared\CRM Mobile Certificate Diagnostics Tool 1.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\CSS Help 1.01.zip
c:\users\Françoise\AppData\Roaming\m\shared\Dancing Bears 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Database Tour Pro 5.8.4.1271.zip
c:\users\Françoise\AppData\Roaming\m\shared\Displaying 22001 - 24000 of 107598.zip
c:\users\Françoise\AppData\Roaming\m\shared\DopeCode Reveal 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\dRun 0.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Eevee 1.3.zip
c:\users\Françoise\AppData\Roaming\m\shared\EZ Intranet Messenger 1.1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\F-Secure F-Secure Mobile Anti-Virus 107 3.0 Serial Keygen.zip
c:\users\Françoise\AppData\Roaming\m\shared\Fast Weight Loss Checker 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\FileExten 1.0.28.zip
c:\users\Françoise\AppData\Roaming\m\shared\FolderCloak 2.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\FoxFlite 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\FreeAmp v2.2.0a.zip
c:\users\Françoise\AppData\Roaming\m\shared\Fresh Catalog 3.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Gaggers Font 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Garfield 2 Clock 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\GeneMatics 2.2.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\GMER 1.0.14.14536.zip
c:\users\Françoise\AppData\Roaming\m\shared\Goombah for Windows 0.98.9.zip
c:\users\Françoise\AppData\Roaming\m\shared\Haiku 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\HelpTrans 1.01.zip
c:\users\Françoise\AppData\Roaming\m\shared\HTML HelpWizard 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\HttpTracer 3.0.6.zip
c:\users\Françoise\AppData\Roaming\m\shared\IA CHM2Word 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Icesun Sound Recorder 3.10.zip
c:\users\Françoise\AppData\Roaming\m\shared\IL Launcher 1.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\IMAGEM - Software CD Mobile Phone Tools 4.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\IMGFLPYD 1.01.zip
c:\users\Françoise\AppData\Roaming\m\shared\ImTOO HD Video Converter 5.1.17.1017.zip
c:\users\Françoise\AppData\Roaming\m\shared\InfoSafe Plus 5.0.6.zip
c:\users\Françoise\AppData\Roaming\m\shared\Interest 1.01.zip
c:\users\Françoise\AppData\Roaming\m\shared\Kaspersky_Internet_Security_6.0.1.392_cht.zip
c:\users\Françoise\AppData\Roaming\m\shared\LanguageStudio Dutch 2.1s build 69.zip
c:\users\Françoise\AppData\Roaming\m\shared\Lansweeper 3.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\LeAN OVER 2.7.zip
c:\users\Françoise\AppData\Roaming\m\shared\LibMaster.com NTFSpath library 0.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Lotus Notes Password Recovery Key 8.0 build 2514.zip
c:\users\Françoise\AppData\Roaming\m\shared\M2 Launcher 2.11.zip
c:\users\Françoise\AppData\Roaming\m\shared\Malware Removal Tool December 2008 Edition.zip
c:\users\Françoise\AppData\Roaming\m\shared\Manchester Cams 1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Math Suga 15.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Memory Display 0.2.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\Metadata Analyzer 2.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\MidnightFox 2.081108.zip
c:\users\Françoise\AppData\Roaming\m\shared\Mort Hill's In Play Tennis (IPT) Calculator 2.01 beta.zip
c:\users\Françoise\AppData\Roaming\m\shared\MyGains 1.0.7.zip
c:\users\Françoise\AppData\Roaming\m\shared\NiceGrid 2.20.zip
c:\users\Françoise\AppData\Roaming\m\shared\Notes&Thoughts 1.6.zip
c:\users\Françoise\AppData\Roaming\m\shared\Nova100 1.1.3.zip
c:\users\Françoise\AppData\Roaming\m\shared\Okoker All to Mp3 Converter 6.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\OpenRun 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Outlook Loader 1.4.1001.zip
c:\users\Françoise\AppData\Roaming\m\shared\Paraben's I-Jolt 2.85.57.zip
c:\users\Françoise\AppData\Roaming\m\shared\PasteAway Platinum 1.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\PDF Password Cracker Pro 3.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Perfect Day
c:\users\Françoise\AppData\Roaming\m\shared\Perfect4contact 3.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Photilla Photo Album Software 1.00.zip
c:\users\Françoise\AppData\Roaming\m\shared\Pocket PC Video Converter 3.6.50.033.zip
c:\users\Françoise\AppData\Roaming\m\shared\Portable EnRo Dictionary 1.30.zip
c:\users\Françoise\AppData\Roaming\m\shared\Portable MV2 Player 0.7.0 RC2.zip
c:\users\Françoise\AppData\Roaming\m\shared\Portable Total Commander Utility 0.93 Beta.zip
c:\users\Françoise\AppData\Roaming\m\shared\Primary 6 Test Papers 2.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\printclose 3.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Regards 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\RegFind 1.0.20.zip
c:\users\Françoise\AppData\Roaming\m\shared\ScoreBoard 0.1 Beta.zip
c:\users\Françoise\AppData\Roaming\m\shared\SendToPager SDK 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Serene Fish Screen Saver 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\ShellBrowser Components for ActiveX 6.12.zip
c:\users\Françoise\AppData\Roaming\m\shared\SmarterPing 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\SMBDownLoader 1.0 RC5.zip
c:\users\Françoise\AppData\Roaming\m\shared\SolFileFinder 1.0.0.3.zip
c:\users\Françoise\AppData\Roaming\m\shared\Spin It Again 2.1 Build 39.zip
c:\users\Françoise\AppData\Roaming\m\shared\Split Page Vertically 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Startup Agent 2.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Summer Breeze Screensaver 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\SumsBox-W for MS Word 1.8.zip
c:\users\Françoise\AppData\Roaming\m\shared\SVG Clock 1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Tamil '99 Keyboard 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Target Search Widget 1.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Timestimator 1.6.zip
c:\users\Françoise\AppData\Roaming\m\shared\Tribune Condensed Fonts PostScript 1.31C.zip
c:\users\Françoise\AppData\Roaming\m\shared\Trojan.Abwiz Removal Tool 1.0.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Tyra 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\UCon
c:\users\Françoise\AppData\Roaming\m\shared\Unit Converter 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Video to 3GP Converter 2.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\Video2Webcam 3.0.2.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\VistaSkin.Net 1.1.2.zip
c:\users\Françoise\AppData\Roaming\m\shared\W32.Bacalid Removal Tool 1.0.4.zip
