Christian54

Bjr Gof, Non je ne t'ai pas snobé, mais j'ai tellement de trucs sur le feu (Vive la retraite.......!!), je viens juste de "caresser la souris". Je n'ai strictement aucune idée de ce qui s'est passé; je ne sais pas si Combofix a terminé son travail, ni rien d'autre! Blocage tout noir, donc, redemarrage avec disquettes et réinstall. etc, etc... Bref, je verrai ce qui s'est produit peut-être plus tard, mais là, ça dépasse mes modestes compétences. Pour te rassurer et pour info, lors d'un formattage précèdent, j'avais décidé de ne pas réinstaller SP1, encore moins SP2, mais téléch. des correctifs sélectionnés en fonction mon utilisation XP, cela depuis 3 ans environ; contrairement à ce qui est communément répandu, je n'ai jamais eu de problème grave. Tous mes périphs impec, connection impec, navigation impec depuis firefox1...,ThunderBird, et je me prépare en douceur à Linux avec Kaella, Kubuntu et autres, pour ne pas être emm. Fliqué par Windaube et consorts.Vista est tout juste sorti et les "patchs" pleuvent déjà, quelle rigolade Je ne vais pas m'étaler plus, tu as sûrement autre chose à faire et moi aussi. Mais en tout cas, merci et chapeau à tous pour votre boulot.

Bonsoir Gof, ttes mes excuses pour le retard, mais juste après le passage de ComboFix, super plantage.J'ai du réinstaller et récupérer ce que j'ai pu. La question semble donc réglée pour l'instant. En tout état de cause, merci encore de ton aide et ta disponibilité. A bientôt.

Bjr GOF, merci de ta patience; ci-après les deux rapports demandés: DiagHelp version v1.4 - http://www.malekal.com excute le 17/01/2008 à 9:13:36,69 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\Layout.ini -->07/12/2007 20:35:56 C:\WINDOWS\System32\drivers\pcouffin.sys -->25/12/2007 23:31:39 C:\WINDOWS\System32\drivers\avipbb.sys -->08/12/2007 01:23:51 C:\WINDOWS\System32\drivers\avgntdd.sys -->09/08/2007 13:04:11 C:\WINDOWS\System32\drivers\avgntmgr.sys -->18/07/2007 14:22:19 C:\WINDOWS\System32\drivers\SDTHOOK.SYS -->05/06/2007 10:56:40 C:\WINDOWS\System32\drivers\ssmdrv.sys -->01/03/2007 10:34:36 C:\WINDOWS\System32\drivers\avgarkt.sys -->31/01/2007 14:33:46 C:\WINDOWS\System32\wpa.dbl -->16/01/2008 23:56:08 C:\WINDOWS\System32\asfiles.txt -->16/01/2008 16:15:18 C:\WINDOWS\System32\Uninstall.ico -->16/01/2008 16:03:53 C:\WINDOWS\System32\pavas.ico -->16/01/2008 16:03:53 C:\WINDOWS\System32\Help.ico -->16/01/2008 16:03:53 C:\WINDOWS\System32\118290.54 -->16/01/2008 08:35:47 C:\WINDOWS\System32\PerfStringBackup.INI -->25/12/2007 13:31:22 C:\WINDOWS\System32\perfh00C.dat -->25/12/2007 13:31:22 C:\WINDOWS\System32\perfh009.dat -->25/12/2007 13:31:22 C:\WINDOWS\System32\perfc00C.dat -->25/12/2007 13:31:22 C:\WINDOWS\System32\perfc009.dat -->25/12/2007 13:31:22 C:\WINDOWS\System32\tmpC29E3.FOT -->23/12/2007 17:54:52 C:\WINDOWS\System32\tmpAA8E3.FOT -->23/12/2007 17:54:52 C:\WINDOWS\System32\tmp386E3.FOT -->23/12/2007 17:54:52 C:\WINDOWS\System32\tmp2E7E3.FOT -->23/12/2007 17:54:52 C:\WINDOWS\System32\tmp297E3.FOT -->23/12/2007 17:54:52 C:\WINDOWS\System32\tmp0F8E3.FOT -->23/12/2007 17:54:52 C:\WINDOWS\System32\satsukidecodersettings.ini -->23/12/2007 15:46:40 C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->11/12/2007 23:28:02 C:\WINDOWS\System32\3497384506.dat -->08/12/2007 00:24:41 C:\WINDOWS\System32\wmpscheme.xml -->07/12/2007 15:12:23 C:\WINDOWS\System32\FNTCACHE.DAT -->07/12/2007 15:10:07 C:\WINDOWS\System32\$winnt$.inf -->07/12/2007 15:09:08 C:\WINDOWS\System32\CONFIG.NT -->07/12/2007 15:04:56 C:\WINDOWS\System32\nscompat.tlb -->07/12/2007 15:04:52 C:\WINDOWS\zipgenius.xml -->17/01/2008 09:11:34 C:\WINDOWS\nscstiu_error.txt -->17/01/2008 09:06:16 C:\WINDOWS\wiadebug.log -->17/01/2008 09:05:57 C:\WINDOWS\wiaservc.log -->17/01/2008 09:05:56 C:\WINDOWS\bootstat.dat -->17/01/2008 09:04:37 C:\WINDOWS\ntbtlog.txt -->17/01/2008 00:03:45 C:\WINDOWS\win.ini -->16/01/2008 16:14:45 C:\WINDOWS\setupapi.log -->16/01/2008 16:05:15 C:\WINDOWS\LEXSTAT.INI -->16/01/2008 13:10:15 C:\WINDOWS\Debug.ini -->16/01/2008 12:25:40 C:\WINDOWS\Temp.ini -->16/01/2008 12:25:39 C:\WINDOWS\umaxuapi.ini -->16/01/2008 12:25:28 C:\WINDOWS\118294.78 -->16/01/2008 08:35:48 C:\WINDOWS\msnfix.txt -->14/01/2008 16:17:39 C:\WINDOWS\d3dx.dat -->13/01/2008 09:33:19 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1360 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x01000000 0xf8000 6.00.2600.0000 C:\WINDOWS\Explorer.EXE 0x77be0000 0x53000 7.00.2600.0000 C:\WINDOWS\system32\msvcrt.dll 0x77290000 0x63000 6.00.2600.0000 C:\WINDOWS\system32\SHLWAPI.dll 0x77390000 0x802000 6.00.2600.0000 C:\WINDOWS\system32\SHELL32.dll 0x770e0000 0x8b000 3.50.5014.0000 C:\WINDOWS\system32\OLEAUT32.dll 0x75f10000 0xfc000 6.00.2600.0000 C:\WINDOWS\System32\BROWSEUI.dll 0x76960000 0x149000 6.00.2600.0000 C:\WINDOWS\System32\SHDOCVW.dll 0x5b090000 0x34000 6.00.2600.0000 C:\WINDOWS\System32\UxTheme.dll 0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll 0x77300000 0x8b000 5.82.2600.0000 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x78000 2001.12.4414.0042 C:\WINDOWS\System32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0042 C:\WINDOWS\System32\COMRes.dll 0x5b950000 0x71000 6.00.2600.0000 C:\WINDOWS\System32\themeui.dll 0x71ca0000 0x1b000 6.00.2600.0000 C:\WINDOWS\System32\actxprxy.dll 0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL 0x76250000 0x8c000 5.131.2600.0000 C:\WINDOWS\system32\CRYPT32.dll 0x74aa0000 0x43000 6.00.2600.0000 C:\WINDOWS\System32\webcheck.dll 0x74a60000 0x9000 6.00.2600.0000 C:\WINDOWS\System32\BatMeter.dll 0x74a40000 0x7000 6.00.2600.0000 C:\WINDOWS\System32\POWRPROF.dll 0x76390000 0x1fb000 2.00.2600.0000 C:\WINDOWS\System32\msi.dll 0x67800000 0x39000 3.00.0000.0399 C:\Program Files\Mamutu\a2handler.dll 0x723a0000 0x13000 6.00.2600.0000 C:\WINDOWS\System32\browselc.dll 0x76080000 0x78000 6.00.2600.0000 C:\WINDOWS\system32\urlmon.dll 0x1f7b0000 0x31000 3.520.7713.0000 C:\WINDOWS\System32\ODBC32.dll 0x76340000 0x46000 6.00.2600.0000 C:\WINDOWS\system32\comdlg32.dll 0x1f850000 0x18000 3.520.7713.0000 C:\WINDOWS\System32\odbcint.dll 0x746e0000 0x8f000 6.00.2600.0000 C:\WINDOWS\System32\MLANG.dll 0x10000000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x76be0000 0x2b000 5.131.2600.0000 C:\WINDOWS\System32\WINTRUST.dll 0x0ffd0000 0x22000 5.01.2518.0000 C:\WINDOWS\System32\rsaenh.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 612 Command line: winlogon.exe Base Size Version Path 0x01000000 0x6f000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x53000 7.00.2600.0000 C:\WINDOWS\system32\msvcrt.dll 0x76250000 0x8c000 5.131.2600.0000 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2b000 5.131.2600.0000 C:\WINDOWS\system32\WINTRUST.dll 0x77390000 0x802000 6.00.2600.0000 C:\WINDOWS\system32\SHELL32.dll 0x77290000 0x63000 6.00.2600.0000 C:\WINDOWS\system32\SHLWAPI.dll 0x77300000 0x8b000 5.82.2600.0000 C:\WINDOWS\system32\COMCTL32.dll 0x1f7b0000 0x31000 3.520.7713.0000 C:\WINDOWS\system32\ODBC32.dll 0x76340000 0x46000 6.00.2600.0000 C:\WINDOWS\system32\comdlg32.dll 0x008f0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll 0x1f850000 0x18000 3.520.7713.0000 C:\WINDOWS\system32\odbcint.dll 0x76b70000 0x1f000 6.00.2600.0000 C:\WINDOWS\system32\SHSVCS.dll 0x5b090000 0x34000 6.00.2600.0000 C:\WINDOWS\system32\uxtheme.dll 0x0ffd0000 0x22000 5.01.2518.0000 C:\WINDOWS\System32\rsaenh.dll 0x77000000 0xd4000 2001.12.4414.0042 C:\WINDOWS\system32\COMRes.dll 0x770e0000 0x8b000 3.50.5014.0000 C:\WINDOWS\system32\OLEAUT32.dll 0x76f80000 0x78000 2001.12.4414.0042 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D075-DA3A Répertoire de C:\WINDOWS\system32 28/08/2001 13:00 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 15 836 250 112 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D075-DA3A Répertoire de C:\WINDOWS\Downloaded Program Files 16/01/2008 16:45 <REP> . 16/01/2008 16:45 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 10/12/2007 14:32 <REP> CONFLICT.1 07/12/2007 15:03 65 desktop.ini 20/11/2007 16:04 1 523 536 FP_AX_CAB_INSTALLER.exe 25/05/2006 01:21 53 248 ipsupd.dll 16/03/2005 12:34 7 407 lang.ini 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:58 7 073 scanoptions.tsi 20/11/2007 15:50 247 swflash.inf 15 fichier(s) 2 324 892 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 10/12/2007 14:32 <REP> . 10/12/2007 14:32 <REP> .. 20/11/2007 16:04 1 523 536 FP_AX_CAB_INSTALLER.exe 20/11/2007 15:50 247 swflash.inf 2 fichier(s) 1 523 783 octets Total des fichiers listés : 17 fichier(s) 3 848 675 octets 5 Rép(s) 15 836 246 016 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 counter.kaspersky.com 127.0.0.1 www.counter.kaspersky.com 127.0.0.1 symantecreview.com 127.0.0.1 www.symantecreview.com 127.0.0.1 liveupdate.myim.cn 127.0.0.1 www.liveupdate.myim.cn 127.0.0.1 ip.sirius.com 127.0.0.1 milkyway.sirius-cafe.de 127.0.0.1 osiris.at 127.0.0.1 osiris.cj.com 127.0.0.1 osiris98.cj.com 127.0.0.1 siri1.com 127.0.0.1 sirius.com 127.0.0.1 sirius.infonex.com 127.0.0.1 sirius.siol.net 127.0.0.1 siriusquest.com 127.0.0.1 startatsiri.com 127.0.0.1 www1.sirius.com 127.0.0.1 www7.sirius.com 127.0.0.1 wwwn1.sirius.com 127.0.0.1 www.ip.sirius.com 127.0.0.1 www.milkyway.sirius-cafe.de 127.0.0.1 www.osiris.at 127.0.0.1 www.osiris.cj.com 127.0.0.1 www.osiris98.cj.com 127.0.0.1 www.siri1.com 127.0.0.1 www.sirius.com 127.0.0.1 www.sirius.infonex.com 127.0.0.1 www.sirius.siol.net 127.0.0.1 www.siriusquest.com 127.0.0.1 www.startatsiri.com 127.0.0.1 www.www1.sirius.com 127.0.0.1 www.www7.sirius.com 127.0.0.1 www.wwwn1.sirius.com 127.0.0.1 activexupdate.com 127.0.0.1 ads.macupdate.com 127.0.0.1 ads1.updated.com 127.0.0.1 adultupdate.com 127.0.0.1 anit_spyware.msupdater.org 127.0.0.1 anit1478.msupdater.org 127.0.0.1 anit1808.msupdater.org 127.0.0.1 anit2157.msupdater.org 127.0.0.1 anit2242.msupdater.org 127.0.0.1 anit2350.msupdater.org 127.0.0.1 anit2393.msupdater.org 127.0.0.1 anit2520.msupdater.org 127.0.0.1 anit2811.msupdater.org 127.0.0.1 anit2824.msupdater.org 127.0.0.1 anit2840.msupdater.org 127.0.0.1 anit2948.msupdater.org 127.0.0.1 anit3039.msupdater.org 127.0.0.1 anit427.msupdater.org 127.0.0.1 anit988.msupdater.org 127.0.0.1 autoupdate.windowsmedia.com 127.0.0.1 azupdates.com 127.0.0.1 browserupdate.co.uk 127.0.0.1 cioupdate.com 127.0.0.1 ddupdates.com 127.0.0.1 dlx.getupdate.com 127.0.0.1 getupdate.com 127.0.0.1 ieupdate.info 127.0.0.1 install38.msupdater.org 127.0.0.1 liveupdate.myim.cn 127.0.0.1 msupdater.com 127.0.0.1 msupdater.net 127.0.0.1 msupdater.org 127.0.0.1 necessaryupdates.com 127.0.0.1 needupdate.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 nl.browserupdate.co.uk 127.0.0.1 ns1.updatesystempage.com 127.0.0.1 ns2.updatesystempage.com 127.0.0.1 omi-update.net 127.0.0.1 online.update.redirect.hm 127.0.0.1 pcsecurityupdates.com 127.0.0.1 public.windupdates.com 127.0.0.1 registryupdate.com 127.0.0.1 serverupdate13.com 127.0.0.1 soapoperaupdates.com 127.0.0.1 softupdate.net 127.0.0.1 sp2msupdateresearch.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 static.windupdates.com 127.0.0.1 systemupdate.net 127.0.0.1 system-update.net 127.0.0.1 systemupdates.net 127.0.0.1 sysupdate.grandstreetinteractive.com 127.0.0.1 sysupdate.ieplugin.com 127.0.0.1 sysupdates.com 127.0.0.1 sysupdates2.com 127.0.0.1 traders-update.com 127.0.0.1 update.680180.net 127.0.0.1 update.downloadaccelerator.com 127.0.0.1 update.downloadv3.com 127.0.0.1 update.imiserver.com 127.0.0.1 update.kazaa.com 127.0.0.1 update.msupdater.com 127.0.0.1 update.outerinfo.com 127.0.0.1 update.searchmiracle.com 127.0.0.1 update.searchsquire.com 127.0.0.1 update.smart-browser.com 127.0.0.1 update.thunderdownloads.com 127.0.0.1 update.topconverting.com 127.0.0.1 update.webhancer.com 127.0.0.1 update.yupsearch.com 127.0.0.1 update2.outerinfo.com 127.0.0.1 update2.thunderdownloads.com 127.0.0.1 update32.searchmiracle.com 127.0.0.1 update32.yupsearch.com 127.0.0.1 updatecenter.com 127.0.0.1 updated.com 127.0.0.1 updatedcumshots.com 127.0.0.1 updatedfetish.com 127.0.0.1 updatedgays.com 127.0.0.1 updatedlatinas.com 127.0.0.1 updatedlesbians.com 127.0.0.1 updatedmatures.com 127.0.0.1 updatedpornstars.com 127.0.0.1 updatedsexgalleries.com 127.0.0.1 updatedteens.com 127.0.0.1 updatedvoyeur.com 127.0.0.1 updatehere.com 127.0.0.1 updatehq.net 127.0.0.1 updatenow.com 127.0.0.1 updatenow.org 127.0.0.1 updatepage.com 127.0.0.1 updaterservice.wildtangent.com 127.0.0.1 updates.adultprovide.com 127.0.0.1 updates.browseraid.com 127.0.0.1 updates.copernic.com 127.0.0.1 updates.desktop.ak-networks.com 127.0.0.1 updates.desktop.virtumundo.com 127.0.0.1 updates.hotbar.com 127.0.0.1 updates.lzio.com 127.0.0.1 updates.searchmadesafe.net 127.0.0.1 updates.shopperreports.com 127.0.0.1 updates2.conducent.com 127.0.0.1 updatescenter.com 127.0.0.1 updatesearches.com 127.0.0.1 updateserver.gator.com 127.0.0.1 updateserver1.com 127.0.0.1 updatesystempage.com 127.0.0.1 updatetest.conducent.com 127.0.0.1 updateyoursystem.com 127.0.0.1 updateyourwindows.com 127.0.0.1 videocodecupdate.com 127.0.0.1 windows-security-updater.com 127.0.0.1 windowsupdate.62nds.com 127.0.0.1 windowsupdatenow.com 127.0.0.1 windupdates.com 127.0.0.1 win-update.net 127.0.0.1 www.activexupdate.com 127.0.0.1 www.ads.macupdate.com 127.0.0.1 www.ads1.updated.com 127.0.0.1 www.adultupdate.com 127.0.0.1 www.anit_spyware.msupdater.org 127.0.0.1 www.anit1478.msupdater.org 127.0.0.1 www.anit1808.msupdater.org 127.0.0.1 www.anit2157.msupdater.org 127.0.0.1 www.anit2242.msupdater.org 127.0.0.1 www.anit2350.msupdater.org 127.0.0.1 www.anit2393.msupdater.org 127.0.0.1 www.anit2520.msupdater.org 127.0.0.1 www.anit2811.msupdater.org 127.0.0.1 www.anit2824.msupdater.org 127.0.0.1 www.anit2840.msupdater.org 127.0.0.1 www.anit2948.msupdater.org 127.0.0.1 www.anit3039.msupdater.org 127.0.0.1 www.anit427.msupdater.org 127.0.0.1 www.anit988.msupdater.org 127.0.0.1 www.autoupdate.windowsmedia.com 127.0.0.1 www.azupdates.com 127.0.0.1 www.browserupdate.co.uk 127.0.0.1 www.cioupdate.com 127.0.0.1 www.ddupdates.com 127.0.0.1 www.dlx.getupdate.com 127.0.0.1 www.getupdate.com 127.0.0.1 www.ieupdate.info 127.0.0.1 www.install38.msupdater.org 127.0.0.1 www.liveupdate.myim.cn 127.0.0.1 www.msupdater.com 127.0.0.1 www.msupdater.net 127.0.0.1 www.msupdater.org 127.0.0.1 www.necessaryupdates.com 127.0.0.1 www.needupdate.com 127.0.0.1 www.newupdates.lzio.com 127.0.0.1 www.nl.browserupdate.co.uk 127.0.0.1 www.ns1.updatesystempage.com 127.0.0.1 www.ns2.updatesystempage.com 127.0.0.1 www.omi-update.net 127.0.0.1 www.online.update.redirect.hm 127.0.0.1 www.pcsecurityupdates.com 127.0.0.1 www.public.windupdates.com 127.0.0.1 www.registryupdate.com 127.0.0.1 www.serverupdate13.com 127.0.0.1 www.soapoperaupdates.com 127.0.0.1 www.softupdate.net 127.0.0.1 www.sp2msupdateresearch.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 www.static.windupdates.com 127.0.0.1 www.systemupdate.net 127.0.0.1 www.system-update.net 127.0.0.1 www.systemupdates.net 127.0.0.1 www.sysupdate.grandstreetinteractive.com 127.0.0.1 www.sysupdate.ieplugin.com 127.0.0.1 www.sysupdates.com 127.0.0.1 www.sysupdates2.com 127.0.0.1 www.traders-update.com 127.0.0.1 www.update.680180.net 127.0.0.1 www.update.downloadaccelerator.com 127.0.0.1 www.update.downloadv3.com 127.0.0.1 www.update.imiserver.com 127.0.0.1 www.update.kazaa.com 127.0.0.1 www.update.msupdater.com 127.0.0.1 www.update.outerinfo.com 127.0.0.1 www.update.searchmiracle.com 127.0.0.1 www.update.searchsquire.com 127.0.0.1 www.update.smart-browser.com 127.0.0.1 www.update.thunderdownloads.com 127.0.0.1 www.update.topconverting.com 127.0.0.1 www.update.webhancer.com 127.0.0.1 www.update.yupsearch.com 127.0.0.1 www.update2.outerinfo.com 127.0.0.1 www.update2.thunderdownloads.com 127.0.0.1 www.update32.searchmiracle.com 127.0.0.1 www.update32.yupsearch.com 127.0.0.1 www.updatecenter.com 127.0.0.1 www.updated.com 127.0.0.1 www.updatedcumshots.com 127.0.0.1 www.updatedfetish.com 127.0.0.1 www.updatedgays.com 127.0.0.1 www.updatedlatinas.com 127.0.0.1 www.updatedlesbians.com 127.0.0.1 www.updatedmatures.com 127.0.0.1 www.updatedpornstars.com 127.0.0.1 www.updatedsexgalleries.com 127.0.0.1 www.updatedteens.com 127.0.0.1 www.updatedvoyeur.com 127.0.0.1 www.updatehere.com 127.0.0.1 www.updatehq.net 127.0.0.1 www.updatenow.com 127.0.0.1 www.updatenow.org 127.0.0.1 www.updatepage.com 127.0.0.1 www.updaterservice.wildtangent.com 127.0.0.1 www.updates.adultprovide.com 127.0.0.1 www.updates.browseraid.com 127.0.0.1 www.updates.copernic.com 127.0.0.1 www.updates.desktop.ak-networks.com 127.0.0.1 www.updates.desktop.virtumundo.com 127.0.0.1 www.updates.hotbar.com 127.0.0.1 www.updates.lzio.com 127.0.0.1 www.updates.searchmadesafe.net 127.0.0.1 www.updates.shopperreports.com 127.0.0.1 www.updates2.conducent.com 127.0.0.1 www.updatescenter.com 127.0.0.1 www.updatesearches.com 127.0.0.1 www.updateserver.gator.com 127.0.0.1 www.updateserver1.com 127.0.0.1 www.updatesystempage.com 127.0.0.1 www.updatetest.conducent.com 127.0.0.1 www.updateyoursystem.com 127.0.0.1 www.updateyourwindows.com 127.0.0.1 www.videocodecupdate.com 127.0.0.1 www.windows-security-updater.com 127.0.0.1 www.windowsupdate.62nds.com 127.0.0.1 www.windowsupdatenow.com 127.0.0.1 www.windupdates.com 127.0.0.1 www.win-update.net 127.0.0.1 wdcs.trendmicro.com 127.0.0.1 www.wdcs.trendmicro.com 127.0.0.1 sunbelt-software.com 127.0.0.1 www.sunbelt-software.com 127.0.0.1 mailpanda.com 127.0.0.1 pandaasiannude.fsn.net 127.0.0.1 pandaprints.com 127.0.0.1 pandasoftware.es 127.0.0.1 pornopanda.com 127.0.0.1 www.mailpanda.com 127.0.0.1 www.pandaasiannude.fsn.net 127.0.0.1 www.pandaprints.com 127.0.0.1 www.pandasoftware.es 127.0.0.1 www.pornopanda.com 127.0.0.1 windowsupdate.62nds.com 127.0.0.1 windowsupdatenow.com 127.0.0.1 www.windowsupdate.62nds.com 127.0.0.1 www.windowsupdatenow.com catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-17 09:15:26 Windows 5.1.2600 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes00FA0000063D11C8EF00054038389C] "C040FA0900063D11C8EF10054038389C"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\66EDAE6A0000000084E4E7A854000000] "68AB67CA7DA76301B7447A7000000020"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003] "8A0F842331866D117AB7000B0D610003"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F4DB32D08C445EF48BCCA4FADDEFC148] "D1CB593B60CCE5240994C49D58FE0F40"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA76301B7447A7000000020\Features] "Updater"="i4~nD_nPB=]dpXM(BkO6b@'2xQc4a@7&l3S~&z8MdpV~l]-O]AXdbw`+{OPV66$3PEIc(=UdP}c^]o_U_v}zQLIu`@}jJ.-M?3TO_lSYpFsAL=X5ZHczwEW$ddFwLyJXu9bncpOcNI2z\2ReaderProgramFiles" "Reader_Big_Features"="eicXT!cP]8W$]!^Ma0[^" "SearchAndIndex"="'o%[email protected],Ux(vAPr`b}MA=~wIdrC`(DL+h^xgiT49H$l~o?JOg(fsuLwNQYa=QwFYM_nwbM$E(h*28T5=Ocg`@5_YDBwwc$b8,r[@nruGZf0P,UM$4GP`4ws=nuPFo$?CFB\2Reader_Big_Features" "eBookEBXPlugin"="K9{!GAXPX8HOdiUw?WM+Nz2cV.CQh?-,(s?@=7fkiUajX9'(,?bG)AME%.vnEix*nr@L[=UDL)eK2H0U]m5Iyy7&,?vB5yd+X-ba}jouU'ygb8)RXq_u&z{p\2Reader_Big_Features" "ReaderProgramFiles"="._FU*(*_2@0slVZ*5.z_v-]SdHa@k@=nH}[email protected]=z7XY9b=194Dy`[email protected]@le2hu+bKa)B~TAV?e@vJ4`k31$yC@'t8+@)cJFU?,JX(B,ig1O9%A@y{B[`7Rlq6f3W1+7qj+=.rcJ4CazuNl{n^ry?Ot@2d1lc!YJQr_QYe0sBt??CX%pr$P[^p%Dr=J5G.3@B[o!jMLkHhfVknlUmRq8^U^%-ji,xhI[PPih36KA!7MB!^J,R&F{i^-Yf1N9z_yJp?~@!e.xeodI0a9?*PwJ9PAh$$5m5H-EB^w=@7cJ?_CS%B5JiDH@eh99k.)~2E+oT*UJWnkJJ).@1[MUSjj]V[9JYpAndr.?J0G'OVCEk4s5KOXX(Tx@O9it$PYp0%q{*bUab!k@8(itf5ZXiN7+0R8+hnK?x0^1%oW}-+~kh*9PLwPA)~~~KdW]jWzcpEb)~jz?ptW2H-fY',ZSFSFJ,gF=Faq]nD[DSrp5H~36!nc@e2YLT4GPl[1tcPQSbsd?m}OH+*wg}(JdnnNi-d?AjlR&UdQ%RRn=B1Z`VZ%@3r?8ZtrD7q*iv+yATUy8JF$5xzgV35v-JpP%J!N@1sI*A^'am)JZ[1?ytaC9R-Js]{uAhdN9$M.CgJn8W&Qk7n!du=q!.cv1([@9PAKWV6Gj!zfX--TA)F6@q75[1+_[ms4v''43I9J?K`S+v3*LNbdhe=lLSt,?NY,t*K)@mG9dHm&g^rD?Z5LM9qR_rrVE2sy.vXs@`-zl4onx]h8pVC=,wIs9B+Owz0mED3gpt4FA_h{9xK1IDV?OW@ghhxq+lFy@DG-g^-+'d=SJl,szLhw?ht`0,.926K8y!moDy7X@rtiW'j!b+(C?OaVN&E}8!+o8IP}@y^P}a,0_Q]FA!pRKKOv=cN?(HrL[bDx9jj)@iSwoXF+I_q9xm5l@5fj[hX8tk)0=J[O`v^9=_qKwW[nRoe-9)'z0'GX?9nMWL]C3*w)yaokOVQZ9T-Dto=@fKY.(yo@Y@i+=hO8(%~~M_hTSp[-gRtTA==]p?,NP9=[nIX?V7zP?.^b^v{2x_rT,=OH8-v`AtP%+XMJko1$GtTiU[[email protected]!NAFUaxk+xt*j^h?sakH%j,W`Kx}{1QlKcE9BqLy+a%k}vq2H*OKKee8mq$v]+g&JQJDcb&69~N?vrX$oHDCU(zYKuKujjc?.lSp]gNYDFip{$(8(+b?3!_Gw`F~Jd12wyMf6m)9e2YSmA([gRH]r',s}Uc=fVIIX^f[cQgS8]C2RGt?k-Il@7}M~[$utx1`%}k?EZM@D]&^*t8jBev-lYSAGmXPA[w_jCX64$.rEk.@Z@9[@K}b'qVF&^&Xgu`@4ekFN(2qmzd1mJl_yp8@x-*H'tRF!)Y'LBbd5V=@%w'R4OZPBY&kLBtQ6jJ?({$0)gJg5.G0Ytdj-6+Aza}{05HS)ef2xvD5k&V=21*ndh=Oe*,}rT+Z5}.=%TSxXiSJey=eo]UELY9@leb-+2j4T9nSAEh,AGbAW['*HYi?T?`'zu0.zV$ApA8qt3e%?mHkS,U^WsS9t-UB8I0G4b,&}ut*]mb?S6sA*{%`EHS-B!xq)gL=M!%%,I4-y)3p8*o,]ag9)X$n66`j(Hl!O)_66x0?^$r?@)FFxYI1Y(2^GoW?y[?lfgF)yQpazO*L.Ub=ONkK$%RC8Q" "Plugins"="&=f}W-ju1=yjHfRQh*x_%Td1Y+s-8@9i{z48qLAXU6}D``o9R?KtQhi?XANATFTm8DqSV@4ubojGCqa6+iu*_y9t~=5gD^ZnrR_'*!!6ijs!H=QHtAj^2H}3eva4RvV}}?.oBwDB?pfiqP{HC'kyd@m4!AIEzdFVo{ur_AJ()@Z(3sz57e+'kdNk072!`9{)%XW0Ob-f7`zRWwz{[AJG89vxdd8=Lc)]v4Ga&Axo4-A[vN85q=7R8jPvX8fm]Z1zjZHp5*Aez{A3C?&Ua7@9j'OFovVXoNjL2?66kYx,e[sX!hRiLl@P6=mTV+,S6T7Oqg@uKeEha@eB53&J3A!.L&3wF)fZg8a3fZrMG810so,0Iqh4.@i+8m=Gii06LnvPZtcP-9OcjN.=r2Y8\2ReaderProgramFiles" "MultimediaPlugin"="L]Ps9Twl?9+3TW[sd^W)1soY[_KL(9YYxkba(ui9`E'bOz^,=9iI`*kxJN~wDYdO*0.CZ96qx3ceJ3Dl\2Reader_Big_Features" "Help_Full"="-J1GdXi6$?V{p%9)GncqSb*.s)hLBAsW.?Lz%q=m\2Reader_Big_Features" "PictureTasks"="3UM6RC90I=AE,fJ1U1Oz8k@%4JNzM=zPT+'Pj0D7}2!joeUPc9py^6iFeVjQ7A5PfmEM)@-FbLP7+EDXNX3&me0EL?Es$tl~VD3ZRf}W8SKDm@C)b@n7~~kmwv)a%A=+-9zit[XBl&_u?-]x1B}7q8i_h~2gKjWeSV8dgYlNj?6@?I*r,18[_=sgh.WKZW[y5JD445r2~=8?]b@+yhF9\2Reader_Big_Features" "PatchExtras"="=twaD[iv!@lH=4&l)zYB?94qO1j`%?Zw@LBXN6g`u]U8i+HEb9xz{kj6M!6n{o3c8Kl)p97R^}?8A3j_Zl?PbGT&J@q1C-*vjOpL\2AdobeCommonLinguistics_Big" "CE_FONTS"="Vgu[T.6M[A4OjW@jB5U[\2Reader_Big_Features" "ReaderBrowserIntegration"="%5ys[$W1k?DZ*z3.7~6wF24~6%@{c?t`mH_zz^6a[@3*DJp!S@Nq0Vv&r}SfhF{PZ!~z(@}uUrWN+SlCx7lwS7K.k@_(FYV]`Yrg\2ReaderProgramFiles" "ReaderPDFIntegration"="y*LkN?!)RAKft[lNW8Nz}eRAR)wxX?Cb80!DFg=_]kMXt{RiR@Bn!g_javLWH9ND.hxI[98%vV`jvHqEKQs(!qBnOAS@xF7EAeNc{lJ+!m*u}8Sm0EAjf@Aa{PQ3pdCLD@lKUA2[{em1*Z)DM9DQ*9J[d4ujdve4~&Ur*Zrjr=,`?ZgbcKac._k_n,w3Q?f=3qRMTAx--o6tsP@tX8(V3Dfv3`@=\2ReaderProgramFiles" "Accessibility_Plugins"="rH+Ig=T[(@$b`*tHJpvrWjPC897kA@pS4q'eMamAIS=Tzjq8_@OeYM_%})9)HCa!h0UMn9JH3_6?&K,yrIT'YWhV]=[`9yu,Ul]zVn{C6z1{89AWhm!Yr09=hqg9z5=1i?u1^nD{C+c=NHHE]{D@0@_pa7CH*5C+11oOaEv,@?=&5sK`dD]UtWuNMBc7W9^+.c+NaZ7W\2Reader_Big_Features" "Atmosphere_3D"="ha'WCGBLV9v$u[iDyRj]^X)x8c*bF9uX[Yk=h*t0uq35L?Q0o8]jc!1GgjE*G'QpR3o[*@SJ!2y*ZuqT2=eUxr-88=X[^'-qu[uWu?zcG%.hX?W4c98w2^aD10_ByZ$2=@2dw0e74ry9\2Reader_Big_Features" "AdobeCommonTypSpt"="?Uuvn1CY]9h]5%hs-_)($1EtTD&C!@AV%RYi&iUS6GO[6yJdB?tP?zE9`hGE(v=4xR+L'=I1?Ira0)!Yk'}C(pAS6=sK,p&Cy[vehN]ko%_-R=X3u-,FZ8zAE0(a89(xJ@xXm7S~l71b\2ReaderProgramFiles" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA76301B7447A7000000020\InstallProperties] "RegOwner"="Dusoulier Christian" "RegCompany"="Home User" "ProductID"="none" "LocalPackage"="C:\WINDOWS\Installer\a2f93.msi" "AuthorizedCDFPrefix"="" "Comments"=" " "Contact"=" " "DisplayVersion"="7.0.7" "HelpLink"=str(2):"http://www.adobe.fr/support/main.html"'>http://www.adobe.fr/support/main.html"'>http://www.adobe.fr/support/main.html"'>http://www.adobe.fr/support/main.html"'>http://www.adobe.fr/support/main.html"'>http://www.adobe.fr/support/main.html" "HelpTelephone"=" " "InstallDate"="20071211" "InstallLocation"="C:\Program Files\Adobe\Acrobat 7.0\Reader\" "InstallSource"="C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig707\FRA\" "ModifyPath"=str(2):"MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}" "NoRepair"=dword:00000001 "Publisher"="Adobe Systems Incorporated" "Readme"=str(2):"C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm" "Size"="" "EstimatedSize"=dword:000131bd "UninstallString"=str(2):"MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}" "URLInfoAbout"="http://www.adobe.fr/support/main.html" "URLUpdateInfo"="http://www.adobe.fr/support/main.html" "VersionMajor"=dword:00000007 "VersionMinor"=dword:00000000 "WindowsInstaller"=dword:00000001 "Version"=dword:07000007 "Language"=dword:0000040c "DisplayName"="Adobe Reader 7.0.7 - Fran\x00e7ais" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003\Features] "other_US"="r+A+4.oCg(^O3Xa,A]FH" "both"="" "IESUB"="\2both" "MOZILLASUB"="\2both" "extra"="h1A+4p^$G@n}-$+KWS4r" "jrecore"="F?A+4'KCg([i3Xa,A]FHF?A+4'KCg([i3Xa-JxbHF?A+4'KCg([i3Xa.S9!IX9A+4$qd*?do.B$rpHeTE&jA4'KCg([i3Xa?uBL3F?A+4'KCg([i3XabEdIN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003\InstallProperties] "RegOwner"="Dusoulier Christian" "RegCompany"="Home User" "ProductID"="none" "LocalPackage"="C:\WINDOWS\Installer\1e037c3.msi" "AuthorizedCDFPrefix"="" "Comments"="" "Contact"="http://java.com"'>http://java.com"'>http://java.com"'>http://java.com"'>http://java.com"'>http://java.com" "DisplayVersion"="1.6.0.30" "HelpLink"=str(2):"http://java.com" "HelpTelephone"="" "InstallDate"="20071211" "InstallLocation"="" "InstallSource"="http://javadl.sun.com/webapps/download/GetFile/1.6.0_03-b05/windows-i586/"'>http://javadl.sun.com/webapps/download/GetFile/1.6.0_03-b05/windows-i586/" "ModifyPath"=str(2):"MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}" "NoRepair"=dword:00000001 "Publisher"="Sun Microsystems, Inc." "Readme"=str(2):"C:\Program Files\Java\jre1.6.0_03\README.txt" "Size"="" "EstimatedSize"=dword:0001bd4e "UninstallString"=str(2):"MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}" "URLInfoAbout"="http://java.com" "URLUpdateInfo"="http://java.sun.com"'>http://java.sun.com" "VersionMajor"=dword:00000001 "VersionMinor"=dword:00000006 "WindowsInstaller"=dword:00000001 "Version"=dword:01060000 "Language"=dword:00000000 "DisplayName"="Java 6 Update 3" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B79C053C7D38EE4AB9A00CB3B5D2472\Features] "WebPublFiles"="]aZF&kXsf(lf*L[_GKba}gbvW,Qmf(G'*L[H+8]bZ}IuVaZtf(Cyn.Q2tAE!_{@h=i,nf(R8(L[JO9}X_}M^V8Xqf(Rp)L[_GKbahlT]jI{jf(=1&L[-81-]I-M04-B~f(8Hw.QdFt.0T4}vzw$wf(dKr.QPSdMu" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B79C053C7D38EE4AB9A00CB3B5D2472\InstallProperties] "RegOwner"="Dusoulier Christian" "RegCompany"="Home User" "ProductID"="12345-111-1111111-46394" "LocalPackage"="C:\WINDOWS\Installer\24598.msi" "AuthorizedCDFPrefix"="" "Comments"="" "Contact"="" "DisplayVersion"="9.50.5318" "HelpLink"=str(2):"http://www.microsoft.com/windows"'>http://www.microsoft.com/windows" "HelpTelephone"="" "InstallDate"="20071207" "InstallLocation"="" "InstallSource"="C:\WINDOWS\System32\" "NoModify"=dword:00000001 "NoRemove"=dword:00000001 "NoRepair"=dword:00000001 "Publisher"="Microsoft Corporation" "Readme"="" "Size"="" "EstimatedSize"=dword:00000a6c "SystemComponent"=dword:00000001 "URLInfoAbout"="" "URLUpdateInfo"="" "VersionMajor"=dword:00000009 "VersionMinor"=dword:00000032 "WindowsInstaller"=dword:00000001 "Version"=dword:093214c6 "Language"=dword:0000040c "DisplayName"="WebFldrs XP" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C040FA0900063D11C8EF10054038389C\Features] "PowerPointViewer"="-q1y7QC.hoDx0g_j4N(k&n~@_9wg}9P~'jMu$n~9CO&s0I,yD@j)Mo=UPGg`Nl){xl&r$=j.nv1g}.u,Yp(gp~`qc?h4`4z.-(8t_Fb5Xwnst@q382?cD&~y-G9=Gl8qu9gMMzgW%S?m{Is$[E9NI=~JRI=5.Q@%" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D1CB593B60CCE5240994C49D58FE0F40\Features] "LightScribe"=")~C[`Nt?.@A&]nc9J)Z.D0s%I[[email protected][gze=vD@XABPNl?6!2QB~daXgo)9J6FUUaFJHQ1_ekJW84+AfVPh*F5W4,DTm4X]FP+?`*vCOu}b?+?,rOUcbh}8A$u%e(ZT[?Gb$_SP6e6?&(Ji`~m60GlDGsA&Rse9dU'sOx_P^jf{t.NeZH(9wAO,?=3HCI$Vh'beU44?MNO85GB83wSm(,!7lFw?)3'kPkb$6*d=UlRrg]X@l+.T6hF)2_hAJxP4RVr8OZ53K`mXYo)`FyUCVes@MH(_qeZ8iCdA3LIai7DAL}DRI*La}=_5Apz3CP)@*6YnSO4sk1bv5[)DDoO?tVf'L(%$$^BQgyj]^h~?@7'VIx{9hM6lyE6c4~^=wFZ]c6io1&[d?~II$cx@L*8w6h&s3x1pxWW[`Qq8H?,?u$EozV0ndJRI-J+=!@`PQ%,Fe,rSd^1H`]]A(5x*IyC'=-Y=VOX%LCf?aMzzfY-qVdJ3}P^Jg0I?.P7uqEHvMr=KI[)%%Y29x86f0{p2]_HD1_H9Yjs=I0tOkhLFXJ*UoL^v6ke86dYyj..8,29UF+in,!t9_F@ZVbGiMev6W6lRA5l8z=P9Cr$%)yZ}.3&aY'Z8'q8S3WX5e8i77tKH([c8]Kh'`OZmriV5B2'A-kK=K_*vF?[TxSK63vqF'nu@{6D&3D+X,$P,1%rzjdIAXox5qNimIuoi?Rda.83?}Xm^[ySi66eWN?X,Yd5A1pgKVcuO*(${^{q^iIw=fro~'DRVz!q^rciQOOZ=R2_siJB*,C[83?='uIMA!K.*`.1!(-P-)E?~+!6?i}+}vLp$Y7Cr*[_,yV7='!Q+X%5Vw0h73Aw'@Q!=gwn~%hb0e*dGDqGzYbAA1^AD@S37P%I[P+oL1&=@7`yT^FYvzf%*TELs]6,AA=!j7_Q)y^dC1lMbPq69%,.eZ5&w[&uQQb50tue=qwi]wTap8VDa)_iT[L9=1yc&GCP+ov0'0uDth9k?W]CjOBT{1c$RNAG[``p?@58Cb=N8G^E[ituHr0_84]?4r+MQrz_p76IiIf(AhZ6,6maZ{6PLj_D,pt~?GYETs{U91v4e_fBY=l{@UcDoUR$Jj*65LXRb2QB=D9$kclY$1NY*CQaoq5@?&!DKpRGOqNdlTZYy&mH=p3p5*t2&Kv~!r=LPTN@=C?&TMbY%@MA_$TNtM9+=3IM032`1%-@~A0kaX0x8KenOEVljv[g0BfCk{4&9@u3Wo?cUGTcVz}`Jg)'@n7*w[l1M'x'g[utqZ`i??{=I]4$3MtSN)siMYbF@a(AUTukCWRt}ea?8M`f8U=FcLBja*w+ZP%aLs.i?2WY.jlW~RCRkeQlW%RY?Eo=v`HT`-_nt4Q&h4]G?LOHEr7IfV&'FvS%O?`&=OSZs(~WJMu$rs~llV]D?&S^1Jq@zWxWdz7ETooU=LvR(Y.C&.^93{&1I4WH9asFwE=nWs+(g,j,hM`o9QtzU?&uOZVZ[E`r%K!=9?m$%t.66-69)eu^5T4}8Ym&7$1^s0S&O.~$FzQy8Noo_FLhmJJmccCe[aPZ=y`tdPFdzUfB0zof}ApD=pxegN[o*E.*z%!$]F9V9_l]OJDMSB,^cug!FNsx9QjVWKRP$bp[h{pjVG?UA{(KNav7ml-k+K35NdOp97=w(v{67?lY4bDvq&DQ=jS&V-0lkO%uvnlZwNvx=e*GO185NIcoWbR,wY_0@2F'$nkAyCx.^Ir$@Vqf?c-oDxfJlH0oI^=@[x*T@j1jjyh+jt^oA~OxD5H_=Y&4x^jrZ!6fh72Vzz3t8P$H(Ah3*m&(Kn~&2=bk=3I$@imY4?M-BOko=NxX?q+@d'F=6o.&Y5gu[swb?8E@Bb!efKb" "LightScribeUE"="7R4FZT}w??3DF,=~*{x,F*D]87&&f@zTOdJt4_44.oU]B%]v4@xX?D3%h?0QWC@{Rh=Hs9~oiBn[3g]F5CeBjP+Jm9YNtZY{&gqeaTS3(gq66@%Fm?[ssCrg6+&+F5FB-9^v^5X4qiI+7glMkzNQr@hsgj8kT&CDgrY,ii7Rb=85Laj3trK-ylu6p}uCD=$n,gNVMORuKkeOtG]?F@bD{dQ*%qZe(GzEc(aYm8FWhpprda8{1S6(_'3^9?@4noRqL1KQv5~k^V62D9yHU$*%Cer6w0oRr$JHcA`Y9OipH@PNe,dg[--p9?Bc&*,B2W){75!)%(DfB9vPS!JAle'.wxyJ5asMo?8HG.t}vg1eggN%1fZy}9KMGP)oI!dRJ=&Bu}1q!?%BMOM9Sc6KeQ6~qxH0%=3^7~4L96E-?Ua=VA@'n?-KjC.l`o'dBPZ~PCe9?9fxB(xTn6DmimxIk}[KQ9k[.tkY.96x4T879ijij?M_tcvi+QL!D1tl43zZ+A0~MEC2qbHy&ZfwJ!-q6?%]EEO3R[$9^oeYV'6wi9ALQRkfu$!V+c+riFI1l@wJTn3LX9!S4d1Q9O(YN@BnhSV2tJnY?kFNOb.=r8HH0skUDDty11s~J@5xDA=G_Fe{r6cOnDK'Z&Umf?.UOeyeQ`XHEohvgVD~v@rwfYht(6Wo]]uZiqEt-9@T!wPrQDm7Z.WOHXCNw82DQ,-,6gv(qvvVxKM82Af0tqc$c,S8*0rRaquu[=*i$Gl`7&-lv)Qlw(w~E@vv&hP%(S2TBL2vh.'c4A7hRZ&WQkr3Zo0ShWP@,@p++fJ(.R-ylY&2zH^b^AEM%Oqj-_I4i3pQekMcn8uhFRO}`?ht%z@9!.2UL?2Ip9inz`8T@0w[cGz'H=`!Fh0`f]Acef*'Hf5j!=hH)1_AUCu-FH0&G6y{T9Kp=v2Ac[)PPj9R3NqV}=ptI'Gln'Kc*~0ST(OQX@ePGNB5s]Epcjz{0j[nY8Hf~&SHo=Ft`u(`?F}ro=).n}g'Z'26k)a1pbvvI9k]j3'e`CwvIMhhW4v9UA1M1-H69W0_FZY_,KQv2@X]sYy}4VdcKd!JcL(v_A{VOr5$,T(Aq*Ivk!V&E=Bjkq@O))vZB2802!lHH@BQDuGd!-DFy-K{Op*ZSAFG-jgx^$yCDh*$G')+z=0%gZ8ltf(.Lq^GWXfkr8yXOes8vS=37!+fnxo$N?im08^N.bdhrB)noq$k^?b05^(_~}4d4yfs=[6=j=u[7no$`D7(VD)5R?'G[9&AlP%d[{Xwc]ip'^r+F@o7THhZK{t=+}Hx7VzjCAs5HC9h?j1&" "LightScribeCpan"="Lont7(?11A7=Olr_TEU.c8SAgGLn8AwJXzQ8dh^%Sl]B(JZO@=3W$yaM1t--2~*Jaa=,w=LQE{%i!jkGu&(At`nT[8HqzW]gA0d=s+%j8qqL[8}MRGR(-Bo,BJd}f0[-N?5rH@wb+l1rhR+-R'G~M?WKatt@AlM8.*Mo*'V&CA-Nl7Gi`flcK[_l5f}+D=JlMGAiyikF)_PnGRJcf9RWL's9PZDZkDiKCB-Tr?geJwk&kK&N*QLp?DdY^=9GO58WQc*YH^WE^+EU(A!u?f$y35==y^l0,.*-c9c$i[@}8gD1wr&CT7xtB@%qqE]!(u).