c:\users\Françoise\AppData\Roaming\m\shared\WagerWidget 1.6.1.zip
c:\users\Françoise\AppData\Roaming\m\shared\Web Info Extractor 1.6.8.zip
c:\users\Françoise\AppData\Roaming\m\shared\Wonders of the World Screensaver 1.0.6.2634.zip
c:\users\Françoise\AppData\Roaming\m\shared\Word Extractor 1.8.4.68.zip
c:\users\Françoise\AppData\Roaming\m\shared\WordPerfect Macro Run 1.0.zip
c:\users\Françoise\AppData\Roaming\m\shared\World Travel 2 Screensaver.zip
c:\users\Françoise\AppData\Roaming\m\shared\xero
c:\users\Françoise\AppData\Roaming\m\shared\XPAlert 1.47.zip
c:\users\Françoise\AppData\Roaming\m\srvlist.oct
c:\windows\autorun.inf
c:\windows\services.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\downld
c:\windows\system32\drivers\downld\1001261.exe
c:\windows\system32\drivers\downld\1009997.exe
c:\windows\system32\drivers\downld\1010964.exe
c:\windows\system32\drivers\downld\1013288.exe
c:\windows\system32\drivers\downld\1019513.exe
c:\windows\system32\drivers\downld\1019856.exe
c:\windows\system32\drivers\downld\1023475.exe
c:\windows\system32\drivers\downld\102392410.exe
c:\windows\system32\drivers\downld\102424422.exe
c:\windows\system32\drivers\downld\102445185.exe
c:\windows\system32\drivers\downld\102446059.exe
c:\windows\system32\drivers\downld\102451613.exe
c:\windows\system32\drivers\downld\102454873.exe
c:\windows\system32\drivers\downld\102462439.exe
c:\windows\system32\drivers\downld\102494934.exe
c:\windows\system32\drivers\downld\102521439.exe
c:\windows\system32\drivers\downld\102599969.exe
c:\windows\system32\drivers\downld\102601436.exe
c:\windows\system32\drivers\downld\102604197.exe
c:\windows\system32\drivers\downld\102634945.exe
c:\windows\system32\drivers\downld\102659203.exe
c:\windows\system32\drivers\downld\1030542.exe
c:\windows\system32\drivers\downld\1036938.exe
c:\windows\system32\drivers\downld\1037328.exe
c:\windows\system32\drivers\downld\1038795.exe
c:\windows\system32\drivers\downld\1041478.exe
c:\windows\system32\drivers\downld\1044676.exe
c:\windows\system32\drivers\downld\1047609.exe
c:\windows\system32\drivers\downld\1054488.exe
c:\windows\system32\drivers\downld\1063334.exe
c:\windows\system32\drivers\downld\1067842.exe
c:\windows\system32\drivers\downld\1076781.exe
c:\windows\system32\drivers\downld\1083208.exe
c:\windows\system32\drivers\downld\1095189.exe
c:\windows\system32\drivers\downld\1097872.exe
c:\windows\system32\drivers\downld\1111990.exe
c:\windows\system32\drivers\downld\1120321.exe
c:\windows\system32\drivers\downld\1122239.exe
c:\windows\system32\drivers\downld\1148884.exe
c:\windows\system32\drivers\downld\1155686.exe
c:\windows\system32\drivers\downld\117085879.exe
c:\windows\system32\drivers\downld\117093118.exe
c:\windows\system32\drivers\downld\117093991.exe
c:\windows\system32\drivers\downld\117106253.exe
c:\windows\system32\drivers\downld\117114146.exe
c:\windows\system32\drivers\downld\117148701.exe
c:\windows\system32\drivers\downld\117177015.exe
c:\windows\system32\drivers\downld\117216249.exe
c:\windows\system32\drivers\downld\117218542.exe
c:\windows\system32\drivers\downld\117256310.exe
c:\windows\system32\drivers\downld\117264266.exe
c:\windows\system32\drivers\downld\1199242.exe
c:\windows\system32\drivers\downld\1218898.exe
c:\windows\system32\drivers\downld\1229178.exe
c:\windows\system32\drivers\downld\1278318.exe
c:\windows\system32\drivers\downld\1301204.exe
c:\windows\system32\drivers\downld\1310736.exe
c:\windows\system32\drivers\downld\1313575.exe
c:\windows\system32\drivers\downld\1347287.exe
c:\windows\system32\drivers\downld\1348379.exe
c:\windows\system32\drivers\downld\1355726.exe
c:\windows\system32\drivers\downld\1358799.exe
c:\windows\system32\drivers\downld\1369922.exe
c:\windows\system32\drivers\downld\1372683.exe
c:\windows\system32\drivers\downld\1378955.exe
c:\windows\system32\drivers\downld\1380842.exe
c:\windows\system32\drivers\downld\1381466.exe
c:\windows\system32\drivers\downld\1400077.exe
c:\windows\system32\drivers\downld\1407238.exe
c:\windows\system32\drivers\downld\1409531.exe
c:\windows\system32\drivers\downld\1412651.exe
c:\windows\system32\drivers\downld\1444085.exe
c:\windows\system32\drivers\downld\145018.exe
c:\windows\system32\drivers\downld\1450668.exe
c:\windows\system32\drivers\downld\1452852.exe
c:\windows\system32\drivers\downld\1455161.exe
c:\windows\system32\drivers\downld\1458936.exe
c:\windows\system32\drivers\downld\145907.exe
c:\windows\system32\drivers\downld\1476783.exe
c:\windows\system32\drivers\downld\1477313.exe
c:\windows\system32\drivers\downld\14779253.exe
c:\windows\system32\drivers\downld\14783871.exe
c:\windows\system32\drivers\downld\14806881.exe
c:\windows\system32\drivers\downld\14807755.exe
c:\windows\system32\drivers\downld\14827988.exe
c:\windows\system32\drivers\downld\148341.exe
c:\windows\system32\drivers\downld\1484583.exe
c:\windows\system32\drivers\downld\14860202.exe
c:\windows\system32\drivers\downld\14889328.exe
c:\windows\system32\drivers\downld\14917408.exe
c:\windows\system32\drivers\downld\14953039.exe
c:\windows\system32\drivers\downld\14956564.exe
c:\windows\system32\drivers\downld\14969824.exe
c:\windows\system32\drivers\downld\14987203.exe
c:\windows\system32\drivers\downld\15016656.exe
c:\windows\system32\drivers\downld\15040352.exe
c:\windows\system32\drivers\downld\15042053.exe
c:\windows\system32\drivers\downld\15065437.exe
c:\windows\system32\drivers\downld\1508623.exe
c:\windows\system32\drivers\downld\15088837.exe
c:\windows\system32\drivers\downld\15136792.exe
c:\windows\system32\drivers\downld\15164357.exe
c:\windows\system32\drivers\downld\15198475.exe
c:\windows\system32\drivers\downld\15204590.exe
c:\windows\system32\drivers\downld\15235198.exe
c:\windows\system32\drivers\downld\15246882.exe
c:\windows\system32\drivers\downld\15457421.exe
c:\windows\system32\drivers\downld\15486437.exe
c:\windows\system32\drivers\downld\15487264.exe
c:\windows\system32\drivers\downld\15493847.exe
c:\windows\system32\drivers\downld\1549807.exe
c:\windows\system32\drivers\downld\15498402.exe
c:\windows\system32\drivers\downld\15503363.exe
c:\windows\system32\drivers\downld\15504892.exe
c:\windows\system32\drivers\downld\15506998.exe
c:\windows\system32\drivers\downld\15520149.exe
c:\windows\system32\drivers\downld\15523269.exe
c:\windows\system32\drivers\downld\15527715.exe
c:\windows\system32\drivers\downld\15535328.exe
c:\windows\system32\drivers\downld\15539353.exe
c:\windows\system32\drivers\downld\15539587.exe
c:\windows\system32\drivers\downld\15539805.exe
c:\windows\system32\drivers\downld\15549758.exe
c:\windows\system32\drivers\downld\15554844.exe
c:\windows\system32\drivers\downld\15556996.exe
c:\windows\system32\drivers\downld\15561255.exe
c:\windows\system32\drivers\downld\15569648.exe