+ZIC_a[R'Ab_jNahxxGt$[Z9rr3{+@z]TxH{iSuCa!K7dPX@W9m1`ACzgnr?pwqJ3=rNGA+aJtmb4ree2l3u&U*yw=J!5.++)=(G90oyRy5p%=c[ERH[53z`^vtUDFml??_+@arR(.AiG!AD3c^Q1@^S!kReUGSB2uYlnXpyr?S*R7=?Tf&s.6=IoHto6?[tx2RagJw?93N,{scu2?*]S}Y%VkdxOMP0Bc@Y&@ZbM-E=oObx" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 260 - firefox.exe 328 - ADSL Autoconnec 492 - svchost.exe 584 - csrss.exe 612 - winlogon.exe 656 - services.exe 668 - lsass.exe 852 - svchost.exe 932 - svchost.exe 1012 - avgnt.exe 1080 - mamutu.exe 1100 - avguard.exe 1220 - TaskSwitchXP.ex 1360 - explorer.exe 1380 - ctfmon.exe 1528 - Webshots.scr 1588 - dllhost.exe 1656 - a2service.exe 3348 - cmd.exe Total number of processes = 20 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D0000 - \WINDOWS\system32\ntoskrnl.exe 806B5000 - \WINDOWS\system32\hal.dll F8A35000 - \WINDOWS\system32\KDCOM.DLL F8945000 - \WINDOWS\system32\BOOTVID.dll F84E8000 - ACPI.sys F8A37000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F8535000 - pci.sys F8545000 - isapnp.sys F8A39000 - avgarkt.sys F8A3B000 - intelide.sys F87B5000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F8555000 - MountMgr.sys F84C9000 - ftdisk.sys F8A3D000 - dmload.sys F84A5000 - dmio.sys F87BD000 - PartMgr.sys F8949000 - hotcore.sys F8565000 - VolSnap.sys F848F000 - atapi.sys F8575000 - disk.sys F8585000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F847D000 - sr.sys F8595000 - avgntmgr.sys F8469000 - KSecDD.sys F83E6000 - Ntfs.sys F83BE000 - NDIS.sys F83AB000 - sfvfs02.sys F87C5000 - sfhlp02.sys F8399000 - sfdrv01.sys F837F000 - Mup.sys F87CD000 - agp440.sys F85C5000 - \SystemRoot\System32\DRIVERS\processr.sys F8284000 - \SystemRoot\System32\DRIVERS\nv4.sys F85D5000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F85E5000 - \SystemRoot\System32\Drivers\Imapi.SYS F85F5000 - \SystemRoot\System32\DRIVERS\cdrom.sys F8605000 - \SystemRoot\System32\DRIVERS\redbook.sys F8264000 - \SystemRoot\System32\DRIVERS\ks.sys F87F5000 - \SystemRoot\System32\DRIVERS\usbuhci.sys F8245000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F822D000 - \SystemRoot\system32\drivers\ac97intc.sys F820C000 - \SystemRoot\system32\drivers\portcls.sys F8615000 - \SystemRoot\system32\drivers\drmk.sys F880D000 - \SystemRoot\System32\DRIVERS\fdc.sys F8625000 - \SystemRoot\System32\DRIVERS\serial.sys F89D9000 - \SystemRoot\System32\DRIVERS\serenum.sys F81F9000 - \SystemRoot\System32\DRIVERS\parport.sys F89E1000 - \SystemRoot\System32\DRIVERS\gameenum.sys F8B82000 - \SystemRoot\system32\drivers\msmpu401.sys F89E5000 - \SystemRoot\System32\DRIVERS\usbscan.sys F8A43000 - \SystemRoot\System32\DRIVERS\USBD.SYS F8B86000 - \SystemRoot\System32\DRIVERS\audstub.sys F8635000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F89ED000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F81E3000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F8645000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F8655000 - \SystemRoot\System32\DRIVERS\raspptp.sys F89FD000 - \SystemRoot\System32\DRIVERS\TDI.SYS F81D2000 - \SystemRoot\System32\DRIVERS\psched.sys F8665000 - \SystemRoot\System32\DRIVERS\msgpc.sys F8825000 - \SystemRoot\System32\DRIVERS\ptilink.sys F8835000 - \SystemRoot\System32\DRIVERS\raspti.sys F8675000 - \SystemRoot\System32\Drivers\pcouffin.sys F80DD000 - \SystemRoot\System32\DRIVERS\rdpdr.sys F8685000 - \SystemRoot\System32\DRIVERS\termdd.sys F8845000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F8855000 - \SystemRoot\System32\DRIVERS\mouclass.sys F8B94000 - \SystemRoot\System32\DRIVERS\swenum.sys F80BB000 - \SystemRoot\System32\DRIVERS\update.sys F86A5000 - \SystemRoot\System32\Drivers\NDProxy.SYS F86B5000 - \SystemRoot\System32\DRIVERS\usbhub.sys F8865000 - \SystemRoot\System32\DRIVERS\usbiad.sys F8875000 - \SystemRoot\System32\DRIVERS\usbccgp.sys F8885000 - \SystemRoot\System32\DRIVERS\usbprint.sys F8357000 - \SystemRoot\System32\DRIVERS\hidusb.sys F86C5000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS F8895000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS F88A5000 - \SystemRoot\System32\DRIVERS\flpydisk.sys F834F000 - \SystemRoot\System32\DRIVERS\kbdhid.sys F834B000 - \SystemRoot\System32\DRIVERS\mouhid.sys F86E5000 - \SystemRoot\SYSTEM32\DRIVERS\avgntdd.sys F8A55000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F8BA2000 - \SystemRoot\System32\Drivers\Null.SYS F8A59000 - \SystemRoot\System32\Drivers\Beep.SYS F8BA5000 - \SystemRoot\System32\DRIVERS\AvgArCln.sys F88CD000 - \SystemRoot\System32\drivers\vga.sys F8A5D000 - \SystemRoot\System32\Drivers\mnmdd.SYS F8A61000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F88DD000 - \SystemRoot\System32\Drivers\Msfs.SYS F88ED000 - \SystemRoot\System32\Drivers\Npfs.SYS F8337000 - \SystemRoot\System32\DRIVERS\rasacd.sys F8705000 - \SystemRoot\System32\DRIVERS\ipsec.sys F7023000 - \SystemRoot\System32\DRIVERS\tcpip.sys F6FFE000 - \SystemRoot\System32\DRIVERS\netbt.sys F8715000 - \SystemRoot\System32\DRIVERS\netbios.sys F8725000 - \SystemRoot\System32\DRIVERS\wanarp.sys F890D000 - \SystemRoot\System32\DRIVERS\ssmdrv.sys F6FD6000 - \SystemRoot\System32\DRIVERS\rdbss.sys F6F4A000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F8735000 - \SystemRoot\System32\Drivers\Fips.SYS F8745000 - \SystemRoot\System32\DRIVERS\avipbb.sys F8765000 - \SystemRoot\System32\Drivers\Cdfs.SYS F6E94000 - \SystemRoot\System32\Drivers\dump_atapi.sys F8A67000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \??\C:\WINDOWS\system32\win32k.sys F81AA000 - \??\C:\WINDOWS\system32\watchdog.sys BFF80000 - \SystemRoot\System32\drivers\dxg.sys F8C1D000 - \SystemRoot\System32\drivers\dxgthk.sys BFDD0000 - \SystemRoot\System32\nv4.dll F4AB1000 - \SystemRoot\System32\drivers\afd.sys F4A11000 - \SystemRoot\system32\drivers\sysaudio.sys F4879000 - \SystemRoot\system32\drivers\wdmaud.sys F8ACD000 - \SystemRoot\System32\Drivers\ParVdm.SYS F455E000 - \SystemRoot\System32\Drivers\Fastfat.SYS F43F5000 - \SystemRoot\System32\DRIVERS\srv.sys F42F2000 - \SystemRoot\System32\DRIVERS\ipnat.sys F8BD7000 - \??\C:\WINDOWS\System32\Drivers\mchInjDrv.sys F8B5D000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 118 Liste des programmes installes a-squared Free 3.1 Ad-Aware SE Personal Adobe Flash Player ActiveX Adobe Flash Player Plugin Adobe Reader 7.0.7 - Français Adobe Shockwave Player ADSL Autoconnect APO Usb Autorun Ashampoo Burning Studio 5 AVG Anti-Rootkit Free Avira AntiVir PersonalEdition Classic DivX Content Uploader DivX Web Player DVD Flick EasyCleaner HijackThis 2.0.2 InfraRecorder Java 6 Update 3 jv16 PowerTools 1.3 Kit de connexion ADSL Lexmark 510 Series LightScribe 1.8.15.1 Mamutu 1.1 Microsoft Office PowerPoint Viewer 2003 MozBackup 1.4.7 Mozilla Firefox (2.0.0.11) Mozilla Thunderbird (2.0.0.9) Navilog1 3.4.0 NCH Toolbox Uninstall Panda ActiveScan Paragon Drive Backup 8 Special Edition Passbox Prism Video Converter Satsuki Decoder Pack Sony Ericsson Themes Creator 3.19 Spybot - Search & Destroy 1.4 Super Blank 3.01 Suppress plus 1.8 Supprimer cible dans le clic droit System Requirements Lab TaskSwitchXP Tray Commander Lite 1.2 Uniblue RegistryBooster 2 USB MODEM Driver VirtualDub 1.6.9 Fr VSO Inspector 1.3.1.82b WebFldrs XP Webshots Desktop WinTidy 2.0 xp-AntiSpy 3.96-6 Zeb-Utility 1.2 ZipGenius 6 (6.0.3.1150) Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D075-DA3A Répertoire de C:\Program Files 17/01/2008 09:05 <REP> . 17/01/2008 09:05 <REP> .. 14/12/2007 19:11 <REP> Adobe 16/01/2008 16:39 <REP> ADSL Autoconnect 11/12/2007 15:33 <REP> AIDA32 - Enterprise System Information 16/01/2008 16:39 <REP> APO Usb Autorun 30/12/2007 10:56 <REP> Ashampoo 16/01/2008 16:38 <REP> a-squared Free 08/12/2007 01:14 <REP> Avira 07/12/2007 15:00 <REP> ComPlus Applications 04/01/2008 14:09 <REP> DivX 03/01/2008 21:41 <REP> DVD Flick 30/12/2007 10:00 <REP> Fichiers communs 16/01/2008 23:39 <REP> GRISOFT 29/12/2007 19:17 <REP> InfraRecorder 16/01/2008 16:40 <REP> Internet Explorer 11/12/2007 23:28 <REP> Java 11/12/2007 09:26 <REP> jv16 PowerTools 09/12/2007 12:33 <REP> Kit ADSL 17/12/2007 21:07 <REP> Lavasoft 10/12/2007 08:32 <REP> Lexmark 510 Series 16/01/2008 16:41 <REP> Mamutu 07/12/2007 15:05 <REP> microsoft frontpage 10/12/2007 17:56 <REP> Microsoft Office 07/12/2007 15:02 <REP> Movie Maker 10/01/2008 00:27 <REP> MozBackup 17/01/2008 09:10 <REP> Mozilla Firefox 16/01/2008 14:52 <REP> Mozilla Thunderbird 07/12/2007 14:59 <REP> MSN Gaming Zone 17/01/2008 09:05 <REP> Navilog1 31/12/2007 00:23 <REP> NCH Software 03/01/2008 17:12 <REP> NCH Swift Sound 07/12/2007 15:01 <REP> NetMeeting 07/12/2007 15:01 <REP> Outlook Express 28/12/2007 17:00 <REP> Paragon Software 03/01/2008 14:18 <REP> Passbox2007 23/12/2007 15:46 <REP> Satsuki Decoder Pack 10/12/2007 10:57 <REP> Services en ligne 18/12/2007 18:38 <REP> Software by Design 06/01/2008 12:49 <REP> Sony Ericsson 11/12/2007 14:02 <REP> splus 14/12/2007 13:42 <REP> Spybot - Search & Destroy 25/12/2007 23:01 <REP> SuperBlank 19/12/2007 19:01 <REP> SystemRequirementsLab 16/01/2008 16:44 <REP> TaskSwitchXP 09/12/2007 14:16 <REP> ToniArts 16/01/2008 16:44 <REP> Tray Commander Lite 23/12/2007 13:57 <REP> Trend Micro 30/12/2007 09:20 <REP> Uniblue 07/12/2007 18:21 <REP> USB Driver-Express 01/01/2008 15:09 <REP> VirtualDub 25/12/2007 23:31 <REP> vso 16/01/2008 16:44 <REP> Webshots 08/12/2007 17:42 <REP> Windows Media Player 07/12/2007 14:59 <REP> Windows NT 17/01/2008 09:08 <REP> WinTidy 07/12/2007 15:05 <REP> xerox 18/12/2007 18:57 <REP> xp-AntiSpy 07/12/2007 22:55 <REP> Zeb-Utility 16/01/2008 16:44 <REP> ZipGenius 6 0 fichier(s) 0 octets 60 Rép(s) 15 837 229 056 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D075-DA3A Répertoire de C:\Program Files\fichiers communs 30/12/2007 10:00 <REP> . 30/12/2007 10:00 <REP> .. 15/12/2007 11:17 <REP> Adobe 09/12/2007 12:32 <REP> InstallShield 11/12/2007 23:26 <REP> Java 07/12/2007 15:12 <REP> Microsoft Shared 07/12/2007 15:01 <REP> MSSoap 07/12/2007 14:51 <REP> ODBC 07/12/2007 15:01 <REP> Services 07/12/2007 14:50 <REP> SpeechEngines 07/12/2007 15:01 <REP> System 0 fichier(s) 0 octets 11 Rép(s) 15 837 224 960 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est D075-DA3A Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 08/12/2007 01:38 <REP> . 08/12/2007 01:38 <REP> .. 18/05/2001 17:57 561 209 MSONSEXT.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 3 fichier(s) 811 179 octets 2 Rép(s) 15 837 224 960 octets libres c:\Documents and Settings\Christian\Application Data\inst.exe c:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\9iutf4za.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\FEBEbg.exe c:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\9iutf4za.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\FEBEunzip.exe c:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\9iutf4za.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\FEBEzip.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\find2.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Christian\Bureau\DiagHelp\tar.exe c:\Documents and Settings\Christian\Mes documents\avgarkt-setup-1.1.0.42.exe c:\Documents and Settings\Christian\Mes documents\HJTInstall.exe c:\Documents and Settings\Christian\Mes documents\MamutuSetup.exe c:\Documents and Settings\Christian\Mes documents\Navilog1.exe c:\Documents and Settings\Christian\Mes documents\RHosts.exe c:\Documents and Settings\Christian\Mes documents\stinger.exe c:\Documents and Settings\Christian\Mes documents\SummerProperties 1.2 Setup.exe c:\Documents and Settings\Christian\Mes documents\TweakHosts.exe c:\Documents and Settings\Christian\Mes documents\Aides diverses\Aide_jv16PowerTools.exe c:\Documents and Settings\Christian\Mes documents\david\Puyo15_Carnival.exe c:\Documents and Settings\Christian\Mes documents\david\ThemesCreator-v3.19.b6.exe c:\Documents and Settings\Christian\Mes documents\Download1212\adsl-autoconnect_adsl_autoconnect_2.06_f7_francais_10516.exe c:\Documents and Settings\Christian\Mes documents\Download1212\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\Christian\Mes documents\Download1212\easycleaner_easycleaner_2.0.6.381_francais_11170.exe c:\Documents and Settings\Christian\Mes documents\Download1212\InCD-4.3.23.2.exe c:\Documents and Settings\Christian\Mes documents\Download1212\LS_HSI.EXE c:\Documents and Settings\Christian\Mes documents\Download1212\Nero-6.6.1.15_fra.exe c:\Documents and Settings\Christian\Mes documents\Download1212\Patch_Fr_TrayCommander(2).exe c:\Documents and Settings\Christian\Mes documents\Download1212\PPVIEWER.EXE c:\Documents and Settings\Christian\Mes documents\Download1212\pygrenouille-v1.12.exe c:\Documents and Settings\Christian\Mes documents\Download1212\Setup_Zeb-Utility.exe c:\Documents and Settings\Christian\Mes documents\Download1212\splus_install.exe c:\Documents and Settings\Christian\Mes documents\Download1212\spybot-search-destroy_spybot_-_search_destroy_1.4_francais_10965.exe c:\Documents and Settings\Christian\Mes documents\Download1212\TaskSwitchXP_2.0.11.exe c:\Documents and Settings\Christian\Mes documents\Download1212\tc_lite(2).exe c:\Documents and Settings\Christian\Mes documents\Download1212\Thunderbird Setup 2.0.0.9.exe c:\Documents and Settings\Christian\Mes documents\Download1212\vso_image_resizer_setup.exe c:\Documents and Settings\Christian\Mes documents\Download1212\wbsamp5.exe c:\Documents and Settings\Christian\Mes documents\Download1212\ZebProtect.exe c:\Documents and Settings\Christian\Mes documents\Download1212\zg603std.exe c:\Documents and Settings\Christian\Mes documents\Download1212\regseeker_regseeker_1.55_francais_31515\RegSeeker\RegSeeker.exe c:\Documents and Settings\Christian\Mes documents\Download1212\SafeXP\SafeXP.exe c:\Documents and Settings\Christian\Mes documents\Download1212\WinTidy\setup.exe c:\Documents and Settings\Christian\Mes documents\Installés\a2FreeSetup.exe c:\Documents and Settings\Christian\Mes documents\Installés\Firefox Setup 1.5.0.1.exe c:\Documents and Settings\Christian\Mes documents\Installés\jv16pt_setup1.3.0.195.exe c:\Documents and Settings\Christian\Mes documents\Installés\mpc_install_xp_6.4.9.0b_fr.exe c:\Documents and Settings\Christian\Mes documents\Installés\prismsetup.exe c:\Documents and Settings\Christian\Mes documents\Installés\Satsuki.Decoder.Pack.3.1.1.7.exe c:\Documents and Settings\Christian\Mes documents\Installés\setup_passbox2007.exe c:\Documents and Settings\Christian\Mes documents\Installés\spybot-search-destroy_spybot_-_search_destroy_1.4_francais_10965.exe c:\Documents and Settings\Christian\Mes documents\Installés\VirtualDub_1.6.9_b23604_Fr.exe c:\Documents and Settings\Christian\Mes documents\Installés\wbsamp.exe c:\Documents and Settings\Christian\Mes documents\Installés\xp-AntiSpy_setup-french.exe c:\Documents and Settings\Christian\Mes documents\Installés\AdAware\aawsepersonal.exe c:\Documents and Settings\Christian\Mes documents\Installés\AdAware\adawarfrseskins.exe c:\Documents and Settings\Christian\Mes documents\Installés\AdAware\vx2cleaneradaware_inst.exe c:\Documents and Settings\Christian\Mes documents\Installés\Adobe actuel\AdbeRdr707_fr_FR.exe c:\Documents and Settings\Christian\Mes documents\Installés\AdobeAcronon instal\Ac705RdP_efgj.exe c:\Documents and Settings\Christian\Mes documents\Installés\AdobeAcronon instal\AdbeRdr705_fra_full.exe c:\Documents and Settings\Christian\Mes documents\Installés\Antivir résident\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\Christian\Mes documents\Installés\Antivirusmvc\setup.exe c:\Documents and Settings\Christian\Mes documents\Installés\EasyCleaner\EasyClea.exe c:\Documents and Settings\Christian\Mes documents\Installés\JPuzzle\ImagesPuzzles.exe c:\Documents and Settings\Christian\Mes documents\Installés\JPuzzle\JPuzzles.exe c:\Documents and Settings\Christian\Mes documents\Installés\mvc\setup.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\InCD-4.3.20.1.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\Nero-6.6.1.4_fra.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\Nero-6.6.1.4_no_yt.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\NMP-1.4.0.35b.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\NMP-1.4.0.35b_fra.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\NVE-3.1.0.25_fra.exe c:\Documents and Settings\Christian\Mes documents\Installés\Nero MàJ\NVE-3.1.0.25_no_yt.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\ADSLAutoconnect206F7.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\aida32ee_393.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\GoogleToolbarInstaller.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\HijackThisFR.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\PPVIEWER.EXE c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\Setup_Zeb-Utility.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\Shockwave_Installer_Slim.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\splus_install.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\TaskSwitchXP_2.0.8.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\TaskSwitchXP_2.0.9.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\Tweak UI 2.00 FR.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\videoinspector.exe c:\Documents and Settings\Christian\Mes documents\Installés\Outils Divers\ZebProtect.exe c:\Documents and Settings\Christian\Mes documents\Installés\PopTray\PopTray310.exe c:\Documents and Settings\Christian\Mes documents\Installés\QuickDel courrier\quickdel.exe c:\Documents and Settings\Christian\Mes documents\Installés\RegSeeker\RegSeeker.exe c:\Documents and Settings\Christian\Mes documents\Installés\SpyBlaster\spywareblastersetup351.exe c:\Documents and Settings\Christian\Mes documents\Installés\StartUp\Startup.exe c:\Documents and Settings\Christian\Mes documents\Installés\tcpview\Tcpview.exe c:\Documents and Settings\Christian\Mes documents\Installés\TMPGEnc-2.521.58.169-Free\TMPGEnc.exe c:\Documents and Settings\Christian\Mes documents\Installés\Tweak UI\Tweak UI 2.00 FR.exe c:\Documents and Settings\Christian\Mes documents\Installés\wintidy\setup.exe c:\Documents and Settings\Christian\Mes documents\Installés\ZipGenius\frapak301.exe c:\Documents and Settings\Christian\Mes documents\Installés\ZipGenius\zg602std.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\93.71_forceware_winxp2k_international_whql.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\9Tel setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\a2FreeSetup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\aawsepersonal.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\adawarfrseskins.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\AplusDVDCopy.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\apo-usb-autorun_apo_usb_autorun_1.6.2.0_francais_18124.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ashampoo_burningstudio551_ash_fr.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ashampoo_winoptimizerplatinumsuite211_ash_fr.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\audacity_audacity_1.2.6_francais_10372.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\boot.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\burn-at-once_burn_at_once_0.99.5_francais_14725.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Com9 setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\courbendu.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\D2P_1.3_FRA.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dBpowerAMP-codec-wmav91.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\DivXInstaller.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dj518fr(2).exe c:\Documents and Settings\Christian\Mes documents\logsDivers\DLM_2200046_FRA.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\drivebackup8SE-20060620-fr.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dvd-flick_dvd_flick_1.2.2.1_anglais_31699.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Firefox Setup 1.5.0.7.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\gamesplayer.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\GSpot_2.21_build_030711.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\GXT2_Help.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\gx-transcoder-ex-germani-x-encoder_gx_transcoder_2.24.2978c_francais_11148.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\incd_incd_4.3.23.2_francais_10966.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\InCD-4.3.23.2.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\InCD4Reader.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode(2).exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\K130_Setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\LS_HSI(2).EXE c:\Documents and Settings\Christian\Mes documents\logsDivers\LS_HSI.EXE c:\Documents and Settings\Christian\Mes documents\logsDivers\MGADiag.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\mp3directcut_mp3directcut_2.04_francais_10838.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\msicuu2.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\p2fsetup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\pci_filerecovery.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Pilote_USB_2.0_Windows_XP_1.0.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\piolet 1.9.0 [par ratiatum.com].exe c:\Documents and Settings\Christian\Mes documents\logsDivers\plyg2v8.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Pochette_express_2.0_beta_7.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ProgramChecker.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Questar31Install(2).exe c:\Documents and Settings\Christian\Mes documents\logsDivers\rapidos.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\RegCureSetup_46.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\registryboosteraff.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Satsuki.Decoder.Pack.3.1.0.2.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Satsuki.Decoder.Quicktime.Module.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Satsuki.Decoder.WM.Module.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Setup_FreeConverter.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\SetupAnyDVD6070.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\setupDREMC1_0.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Share 1.0 EX2 [share-france.info].exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Shockwave_Installer_Slim.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\silentnight-micro-burner_silentnight_micro_burner_5.0_light_francais_18942.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\spywareblastersetup351.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\switchsetup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\TaskSwitchXP_2.0.11.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Transcoder setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Tweak_UI_2.10.0.0_FR.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\unstopcp.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\VB6fr.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\VirtualDub_1.6.9_b23604_Fr.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\vso_inspector_setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\wdviewer.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\WGAPluginInstall.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\WindowsXP-KB885894-x86-fra.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\xlviewer.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\16832\WindowsInstaller-KB893803-v2-x86.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dBpower\dBpowerAMP-codec-DirectShowDecoder.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dBpower\dBpowerAMP-codec-mp3-blade.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dBpower\dBpowerAMP-codec-wmav91.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dBpower\dbpoweramp-encoder-ra.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\dBpower\dbpoweramp-music-converter_dbpoweramp_music_converter_francais_10333.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\FLV-CONVERTER-15032006\ffmpeg.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\FLV-CONVERTER-15032006\FLV-CONVERTER.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\GSpot270a-fr-Colok\GSpot270a\GSpot.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ImageResizerPowertoySetup\ImageResizerPowertoySetup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\ckEffects.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\InfraRecorder.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\irExpress.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\cdrtools\cdda2wav.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\cdrtools\cdrecord.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\cdrtools\isoinfo.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\cdrtools\mkisofs.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\ir0441_unicode\cdrtools\readcd.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\KLogicalDrives\KLogicalDrives.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\Meowms\MMS_100_setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\MozBackUp\MozBackup-1.4.7-ENG.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\oggdropXPdV1.8.9-generic\oggdropXPd.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\PowerpointImageExtractor\PowerpointImageExtractor_V1_1_setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\restoration_restoration_2.5.14_anglais_14192\REST2514\Restoration.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\RéactivateurXP\reactivateur.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\SuperBlank301\Super Blank 3.01 setup.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\SuperDuper-1fr\duper.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\TBTray-1.2\TBTray.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\TBTray-1.2\TBTray-Config.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\TCPOPTIMIZER\tcpoptimizer_v2.0.2.exe c:\Documents and Settings\Christian\Mes documents\logsDivers\TrayCommanderLiteFR\tc_lite.exe c:\Documents and Settings\Christian\Mes documents\MSNFix\MSNFix\incl\MD5File.exe c:\Documents and Settings\Christian\Mes documents\MSNFix\MSNFix\incl\swreg.exe c:\Documents and Settings\Christian\Mes documents\MSNFix\MSNFix\incl\zip.exe c:\Documents and Settings\Christian\Mes documents\NeroGeneral-CleanTool\General-CleanTool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\a-squared Free\a2cmd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\a-squared Free\a2free.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\a-squared Free\a2upd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\a-squared Free\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\CoverDesigner\CoverDes.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\ImageDrive\ImageDrive.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\InCD\InCD.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\InCD\InCDL.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\InCD\InCDsrv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero\nero.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero\NeroCmd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero\NRESTORE.EXE c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero\Uninstall\UNNero.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero BackItUp\BackItUp.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero BackItUp\NBJ.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero BackItUp\NBR.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero MediaHome\NMSTranscoder.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero PhotoSnap\PhotoSnap.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero PhotoSnap\PhotoSnapViewer.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Recode\Recode.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero ShowTime\ShowTime.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Toolkit\CDSpeed.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Toolkit\hwinfo.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Toolkit\InfoTool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Wave Editor\DXEnum.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Ahead\NeroVision\NeroVision.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AIDA32 - Enterprise System Information\aida32.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AIDA32 - Enterprise System Information\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avcenter.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avcmd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avconfig.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avesvc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avgnt.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avguard.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avmailc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avmcdlg.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avnotify.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\avscan.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\guardgui.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\licmgr.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\preupd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\sched.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AntiVir PersonalEdition Classic\update.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AoA Audio Extractor\AoAAudioExtractor.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\AoA Audio Extractor\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\burnatonce.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\cdrdao.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\flac.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\madplay.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\mkisofs.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\oggdec.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\readcd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\sox.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\toc2cue.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\burnatonce\external\WaveGain.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\dBpowerAMP\CDGrab.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\dBpowerAMP\GetPopupInfo.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\dBpowerAMP\MusicConverter.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\dBpowerAMP\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Adobe\ESD\uninst.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Ahead\Lib\specialoffer.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver2.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\InstallShield\Engine\6\Intel 32\IKernel.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\InstallShield\Professional\RunTime701\Intel32\DotNetInstaller.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\InstallShield\Professional\RunTime91\Intel32\DotNetInstaller.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\launcher.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\patchjre.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\zipper.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_08.b03\launcher.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_08.b03\patchjre.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_08.b03\zipper.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\LightScribe\LSSrvc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Microsoft Shared\MSInfo\msinfo32.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Microsoft Shared\Speech\sapisvr.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Fichiers communs\Nero\Uninstall\setupx.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\GSpot221\GSpot.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\GSpot221\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\GXTranscoder v2\gsMC20.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\Setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\InstallShield Installation Information\{B0C5783F-AB91-460B-8238-BD9A8F6346D3}\setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\IEXPLORE.EXE c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Internet Explorer\Connection Wizard\isignup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\java.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\javacpl.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\javaw.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\javaws.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\jucheck.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\jusched.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\keytool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\kinit.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\klist.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\ktab.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\orbd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\pack200.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\policytool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\rmid.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\rmiregistry.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\servertool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\tnameserv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_06\bin\unpack200.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\java.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\javacpl.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\javaw.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\javaws.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\jucheck.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\jusched.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\keytool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\kinit.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\klist.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\ktab.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\orbd.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\pack200.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\policytool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\rmid.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\rmiregistry.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\servertool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\tnameserv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Java\jre1.5.0_08\bin\unpack200.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\jv16 PowerTools\jv16 PowerTools.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\jv16 PowerTools\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\jv16 PowerTools\Backups\RegEdit.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\jv16 PowerTools\Plug-ins\TempTool.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\KC Softwares\VideoInspector\AviBitrateGrapher.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\KC Softwares\VideoInspector\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\KC Softwares\VideoInspector\VideoInspector.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Kit ADSL\selfhelper\SelfHelper.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Kit ADSL\Wizard\NetAgent_USB_PPPoE.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Lavasoft\Ad-Aware SE Personal\unregaaw.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Lavasoft\Ad-Aware SE Personal\UNWISE.EXE c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Lexmark 510 Series\Drivers\French\_isdel.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Lexmark 510 Series\Drivers\French\setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Media Player Classic\mplayerc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Media Player Classic\uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\MeowMultiSound100\MeowMultiSound.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\MeowMultiSound100\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Movie Maker\moviemk.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Firefox\firefox.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Firefox\updater.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Firefox\xpicleanup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Firefox\plugins\GetFlash.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Firefox\plugins\NPSWF32_FlashUtil.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Firefox\uninstall\uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Thunderbird\regxpcom.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Thunderbird\thunderbird.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Thunderbird\updater.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Thunderbird\xpicleanup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Thunderbird\plugins\NPSWF32_FlashUtil.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Mozilla Thunderbird\uninstall\uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\mp3DirectCut\mp3DirectCut.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Multimedia Keyboard & Mouse Driver\MouseDrv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Multimedia Keyboard & Mouse Driver\StartAutorun.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Multimedia Mouse Driver\MouseDrv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Multimedia Mouse Driver\StartAutorun.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\MyPhoneExplorer\uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\MyPhoneExplorer\DLL\amr.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Napster\napster.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Napster\NapsterHelper.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Napster\SNAPDRM.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\NCH Swift Sound\Components\mp3el\mp3enc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\NCH Swift Sound\Components\oggenc\oggenc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\NCH Swift Sound\Switch\switch.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\NCH Swift Sound\Switch\uninst.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\crashrep.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\jvmsetup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\msfontextract.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\OOoVirgTray.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\pkgchk.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\quickstart.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\regsvrex.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\setofficelang.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\soffice.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\OpenOffice.org1.1.5\program\python-core-2.2.2\bin\python.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Outlook Express\msimn.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Outlook Express\oemig50.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Outlook Express\setup50.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Outlook Express\wab.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Outlook Express\wabmig.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Passbox\Majsys.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Passbox\passbox.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Passbox\uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\PC Inspector File Recovery\Filerecovery.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Pochette Express 2\Pochette express 2.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Pochette Express 2\uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\PowerpointImageExtractor_V1_1\PowerpointImageExtractor.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\PowerpointImageExtractor_V1_1\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Real\RealPlayer\Setup\.g2cln.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Satsuki Decoder Pack\Uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Satsuki Decoder Pack\filtres\DVDNavExt.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Satsuki Decoder Pack\filtres\HFE.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Satsuki Decoder Pack\filtres\qt\Plugins\DeleteMe1.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Satsuki Decoder Pack\mpc\mplayerc.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\SEMC\Sony Ericsson Handset Software\USBDriver\ZEBRUninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\splus\Majsys.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\splus\splus.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\splus\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\splus\UnRegBak.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Spybot - Search & Destroy\blindman.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Spybot - Search & Destroy\SpybotSD.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Spybot - Search & Destroy\TeaTimer.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Spybot - Search & Destroy\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Spybot - Search & Destroy\Update.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\SpywareBlaster\sbautoupdate.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\SpywareBlaster\spywareblaster.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\SpywareBlaster\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\TaskSwitchXP\ConfigTsXP.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\TaskSwitchXP\TaskSwitchXP.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\TaskSwitchXP\uninst.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Tray Commander Lite\TC.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Tray Commander Lite\Uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\USB Driver-Express\USB\Install\install2k.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\USB Driver-Express\USB\Install\install9x.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\USB Driver-Express\USB\Install\MainCtrl.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\USB Driver-Express\USB\Install\PCARmDrv.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\VirtualDub\auxsetup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\VirtualDub\UnInstall_VirtualDub.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\VirtualDub\vdub.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\VirtualDub\VirtualDub.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\VuPassword\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\VuPassword\VuPassword.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Webshots\Launcher.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\Webshots\UNWISE.EXE c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\WinTidy\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\WinTidy\WinTidy.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\xp-AntiSpy\Uninstall.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\xp-AntiSpy\xp-AntiSpy.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\7za.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\add_path.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\cz2stub.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\msend.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\ncz2stub.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\profcheck.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\s_setup.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\unins000.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\zg.exe c:\Documents and Settings\Christian\Mes documents\restaur1\C\Program Files\ZipGenius 6\zipgenius.exe c:\Documents and Settings\Christian\Mes documents\TweakHosts\TweakHosts.exe c:\Documents and Settings\Christian\Mes documents\WEBTIME\WebTime_Setup.exe c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\Christian\Application Data\SystemRequirementsLab\SRLProxyI.dll c:\Documents and Settings\Christian\Application Data\SystemRequirementsLab\SRLProxyJ.dll c:\Documents and Settings\Christian\Application Data\SystemRequirementsLab\SRLProxyK.dll c:\Documents and Settings\Christian\Application Data\SystemRequirementsLab\SRLProxyL.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Clean Navipromo version 3.4.0 commencé le 17/01/2008 à 9:01:51,52 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 09.01.2008 à 20h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2600.0000 Système de fichiers : NTFS Mode suppression automatique *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans C:\WINDOWS\System32 * * Suppression dans "C:\Documents and Settings\Christian\local settings\application data" * skvnak.exe trouvé ! Copie skvnak.exe réalisée avec succès ! skvnak.exe supprimé ! skvnak.dat trouvé ! Copie skvnak.dat réalisée avec succès ! skvnak.dat supprimé ! skvnak_nav.dat trouvé ! Copie skvnak_nav.dat réalisée avec succès ! skvnak_nav.dat supprimé ! skvnak_navps.dat trouvé ! Copie skvnak_navps.dat réalisée avec succès ! skvnak_navps.dat supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** C:\Program Files\InternetGameBox ...suppression... C:\Program Files\InternetGameBox supprimé ! *** Suppression dossiers dans *** *** Suppression dossiers dans "C:\Documents and Settings\Christian\application data" *** *** Suppression dossiers dans "C:\Documents and Settings\Christian\menu dÚmarrer\programmes" *** *** Suppression dossiers dans *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Christian\local settings\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans C:\WINDOWS\system32 * * Dans "C:\Documents and Settings\Christian\local settings\application data" * *** Sauvegarde du Registre vers dossier Backupnavi *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! *** Nettoyage terminé le 17/01/2008 à 9:05:29,80 *** Et comme j'ai trouvé ça sur mon bureau, je le rajoute à ttes fins utiles: catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-17 09:15:26 Windows 5.1.2600 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes00FA0000063D11C8EF00054038389C] "C040FA0900063D11C8EF10054038389C"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\66EDAE6A0000000084E4E7A854000000] "68AB67CA7DA76301B7447A7000000020"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003] "8A0F842331866D117AB7000B0D610003"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F4DB32D08C445EF48BCCA4FADDEFC148] "D1CB593B60CCE5240994C49D58FE0F40"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA76301B7447A7000000020\Features] "Updater"="i4~nD_nPB=]dpXM(BkO6b@'2xQc4a@7&l3S~&z8MdpV~l]-O]AXdbw`+{OPV66$3PEIc(=UdP}c^]o_U_v}zQLIu`@}jJ.-M?3TO_lSYpFsAL=X5ZHczwEW$ddFwLyJXu9bncpOcNI2z\2ReaderProgramFiles" "Reader_Big_Features"="eicXT!cP]8W$]!^Ma0[^" "SearchAndIndex"="'o%[email protected],Ux(vAPr`b}MA=~wIdrC`(DL+h^xgiT49H$l~o?JOg(fsuLwNQYa=QwFYM_nwbM$E(h*28T5=Ocg`@5_YDBwwc$b8,r[@nruGZf0P,UM$4GP`4ws=nuPFo$?CFB\2Reader_Big_Features" "eBookEBXPlugin"="K9{!GAXPX8HOdiUw?WM+Nz2cV.CQh?-,(s?@=7fkiUajX9'(,?bG)AME%.vnEix*nr@L[=UDL)eK2H0U]m5Iyy7&,?vB5yd+X-ba}jouU'ygb8)RXq_u&z{p\2Reader_Big_Features" "ReaderProgramFiles"="._FU*(*_2@0slVZ*5.z_v-]SdHa@k@=nH}[email protected]=z7XY9b=194Dy`[email protected]@le2hu+bKa)B~TAV?e@vJ4`k31$yC@'t8+@)cJFU?,JX(B,ig1O9%A@y{B[`7Rlq6f3W1+7qj+=.rcJ4CazuNl{n^ry?Ot@2d1lc!YJQr_QYe0sBt??CX%pr$P[^p%Dr=J5G.3@B[o!jMLkHhfVknlUmRq8^U^%-ji,xhI[PPih36KA!7MB!^J,R&F{i^-Yf1N9z_yJp?~@!e.xeodI0a9?*PwJ9PAh$$5m5H-EB^w=@7cJ?_CS%B5JiDH@eh99k.)~2E+oT*UJWnkJJ).@1[MUSjj]V[9JYpAndr.?J0G'OVCEk4s5KOXX(Tx@O9it$PYp0%q{*bUab!k@8(itf5ZXiN7+0R8+hnK?x0^1%oW}-+~kh*9PLwPA)~~~KdW]jWzcpEb)~jz?ptW2H-fY',ZSFSFJ,gF=Faq]nD[DSrp5H~36!nc@e2YLT4GPl[1tcPQSbsd?m}OH+*wg}(JdnnNi-d?AjlR&UdQ%RRn=B1Z`VZ%@3r?8ZtrD7q*iv+yATUy8JF$5xzgV35v-JpP%J!N@1sI*A^'am)JZ[1?ytaC9R-Js]{uAhdN9$M.CgJn8W&Qk7n!du=q!.cv1([@9PAKWV6Gj!zfX--TA)F6@q75[1+_[ms4v''43I9J?K`S+v3*LNbdhe=lLSt,?NY,t*K)@mG9dHm&g^rD?Z5LM9qR_rrVE2sy.vXs@`-zl4onx]h8pVC=,wIs9B+Owz0mED3gpt4FA_h{9xK1IDV?OW@ghhxq+lFy@DG-g^-+'d=SJl,szLhw?ht`0,.926K8y!moDy7X@rtiW'j!b+(C?OaVN&E}8!+o8IP}@y^P}a,0_Q]FA!pRKKOv=cN?(HrL[bDx9jj)@iSwoXF+I_q9xm5l@5fj[hX8tk)0=J[O`v^9=_qKwW[nRoe-9)'z0'GX?9nMWL]C3*w)yaokOVQZ9T-Dto=@fKY.(yo@Y@i+=hO8(%~~M_hTSp[-gRtTA==]p?,NP9=[nIX?V7zP?.^b^v{2x_rT,=OH8-v`AtP%+XMJko1$GtTiU[[email protected]!NAFUaxk+xt*j^h?sakH%j,W`Kx}{1QlKcE9BqLy+a%k}vq2H*OKKee8mq$v]+g&JQJDcb&69~N?vrX$oHDCU(zYKuKujjc?.lSp]gNYDFip{$(8(+b?3!_Gw`F~Jd12wyMf6m)9e2YSmA([gRH]r',s}Uc=fVIIX^f[cQgS8]C2RGt?k-Il@7}M~[$utx1`%}k?EZM@D]&^*t8jBev-lYSAGmXPA[w_jCX64$.rEk.@Z@9[@K}b'qVF&^&Xgu`@4ekFN(2qmzd1mJl_yp8@x-*H'tRF!)Y'LBbd5V=@%w'R4OZPBY&kLBtQ6jJ?({$0)gJg5.G0Ytdj-6+Aza}{05HS)ef2xvD5k&V=21*ndh=Oe*,}rT+Z5}.=%TSxXiSJey=eo]UELY9@leb-+2j4T9nSAEh,AGbAW['*HYi?T?`'zu0.zV$ApA8qt3e%?mHkS,U^WsS9t-UB8I0G4b,&}ut*]mb?S6sA*{%`EHS-B!xq)gL=M!%%,I4-y)3p8*o,]ag9)X$n66`j(Hl!O)_66x0?^$r?@)FFxYI1Y(2^GoW?y[?lfgF)yQpazO*L.Ub=ONkK$%RC8Q" "Plugins"="&=f}W-ju1=yjHfRQh*x_%Td1Y+s-8@9i{z48qLAXU6}D``o9R?KtQhi?XANATFTm8DqSV@4ubojGCqa6+iu*_y9t~=5gD^ZnrR_'*!!6ijs!H=QHtAj^2H}3eva4RvV}}?.oBwDB?pfiqP{HC'kyd@m4!AIEzdFVo{ur_AJ()@Z(3sz57e+'kdNk072!`9{)%XW0Ob-f7`zRWwz{[AJG89vxdd8=Lc)]v4Ga&Axo4-A[vN85q=7R8jPvX8fm]Z1zjZHp5*Aez{A3C?&Ua7@9j'OFovVXoNjL2?66kYx,e[sX!hRiLl@P6=mTV+,S6T7Oqg@uKeEha@eB53&J3A!.L&3wF)fZg8a3fZrMG810so,0Iqh4.@i+8m=Gii06LnvPZtcP-9OcjN.=r2Y8\2ReaderProgramFiles" "MultimediaPlugin"="L]Ps9Twl?9+3TW[sd^W)1soY[_KL(9YYxkba(ui9`E'bOz^,=9iI`*kxJN~wDYdO*0.CZ96qx3ceJ3Dl\2Reader_Big_Features" "Help_Full"="-J1GdXi6$?V{p%9)GncqSb*.s)hLBAsW.?Lz%q=m\2Reader_Big_Features" "PictureTasks"="3UM6RC90I=AE,fJ1U1Oz8k@%4JNzM=zPT+'Pj0D7}2!joeUPc9py^6iFeVjQ7A5PfmEM)@-FbLP7+EDXNX3&me0EL?Es$tl~VD3ZRf}W8SKDm@C)b@n7~~kmwv)a%A=+-9zit[XBl&_u?-]x1B}7q8i_h~2gKjWeSV8dgYlNj?6@?I*r,18[_=sgh.WKZW[y5JD445r2~=8?]b@+yhF9\2Reader_Big_Features" "PatchExtras"="=twaD[iv!@lH=4&l)zYB?94qO1j`%?Zw@LBXN6g`u]U8i+HEb9xz{kj6M!6n{o3c8Kl)p97R^}?8A3j_Zl?PbGT&J@q1C-*vjOpL\2AdobeCommonLinguistics_Big" "CE_FONTS"="Vgu[T.6M[A4OjW@jB5U[\2Reader_Big_Features" "ReaderBrowserIntegration"="%5ys[$W1k?DZ*z3.7~6wF24~6%@{c?t`mH_zz^6a[@3*DJp!S@Nq0Vv&r}SfhF{PZ!~z(@}uUrWN+SlCx7lwS7K.k@_(FYV]`Yrg\2ReaderProgramFiles" "ReaderPDFIntegration"="y*LkN?!)RAKft[lNW8Nz}eRAR)wxX?Cb80!DFg=_]kMXt{RiR@Bn!g_javLWH9ND.hxI[98%vV`jvHqEKQs(!qBnOAS@xF7EAeNc{lJ+!m*u}8Sm0EAjf@Aa{PQ3pdCLD@lKUA2[{em1*Z)DM9DQ*9J[d4ujdve4~&Ur*Zrjr=,`?ZgbcKac._k_n,w3Q?f=3qRMTAx--o6tsP@tX8(V3Dfv3`@=\2ReaderProgramFiles" "Accessibility_Plugins"="rH+Ig=T[(@$b`*tHJpvrWjPC897kA@pS4q'eMamAIS=Tzjq8_@OeYM_%})9)HCa!h0UMn9JH3_6?&K,yrIT'YWhV]=[`9yu,Ul]zVn{C6z1{89AWhm!Yr09=hqg9z5=1i?u1^nD{C+c=NHHE]{D@0@_pa7CH*5C+11oOaEv,@?=&5sK`dD]UtWuNMBc7W9^+.c+NaZ7W\2Reader_Big_Features" "Atmosphere_3D"="ha'WCGBLV9v$u[iDyRj]^X)x8c*bF9uX[Yk=h*t0uq35L?Q0o8]jc!1GgjE*G'QpR3o[*@SJ!2y*ZuqT2=eUxr-88=X[^'-qu[uWu?zcG%.hX?W4c98w2^aD10_ByZ$2=@2dw0e74ry9\2Reader_Big_Features" "AdobeCommonTypSpt"="?Uuvn1CY]9h]5%hs-_)($1EtTD&C!@AV%RYi&iUS6GO[6yJdB?tP?zE9`hGE(v=4xR+L'=I1?Ira0)!Yk'}C(pAS6=sK,p&Cy[vehN]ko%_-R=X3u-,FZ8zAE0(a89(xJ@xXm7S~l71b\2ReaderProgramFiles" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA76301B7447A7000000020\InstallProperties] "RegOwner"="Dusoulier Christian" "RegCompany"="Home User" "ProductID"="none" "LocalPackage"="C:\WINDOWS\Installer\a2f93.msi" "AuthorizedCDFPrefix"="" "Comments"=" " "Contact"=" " "DisplayVersion"="7.0.7" "HelpLink"=str(2):"http://www.adobe.fr/support/main.html" "HelpTelephone"=" " "InstallDate"="20071211" "InstallLocation"="C:\Program Files\Adobe\Acrobat 7.0\Reader\" "InstallSource"="C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig707\FRA\" "ModifyPath"=str(2):"MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}" "NoRepair"=dword:00000001 "Publisher"="Adobe Systems Incorporated" "Readme"=str(2):"C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm" "Size"="" "EstimatedSize"=dword:000131bd "UninstallString"=str(2):"MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}" "URLInfoAbout"="http://www.adobe.fr/support/main.html" "URLUpdateInfo"="http://www.adobe.fr/support/main.html" "VersionMajor"=dword:00000007 "VersionMinor"=dword:00000000 "WindowsInstaller"=dword:00000001 "Version"=dword:07000007 "Language"=dword:0000040c "DisplayName"="Adobe Reader 7.0.7 - Fran\x00e7ais" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003\Features] "other_US"="r+A+4.oCg(^O3Xa,A]FH" "both"="" "IESUB"="\2both" "MOZILLASUB"="\2both" "extra"="h1A+4p^$G@n}-$+KWS4r" "jrecore"="F?A+4'KCg([i3Xa,A]FHF?A+4'KCg([i3Xa-JxbHF?A+4'KCg([i3Xa.S9!IX9A+4$qd*?do.B$rpHeTE&jA4'KCg([i3Xa?uBL3F?A+4'KCg([i3XabEdIN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003\InstallProperties] "RegOwner"="Dusoulier Christian" "RegCompany"="Home User" "ProductID"="none" "LocalPackage"="C:\WINDOWS\Installer\1e037c3.msi" "AuthorizedCDFPrefix"="" "Comments"="" "Contact"="http://java.com" "DisplayVersion"="1.6.0.30" "HelpLink"=str(2):"http://java.com" "HelpTelephone"="" "InstallDate"="20071211" "InstallLocation"="" "InstallSource"="http://javadl.sun.com/webapps/download/GetFile/1.6.0_03-b05/windows-i586/" "ModifyPath"=str(2):"MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}" "NoRepair"=dword:00000001 "Publisher"="Sun Microsystems, Inc." "Readme"=str(2):"C:\Program Files\Java\jre1.6.0_03\README.txt" "Size"="" "EstimatedSize"=dword:0001bd4e "UninstallString"=str(2):"MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}" "URLInfoAbout"="http://java.com" "URLUpdateInfo"="http://java.sun.com" "VersionMajor"=dword:00000001 "VersionMinor"=dword:00000006 "WindowsInstaller"=dword:00000001 "Version"=dword:01060000 "Language"=dword:00000000 "DisplayName"="Java 6 Update 3" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B79C053C7D38EE4AB9A00CB3B5D2472\Features] "WebPublFiles"="]aZF&kXsf(lf*L[_GKba}gbvW,Qmf(G'*L[H+8]bZ}IuVaZtf(Cyn.Q2tAE!_{@h=i,nf(R8(L[JO9}X_}M^V8Xqf(Rp)L[_GKbahlT]jI{jf(=1&L[-81-]I-M04-B~f(8Hw.QdFt.0T4}vzw$wf(dKr.QPSdMu" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B79C053C7D38EE4AB9A00CB3B5D2472\InstallProperties] "RegOwner"="Dusoulier Christian" "RegCompany"="Home User" "ProductID"="12345-111-1111111-46394" "LocalPackage"="C:\WINDOWS\Installer\24598.msi" "AuthorizedCDFPrefix"="" "Comments"="" "Contact"="" "DisplayVersion"="9.50.5318" "HelpLink"=str(2):"http://www.microsoft.com/windows" "HelpTelephone"="" "InstallDate"="20071207" "InstallLocation"="" "InstallSource"="C:\WINDOWS\System32\" "NoModify"=dword:00000001 "NoRemove"=dword:00000001 "NoRepair"=dword:00000001 "Publisher"="Microsoft Corporation" "Readme"="" "Size"="" "EstimatedSize"=dword:00000a6c "SystemComponent"=dword:00000001 "URLInfoAbout"="" "URLUpdateInfo"="" "VersionMajor"=dword:00000009 "VersionMinor"=dword:00000032 "WindowsInstaller"=dword:00000001 "Version"=dword:093214c6 "Language"=dword:0000040c "DisplayName"="WebFldrs XP" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C040FA0900063D11C8EF10054038389C\Features] "PowerPointViewer"="-q1y7QC.hoDx0g_j4N(k&n~@_9wg}9P~'jMu$n~9CO&s0I,yD@j)Mo=UPGg`Nl){xl&r$=j.nv1g}.u,Yp(gp~`qc?h4`4z.-(8t_Fb5Xwnst@q382?cD&~y-G9=Gl8qu9gMMzgW%S?m{Is$[E9NI=~JRI=5.Q@%" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D1CB593B60CCE5240994C49D58FE0F40\Features] "LightScribe"=")~C[`Nt?.@A&]nc9J)Z.D0s%I[[email protected][gze=vD@XABPNl?6!2QB~daXgo)9J6FUUaFJHQ1_ekJW84+AfVPh*F5W4,DTm4X]FP+?`*vCOu}b?+?,rOUcbh}8A$u%e(ZT[?Gb$_SP6e6?&(Ji`~m60GlDGsA&Rse9dU'sOx_P^jf{t.NeZH(9wAO,?=3HCI$Vh'beU44?MNO85GB83wSm(,!7lFw?)3'kPkb$6*d=UlRrg]X@l+.T6hF)2_hAJxP4RVr8OZ53K`mXYo)`FyUCVes@MH(_qeZ8iCdA3LIai7DAL}DRI*La}=_5Apz3CP)@*6YnSO4sk1bv5[)DDoO?tVf'L(%$$^BQgyj]^h~?@7'VIx{9hM6lyE6c4~^=wFZ]c6io1&[d?~II$cx@L*8w6h&s3x1pxWW[`Qq8H?,?u$EozV0ndJRI-J+=!@`PQ%,Fe,rSd^1H`]]A(5x*IyC'=-Y=VOX%LCf?aMzzfY-qVdJ3}P^Jg0I?.P7uqEHvMr=KI[)%%Y29x86f0{p2]_HD1_H9Yjs=I0tOkhLFXJ*UoL^v6ke86dYyj..8,29UF+in,!t9_F@ZVbGiMev6W6lRA5l8z=P9Cr$%)yZ}.3&aY'Z8'q8S3WX5e8i77tKH([c8]Kh'`OZmriV5B2'A-kK=K_*vF?[TxSK63vqF'nu@{6D&3D+X,$P,1%rzjdIAXox5qNimIuoi?Rda.83?}Xm^[ySi66eWN?X,Yd5A1pgKVcuO*(${^{q^iIw=fro~'DRVz!q^rciQOOZ=R2_siJB*,C[83?='uIMA!K.*`.1!(-P-)E?~+!6?i}+}vLp$Y7Cr*[_,yV7='!Q+X%5Vw0h73Aw'@Q!=gwn~%hb0e*dGDqGzYbAA1^AD@S37P%I[P+oL1&=@7`yT^FYvzf%*TELs]6,AA=!j7_Q)y^dC1lMbPq69%,.eZ5&w[&uQQb50tue=qwi]wTap8VDa)_iT[L9=1yc&GCP+ov0'0uDth9k?W]CjOBT{1c$RNAG[``p?@58Cb=N8G^E[ituHr0_84]?4r+MQrz_p76IiIf(AhZ6,6maZ{6PLj_D,pt~?GYETs{U91v4e_fBY=l{@UcDoUR$Jj*65LXRb2QB=D9$kclY$1NY*CQaoq5@?&!DKpRGOqNdlTZYy&mH=p3p5*t2&Kv~!r=LPTN@=C?&TMbY%@MA_$TNtM9+=3IM032`1%-@~A0kaX0x8KenOEVljv[g0BfCk{4&9@u3Wo?cUGTcVz}`Jg)'@n7*w[l1M'x'g[utqZ`i??{=I]4$3MtSN)siMYbF@a(AUTukCWRt}ea?8M`f8U=FcLBja*w+ZP%aLs.i?2WY.jlW~RCRkeQlW%RY?Eo=v`HT`-_nt4Q&h4]G?LOHEr7IfV&'FvS%O?`&=OSZs(~WJMu$rs~llV]D?&S^1Jq@zWxWdz7ETooU=LvR(Y.C&.^93{&1I4WH9asFwE=nWs+(g,j,hM`o9QtzU?&uOZVZ[E`r%K!=9?m$%t.66-69)eu^5T4}8Ym&7$1^s0S&O.~$FzQy8Noo_FLhmJJmccCe[aPZ=y`tdPFdzUfB0zof}ApD=pxegN[o*E.*z%!$]F9V9_l]OJDMSB,^cug!FNsx9QjVWKRP$bp[h{pjVG?UA{(KNav7ml-k+K35NdOp97=w(v{67?lY4bDvq&DQ=jS&V-0lkO%uvnlZwNvx=e*GO185NIcoWbR,wY_0@2F'$nkAyCx.^Ir$@Vqf?c-oDxfJlH0oI^=@[x*T@j1jjyh+jt^oA~OxD5H_=Y&4x^jrZ!6fh72Vzz3t8P$H(Ah3*m&(Kn~&2=bk=3I$@imY4?M-BOko=NxX?q+@d'F=6o.&Y5gu[swb?8E@Bb!efKb" "LightScribeUE"="7R4FZT}w??3DF,=~*{x,F*D]87&&f@zTOdJt4_44.oU]B%]v4@xX?D3%h?0QWC@{Rh=Hs9~oiBn[3g]F5CeBjP+Jm9YNtZY{&gqeaTS3(gq66@%Fm?[ssCrg6+&+F5FB-9^v^5X4qiI+7glMkzNQr@hsgj8kT&CDgrY,ii7Rb=85Laj3trK-ylu6p}uCD=$n,gNVMORuKkeOtG]?F@bD{dQ*%qZe(GzEc(aYm8FWhpprda8{1S6(_'3^9?@4noRqL1KQv5~k^V62D9yHU$*%Cer6w0oRr$JHcA`Y9OipH@PNe,dg[--p9?Bc&*,B2W){75!)%(DfB9vPS!JAle'.wxyJ5asMo?8HG.t}vg1eggN%1fZy}9KMGP)oI!dRJ=&Bu}1q!?%BMOM9Sc6KeQ6~qxH0%=3^7~4L96E-?Ua=VA@'n?-KjC.l`o'dBPZ~PCe9?9fxB(xTn6DmimxIk}[KQ9k[.tkY.96x4T879ijij?M_tcvi+QL!D1tl43zZ+A0~MEC2qbHy&ZfwJ!-q6?%]EEO3R[$9^oeYV'6wi9ALQRkfu$!V+c+riFI1l@wJTn3LX9!S4d1Q9O(YN@BnhSV2tJnY?kFNOb.=r8HH0skUDDty11s~J@5xDA=G_Fe{r6cOnDK'Z&Umf?.UOeyeQ`XHEohvgVD~v@rwfYht(6Wo]]uZiqEt-9@T!wPrQDm7Z.WOHXCNw82DQ,-,6gv(qvvVxKM82Af0tqc$c,S8*0rRaquu[=*i$Gl`7&-lv)Qlw(w~E@vv&hP%(S2TBL2vh.'c4A7hRZ&WQkr3Zo0ShWP@,@p++fJ(.R-ylY&2zH^b^AEM%Oqj-_I4i3pQekMcn8uhFRO}`?ht%z@9!.2UL?2Ip9inz`8T@0w[cGz'H=`!Fh0`f]Acef*'Hf5j!=hH)1_AUCu-FH0&G6y{T9Kp=v2Ac[)PPj9R3NqV}=ptI'Gln'Kc*~0ST(OQX@ePGNB5s]Epcjz{0j[nY8Hf~&SHo=Ft`u(`?F}ro=).n}g'Z'26k)a1pbvvI9k]j3'e`CwvIMhhW4v9UA1M1-H69W0_FZY_,KQv2@X]sYy}4VdcKd!JcL(v_A{VOr5$,T(Aq*Ivk!V&E=Bjkq@O))vZB2802!lHH@BQDuGd!-DFy-K{Op*ZSAFG-jgx^$yCDh*$G')+z=0%gZ8ltf(.Lq^GWXfkr8yXOes8vS=37!+fnxo$N?im08^N.bdhrB)noq$k^?b05^(_~}4d4yfs=[6=j=u[7no$`D7(VD)5R?'G[9&AlP%d[{Xwc]ip'^r+F@o7THhZK{t=+}Hx7VzjCAs5HC9h?j1&" "LightScribeCpan"="Lont7(?11A7=Olr_TEU.c8SAgGLn8AwJXzQ8dh^%Sl]B(JZO@=3W$yaM1t--2~*Jaa=,w=LQE{%i!jkGu&(At`nT[8HqzW]gA0d=s+%j8qqL[8}MRGR(-Bo,BJd}f0[-N?5rH@wb+l1rhR+-R'G~M?WKatt@AlM8.*Mo*'V&CA-Nl7Gi`flcK[_l5f}+D=JlMGAiyikF)_PnGRJcf9RWL's9PZDZkDiKCB-Tr?geJwk&kK&N*QLp?DdY^=9GO58WQc*YH^WE^+EU(A!u?f$y35==y^l0,.*-c9c$i[@}8gD1wr&CT7xtB@%qqE]!(u).+ZIC_a[R'Ab_jNahxxGt$[Z9rr3{+@z]TxH{iSuCa!K7dPX@W9m1`ACzgnr?pwqJ3=rNGA+aJtmb4ree2l3u&U*yw=J!5.++)=(G90oyRy5p%=c[ERH[53z`^vtUDFml??_+@arR(.AiG!AD3c^Q1@^S!kReUGSB2uYlnXpyr?S*R7=?Tf&s.6=IoHto6?[tx2RagJw?93N,{scu2?*]S}Y%VkdxOMP0Bc@Y&@ZbM-E=oObx" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0