c:\windows\system32\drivers\downld\1557638.exe
c:\windows\system32\drivers\downld\15585513.exe
c:\windows\system32\drivers\downld\15594125.exe
c:\windows\system32\drivers\downld\15605747.exe
c:\windows\system32\drivers\downld\15645886.exe
c:\windows\system32\drivers\downld\15693138.exe
c:\windows\system32\drivers\downld\15720454.exe
c:\windows\system32\drivers\downld\1572224.exe
c:\windows\system32\drivers\downld\15744931.exe
c:\windows\system32\drivers\downld\15764930.exe
c:\windows\system32\drivers\downld\15786692.exe
c:\windows\system32\drivers\downld\1581616.exe
c:\windows\system32\drivers\downld\15822136.exe
c:\windows\system32\drivers\downld\15836129.exe
c:\windows\system32\drivers\downld\15896377.exe
c:\windows\system32\drivers\downld\15897391.exe
c:\windows\system32\drivers\downld\15916594.exe
c:\windows\system32\drivers\downld\15916750.exe
c:\windows\system32\drivers\downld\165173.exe
c:\windows\system32\drivers\downld\168262.exe
c:\windows\system32\drivers\downld\172958.exe
c:\windows\system32\drivers\downld\178933.exe
c:\windows\system32\drivers\downld\180805.exe
c:\windows\system32\drivers\downld\183457.exe
c:\windows\system32\drivers\downld\192645.exe
c:\windows\system32\drivers\downld\198870.exe
c:\windows\system32\drivers\downld\206389.exe
c:\windows\system32\drivers\downld\220850.exe
c:\windows\system32\drivers\downld\222379.exe
c:\windows\system32\drivers\downld\231614.exe
c:\windows\system32\drivers\downld\235171.exe
c:\windows\system32\drivers\downld\246091.exe
c:\windows\system32\drivers\downld\248821.exe
c:\windows\system32\drivers\downld\250444.exe
c:\windows\system32\drivers\downld\256684.exe
c:\windows\system32\drivers\downld\258805.exe
c:\windows\system32\drivers\downld\263454.exe
c:\windows\system32\drivers\downld\263922.exe
c:\windows\system32\drivers\downld\269788.exe
c:\windows\system32\drivers\downld\270942.exe
c:\windows\system32\drivers\downld\272674.exe
c:\windows\system32\drivers\downld\277853.exe
c:\windows\system32\drivers\downld\29429105.exe
c:\windows\system32\drivers\downld\29439915.exe
c:\windows\system32\drivers\downld\294436.exe
c:\windows\system32\drivers\downld\29457044.exe
c:\windows\system32\drivers\downld\29457902.exe
c:\windows\system32\drivers\downld\29475671.exe
c:\windows\system32\drivers\downld\29477668.exe
c:\windows\system32\drivers\downld\29495592.exe
c:\windows\system32\drivers\downld\29609660.exe
c:\windows\system32\drivers\downld\29615105.exe
c:\windows\system32\drivers\downld\29648926.exe
c:\windows\system32\drivers\downld\29675212.exe
c:\windows\system32\drivers\downld\29682778.exe
c:\windows\system32\drivers\downld\29683792.exe
c:\windows\system32\drivers\downld\29697083.exe
c:\windows\system32\drivers\downld\29704025.exe
c:\windows\system32\drivers\downld\29737253.exe
c:\windows\system32\drivers\downld\29738938.exe
c:\windows\system32\drivers\downld\297883.exe
c:\windows\system32\drivers\downld\30005528.exe
c:\windows\system32\drivers\downld\30017478.exe
c:\windows\system32\drivers\downld\30018679.exe
c:\windows\system32\drivers\downld\30020988.exe
c:\windows\system32\drivers\downld\30021628.exe
c:\windows\system32\drivers\downld\30039115.exe
c:\windows\system32\drivers\downld\30039802.exe
c:\windows\system32\drivers\downld\30050862.exe
c:\windows\system32\drivers\downld\30052422.exe
c:\windows\system32\drivers\downld\30057539.exe
c:\windows\system32\drivers\downld\30059317.exe
c:\windows\system32\drivers\downld\30087288.exe
c:\windows\system32\drivers\downld\30160141.exe
c:\windows\system32\drivers\downld\30195085.exe
c:\windows\system32\drivers\downld\305761.exe
c:\windows\system32\drivers\downld\341720.exe
c:\windows\system32\drivers\downld\345152.exe
c:\windows\system32\drivers\downld\347695.exe
c:\windows\system32\drivers\downld\350440.exe
c:\windows\system32\drivers\downld\350768.exe
c:\windows\system32\drivers\downld\354247.exe
c:\windows\system32\drivers\downld\354964.exe
c:\windows\system32\drivers\downld\369581.exe
c:\windows\system32\drivers\downld\373154.exe
c:\windows\system32\drivers\downld\37762740.exe
c:\windows\system32\drivers\downld\37796858.exe
c:\windows\system32\drivers\downld\37809899.exe
c:\windows\system32\drivers\downld\37820414.exe
c:\windows\system32\drivers\downld\37895794.exe
c:\windows\system32\drivers\downld\37937149.exe
c:\windows\system32\drivers\downld\37962063.exe
c:\windows\system32\drivers\downld\38004183.exe
c:\windows\system32\drivers\downld\38014854.exe
c:\windows\system32\drivers\downld\38121621.exe
c:\windows\system32\drivers\downld\38155098.exe
c:\windows\system32\drivers\downld\38247560.exe
c:\windows\system32\drivers\downld\38302941.exe
c:\windows\system32\drivers\downld\385119.exe
c:\windows\system32\drivers\downld\385384.exe
c:\windows\system32\drivers\downld\386227.exe
c:\windows\system32\drivers\downld\394729.exe
c:\windows\system32\drivers\downld\397740.exe
c:\windows\system32\drivers\downld\400516.exe
c:\windows\system32\drivers\downld\409097.exe
c:\windows\system32\drivers\downld\434337.exe
c:\windows\system32\drivers\downld\44106147.exe
c:\windows\system32\drivers\downld\44111575.exe
c:\windows\system32\drivers\downld\44128892.exe
c:\windows\system32\drivers\downld\44129952.exe
c:\windows\system32\drivers\downld\44138782.exe
c:\windows\system32\drivers\downld\44156675.exe
c:\windows\system32\drivers\downld\44184709.exe
c:\windows\system32\drivers\downld\44209575.exe
c:\windows\system32\drivers\downld\44220324.exe
c:\windows\system32\drivers\downld\44221463.exe
c:\windows\system32\drivers\downld\44223896.exe
c:\windows\system32\drivers\downld\44253583.exe
c:\windows\system32\drivers\downld\44264269.exe
c:\windows\system32\drivers\downld\44614663.exe
c:\windows\system32\drivers\downld\44643180.exe
c:\windows\system32\drivers\downld\44644022.exe
c:\windows\system32\drivers\downld\44662821.exe
c:\windows\system32\drivers\downld\44674021.exe
c:\windows\system32\drivers\downld\44707078.exe
c:\windows\system32\drivers\downld\447239.exe
c:\windows\system32\drivers\downld\44781350.exe
c:\windows\system32\drivers\downld\44788401.exe
c:\windows\system32\drivers\downld\449688.exe
c:\windows\system32\drivers\downld\459485.exe
c:\windows\system32\drivers\downld\460842.exe
c:\windows\system32\drivers\downld\463198.exe
c:\windows\system32\drivers\downld\464009.exe
c:\windows\system32\drivers\downld\474523.exe
c:\windows\system32\drivers\downld\484710.exe
c:\windows\system32\drivers\downld\492869.exe
c:\windows\system32\drivers\downld\505692.exe
c:\windows\system32\drivers\downld\513009.exe
c:\windows\system32\drivers\downld\534833.exe
c:\windows\system32\drivers\downld\578888.exe
c:\windows\system32\drivers\downld\58677139.exe
c:\windows\system32\drivers\downld\58682911.exe
c:\windows\system32\drivers\downld\58704424.exe
c:\windows\system32\drivers\downld\58705110.exe
c:\windows\system32\drivers\downld\58714361.exe
c:\windows\system32\drivers\downld\58742254.exe
c:\windows\system32\drivers\downld\58767433.exe
c:\windows\system32\drivers\downld\58800567.exe
c:\windows\system32\drivers\downld\58802767.exe
c:\windows\system32\drivers\downld\58831175.exe
c:\windows\system32\drivers\downld\58837586.exe
c:\windows\system32\drivers\downld\597374.exe
c:\windows\system32\drivers\downld\598778.exe
c:\windows\system32\drivers\downld\641226.exe
c:\windows\system32\drivers\downld\650430.exe
c:\windows\system32\drivers\downld\674127.exe
c:\windows\system32\drivers\downld\674173.exe
c:\windows\system32\drivers\downld\676155.exe
c:\windows\system32\drivers\downld\684391.exe
c:\windows\system32\drivers\downld\685327.exe
c:\windows\system32\drivers\downld\691505.exe
c:\windows\system32\drivers\downld\693814.exe
c:\windows\system32\drivers\downld\693892.exe
c:\windows\system32\drivers\downld\697074.exe
c:\windows\system32\drivers\downld\707277.exe
c:\windows\system32\drivers\downld\709773.exe
c:\windows\system32\drivers\downld\719679.exe
c:\windows\system32\drivers\downld\721270.exe
c:\windows\system32\drivers\downld\723158.exe
c:\windows\system32\drivers\downld\725763.exe
c:\windows\system32\drivers\downld\727900.exe
c:\windows\system32\drivers\downld\729086.exe
c:\windows\system32\drivers\downld\73248803.exe
c:\windows\system32\drivers\downld\73250784.exe
c:\windows\system32\drivers\downld\73268661.exe
c:\windows\system32\drivers\downld\73269379.exe
c:\windows\system32\drivers\downld\73273888.exe
c:\windows\system32\drivers\downld\73275791.exe
c:\windows\system32\drivers\downld\73280128.exe
c:\windows\system32\drivers\downld\73283965.exe
c:\windows\system32\drivers\downld\73312654.exe
c:\windows\system32\drivers\downld\73338051.exe
c:\windows\system32\drivers\downld\73349439.exe
c:\windows\system32\drivers\downld\73350656.exe
c:\windows\system32\drivers\downld\73352855.exe
c:\windows\system32\drivers\downld\73381232.exe
c:\windows\system32\drivers\downld\73390763.exe
c:\windows\system32\drivers\downld\734764.exe
c:\windows\system32\drivers\downld\735981.exe
c:\windows\system32\drivers\downld\738243.exe
c:\windows\system32\drivers\downld\741847.exe
c:\windows\system32\drivers\downld\744327.exe
c:\windows\system32\drivers\downld\744842.exe
c:\windows\system32\drivers\downld\745060.exe
c:\windows\system32\drivers\downld\750146.exe
c:\windows\system32\drivers\downld\753765.exe
c:\windows\system32\drivers\downld\757197.exe
c:\windows\system32\drivers\downld\759927.exe
c:\windows\system32\drivers\downld\764124.exe
c:\windows\system32\drivers\downld\776058.exe
c:\windows\system32\drivers\downld\777243.exe
c:\windows\system32\drivers\downld\777867.exe
c:\windows\system32\drivers\downld\780067.exe
c:\windows\system32\drivers\downld\783327.exe
c:\windows\system32\drivers\downld\785090.exe
c:\windows\system32\drivers\downld\785886.exe
c:\windows\system32\drivers\downld\790145.exe
c:\windows\system32\drivers\downld\791159.exe
c:\windows\system32\drivers\downld\793249.exe
c:\windows\system32\drivers\downld\794481.exe
c:\windows\system32\drivers\downld\797180.exe
c:\windows\system32\drivers\downld\803670.exe
c:\windows\system32\drivers\downld\813592.exe
c:\windows\system32\drivers\downld\817882.exe
c:\windows\system32\drivers\downld\819161.exe
c:\windows\system32\drivers\downld\821220.exe
c:\windows\system32\drivers\downld\821813.exe
c:\windows\system32\drivers\downld\822016.exe
c:\windows\system32\drivers\downld\822437.exe
c:\windows\system32\drivers\downld\824246.exe
c:\windows\system32\drivers\downld\826399.exe
c:\windows\system32\drivers\downld\827008.exe
c:\windows\system32\drivers\downld\828084.exe
c:\windows\system32\drivers\downld\829301.exe
c:\windows\system32\drivers\downld\835229.exe
c:\windows\system32\drivers\downld\838084.exe
c:\windows\system32\drivers\downld\838193.exe
c:\windows\system32\drivers\downld\838286.exe
c:\windows\system32\drivers\downld\848130.exe
c:\windows\system32\drivers\downld\852217.exe
c:\windows\system32\drivers\downld\855649.exe
c:\windows\system32\drivers\downld\858395.exe
c:\windows\system32\drivers\downld\861453.exe
c:\windows\system32\drivers\downld\861921.exe
c:\windows\system32\drivers\downld\863169.exe
c:\windows\system32\drivers\downld\864713.exe
c:\windows\system32\drivers\downld\872622.exe
c:\windows\system32\drivers\downld\877193.exe
c:\windows\system32\drivers\downld\877692.exe
c:\windows\system32\drivers\downld\87801995.exe
c:\windows\system32\drivers\downld\87807253.exe
c:\windows\system32\drivers\downld\87813103.exe
c:\windows\system32\drivers\downld\87814085.exe
c:\windows\system32\drivers\downld\87826222.exe
c:\windows\system32\drivers\downld\87828406.exe
c:\windows\system32\drivers\downld\87836503.exe
c:\windows\system32\drivers\downld\87868296.exe
c:\windows\system32\drivers\downld\87893131.exe
c:\windows\system32\drivers\downld\87927670.exe
c:\windows\system32\drivers\downld\87930228.exe
c:\windows\system32\drivers\downld\87958496.exe
c:\windows\system32\drivers\downld\87969665.exe
c:\windows\system32\drivers\downld\880734.exe
c:\windows\system32\drivers\downld\889704.exe
c:\windows\system32\drivers\downld\891077.exe
c:\windows\system32\drivers\downld\893682.exe
c:\windows\system32\drivers\downld\893979.exe
c:\windows\system32\drivers\downld\895461.exe
c:\windows\system32\drivers\downld\902138.exe
c:\windows\system32\drivers\downld\902668.exe
c:\windows\system32\drivers\downld\904836.exe
c:\windows\system32\drivers\downld\904868.exe
c:\windows\system32\drivers\downld\906303.exe
c:\windows\system32\drivers\downld\909797.exe
c:\windows\system32\drivers\downld\912200.exe
c:\windows\system32\drivers\downld\912980.exe
c:\windows\system32\drivers\downld\921341.exe
c:\windows\system32\drivers\downld\927285.exe
c:\windows\system32\drivers\downld\932199.exe
c:\windows\system32\drivers\downld\938346.exe
c:\windows\system32\drivers\downld\940124.exe
c:\windows\system32\drivers\downld\940264.exe
c:\windows\system32\drivers\downld\953992.exe
c:\windows\system32\drivers\downld\957456.exe
c:\windows\system32\drivers\downld\960232.exe
c:\windows\system32\drivers\downld\973711.exe
c:\windows\system32\drivers\downld\982821.exe
c:\windows\system32\drivers\downld\988734.exe
c:\windows\system32\drivers\downld\990216.exe
c:\windows\system32\drivers\downld\996503.exe
c:\windows\system32\drivers\hldrrr.exe
c:\windows\system32\drivers\mdelk.exe
c:\windows\system32\drivers\srosa.sys
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
c:\windows\system32\x64
D:\AdobeRd9.0.exe
D:\Autorun.inf
D:\scene.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SROSA
-------\Service_MyWebSearchService