Bjr à Gof, Merci d'avoir pris la peine de répondre, comme demandé voici le rapport de Navilog. Search Navipromo version 3.4.0 commencé le 15/01/2008 à 23:33:34,22 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 09.01.2008 à 20h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2600.0000 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** InternetGameBox *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\InternetGameBox trouvé ! *** Recherche dossiers dans *** *** Recherche dossiers dans "C:\Documents and Settings\Christian\application data" *** *** Recherche dossiers dans "C:\Documents and Settings\Christian\menu dÚmarrer\programmes" *** *** Recherche dossiers dans *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\Christian\local settings\application data" * Fichiers trouvés : skvnak.exe trouvé ! *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\Christian\local settings\application data" : skvnak.dat trouvé ! 3)Recherche Certificats : Certificat Egroup trouvé ! 4)Recherche fichiers connus : *** Analyse terminée le 15/01/2008 à 23:36:57,18 *** Par ailleurs: Au premier clic pour une recherche ou aller sur un bookmark, cette adresse(fp.pc-on-internet.com) ouvre une nouvelle fenêtre immédiatement et ouvre une 2ème en m^m temps sur site C... AdBlock plus n'y peux rien, Antivir non plus , etc.... Je suppose qu'un de mes chimpanzés a du se faire pièger par un de leurs sites (YouTube ou autres). Quant au reste on pourra voir ça après. Merci de ton attention.

Bonjour tous et meilleurs voeux, Un site: fp.pc-on-internet.com me squatte ma page d'accueil dès que j'entre une recherche google depuis 3 ou 4 jours: -affichage de sa page téléchargement son log, -ouverture instantanée un site porno, - fenêtre de telechargt "Instant Access". J'ai entré au moins 50 fois cet Url dans Adblock plus, sans résultat. Scans divers avec antivirus, sans résultats significatifs. Spybot lancé à maintes reprises arrive à tout nettoyer, sauf une cle, impossible à supprimer m^m en mode sans echec, ni manuellement. Bien qu'ennuyeux je ne crois pas que cela ait un rapport, mais? HKLM\Syst\controlSet 1\services\MSN RAV. Msn est désactivé sur mon PC. Je n'utilise pas IE. En tout état de cause, voici le résultat d'Hijackthis à ttes fins utiles; n'utilisant pas IE, mais FF(à jour), je trouve qu'il y a beaucoup d'items le concernant. Merci d'avance des conseils. Pour info: je suis sous XP Pro, Firefox et TB, Spybot S&D, Antivir, Adaware etc. Logfile of HijackThis v1.99.1 Scan saved at 10:03:26, on 14/01/2008 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\Tray Commander Lite\TC.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\APO Usb Autorun\usb_autorun.exe C:\Program Files\WinTidy\WinTidy.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKLM\..\Run: [Tray Commander Lite] C:\Program Files\Tray Commander Lite\TC.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [skwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - Startup: APO Usb Autorun.lnk = C:\Program Files\APO Usb Autorun\usb_autorun.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O4 - Startup: WinTidy.lnk = C:\Program Files\WinTidy\WinTidy.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DD8DAF50-9F10-434E-9E02-1C38C73BFF15}: NameServer = 86.64.145.147 84.103.237.147 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Lexmark International, Inc. - (no file)