((((((((((((((((((((((((((((( Fichiers créés du 2008-12-28 au 2009-01-29 ))))))))))))))))))))))))))))))))))))
.

2009-01-29 22:13 . 2009-01-29 22:20 <REP> d-------- C:\CCM
2009-01-29 22:12 . 2009-01-29 22:12 6,736 --a------ c:\windows\System32\drivers\PROCEXP90.SYS
2009-01-29 00:33 . 2009-01-29 00:33 <REP> d-------- C:\HJ
2009-01-29 00:09 . 2009-01-29 00:09 <REP> d-------- C:\!KillBox
2009-01-28 22:14 . 2008-12-12 02:53 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-01-28 22:09 . 2008-10-22 00:31 2,048 --a------ c:\windows\System32\tzres.dll
2009-01-28 00:23 . 2008-06-26 04:22 9,845,248 --a------ c:\windows\System32\NlsData000a.dll
2009-01-27 02:40 . 2008-06-19 04:25 361,984 --a------ c:\windows\System32\IPSECSVC.DLL
2009-01-27 02:40 . 2008-06-19 04:25 272,896 --a------ c:\windows\System32\polstore.dll
2009-01-27 02:40 . 2008-06-19 04:25 61,440 --a------ c:\windows\System32\winipsec.dll
2009-01-27 02:40 . 2008-06-19 04:25 28,672 --a------ c:\windows\System32\FwRemoteSvr.dll
2009-01-27 02:39 . 2008-10-21 06:16 297,472 --a------ c:\windows\System32\gdi32.dll
2009-01-27 02:39 . 2008-10-22 04:43 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2009-01-27 02:39 . 2008-10-22 04:43 160,768 --a------ c:\windows\System32\PortableDeviceTypes.dll
2009-01-27 02:39 . 2008-10-22 04:43 95,232 --a------ c:\windows\System32\PortableDeviceClassExtension.dll
2009-01-27 00:26 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2009-01-27 00:26 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2009-01-27 00:26 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2009-01-27 00:26 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2009-01-27 00:25 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
2009-01-27 00:25 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
2009-01-27 00:25 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
2009-01-27 00:24 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2009-01-27 00:24 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2009-01-27 00:14 . 2009-01-27 00:14 <REP> d-------- c:\users\Françoise\AppData\Roaming\TuneUp Software
2009-01-27 00:14 . 2009-01-27 00:14 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-01-27 00:14 . 2009-01-27 00:14 360,192 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-01-27 00:14 . 2008-12-11 13:31 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-01-27 00:14 . 2008-12-11 13:31 17,152 --a------ c:\windows\System32\authuitu.dll
2009-01-27 00:12 . 2009-01-27 00:12 <REP> d-------- c:\users\All Users\TuneUp Software
2009-01-27 00:12 . 2009-01-27 00:12 <REP> d-------- c:\programdata\TuneUp Software
2009-01-27 00:12 . 2009-01-27 00:14 <REP> d-------- c:\program files\TuneUp Utilities 2009
2009-01-27 00:11 . 2009-01-27 00:11 <REP> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-27 00:11 . 2009-01-27 00:11 <REP> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-26 23:17 . 2009-01-26 23:17 <REP> d-------- c:\users\Françoise\AppData\Roaming\Mozilla
2009-01-26 23:17 . 2009-01-26 23:17 2,308 --a------ c:\windows\mozver.dat
2009-01-26 23:17 . 2009-01-26 23:17 0 --a------ c:\windows\nsreg.dat
2009-01-26 23:15 . 2009-01-26 23:15 <REP> d--hs---- c:\windows\ftpcache
2009-01-01 19:41 . 2009-01-01 19:41 <REP> d-------- c:\users\All Users\Yahoo! Companion
2009-01-01 19:41 . 2009-01-01 19:41 <REP> d-------- c:\programdata\Yahoo! Companion
2009-01-01 19:35 . 2009-01-01 19:35 <REP> d-------- c:\users\Françoise\AppData\Roaming\Yahoo!
2009-01-01 19:35 . 2009-01-01 19:36 <REP> d-------- c:\program files\Yahoo!
2009-01-01 19:35 . 2009-01-01 19:35 <REP> d-------- c:\program files\Veoh Networks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-29 21:22 2,883,584 --sha-w c:\users\Françoise\ntuser.dat
2009-01-29 21:22 2,883,584 --sha-w c:\users\Françoise\ntuser.dat
2009-01-28 21:30 --------- d-----w c:\program files\Windows Mail
2009-01-28 20:56 --------- d-----w c:\program files\Microsoft Works
2009-01-27 23:11 --------- d-----w c:\program files\Steam
2009-01-26 23:14 --------- d-----w c:\users\Françoise\AppData\Roaming\TuneUp Software
2009-01-26 22:17 --------- d-----w c:\users\Françoise\AppData\Roaming\Mozilla
2009-01-19 09:35 --------- d-----w c:\program files\Common Files\Steam
2009-01-09 21:25 --------- d-----w c:\users\Françoise\AppData\Roaming\dvdcss
2009-01-01 18:35 --------- d-----w c:\users\Françoise\AppData\Roaming\Yahoo!
2008-12-08 19:15 --------- d-----w c:\program files\OrangeHSS
2008-12-08 17:18 --------- d-----w c:\program files\Securitoo
2008-01-31 10:43 84,456 ----a-w c:\users\Françoise\AppData\Roaming\GDIPFONTCACHEV1.DAT
2007-11-30 07:21 174 --sha-w c:\program files\desktop.ini
2008-04-03 09:31 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-04-03 09:31 32,768 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-04-03 09:31 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2006-11-25 10:11 2,560 --sh--r c:\windows\System32\fooool.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-18 815104]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-15 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-15 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-15 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-05-17 77824]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-28 1540096]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-16 29744]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 17920]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2006-10-13 184320]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"MSConfig"="c:\windows\system32\msconfig.exe" [2006-11-02 222208]
"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 c:\windows\sttray.exe]
"Barsaka"="explorer.exe" [2007-11-15 c:\windows\explorer.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-05-17 50688]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
NETGEAR WG111v2 Smart Wizard..lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2006-06-06 1085440]
NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2006-06-06 1085440]
QuickSet.lnk - c:\windows\Installer\{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-05-17 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=G