Bonjour à tous, Bonnes Fêtes! J'essaie de récupérer un DVD commercial abimé (rayures, frottis...,) à l'aide de Roadkil's unstoppable Copier 3.2. J'ai mis mon DVD dans mon graveur et lancé l'opération; j'ai eu en qques minutes: taille intégrité VIDEO_TS.BUP 22528 100% VIDEO_TS.IFO 22528 100% VIDEO_TS.VOB 121300992 100% VTS_01_0.BUP 81920 100% VTS_01_0.IFO 81920 100% VTS_01_0.VOB 10240 20% VTS_01_1.VOB 274524160 0,0% Ce dernier item est en cours de progression, mais ça tourne depuis ce matin et n'en est encore qu'a 5,5%. Alors, comme c'est du chinois crypté pour moi, et que je n'ai pu trouver un tuto en FR pour ça, quelqu'un est-il en mesure de me dire qoi faire au final du fichier VIDEO TS qui se crée. merci de vos réponses.

Bonsoir à tous, Voilà c'est fait, j'ai lancé la réparation avec le CD, tout s'est passé OK; je retrouve tout dans l'état. Malheureusement le problème Windows Installer persiste avec tjrs la même erreur. Il m'est donc impossible de mettre à jour Java, par exemple, et d'installer un programme faisant appel à W.I. Je ne sais plus quoi faire. Si quelqu'un avait une idée lumineuse ( autre que formatage), merci encore

Bjr à tous, à pear, bon je me résoud à réinstaller "sans pertes"; évidemment je vais sauvegarder tout ce que je peux; mais retrouverai-je ma connection et paramètres liés, ou dois-je faire qque chose de précis avant? Et y a-t-il un conseil ou une astuce pour que tout se passe le mieux possible et sans casse? Je n'ai pas vraiment d'expèrience dans le sujet. En tout cas, merci des conseils.

Bjr pear, j'avais aussi vu ces liens, et vérifié ce qu'ils préconisent, sans plus de succès.C'est pourquoi je demande si en utilisant "sfc" ou autre chose, j'ai des chances d'éviter une réinstall. tjrs hasardeuse, enfin.... pour moi! Merci encore.

Bonjour, merci à coolman & medicus pour les liens que j'avais déjà consultés; j'ai donc essayé de les appliquer, j'ai revu ttes les autorisations et divers: rien n'y fait; aucun changement. J'ai été revoir sur crosoft, mais là non plus pas d'effet. Question: est-ce que sfc pourrait donner un résultat, sinon réinstaller XP, je n'aime pas du tout, mais...........! Merci d'avance.

Bonsoir tout le monde, J'ai voulu installer un prog. faisant appel à InstallShield: blocage, erreur 1607; j'ai vérifié dans les services tout est OK. J'ai réinstallé WinInstaller, puis passé à autre chose. Java veut faire sa mise à jour, ce soir, et à nouveau: échec. Win Installer est inaccessible. Je n'ai aucune idée depuis quand ce problème est survenu, et avant de tripoter je voudrais bien avoir une marche à suivre. Win XP Pro, pas de virus détectés, pas de trojans ou autres détectés, apparemment sain après divers scans. Merci de vos conseils éclairés, j'ai aussi beaucoup fouillé le sujet sur le net sans trouver qque chose de clair. Merci d'avance.

merci coolman.

Re bonjour, voilà le rapport HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 15:30:58, on 12/03/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Tray Commander Lite\TC.exe C:\Program Files\Multimedia Keyboard & Mouse Driver\MouseDrv.exe C:\Program Files\Multimedia Keyboard & Mouse Driver\PS2USBKbdDrv.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\OpenOffice.org1.1.5\program\soffice.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: Piolet Toolbar Helper - {9F17C005-7BF0-4f13-8473-F3C3D2619DBD} - C:\Program Files\Piolet Toolbar\v2.0.0.5\Piolet_Toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Piolet Toolbar - {6A41F582-CC0E-402a-A16D-A32ABA3043CE} - C:\Program Files\Piolet Toolbar\v2.0.0.5\Piolet_Toolbar.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Keyboard & Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard & Mouse Driver\StartAutorun.exe PS2USBKbdDrv.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Tray Commander Lite] C:\Program Files\Tray Commander Lite\TC.exe O4 - HKCU\..\Run: [skwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\quickstart.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O4 - Startup: WinTidy.lnk = C:\Program Files\WinTidy\WinTidy.exe O8 - Extra context menu item: Afficher cette page dans Firefox - file://C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\p15ro4ds.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html O8 - Extra context menu item: Ouvrir la cible dans Firefox - file://C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\p15ro4ds.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1C3C7387-2B94-4D32-A6BB-DFD98DF8F664}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{41391D7B-8021-4414-87EA-B3565FD01D1E}: NameServer = 84.103.237.144 86.64.145.144 O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

Bonjour coolman, merci de ta réponse; je résume: je ne touche à rien pour le moment, et je passe Hijackthis, OK. A bientôt

Bonjour coolman, Merci tout d'abord d'avoir pris la peine de lire mon msg, je me suis rendu compte trop tard que j'avais posté sur un topic "fermé",mes excuses. Bien sûr, j'ai bien ouvert regedit et toute l'arborescence, vérifié et revérifié les paramètres que j'ai, et c'est conforme à ce que j'ai mis dans le msg; j'ai seulement raccourci ces rubriques, mais mis le détail des clés. WI fonctionnait, il y a encore 3 ou 4 mois, sans problèmes.Je n'ai pas eu d'attaques détectées (KAVP), et j'utilise ZebUtility seulemnt une fois par hasard. Je ne suis pas un fan de la bidouille BdR, c'est pourquoi avant de créer les clés DisableMSI et AlwaysInstallElevated mentionnées dans ton article, je préfère avoir un avis compétent. Merci encore. Rajout: j'ai tenté, en attendant une réponse, la manip: msiexec /unreg et regserver, en mode sans echec, en mode normal: rien de changé. Donc, j'attends!