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager]
--a------ 2007-12-12 09:50 107248 c:\program files\OrangeHSS\SessionManager\SessionManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-12-10 15:54 1410296 c:\program files\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
--a------ 2007-12-11 20:46 94208 c:\program files\OrangeHSS\Systray\SystrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
--a------ 2008-12-16 18:07 3528440 c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-05-27 10:52 1006264 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1231911895-3839073149-2932814459-1000]
"EnableNotificationsRef"=dword:00000003

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D9ACB7D5-6C4C-4914-9E15-120A0D600F4E}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{F03F1F5C-819A-4578-AFB2-15C60D44C9F2}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{99BA650F-777E-4850-AFFE-33EA4DDA8BF1}"= UDP:c:\program files\Steam\steam.exe:Steam
"{5520338E-69CE-4C53-B42B-E25D3E5869FC}"= TCP:c:\program files\Steam\steam.exe:Steam
"TCP Query User{29B17D8E-BC81-48CC-A2EC-619CDBC335BF}c:\\program files\\steam\\steamapps\\common\\left 4 dead\\left4dead.exe"= UDP:c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe:left4dead
"UDP Query User{73683081-ADFF-4F33-8C53-12960CFD8CDD}c:\\program files\\steam\\steamapps\\common\\left 4 dead\\left4dead.exe"= TCP:c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe:left4dead

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-27 603904]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-05-18 29744]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [2008-01-02 28224]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1505ba95-04c7-11dc-bdb5-806e6f6e6963}]
\shell\AutoRun\command - E:\Kit.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20886b58-b6df-11dd-8c2c-0019b9728a6f}]
\shell\AutoRun\command - F:\scene.exe 1
\shell\explore\Command - F:\scene.exe 1
\shell\open\Command - F:\scene.exe 1
\shell\Scan\Command - F:\scene.exe 2

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20886b5d-b6df-11dd-8c2c-0019b9728a6f}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ca2c1d-af66-11dd-8654-0019b9728a6f}]
\shell\AutoRun\command - K:\scene.exe 1
\shell\explore\Command - K:\scene.exe 1
\shell\open\Command - K:\scene.exe 1
\shell\Scan\Command - K:\scene.exe 2

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{327f47f8-af08-11dd-810e-0019b9728a6f}]
\shell\AutoRun\command - nideiect.com
\shell\explore\Command - nideiect.com
\shell\open\Command - nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39b3f7b3-0af6-11dc-8c4d-0019b9728a6f}]
\shell\AutoRun\command - F:\scene.exe 1
\shell\explore\Command - F:\scene.exe 1
\shell\open\Command - F:\scene.exe 1
\shell\Scan\Command - F:\scene.exe 2

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90788548-8fcc-11dc-8244-0019b9728a6f}]
\shell\AutoRun\command - scene.exe 1
\shell\explore\Command - F:\
\shell\open\Command - F:\
\shell\Scan\Command - F:\

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90ae6cbb-aae8-11dc-893c-0019b9728a6f}]
\shell\AutoRun\command - F:\nideiect.com
\shell\explore\Command - F:\nideiect.com
\shell\open\Command - F:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99cbdcf7-1d6b-11dc-b3c6-0019b9728a6f}]
\shell\Auto\command - Cn911.exe
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e0f833f-e627-11dd-a9b2-0019b9728a6f}]
\shell\AutoRun\command - F:\scene.exe 1
\shell\explore\Command - F:\scene.exe 1
\shell\open\Command - F:\scene.exe 1
\shell\Scan\Command - F:\scene.exe 2

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4ee217f-a7e3-11dc-a37e-0019b9728a6f}]
\shell\AutoRun\command - RavMon.exe
\shell\explore\Command - RavMon.exe -e
\shell\open\Command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac28cb03-ce43-11dc-93f6-0019b9728a6f}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cc7c9fe2-b88f-11dd-bc36-0019b9728a6f}]
\shell\AutoRun\command - F:\scene.exe 1
\shell\explore\Command - F:\scene.exe 1
\shell\open\Command - F:\scene.exe 1
\shell\Scan\Command - F:\scene.exe 2

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2383159-9101-11dc-b732-0019b9728a6f}]
\shell\AutoRun\command - G:\nideiect.com
\shell\explore\Command - G:\nideiect.com
\shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9bf56d6-d36e-11dd-82ce-0019b9728a6f}]
\shell\AutoRun\command - G:\scene.exe 1
\shell\explore\Command - G:\scene.exe 1
\shell\open\Command - G:\scene.exe 1
\shell\Scan\Command - G:\scene.exe 2

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9bf5707-d36e-11dd-82ce-0019b9728a6f}]
\shell\AutoRun\command - J:\fooool.exe
\shell\explore\Command - J:\fooool.exe
\shell\open\Command - J:\fooool.exe
.
Contenu du dossier 'Tâches planifiées'

2009-01-29 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04]

2009-01-28 c:\windows\Tasks\User_Feed_Synchronization-{0DF76FF9-3F49-4F04-AAB1-EB24F8674435}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 10:45]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-flec003.exe - c:\users\Françoise\AppData\Roaming\hidires\flec003.exe
HKLM-Run-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
HKLM-Run-Microsoft Windows Update Client - c:\windows\services.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.yahoo.com
mStart Page = hxxp://fr.yahoo.com
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm490YYFR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-29 22:23:02
Windows 6.0.6000 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\BCMWLTRY.EXE
c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
c:\windows\System32\conime.exe
c:\program files\Dell\QuickSet\quickset.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\McAfee\MSC\mcoemmgr.exe
c:\progra~1\McAfee\MSC\mcuimgr.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2009-01-29 22:32:23 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-29 21:31:33

Avant-CF: 54,676,537,344 octets libres
Après-CF: 55,259,754,496 octets libres

896 --- E O F --- 2009-01-29 00:12:25

Je ne sais pas si c'est cela que je dois poster. Par contre une petite question est-il possile de perdre des fichiers word ou photo en executant comfofix?

Merci beaucoup encore!
0
Réponse 4 / 11
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 janv. 2009 à 22:53
Inscris-toi sur le site car je voudrais t'envoyer un mp.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Loukyloco Messages postés 5 Date d'inscription jeudi 29 janvier 2009 Statut Membre Dernière intervention 15 février 2010
29 janv. 2009 à 23:06
voilà, je suis inscris!
sinon, est ce que la procédure est terminée??
0
Réponse 6 / 11
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 janv. 2009 à 23:09
La procédure n'est pas terminée, je t'ai envoyé un mp.
0
Réponse 7 / 11
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
12 févr. 2010 à 22:45
destrio bonjour , je pense que cela peut t'être util pour suivre , @+

https://forums.commentcamarche.net/forum/affich-16566727-worm-bagle#2
0
Réponse 8 / 11
Loukyloco Messages postés 5 Date d'inscription jeudi 29 janvier 2009 Statut Membre Dernière intervention 15 février 2010
15 févr. 2010 à 21:04
Bonjour, c'est possible de trouver de l'aide ici?
0
Réponse 9 / 11
Loukyloco Messages postés 5 Date d'inscription jeudi 29 janvier 2009 Statut Membre Dernière intervention 15 février 2010
15 févr. 2010 à 22:09
voilà le rapport de usbfix (je ne crois pas que ça ait marché) :



-------------- UsbFix V2.414.3 ---------------

* User : Luc - PC-DE-LUC
* Outils mis a jours le 18/01/2009 par Chiquitine29 et Chimay8
* Recherche effectuée à 21:24:13 le 15/02/2010
* Windows Vista - Internet Explorer 8.0.6001.18865


--------------- [ Processus actifs ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\System32\svchost.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\PresentationSettings.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur de CD-ROM
G: - Lecteur fixe
H: - Lecteur fixe

+- Contenu de l'autorun : G:\autorun.inf



+- Contenu de l'autorun : H:\autorun.inf



--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe

+- Listing des fichiers présents :

[18/09/2006 22:43][--a------] C:\autoexec.bat
[15/02/2010 21:24][--a------] C:\UsbFix.txt
[18/09/2006 22:43][--a------] C:\config.sys
[18/09/2006 22:43][--a------] C:\hiberfil.sys
[18/09/2006 22:43][--a------] C:\IO.SYS
[18/09/2006 22:43][--a------] C:\MSDOS.SYS
[18/09/2006 22:43][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe

+- Listing des fichiers présents :


--------------- [ Lecteur E ] ----------------

E: - Lecteur de CD-ROM

+- Listing des fichiers présents :


--------------- [ Lecteur G ] ----------------

G: - Lecteur fixe

+- Listing des fichiers présents :

[30/01/2009 21:51][d--h-----] G:\autorun.inf

--------------- [ Lecteur H ] ----------------

H: - Lecteur fixe

+- Listing des fichiers présents :

[18/09/2006 22:43][--a------] H:\autoexec.bat
[30/01/2009 21:51][d--h-----] H:\autorun.inf
[08/05/2009 14:49][--a------] H:\ComboFix.txt
[08/05/2009 14:49][--a------] H:\UsbFix.txt
[18/09/2006 22:43][--a------] H:\config.sys
[18/09/2006 22:43][--a------] H:\hiberfil.sys
[18/09/2006 22:43][--a------] H:\IO.SYS
[18/09/2006 22:43][--a------] H:\MSDOS.SYS
[18/09/2006 22:43][--a------] H:\pagefile.sys

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Secondary Start Pages"=hex(7):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,67,00,\
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Google Update="C:\Users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
AlcoholAutomount="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
swg="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
RtHDVCpl=RtHDVCpl.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mcagent_exe="C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
ePower_DMC=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
eDataSecurity Loader=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
eAudio="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
BkupTray="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
IAAnotif=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
NvCplDaemon=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
LManager=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
PLFSetI=C:\Windows\PLFSetI.exe
eRecoveryService=
ProductReg="C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
PlayMovie="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
CLMLServer="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
HP Software Update=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
hpqSRMon=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
Windows Mobile-based device management=%windir%\WindowsMobile\wmdSync.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
ORAHSSSessionManager="C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
SunJavaUpdateSched="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
WinampAgent="C:\Program Files\Winamp\winampa.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f89b3b5-aff4-11de-b3f3-00238b454583}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - C:\Users\Luc\AppData\Local\Temp\AUG2005DXREDIST\dsetup32.dll
Echec de la supression !! - [15/02/2010 21:25] G:\autorun.inf
Supprimé ! - [15/02/2010 21:25][d--------] G:\autorun.inf
Echec de la supression !! - [15/02/2010 21:25] H:\autorun.inf
Supprimé ! - [15/02/2010 21:25][d--------] H:\autorun.inf

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[18/09/2006 22:43][--a------] C:\autoexec.bat
[18/09/2006 22:43][--a------] H:\autoexec.bat

--------------- [ Vaccination ] ----------------

C:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
D:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
G:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
H:\autorun.inf -> Dossier autorun.inf crée par UsbFix !

--------------- ! Fin du rapport ! ----------------

Quelqu'un peut-il m'aider?
0
Réponse 10 / 11
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
16 févr. 2010 à 01:03
Tu reviens un an après ?
0
Réponse 11 / 11
Utilisateur anonyme
16 févr. 2010 à 01:26
désinfection rapide je

un an après ces un record enfin mieux vaut tard que jamais

PS usbfix nes pas a jour
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses