Captainigloo

Bonjour Bizarre mon petit soucis semble avoir disparu. Cela fait plusieurs heures que la fenêtre erreur n'est pas apparue ???? J'ai pourtant rien fait?? Je surveille et on verra

Bonjour Avec Eraser cela marche bien aussi. http://www.clubic.com/telecharger-fiche11144-eraser.html

Non, De toute façon j'utilise Mozilla. Le problème et venu suite a de nombreuse coupure de courant successives Le Problème vient, de : Users\Cyril\AppData\Temp\~temp\aomlst16\svchost.exe Vous trouverez une capture d'écran et du message, au lien ci dessous http://cjoint.com/?cglqhdnmDS Merci

Absolument pas Merci

Salut Ticlou Merci de répondre aussi vite. Non Je n'ai pas Norton, je tourne avec avast, et spyware terminator en résident et parfois quelques autres anti malware.

BONJOUR, j'ai besoin de conseil concernant un affichage qui apparait sur mon bureau, je ne n'arrive pas à comprendre le message, il n'y a pas de disfonctionnement particulier de mon PC, que dois-je faire ? pour stopper cette affichage et que veut-il dire? Merci de votre aide. Vous trouverez une capture d'écran et du message, au lien ci dessous http://cjoint.com/?cglqhdnmDS

Pour les nouveau raccourci c'est bon aussi, c'était un problème de registre "Ink"

Merci Gof :P Tout semble bien fonctionner. J'ai réparé ou réinstaller les logiciels touchés par Bagle. Par contre je vais chercher un peu pour cette histoire de nouveau racourci qui ne s'affiche pas Merci

Ok c'est supprimés et la corbeille est vidée. Par contre bizarre pas de possibilité pour faire un nouveau raccourci et tout à l'heure il a fallu que je débranche mes disques amovibles pour permettre a l'ordinateur de démarrer normalement. Il est resté sur un page avec le LOGO ACER ??????????? a plus

Pas de message d'erreur J'ai tout supprimé, il me reste des log.txt sur le bureau lié a nos manip combo mbam, etc et aussi des dossier de combo sur C renommé par mes soins. dois je les supprimer également :P

Et avec créer un raccourci, j'ai aussi un problème en cliquant à droite et en faisant nouveau et raccourci et bien pas d'affichage d'un raccourci. ???

Cela ne marche, windows ne trouve pas le chemin d'accés ??

Re GOF, Effectivement le pc va mieux, ccleaner semble être fonctionnel, plus de msn, ni deamon tool, avast ?? Voici le .txt de MBAM ___________________________________________________ Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2099 Windows 6.0.6001 Service Pack 1 09/05/2009 20:42:57 mbam-log-2009-05-09 (20-42-57).txt Type de recherche: Examen complet (C:\|D:\|F:\|L:\|) Eléments examinés: 178371 Temps écoulé: 45 minute(s), 26 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Qoobox\Quarantine\C\Users\Cyril\AppData\Roaming\drivers\srosa2.sys.vir (Rootkit.Bagle) -> Quarantined and deleted successfully. Désolé pour la répétition je ne sais pas ce que j'ai fait??? Je m'occupe de la suite et je t'informe

Re MBAM a terminer, voici le résulat et oui le pc semble aller mieux, pas de retour d'avast mais ccleaner semble tenir la route. Par contre plus de msn et plus de deamon tools, à réinstaller je suppose. Voici mbam-log-2009-05-09 (20-42-57).txt ___________________________________________________ Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2099 Windows 6.0.6001 Service Pack 1 09/05/2009 20:42:57 mbam-log-2009-05-09 (20-42-57).txt Type de recherche: Examen complet (C:\|D:\|F:\|L:\|) Eléments examinés: 178371 Temps écoulé: 45 minute(s), 26 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Qoobox\Quarantine\C\Users\Cyril\AppData\Roaming\drivers\srosa2.sys.vir (Rootkit.Bagle) -> Quarantined and deleted successfully.

Rebonjour Gof Voici le .txt suite à la première manip. Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture __________________________________________________ ComboFix 09-05-08.03 - Cyril 09/05/2009 19:14.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3071.2060 [GMT 2:00] Lancé depuis: c:\users\Cyril\Desktop\CyrilFix.exe Commutateurs utilisés :: c:\users\Cyril\Desktop\CFScript.txt AV: avast! antivirus 4.8.1229 [VPS 081119-0] *On-access scanning enabled* (Updated) * Un nouveau point de restauration a été créé FILE :: c:\users\Cyril\AppData\Roaming\wklnhst.dat J:\o1.com . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Cyril\AppData\Roaming\drivers c:\users\Cyril\AppData\Roaming\wklnhst.dat . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-09 au 2009-05-09 )))))))))))))))))))))))))))))))))))) . 2009-05-09 07:48 . 2009-05-09 07:48 -------- d-----w C:\cyrilix 2009-05-08 19:55 . 2009-05-08 19:55 -------- d-----w c:\programdata\WindowsSearch 2009-05-08 19:55 . 2009-05-08 19:55 -------- d-----w c:\users\All Users\WindowsSearch 2009-05-08 18:09 . 2009-05-08 18:34 -------- d-----w c:\program files\trend micro 2009-05-08 18:09 . 2009-05-08 18:15 -------- d-----w C:\rsit 2009-05-08 12:37 . 2009-05-08 12:37 -------- d-----w c:\program files\CCleaner 2009-05-08 12:06 . 2009-05-08 12:06 -------- d-----w c:\users\Cyril\AppData\Roaming\Lavasoft 2009-04-21 13:05 . 2009-05-09 08:00 -------- d-----w c:\program files\DAEMON Tools Lite 2009-04-20 09:47 . 2009-04-20 09:47 -------- d-----w c:\users\Cyril\AppData\Roaming\DAEMON Tools Pro 2009-04-20 09:47 . 2009-04-20 09:47 -------- d-----w c:\programdata\DAEMON Tools Lite 2009-04-20 09:47 . 2009-04-20 09:47 -------- d-----w c:\users\All Users\DAEMON Tools Lite 2009-04-20 09:46 . 2009-04-20 09:47 -------- d-----w c:\users\Cyril\AppData\Roaming\DAEMON Tools Lite 2009-04-19 17:53 . 2006-08-01 09:31 3600384 ----a-w c:\windows\ffmpeg.exe 2009-04-19 17:53 . 2007-09-10 06:50 457984 ----a-w c:\windows\system32\drivers\PAC7302.SYS 2009-04-19 17:53 . 2008-02-27 13:27 98432 ----a-w c:\windows\system32\drivers\camfilt2.sys 2009-04-19 17:53 . 2009-04-19 17:53 -------- d-----w c:\program files\Hercules 2009-04-19 17:53 . 2009-04-19 17:53 -------- d-----w c:\windows\system32\HWC HD . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-09 08:08 . 2006-11-02 15:48 669328 ----a-w c:\windows\system32\perfh00C.dat 2009-05-09 08:08 . 2006-11-02 15:48 123350 ----a-w c:\windows\system32\perfc00C.dat 2009-05-08 18:48 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-29 08:39 . 2008-07-17 09:54 101856 ----a-w c:\users\Cyril\AppData\Local\GDIPFONTCACHEV1.DAT 2009-04-29 08:06 . 2007-07-10 13:17 -------- d-----w c:\program files\Microsoft Works 2009-04-20 22:59 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-04-20 22:52 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat 2009-04-19 17:54 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstrng.dat 2009-04-19 17:54 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat 2009-03-24 20:42 . 2008-07-19 10:02 -------- d-----w c:\program files\Java 2009-03-22 10:40 . 2008-07-17 12:14 -------- d-----w c:\program files\Mozilla Thunderbird 2009-03-17 15:29 . 2008-07-19 19:56 -------- d-----w c:\programdata\ma-config.com 2009-03-17 15:29 . 2008-07-19 19:56 -------- d-----w c:\program files\ma-config.com 2009-03-17 03:38 . 2009-04-20 08:45 13824 ----a-w c:\windows\system32\apilogen.dll 2009-03-17 03:38 . 2009-04-20 08:45 24064 ----a-w c:\windows\system32\amxread.dll 2009-03-09 04:19 . 2008-12-09 15:04 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 11:34 . 2009-04-29 08:03 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 11:34 . 2009-04-29 08:03 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 11:33 . 2009-04-29 08:03 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 11:33 . 2009-04-29 08:03 109056 ----a-w c:\windows\system32\iesysprep.dll 2009-03-08 11:33 . 2009-04-29 08:03 109568 ----a-w c:\windows\system32\PDMSetup.exe 2009-03-08 11:33 . 2009-04-29 08:03 132608 ----a-w c:\windows\system32\ieUnatt.exe 2009-03-08 11:33 . 2009-04-29 08:03 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe 2009-03-08 11:33 . 2009-04-29 08:03 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe 2009-03-08 11:33 . 2009-04-29 08:03 103936 ----a-w c:\windows\system32\SetDepNx.exe 2009-03-08 11:33 . 2009-04-29 08:03 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 11:32 . 2009-04-29 08:03 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 11:32 . 2009-04-29 08:03 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 11:32 . 2009-04-29 08:03 66560 ----a-w c:\windows\system32\wextract.exe 2009-03-08 11:32 . 2009-04-29 08:03 169472 ----a-w c:\windows\system32\iexpress.exe 2009-03-08 11:31 . 2009-04-29 08:03 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 11:31 . 2009-04-29 08:03 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 11:31 . 2009-04-29 08:03 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 11:22 . 2009-04-29 08:03 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-03 04:46 . 2009-04-20 08:45 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-03-03 04:46 . 2009-04-20 08:45 3547632 ----a-w c:\windows\system32\ntoskrnl.exe 2009-03-03 04:39 . 2009-04-20 08:45 183296 ----a-w c:\windows\system32\sdohlp.dll 2009-03-03 04:39 . 2009-04-20 08:45 551424 ----a-w c:\windows\system32\rpcss.dll 2009-03-03 04:39 . 2009-04-20 08:45 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll 2009-03-03 04:37 . 2009-04-20 08:45 98304 ----a-w c:\windows\system32\iasrecst.dll 2009-03-03 04:37 . 2009-04-20 08:45 54784 ----a-w c:\windows\system32\iasads.dll 2009-03-03 04:37 . 2009-04-20 08:45 44032 ----a-w c:\windows\system32\iasdatastore.dll 2009-03-03 03:04 . 2009-04-20 08:45 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe 2009-03-03 02:38 . 2009-04-20 08:45 17408 ----a-w c:\windows\system32\iashost.exe 2009-02-13 08:49 . 2009-04-20 08:45 72704 ----a-w c:\windows\system32\secur32.dll 2009-02-13 08:49 . 2009-04-20 08:45 1255936 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 03:10 . 2009-03-12 09:20 2033152 ----a-w c:\windows\system32\win32k.sys 2008-07-19 19:38 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2007-12-10 19:24 . 2007-12-10 19:24 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2009-05-09_08.03.31 ))))))))))))))))))))))))))))))))))))))))) . + 2006-11-02 13:05 . 2009-05-09 08:03 84484 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-07-17 09:54 . 2009-05-09 08:03 9044 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2684771895-3763166589-4040009352-1000_UserData.bin + 2006-11-02 10:33 . 2009-05-09 08:08 586980 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-05-08 20:25 586980 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-05-09 08:08 101052 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-05-08 20:25 101052 c:\windows\System32\perfc009.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-19 2153472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-05-08 81000] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-10 535336] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2684771895-3763166589-4040009352-1000] "EnableNotificationsRef"=dword:00000004 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{3815E209-4DF2-4CF0-964F-63927FBFE08A}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0C32ACE3-DA1F-469C-8D0C-C4C84671DB56}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{D1FF41DB-15E9-48CF-9A69-B0199CF49FC0}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{AB9C13F7-3821-4F1C-B932-DBC6DFD90792}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{E19B0516-2539-49D0-881D-0FBB7A04F587}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{3F7F745C-EE8A-42BF-95CE-F704AB7953B8}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{D52535F0-C15F-4ECD-B05E-833E6A1E6A48}"= Disabled:UDP:c:\users\Cyril\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{8C154A48-CA17-4827-A331-017F5BE15EC5}"= Disabled:TCP:c:\users\Cyril\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{EB8FE6BE-936B-45A8-9906-25894624F644}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{2F7C2CE9-B941-4E33-88C9-708087A360C9}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [17/07/2008 23:52 51792] R3 camfilt2;camfilt2;c:\windows\System32\drivers\camfilt2.sys [19/04/2009 19:53 98432] R3 PAC7302;Hercules Classic Link;c:\windows\System32\drivers\PAC7302.SYS [19/04/2009 19:53 457984] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [18/03/2009 10:51 48128] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 10:34 216232] S3 SiS6350;SiS6350;c:\windows\System32\drivers\SISGRKMD.sys [10/07/2007 23:29 454520] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86a55ce9-728a-11dd-a09f-001c2557e85b}] \shell\AutoRun\command - L:\SETUP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.daemon-search.com/startpage uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://fr.fr.acer.yahoo.com uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Cyril\AppData\Roaming\Mozilla\Firefox\Profiles\e3r8f633.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-09 19:16 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\users\Cyril\AppData\Local\Temp\catchme.dll 53248 bytes executable Scan terminé avec succès Fichiers cachés: 1 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-2684771895-3763166589-4040009352-1000\*& à**H* à** *z*à**ø*o*à**e*p*o*s*i*t*i*o*n*\resvars] "HLISTOFFSET"="284.000000" . Heure de fin: 2009-05-09 19:17 ComboFix-quarantined-files.txt 2009-05-09 17:17 ComboFix2.txt 2009-05-09 08:05 Avant-CF: 125 327 257 600 octets libres Après-CF: 125 295 845 376 octets libres 193 --- E O F --- 2009-05-08 08:56

:P Ok _____________________________________________ ComboFix 09-05-08.03 - Cyril 09/05/2009 9:57.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3071.2221 [GMT 2:00] Lancé depuis: c:\users\Cyril\Desktop\CyrilFix.exe AV: avast! antivirus 4.8.1229 [VPS 081119-0] *On-access scanning enabled* (Updated) * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\InfoSat.txt C:\Muestras c:\muestras\FLEC006.EXE.Muestra EliBagle v12.53 c:\muestras\WINUPGRO.EXE.Muestra EliBagle v12.53 c:\program files\DAEMON Tools Lite\daemon.exe c:\program files\Windows Live\Messenger\msnmsgr.exe c:\users\Cyril\AppData\Roaming\drivers\downld c:\users\Cyril\AppData\Roaming\drivers\downld\100059.exe c:\users\Cyril\AppData\Roaming\drivers\downld\100527.exe c:\users\Cyril\AppData\Roaming\drivers\downld\100729.exe c:\users\Cyril\AppData\Roaming\drivers\downld\101073.exe c:\users\Cyril\AppData\Roaming\drivers\downld\101307.exe c:\users\Cyril\AppData\Roaming\drivers\downld\101931.exe c:\users\Cyril\AppData\Roaming\drivers\downld\101946.exe c:\users\Cyril\AppData\Roaming\drivers\downld\102040.exe c:\users\Cyril\AppData\Roaming\drivers\downld\102149.exe c:\users\Cyril\AppData\Roaming\drivers\downld\102227.exe c:\users\Cyril\AppData\Roaming\drivers\downld\102601.exe c:\users\Cyril\AppData\Roaming\drivers\downld\102633.exe c:\users\Cyril\AppData\Roaming\drivers\downld\103054.exe c:\users\Cyril\AppData\Roaming\drivers\downld\103397.exe c:\users\Cyril\AppData\Roaming\drivers\downld\103740.exe c:\users\Cyril\AppData\Roaming\drivers\downld\103834.exe c:\users\Cyril\AppData\Roaming\drivers\downld\104037.exe c:\users\Cyril\AppData\Roaming\drivers\downld\104115.exe c:\users\Cyril\AppData\Roaming\drivers\downld\104349.exe c:\users\Cyril\AppData\Roaming\drivers\downld\104395.exe c:\users\Cyril\AppData\Roaming\drivers\downld\104910.exe c:\users\Cyril\AppData\Roaming\drivers\downld\105051.exe c:\users\Cyril\AppData\Roaming\drivers\downld\105175.exe c:\users\Cyril\AppData\Roaming\drivers\downld\105643.exe c:\users\Cyril\AppData\Roaming\drivers\downld\108046.exe c:\users\Cyril\AppData\Roaming\drivers\downld\108186.exe c:\users\Cyril\AppData\Roaming\drivers\downld\108607.exe c:\users\Cyril\AppData\Roaming\drivers\downld\109153.exe c:\users\Cyril\AppData\Roaming\drivers\downld\111025.exe c:\users\Cyril\AppData\Roaming\drivers\downld\111915.exe c:\users\Cyril\AppData\Roaming\drivers\downld\111961.exe c:\users\Cyril\AppData\Roaming\drivers\downld\112336.exe c:\users\Cyril\AppData\Roaming\drivers\downld\112975.exe c:\users\Cyril\AppData\Roaming\drivers\downld\114270.exe c:\users\Cyril\AppData\Roaming\drivers\downld\115690.exe c:\users\Cyril\AppData\Roaming\drivers\downld\115924.exe c:\users\Cyril\AppData\Roaming\drivers\downld\116361.exe c:\users\Cyril\AppData\Roaming\drivers\downld\116875.exe c:\users\Cyril\AppData\Roaming\drivers\downld\117811.exe c:\users\Cyril\AppData\Roaming\drivers\downld\117967.exe c:\users\Cyril\AppData\Roaming\drivers\downld\118014.exe c:\users\Cyril\AppData\Roaming\drivers\downld\118451.exe c:\users\Cyril\AppData\Roaming\drivers\downld\118779.exe c:\users\Cyril\AppData\Roaming\drivers\downld\119886.exe c:\users\Cyril\AppData\Roaming\drivers\downld\120963.exe c:\users\Cyril\AppData\Roaming\drivers\downld\121633.exe c:\users\Cyril\AppData\Roaming\drivers\downld\121977.exe c:\users\Cyril\AppData\Roaming\drivers\downld\122289.exe c:\users\Cyril\AppData\Roaming\drivers\downld\122710.exe c:\users\Cyril\AppData\Roaming\drivers\downld\123069.exe c:\users\Cyril\AppData\Roaming\drivers\downld\123505.exe c:\users\Cyril\AppData\Roaming\drivers\downld\123583.exe c:\users\Cyril\AppData\Roaming\drivers\downld\123911.exe c:\users\Cyril\AppData\Roaming\drivers\downld\124363.exe c:\users\Cyril\AppData\Roaming\drivers\downld\125003.exe c:\users\Cyril\AppData\Roaming\drivers\downld\125892.exe c:\users\Cyril\AppData\Roaming\drivers\downld\126672.exe c:\users\Cyril\AppData\Roaming\drivers\downld\129652.exe c:\users\Cyril\AppData\Roaming\drivers\downld\130136.exe c:\users\Cyril\AppData\Roaming\drivers\downld\130276.exe c:\users\Cyril\AppData\Roaming\drivers\downld\130541.exe c:\users\Cyril\AppData\Roaming\drivers\downld\131602.exe c:\users\Cyril\AppData\Roaming\drivers\downld\131945.exe c:\users\Cyril\AppData\Roaming\drivers\downld\133568.exe c:\users\Cyril\AppData\Roaming\drivers\downld\133989.exe c:\users\Cyril\AppData\Roaming\drivers\downld\134940.exe c:\users\Cyril\AppData\Roaming\drivers\downld\135362.exe c:\users\Cyril\AppData\Roaming\drivers\downld\135814.exe c:\users\Cyril\AppData\Roaming\drivers\downld\148809.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14974504.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14974520.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14987842.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14989231.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14989590.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14997717.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14998357.exe c:\users\Cyril\AppData\Roaming\drivers\downld\14998762.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15012615.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15015891.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15016968.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15021211.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15103205.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15104531.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15104890.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15126746.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15127962.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15128602.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15132580.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15132596.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15135217.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15135232.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15142299.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15143110.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15143547.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15145591.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15161003.exe c:\users\Cyril\AppData\Roaming\drivers\downld\151664.exe c:\users\Cyril\AppData\Roaming\drivers\downld\153005.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15326989.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15327004.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15393788.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15394459.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15394677.exe c:\users\Cyril\AppData\Roaming\drivers\downld\154082.exe c:\users\Cyril\AppData\Roaming\drivers\downld\156547.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15716008.exe c:\users\Cyril\AppData\Roaming\drivers\downld\157483.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15948575.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15948809.exe c:\users\Cyril\AppData\Roaming\drivers\downld\15948996.exe c:\users\Cyril\AppData\Roaming\drivers\downld\182146.exe c:\users\Cyril\AppData\Roaming\drivers\downld\183160.exe c:\users\Cyril\AppData\Roaming\drivers\downld\184299.exe c:\users\Cyril\AppData\Roaming\drivers\downld\188090.exe c:\users\Cyril\AppData\Roaming\drivers\downld\189728.exe c:\users\Cyril\AppData\Roaming\drivers\downld\190508.exe c:\users\Cyril\AppData\Roaming\drivers\downld\191444.exe c:\users\Cyril\AppData\Roaming\drivers\downld\192832.exe c:\users\Cyril\AppData\Roaming\drivers\downld\193644.exe c:\users\Cyril\AppData\Roaming\drivers\downld\199026.exe c:\users\Cyril\AppData\Roaming\drivers\downld\199930.exe c:\users\Cyril\AppData\Roaming\drivers\downld\200320.exe c:\users\Cyril\AppData\Roaming\drivers\downld\205422.exe c:\users\Cyril\AppData\Roaming\drivers\downld\206545.exe c:\users\Cyril\AppData\Roaming\drivers\downld\207559.exe c:\users\Cyril\AppData\Roaming\drivers\downld\208167.exe c:\users\Cyril\AppData\Roaming\drivers\downld\208807.exe c:\users\Cyril\AppData\Roaming\drivers\downld\209259.exe c:\users\Cyril\AppData\Roaming\drivers\downld\209727.exe c:\users\Cyril\AppData\Roaming\drivers\downld\210570.exe c:\users\Cyril\AppData\Roaming\drivers\downld\211818.exe c:\users\Cyril\AppData\Roaming\drivers\downld\212301.exe c:\users\Cyril\AppData\Roaming\drivers\downld\212488.exe c:\users\Cyril\AppData\Roaming\drivers\downld\213830.exe c:\users\Cyril\AppData\Roaming\drivers\downld\213846.exe c:\users\Cyril\AppData\Roaming\drivers\downld\214095.exe c:\users\Cyril\AppData\Roaming\drivers\downld\214891.exe c:\users\Cyril\AppData\Roaming\drivers\downld\215234.exe c:\users\Cyril\AppData\Roaming\drivers\downld\215936.exe c:\users\Cyril\AppData\Roaming\drivers\downld\216092.exe c:\users\Cyril\AppData\Roaming\drivers\downld\217980.exe c:\users\Cyril\AppData\Roaming\drivers\downld\218588.exe c:\users\Cyril\AppData\Roaming\drivers\downld\218666.exe c:\users\Cyril\AppData\Roaming\drivers\downld\218775.exe c:\users\Cyril\AppData\Roaming\drivers\downld\219587.exe c:\users\Cyril\AppData\Roaming\drivers\downld\220055.exe c:\users\Cyril\AppData\Roaming\drivers\downld\220273.exe c:\users\Cyril\AppData\Roaming\drivers\downld\221037.exe c:\users\Cyril\AppData\Roaming\drivers\downld\221802.exe c:\users\Cyril\AppData\Roaming\drivers\downld\222519.exe c:\users\Cyril\AppData\Roaming\drivers\downld\222535.exe c:\users\Cyril\AppData\Roaming\drivers\downld\223284.exe c:\users\Cyril\AppData\Roaming\drivers\downld\223346.exe c:\users\Cyril\AppData\Roaming\drivers\downld\223923.exe c:\users\Cyril\AppData\Roaming\drivers\downld\224064.exe c:\users\Cyril\AppData\Roaming\drivers\downld\224079.exe c:\users\Cyril\AppData\Roaming\drivers\downld\224111.exe c:\users\Cyril\AppData\Roaming\drivers\downld\224937.exe c:\users\Cyril\AppData\Roaming\drivers\downld\225889.exe c:\users\Cyril\AppData\Roaming\drivers\downld\230382.exe c:\users\Cyril\AppData\Roaming\drivers\downld\231068.exe c:\users\Cyril\AppData\Roaming\drivers\downld\231677.exe c:\users\Cyril\AppData\Roaming\drivers\downld\231786.exe c:\users\Cyril\AppData\Roaming\drivers\downld\232176.exe c:\users\Cyril\AppData\Roaming\drivers\downld\232363.exe c:\users\Cyril\AppData\Roaming\drivers\downld\232691.exe c:\users\Cyril\AppData\Roaming\drivers\downld\232925.exe c:\users\Cyril\AppData\Roaming\drivers\downld\233143.exe c:\users\Cyril\AppData\Roaming\drivers\downld\233159.exe c:\users\Cyril\AppData\Roaming\drivers\downld\233330.exe c:\users\Cyril\AppData\Roaming\drivers\downld\233502.exe c:\users\Cyril\AppData\Roaming\drivers\downld\233580.exe c:\users\Cyril\AppData\Roaming\drivers\downld\233829.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234251.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234329.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234391.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234469.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234485.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234797.exe c:\users\Cyril\AppData\Roaming\drivers\downld\234953.exe c:\users\Cyril\AppData\Roaming\drivers\downld\235249.exe c:\users\Cyril\AppData\Roaming\drivers\downld\235296.exe c:\users\Cyril\AppData\Roaming\drivers\downld\235452.exe c:\users\Cyril\AppData\Roaming\drivers\downld\235530.exe c:\users\Cyril\AppData\Roaming\drivers\downld\236154.exe c:\users\Cyril\AppData\Roaming\drivers\downld\236263.exe c:\users\Cyril\AppData\Roaming\drivers\downld\236419.exe c:\users\Cyril\AppData\Roaming\drivers\downld\236996.exe c:\users\Cyril\AppData\Roaming\drivers\downld\237105.exe c:\users\Cyril\AppData\Roaming\drivers\downld\237355.exe c:\users\Cyril\AppData\Roaming\drivers\downld\237995.exe c:\users\Cyril\AppData\Roaming\drivers\downld\238447.exe c:\users\Cyril\AppData\Roaming\drivers\downld\238556.exe c:\users\Cyril\AppData\Roaming\drivers\downld\238837.exe c:\users\Cyril\AppData\Roaming\drivers\downld\239133.exe c:\users\Cyril\AppData\Roaming\drivers\downld\239149.exe c:\users\Cyril\AppData\Roaming\drivers\downld\239321.exe c:\users\Cyril\AppData\Roaming\drivers\downld\239336.exe c:\users\Cyril\AppData\Roaming\drivers\downld\239352.exe c:\users\Cyril\AppData\Roaming\drivers\downld\239633.exe c:\users\Cyril\AppData\Roaming\drivers\downld\240288.exe c:\users\Cyril\AppData\Roaming\drivers\downld\240366.exe c:\users\Cyril\AppData\Roaming\drivers\downld\240444.exe c:\users\Cyril\AppData\Roaming\drivers\downld\240896.exe c:\users\Cyril\AppData\Roaming\drivers\downld\241349.exe c:\users\Cyril\AppData\Roaming\drivers\downld\241442.exe c:\users\Cyril\AppData\Roaming\drivers\downld\241692.exe c:\users\Cyril\AppData\Roaming\drivers\downld\241817.exe c:\users\Cyril\AppData\Roaming\drivers\downld\242129.exe c:\users\Cyril\AppData\Roaming\drivers\downld\242144.exe c:\users\Cyril\AppData\Roaming\drivers\downld\242534.exe c:\users\Cyril\AppData\Roaming\drivers\downld\242955.exe c:\users\Cyril\AppData\Roaming\drivers\downld\243111.exe c:\users\Cyril\AppData\Roaming\drivers\downld\243548.exe c:\users\Cyril\AppData\Roaming\drivers\downld\243673.exe c:\users\Cyril\AppData\Roaming\drivers\downld\243923.exe c:\users\Cyril\AppData\Roaming\drivers\downld\244718.exe c:\users\Cyril\AppData\Roaming\drivers\downld\245015.exe c:\users\Cyril\AppData\Roaming\drivers\downld\245607.exe c:\users\Cyril\AppData\Roaming\drivers\downld\245795.exe c:\users\Cyril\AppData\Roaming\drivers\downld\246138.exe c:\users\Cyril\AppData\Roaming\drivers\downld\246465.exe c:\users\Cyril\AppData\Roaming\drivers\downld\246855.exe c:\users\Cyril\AppData\Roaming\drivers\downld\247121.exe c:\users\Cyril\AppData\Roaming\drivers\downld\247433.exe c:\users\Cyril\AppData\Roaming\drivers\downld\247823.exe c:\users\Cyril\AppData\Roaming\drivers\downld\248088.exe c:\users\Cyril\AppData\Roaming\drivers\downld\248244.exe c:\users\Cyril\AppData\Roaming\drivers\downld\248603.exe c:\users\Cyril\AppData\Roaming\drivers\downld\249102.exe c:\users\Cyril\AppData\Roaming\drivers\downld\249305.exe c:\users\Cyril\AppData\Roaming\drivers\downld\249383.exe c:\users\Cyril\AppData\Roaming\drivers\downld\249742.exe c:\users\Cyril\AppData\Roaming\drivers\downld\249773.exe c:\users\Cyril\AppData\Roaming\drivers\downld\250085.exe c:\users\Cyril\AppData\Roaming\drivers\downld\250334.exe c:\users\Cyril\AppData\Roaming\drivers\downld\250522.exe c:\users\Cyril\AppData\Roaming\drivers\downld\250553.exe c:\users\Cyril\AppData\Roaming\drivers\downld\250568.exe c:\users\Cyril\AppData\Roaming\drivers\downld\251005.exe c:\users\Cyril\AppData\Roaming\drivers\downld\251348.exe c:\users\Cyril\AppData\Roaming\drivers\downld\251520.exe c:\users\Cyril\AppData\Roaming\drivers\downld\251660.exe c:\users\Cyril\AppData\Roaming\drivers\downld\251676.exe c:\users\Cyril\AppData\Roaming\drivers\downld\251879.exe c:\users\Cyril\AppData\Roaming\drivers\downld\252612.exe c:\users\Cyril\AppData\Roaming\drivers\downld\252846.exe c:\users\Cyril\AppData\Roaming\drivers\downld\253735.exe c:\users\Cyril\AppData\Roaming\drivers\downld\256418.exe c:\users\Cyril\AppData\Roaming\drivers\downld\257417.exe c:\users\Cyril\AppData\Roaming\drivers\downld\258150.exe c:\users\Cyril\AppData\Roaming\drivers\downld\258166.exe c:\users\Cyril\AppData\Roaming\drivers\downld\258680.exe c:\users\Cyril\AppData\Roaming\drivers\downld\259102.exe c:\users\Cyril\AppData\Roaming\drivers\downld\259414.exe c:\users\Cyril\AppData\Roaming\drivers\downld\259850.exe c:\users\Cyril\AppData\Roaming\drivers\downld\260443.exe c:\users\Cyril\AppData\Roaming\drivers\downld\260802.exe c:\users\Cyril\AppData\Roaming\drivers\downld\260911.exe c:\users\Cyril\AppData\Roaming\drivers\downld\261910.exe c:\users\Cyril\AppData\Roaming\drivers\downld\262378.exe c:\users\Cyril\AppData\Roaming\drivers\downld\262487.exe c:\users\Cyril\AppData\Roaming\drivers\downld\262674.exe c:\users\Cyril\AppData\Roaming\drivers\downld\262799.exe c:\users\Cyril\AppData\Roaming\drivers\downld\264608.exe c:\users\Cyril\AppData\Roaming\drivers\downld\265217.exe c:\users\Cyril\AppData\Roaming\drivers\downld\265342.exe c:\users\Cyril\AppData\Roaming\drivers\downld\265872.exe c:\users\Cyril\AppData\Roaming\drivers\downld\266621.exe c:\users\Cyril\AppData\Roaming\drivers\downld\266652.exe c:\users\Cyril\AppData\Roaming\drivers\downld\267073.exe c:\users\Cyril\AppData\Roaming\drivers\downld\268774.exe c:\users\Cyril\AppData\Roaming\drivers\downld\268930.exe c:\users\Cyril\AppData\Roaming\drivers\downld\269710.exe c:\users\Cyril\AppData\Roaming\drivers\downld\270583.exe c:\users\Cyril\AppData\Roaming\drivers\downld\271332.exe c:\users\Cyril\AppData\Roaming\drivers\downld\274296.exe c:\users\Cyril\AppData\Roaming\drivers\downld\274577.exe c:\users\Cyril\AppData\Roaming\drivers\downld\275887.exe c:\users\Cyril\AppData\Roaming\drivers\downld\276308.exe c:\users\Cyril\AppData\Roaming\drivers\downld\277478.exe c:\users\Cyril\AppData\Roaming\drivers\downld\278789.exe c:\users\Cyril\AppData\Roaming\drivers\downld\279210.exe c:\users\Cyril\AppData\Roaming\drivers\downld\290505.exe c:\users\Cyril\AppData\Roaming\drivers\downld\292080.exe c:\users\Cyril\AppData\Roaming\drivers\downld\294467.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30349354.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30363426.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30364533.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30364892.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30372864.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30373457.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30373862.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30383394.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30386717.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30387809.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30391459.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30464514.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30465497.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30466340.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30490223.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30491830.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30492501.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30496073.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30496089.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30498819.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30498835.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30503936.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30505387.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30506011.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30506791.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30522921.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30684959.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30684975.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30751821.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30752321.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30752539.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30764941.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30831694.exe c:\users\Cyril\AppData\Roaming\drivers\downld\30831710.exe c:\users\Cyril\AppData\Roaming\drivers\downld\317181.exe c:\users\Cyril\AppData\Roaming\drivers\downld\318772.exe c:\users\Cyril\AppData\Roaming\drivers\downld\319146.exe c:\users\Cyril\AppData\Roaming\drivers\downld\327165.exe c:\users\Cyril\AppData\Roaming\drivers\downld\328226.exe c:\users\Cyril\AppData\Roaming\drivers\downld\328787.exe c:\users\Cyril\AppData\Roaming\drivers\downld\341002.exe c:\users\Cyril\AppData\Roaming\drivers\downld\351704.exe c:\users\Cyril\AppData\Roaming\drivers\downld\352843.exe c:\users\Cyril\AppData\Roaming\drivers\downld\405462.exe c:\users\Cyril\AppData\Roaming\drivers\downld\405680.exe c:\users\Cyril\AppData\Roaming\drivers\downld\405696.exe c:\users\Cyril\AppData\Roaming\drivers\downld\415867.exe c:\users\Cyril\AppData\Roaming\drivers\downld\416163.exe c:\users\Cyril\AppData\Roaming\drivers\downld\417801.exe c:\users\Cyril\AppData\Roaming\drivers\downld\418020.exe c:\users\Cyril\AppData\Roaming\drivers\downld\420438.exe c:\users\Cyril\AppData\Roaming\drivers\downld\420656.exe c:\users\Cyril\AppData\Roaming\drivers\downld\420672.exe c:\users\Cyril\AppData\Roaming\drivers\downld\431077.exe c:\users\Cyril\AppData\Roaming\drivers\downld\431358.exe c:\users\Cyril\AppData\Roaming\drivers\downld\433479.exe c:\users\Cyril\AppData\Roaming\drivers\downld\434025.exe c:\users\Cyril\AppData\Roaming\drivers\downld\434431.exe c:\users\Cyril\AppData\Roaming\drivers\downld\434681.exe c:\users\Cyril\AppData\Roaming\drivers\downld\434915.exe c:\users\Cyril\AppData\Roaming\drivers\downld\438768.exe c:\users\Cyril\AppData\Roaming\drivers\downld\439127.exe c:\users\Cyril\AppData\Roaming\drivers\downld\448549.exe c:\users\Cyril\AppData\Roaming\drivers\downld\448783.exe c:\users\Cyril\AppData\Roaming\drivers\downld\457488.exe c:\users\Cyril\AppData\Roaming\drivers\downld\457940.exe c:\users\Cyril\AppData\Roaming\drivers\downld\457956.exe c:\users\Cyril\AppData\Roaming\drivers\downld\459001.exe c:\users\Cyril\AppData\Roaming\drivers\downld\459188.exe c:\users\Cyril\AppData\Roaming\drivers\downld\460982.exe c:\users\Cyril\AppData\Roaming\drivers\downld\461201.exe c:\users\Cyril\AppData\Roaming\drivers\downld\462199.exe c:\users\Cyril\AppData\Roaming\drivers\downld\462948.exe c:\users\Cyril\AppData\Roaming\drivers\downld\465413.exe c:\users\Cyril\AppData\Roaming\drivers\downld\466505.exe c:\users\Cyril\AppData\Roaming\drivers\downld\471591.exe c:\users\Cyril\AppData\Roaming\drivers\downld\472651.exe c:\users\Cyril\AppData\Roaming\drivers\downld\472901.exe c:\users\Cyril\AppData\Roaming\drivers\downld\473322.exe c:\users\Cyril\AppData\Roaming\drivers\downld\473541.exe c:\users\Cyril\AppData\Roaming\drivers\downld\473759.exe c:\users\Cyril\AppData\Roaming\drivers\downld\483291.exe c:\users\Cyril\AppData\Roaming\drivers\downld\484273.exe c:\users\Cyril\AppData\Roaming\drivers\downld\484492.exe c:\users\Cyril\AppData\Roaming\drivers\downld\484648.exe c:\users\Cyril\AppData\Roaming\drivers\downld\485615.exe c:\users\Cyril\AppData\Roaming\drivers\downld\485833.exe c:\users\Cyril\AppData\Roaming\drivers\downld\487347.exe c:\users\Cyril\AppData\Roaming\drivers\downld\488439.exe c:\users\Cyril\AppData\Roaming\drivers\downld\488657.exe c:\users\Cyril\AppData\Roaming\drivers\downld\489967.exe c:\users\Cyril\AppData\Roaming\drivers\downld\494164.exe c:\users\Cyril\AppData\Roaming\drivers\downld\500498.exe c:\users\Cyril\AppData\Roaming\drivers\downld\502744.exe c:\users\Cyril\AppData\Roaming\drivers\downld\507252.exe c:\users\Cyril\AppData\Roaming\drivers\downld\507346.exe c:\users\Cyril\AppData\Roaming\drivers\downld\508188.exe c:\users\Cyril\AppData\Roaming\drivers\downld\508407.exe c:\users\Cyril\AppData\Roaming\drivers\downld\508875.exe c:\users\Cyril\AppData\Roaming\drivers\downld\509577.exe c:\users\Cyril\AppData\Roaming\drivers\downld\509904.exe c:\users\Cyril\AppData\Roaming\drivers\downld\510622.exe c:\users\Cyril\AppData\Roaming\drivers\downld\510638.exe c:\users\Cyril\AppData\Roaming\drivers\downld\515474.exe c:\users\Cyril\AppData\Roaming\drivers\downld\516472.exe c:\users\Cyril\AppData\Roaming\drivers\downld\516690.exe c:\users\Cyril\AppData\Roaming\drivers\downld\517455.exe c:\users\Cyril\AppData\Roaming\drivers\downld\525239.exe c:\users\Cyril\AppData\Roaming\drivers\downld\526144.exe c:\users\Cyril\AppData\Roaming\drivers\downld\526362.exe c:\users\Cyril\AppData\Roaming\drivers\downld\528016.exe c:\users\Cyril\AppData\Roaming\drivers\downld\529139.exe c:\users\Cyril\AppData\Roaming\drivers\downld\529358.exe c:\users\Cyril\AppData\Roaming\drivers\downld\532057.exe c:\users\Cyril\AppData\Roaming\drivers\downld\53492.exe c:\users\Cyril\AppData\Roaming\drivers\downld\537610.exe c:\users\Cyril\AppData\Roaming\drivers\downld\56378.exe c:\users\Cyril\AppData\Roaming\drivers\downld\567250.exe c:\users\Cyril\AppData\Roaming\drivers\downld\568093.exe c:\users\Cyril\AppData\Roaming\drivers\downld\568670.exe c:\users\Cyril\AppData\Roaming\drivers\downld\569232.exe c:\users\Cyril\AppData\Roaming\drivers\downld\573007.exe c:\users\Cyril\AppData\Roaming\drivers\downld\57330.exe c:\users\Cyril\AppData\Roaming\drivers\downld\573350.exe c:\users\Cyril\AppData\Roaming\drivers\downld\573444.exe c:\users\Cyril\AppData\Roaming\drivers\downld\57345.exe c:\users\Cyril\AppData\Roaming\drivers\downld\574068.exe c:\users\Cyril\AppData\Roaming\drivers\downld\574192.exe c:\users\Cyril\AppData\Roaming\drivers\downld\592678.exe c:\users\Cyril\AppData\Roaming\drivers\downld\592928.exe c:\users\Cyril\AppData\Roaming\drivers\downld\592944.exe c:\users\Cyril\AppData\Roaming\drivers\downld\598482.exe c:\users\Cyril\AppData\Roaming\drivers\downld\599371.exe c:\users\Cyril\AppData\Roaming\drivers\downld\599589.exe c:\users\Cyril\AppData\Roaming\drivers\downld\599839.exe c:\users\Cyril\AppData\Roaming\drivers\downld\599948.exe c:\users\Cyril\AppData\Roaming\drivers\downld\600229.exe c:\users\Cyril\AppData\Roaming\drivers\downld\60060.exe c:\users\Cyril\AppData\Roaming\drivers\downld\601508.exe c:\users\Cyril\AppData\Roaming\drivers\downld\60512.exe c:\users\Cyril\AppData\Roaming\drivers\downld\613988.exe c:\users\Cyril\AppData\Roaming\drivers\downld\619433.exe c:\users\Cyril\AppData\Roaming\drivers\downld\620291.exe c:\users\Cyril\AppData\Roaming\drivers\downld\620571.exe c:\users\Cyril\AppData\Roaming\drivers\downld\621273.exe c:\users\Cyril\AppData\Roaming\drivers\downld\621289.exe c:\users\Cyril\AppData\Roaming\drivers\downld\63726.exe c:\users\Cyril\AppData\Roaming\drivers\downld\63742.exe c:\users\Cyril\AppData\Roaming\drivers\downld\64397.exe c:\users\Cyril\AppData\Roaming\drivers\downld\64678.exe c:\users\Cyril\AppData\Roaming\drivers\downld\65863.exe c:\users\Cyril\AppData\Roaming\drivers\downld\659728.exe c:\users\Cyril\AppData\Roaming\drivers\downld\65988.exe c:\users\Cyril\AppData\Roaming\drivers\downld\660773.exe c:\users\Cyril\AppData\Roaming\drivers\downld\660991.exe c:\users\Cyril\AppData\Roaming\drivers\downld\66752.exe c:\users\Cyril\AppData\Roaming\drivers\downld\67064.exe c:\users\Cyril\AppData\Roaming\drivers\downld\67080.exe c:\users\Cyril\AppData\Roaming\drivers\downld\671989.exe c:\users\Cyril\AppData\Roaming\drivers\downld\672910.exe c:\users\Cyril\AppData\Roaming\drivers\downld\67454.exe c:\users\Cyril\AppData\Roaming\drivers\downld\67470.exe c:\users\Cyril\AppData\Roaming\drivers\downld\67673.exe c:\users\Cyril\AppData\Roaming\drivers\downld\68531.exe c:\users\Cyril\AppData\Roaming\drivers\downld\68609.exe c:\users\Cyril\AppData\Roaming\drivers\downld\69326.exe c:\users\Cyril\AppData\Roaming\drivers\downld\69451.exe c:\users\Cyril\AppData\Roaming\drivers\downld\69748.exe c:\users\Cyril\AppData\Roaming\drivers\downld\69810.exe c:\users\Cyril\AppData\Roaming\drivers\downld\69904.exe c:\users\Cyril\AppData\Roaming\drivers\downld\703829.exe c:\users\Cyril\AppData\Roaming\drivers\downld\70512.exe c:\users\Cyril\AppData\Roaming\drivers\downld\71074.exe c:\users\Cyril\AppData\Roaming\drivers\downld\71557.exe c:\users\Cyril\AppData\Roaming\drivers\downld\71573.exe c:\users\Cyril\AppData\Roaming\drivers\downld\72088.exe c:\users\Cyril\AppData\Roaming\drivers\downld\73585.exe c:\users\Cyril\AppData\Roaming\drivers\downld\741457.exe c:\users\Cyril\AppData\Roaming\drivers\downld\74474.exe c:\users\Cyril\AppData\Roaming\drivers\downld\75114.exe c:\users\Cyril\AppData\Roaming\drivers\downld\76034.exe c:\users\Cyril\AppData\Roaming\drivers\downld\76222.exe c:\users\Cyril\AppData\Roaming\drivers\downld\76471.exe c:\users\Cyril\AppData\Roaming\drivers\downld\76783.exe c:\users\Cyril\AppData\Roaming\drivers\downld\77860.exe c:\users\Cyril\AppData\Roaming\drivers\downld\780753.exe c:\users\Cyril\AppData\Roaming\drivers\downld\781549.exe c:\users\Cyril\AppData\Roaming\drivers\downld\79030.exe c:\users\Cyril\AppData\Roaming\drivers\downld\81229.exe c:\users\Cyril\AppData\Roaming\drivers\downld\81448.exe c:\users\Cyril\AppData\Roaming\drivers\downld\82228.exe c:\users\Cyril\AppData\Roaming\drivers\downld\82259.exe c:\users\Cyril\AppData\Roaming\drivers\downld\82649.exe c:\users\Cyril\AppData\Roaming\drivers\downld\83866.exe c:\users\Cyril\AppData\Roaming\drivers\downld\84334.exe c:\users\Cyril\AppData\Roaming\drivers\downld\84474.exe c:\users\Cyril\AppData\Roaming\drivers\downld\84739.exe c:\users\Cyril\AppData\Roaming\drivers\downld\85706.exe c:\users\Cyril\AppData\Roaming\drivers\downld\85940.exe c:\users\Cyril\AppData\Roaming\drivers\downld\86034.exe c:\users\Cyril\AppData\Roaming\drivers\downld\86096.exe c:\users\Cyril\AppData\Roaming\drivers\downld\86408.exe c:\users\Cyril\AppData\Roaming\drivers\downld\86440.exe c:\users\Cyril\AppData\Roaming\drivers\downld\87313.exe c:\users\Cyril\AppData\Roaming\drivers\downld\87766.exe c:\users\Cyril\AppData\Roaming\drivers\downld\87937.exe c:\users\Cyril\AppData\Roaming\drivers\downld\88483.exe c:\users\Cyril\AppData\Roaming\drivers\downld\89357.exe c:\users\Cyril\AppData\Roaming\drivers\downld\89794.exe c:\users\Cyril\AppData\Roaming\drivers\downld\89934.exe c:\users\Cyril\AppData\Roaming\drivers\downld\90199.exe c:\users\Cyril\AppData\Roaming\drivers\downld\91198.exe c:\users\Cyril\AppData\Roaming\drivers\downld\91338.exe c:\users\Cyril\AppData\Roaming\drivers\downld\91806.exe c:\users\Cyril\AppData\Roaming\drivers\downld\91884.exe c:\users\Cyril\AppData\Roaming\drivers\downld\92492.exe c:\users\Cyril\AppData\Roaming\drivers\downld\92789.exe c:\users\Cyril\AppData\Roaming\drivers\downld\93506.exe c:\users\Cyril\AppData\Roaming\drivers\downld\94115.exe c:\users\Cyril\AppData\Roaming\drivers\downld\94645.exe c:\users\Cyril\AppData\Roaming\drivers\downld\97219.exe c:\users\Cyril\AppData\Roaming\drivers\downld\97609.exe c:\users\Cyril\AppData\Roaming\drivers\downld\97906.exe c:\users\Cyril\AppData\Roaming\drivers\downld\97999.exe c:\users\Cyril\AppData\Roaming\drivers\downld\98701.exe c:\users\Cyril\AppData\Roaming\drivers\downld\99497.exe c:\users\Cyril\AppData\Roaming\drivers\downld\99528.exe c:\users\Cyril\AppData\Roaming\drivers\srosa2.sys c:\users\Cyril\AppData\Roaming\drivers\wfsintwq.sys c:\users\Cyril\AppData\Roaming\drivers\winupgro.exe c:\users\Cyril\AppData\Roaming\m c:\users\Cyril\AppData\Roaming\m\data.oct c:\users\Cyril\AppData\Roaming\m\flec006.exe c:\users\Cyril\AppData\Roaming\m\list.oct c:\users\Cyril\AppData\Roaming\m\shared\2Easy Mp3 Search 1.0 [Crack].zip c:\users\Cyril\AppData\Roaming\m\shared\Brooke Shields 1.0.zip c:\users\Cyril\AppData\Roaming\m\shared\CitiesDailyPhoto 1.3a.zip c:\users\Cyril\AppData\Roaming\m\shared\Customer Invoice Template 1.0 [Key].zip c:\users\Cyril\AppData\Roaming\m\shared\DriverBackup! 1.0.3.zip c:\users\Cyril\AppData\Roaming\m\shared\DVD To WMA Ripper 1.00.zip c:\users\Cyril\AppData\Roaming\m\shared\Easy Karaoke Player 3.0.zip c:\users\Cyril\AppData\Roaming\m\shared\Effective Site Studio 6.zip c:\users\Cyril\AppData\Roaming\m\shared\Europa Universalis II 1.01 patch.zip c:\users\Cyril\AppData\Roaming\m\shared\FotoTagger 2.13.zip c:\users\Cyril\AppData\Roaming\m\shared\FotoTime FotoAlbum Pro 5.3.1.4 Cracked.zip c:\users\Cyril\AppData\Roaming\m\shared\Ghost 1.0.zip c:\users\Cyril\AppData\Roaming\m\shared\Ghost in the Shell 2 Innocence Screensaver.zip c:\users\Cyril\AppData\Roaming\m\shared\Historic Magic Posters Screensaver 1.0 (Key).zip c:\users\Cyril\AppData\Roaming\m\shared\InfoBlaster IN4 1.0.0.1 (With Crack).zip c:\users\Cyril\AppData\Roaming\m\shared\LockTheMatrix 4.0.zip c:\users\Cyril\AppData\Roaming\m\shared\MyNetProtector Pop Up Stopper 1.0 With Crack.zip c:\users\Cyril\AppData\Roaming\m\shared\PictureRSS Gadget 1.2.zip c:\users\Cyril\AppData\Roaming\m\shared\pyiTctrl 0.0.1.zip c:\users\Cyril\AppData\Roaming\m\shared\QuickCheck (English) 2.6.zip c:\users\Cyril\AppData\Roaming\m\shared\ScreenGrasp 1.1.zip c:\users\Cyril\AppData\Roaming\m\shared\SoccerWinners Connections 1.zip c:\users\Cyril\AppData\Roaming\m\shared\Sonicbytes Gat'R 1.1.zip c:\users\Cyril\AppData\Roaming\m\shared\TAL Bar Code ActiveX Control (Key).zip c:\users\Cyril\AppData\Roaming\m\shared\TeleKast 1.0.0.14 Alpha.zip c:\users\Cyril\AppData\Roaming\m\shared\The Moon Screensaver 1.0.zip c:\users\Cyril\AppData\Roaming\m\shared\VersyPDF.Delphi 2.1 Crack.zip c:\users\Cyril\AppData\Roaming\m\shared\WebSpeed Simulator 3.0.6030 (Key+Serial).zip c:\users\Cyril\AppData\Roaming\m\shared\World Languages Lab 4.1.zip c:\users\Cyril\AppData\Roaming\m\shared\XP CRYPT Itanium SQL 4.3.0 (With Crack).zip c:\users\Cyril\AppData\Roaming\m\srvlist.oct c:\windows\system32\ban_list.txt c:\windows\system32\mdelk.exe c:\windows\system32\wintems.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SROSA -------\Legacy_SROSA -------\Legacy_SK9OU0S -------\Service_sK9Ou0s ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-09 au 2009-05-09 )))))))))))))))))))))))))))))))))))) . 2009-05-09 07:48 . 2009-05-09 07:48 -------- d-----w C:\cyrilix 2009-05-08 19:55 . 2009-05-08 19:55 -------- d-----w c:\programdata\WindowsSearch 2009-05-08 19:55 . 2009-05-08 19:55 -------- d-----w c:\users\All Users\WindowsSearch 2009-05-08 18:09 . 2009-05-08 18:34 -------- d-----w c:\program files\trend micro 2009-05-08 18:09 . 2009-05-08 18:15 -------- d-----w C:\rsit 2009-05-08 12:37 . 2009-05-08 12:37 -------- d-----w c:\program files\CCleaner 2009-05-08 12:06 . 2009-05-08 12:06 -------- d-----w c:\users\Cyril\AppData\Roaming\Lavasoft 2009-05-08 11:20 . 2009-05-09 07:59 -------- d--h--w c:\users\Cyril\AppData\Roaming\drivers 2009-04-21 13:05 . 2009-05-09 08:00 -------- d-----w c:\program files\DAEMON Tools Lite 2009-04-20 09:47 . 2009-04-20 09:47 -------- d-----w c:\users\Cyril\AppData\Roaming\DAEMON Tools Pro 2009-04-20 09:47 . 2009-04-20 09:47 -------- d-----w c:\programdata\DAEMON Tools Lite 2009-04-20 09:47 . 2009-04-20 09:47 -------- d-----w c:\users\All Users\DAEMON Tools Lite 2009-04-20 09:46 . 2009-04-20 09:47 -------- d-----w c:\users\Cyril\AppData\Roaming\DAEMON Tools Lite 2009-04-19 17:53 . 2006-08-01 09:31 3600384 ----a-w c:\windows\ffmpeg.exe 2009-04-19 17:53 . 2007-09-10 06:50 457984 ----a-w c:\windows\system32\drivers\PAC7302.SYS 2009-04-19 17:53 . 2008-02-27 13:27 98432 ----a-w c:\windows\system32\drivers\camfilt2.sys 2009-04-19 17:53 . 2009-04-19 17:53 -------- d-----w c:\program files\Hercules 2009-04-19 17:53 . 2009-04-19 17:53 -------- d-----w c:\windows\system32\HWC HD . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-08 20:25 . 2006-11-02 15:48 669328 ----a-w c:\windows\system32\perfh00C.dat 2009-05-08 20:25 . 2006-11-02 15:48 123350 ----a-w c:\windows\system32\perfc00C.dat 2009-05-08 18:48 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-29 08:39 . 2008-07-17 09:54 101856 ----a-w c:\users\Cyril\AppData\Local\GDIPFONTCACHEV1.DAT 2009-04-29 08:06 . 2007-07-10 13:17 -------- d-----w c:\program files\Microsoft Works 2009-04-20 22:59 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-04-20 22:52 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat 2009-04-19 17:54 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstrng.dat 2009-04-19 17:54 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat 2009-03-24 20:42 . 2008-07-19 10:02 -------- d-----w c:\program files\Java 2009-03-22 10:40 . 2008-07-17 12:14 -------- d-----w c:\program files\Mozilla Thunderbird 2009-03-17 15:29 . 2008-07-19 19:56 -------- d-----w c:\programdata\ma-config.com 2009-03-17 15:29 . 2008-07-19 19:56 -------- d-----w c:\program files\ma-config.com 2009-03-17 03:38 . 2009-04-20 08:45 13824 ----a-w c:\windows\system32\apilogen.dll 2009-03-17 03:38 . 2009-04-20 08:45 24064 ----a-w c:\windows\system32\amxread.dll 2009-03-12 20:40 . 2008-07-18 08:44 716 ----a-w c:\users\Cyril\AppData\Roaming\wklnhst.dat 2009-03-09 04:19 . 2008-12-09 15:04 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 11:34 . 2009-04-29 08:03 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 11:34 . 2009-04-29 08:03 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 11:33 . 2009-04-29 08:03 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 11:33 . 2009-04-29 08:03 109056 ----a-w c:\windows\system32\iesysprep.dll 2009-03-08 11:33 . 2009-04-29 08:03 109568 ----a-w c:\windows\system32\PDMSetup.exe 2009-03-08 11:33 . 2009-04-29 08:03 132608 ----a-w c:\windows\system32\ieUnatt.exe 2009-03-08 11:33 . 2009-04-29 08:03 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe 2009-03-08 11:33 . 2009-04-29 08:03 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe 2009-03-08 11:33 . 2009-04-29 08:03 103936 ----a-w c:\windows\system32\SetDepNx.exe 2009-03-08 11:33 . 2009-04-29 08:03 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 11:32 . 2009-04-29 08:03 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 11:32 . 2009-04-29 08:03 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 11:32 . 2009-04-29 08:03 66560 ----a-w c:\windows\system32\wextract.exe 2009-03-08 11:32 . 2009-04-29 08:03 169472 ----a-w c:\windows\system32\iexpress.exe 2009-03-08 11:31 . 2009-04-29 08:03 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 11:31 . 2009-04-29 08:03 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 11:31 . 2009-04-29 08:03 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 11:22 . 2009-04-29 08:03 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-03 04:46 . 2009-04-20 08:45 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-03-03 04:46 . 2009-04-20 08:45 3547632 ----a-w c:\windows\system32\ntoskrnl.exe 2009-03-03 04:39 . 2009-04-20 08:45 183296 ----a-w c:\windows\system32\sdohlp.dll 2009-03-03 04:39 . 2009-04-20 08:45 551424 ----a-w c:\windows\system32\rpcss.dll 2009-03-03 04:39 . 2009-04-20 08:45 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll 2009-03-03 04:37 . 2009-04-20 08:45 98304 ----a-w c:\windows\system32\iasrecst.dll 2009-03-03 04:37 . 2009-04-20 08:45 54784 ----a-w c:\windows\system32\iasads.dll 2009-03-03 04:37 . 2009-04-20 08:45 44032 ----a-w c:\windows\system32\iasdatastore.dll 2009-03-03 03:04 . 2009-04-20 08:45 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe 2009-03-03 02:38 . 2009-04-20 08:45 17408 ----a-w c:\windows\system32\iashost.exe 2009-02-13 08:49 . 2009-04-20 08:45 72704 ----a-w c:\windows\system32\secur32.dll 2009-02-13 08:49 . 2009-04-20 08:45 1255936 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 03:10 . 2009-03-12 09:20 2033152 ----a-w c:\windows\system32\win32k.sys 2008-07-19 19:38 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2007-12-10 19:24 . 2007-12-10 19:24 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-19 2153472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-05-08 81000] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-10 535336] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2684771895-3763166589-4040009352-1000] "EnableNotificationsRef"=dword:00000004 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{3815E209-4DF2-4CF0-964F-63927FBFE08A}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0C32ACE3-DA1F-469C-8D0C-C4C84671DB56}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{D1FF41DB-15E9-48CF-9A69-B0199CF49FC0}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{AB9C13F7-3821-4F1C-B932-DBC6DFD90792}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{E19B0516-2539-49D0-881D-0FBB7A04F587}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{3F7F745C-EE8A-42BF-95CE-F704AB7953B8}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{D52535F0-C15F-4ECD-B05E-833E6A1E6A48}"= Disabled:UDP:c:\users\Cyril\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{8C154A48-CA17-4827-A331-017F5BE15EC5}"= Disabled:TCP:c:\users\Cyril\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{EB8FE6BE-936B-45A8-9906-25894624F644}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{2F7C2CE9-B941-4E33-88C9-708087A360C9}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [17/07/2008 23:52 51792] R3 camfilt2;camfilt2;c:\windows\System32\drivers\camfilt2.sys [19/04/2009 19:53 98432] R3 PAC7302;Hercules Classic Link;c:\windows\System32\drivers\PAC7302.SYS [19/04/2009 19:53 457984] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [18/03/2009 10:51 48128] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 10:34 216232] S3 SiS6350;SiS6350;c:\windows\System32\drivers\SISGRKMD.sys [10/07/2007 23:29 454520] --- Autres Services/Pilotes en mémoire --- *Deregistered* - sptd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13f6dee2-6a4b-11dd-8020-001c2557e85b}] \shell\AutoRun\command - K:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24f54c59-b37c-11dc-8d4f-806e6f6e6963}] \shell\AutoRun\command - J:\o1.com \shell\explore\Command - J:\o1.com \shell\open\Command - J:\o1.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77ef50c6-2e5a-11de-9d95-001c2557e85b}] \shell\AutoRun\command - K:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86a55ce9-728a-11dd-a09f-001c2557e85b}] \shell\AutoRun\command - L:\SETUP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.daemon-search.com/startpage uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://fr.fr.acer.yahoo.com uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Cyril\AppData\Roaming\Mozilla\Firefox\Profiles\e3r8f633.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-09 10:03 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-2684771895-3763166589-4040009352-1000\*& à**H* à** *z*à**ø*o*à**e*p*o*s*i*t*i*o*n*\resvars] "HLISTOFFSET"="284.000000" . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\audiodg.exe c:\windows\System32\conime.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\System32\WUDFHost.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\windows\System32\rundll32.exe c:\windows\ehome\ehmsas.exe c:\windows\System32\wbem\unsecapp.exe c:\windows\System32\rundll32.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2009-05-09 10:05 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-09 08:05 Avant-CF: 125 643 034 624 octets libres Après-CF: 125 258 354 688 octets libres 774 --- E O F --- 2009-05-08 08:56

Bonjour Gof Merci encore de ton soutien. J'ai galéré un peu, car j'ai eu une demande d'upload pour combo, j'ai fait ok et cela n'a plus fonctionné, enfin bref avec un peu de patience et en suivant les consignes, j'ai obtenu un log.txt je te le passe à la suite ??? ________________________________________________________________________________ _

J'ai réussi a telecharger le lien 1 en ayant changé au préalable le nom et je l'ai dirigé sur le bureau. J'ai ouvert en tant qu'administrateur, mais je reçois un message d'avertissement "Combofix a detecte qu'un scanner en temps réel était actif, à priori avast il me demande de désactiver avast, il pourrait y avoir des dégâts, je ne peux pas acceder à avast, que dois je faire Merci de ton aide

Excuse Moi, mais j'ai du mal à comprendre? à quel moment je dois changer son nom et l'enregistrer sur le bureau ? Le téléchargement se fait automatiquement quand je clique sur un des liens. De plus le lien 1 donne effectivement le logiciel combofix, mais il ne s'ouvre pas ? Désolé je ne suis pas trés doué

il a fallu que je m'y reprenne à 3 fois pour utiliser RSIT.exe pour obtenir un rapport log.txt par contre pas de info.txt Merci ________________________________________________________________________________ _____________________ Logfile of random's system information tool 1.06 (written by random/random) Run by Cyril at 2009-05-08 20:19:55 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 113 GB (76%) free of 148 GB Total RAM: 3071 MB (69% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:20:03, on 08/05/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Cyril\Desktop\RSIT.exe C:\Program Files\trend micro\Cyril.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- End of file - 5395 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-20 4493312] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-05-08 81000] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-06 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-06 8530464] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-06 81920] "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2005-10-24 868352] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2005-10-24 868352] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "EnableLUA"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13f6dee2-6a4b-11dd-8020-001c2557e85b}] shell\AutoRun\command - K:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24f54c59-b37c-11dc-8d4f-806e6f6e6963}] shell\AutoRun\command - J:\o1.com shell\explore\command - J:\o1.com shell\open\command - J:\o1.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77ef50c6-2e5a-11de-9d95-001c2557e85b}] shell\AutoRun\command - K:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86a55ce9-728a-11dd-a09f-001c2557e85b}] shell\AutoRun\command - L:\SETUP.EXE ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-05-08 20:09:23 ----D---- C:\rsit 2009-05-08 20:09:23 ----D---- C:\Program Files\trend micro 2009-05-08 20:03:41 ----A---- C:\Windows\system32\ban_list.txt 2009-05-08 19:06:07 ----A---- C:\Windows\NeroDigital.ini 2009-05-08 17:17:26 ----A---- C:\Windows\ntbtlog.txt 2009-05-08 16:55:44 ----D---- C:\Muestras 2009-05-08 16:55:44 ----A---- C:\InfoSat.txt 2009-05-08 14:37:35 ----D---- C:\Program Files\CCleaner 2009-05-08 14:06:38 ----D---- C:\Users\Cyril\AppData\Roaming\Lavasoft 2009-05-08 14:06:29 ----D---- C:\Program Files\Lavasoft 2009-05-08 13:29:53 ----HD---- C:\Users\Cyril\AppData\Roaming\m 2009-05-08 13:20:30 ----HD---- C:\Users\Cyril\AppData\Roaming\drivers 2009-04-29 10:03:07 ----A---- C:\Windows\system32\mshtmled.dll 2009-04-29 10:03:07 ----A---- C:\Windows\system32\ieui.dll 2009-04-29 10:03:07 ----A---- C:\Windows\system32\icardie.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\msls31.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\mshtmler.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\jsproxy.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\imgutil.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\iernonce.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\ieakeng.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\dxtrans.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\dxtmsft.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\corpol.dll 2009-04-29 10:03:06 ----A---- C:\Windows\system32\admparse.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\occache.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\msrating.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\msfeedsbs.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\licmgr10.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\inseng.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\iepeers.dll 2009-04-29 10:03:05 ----A---- C:\Windows\system32\ieaksie.dll 2009-04-29 10:03:04 ----A---- C:\Windows\system32\WinFXDocObj.exe 2009-04-29 10:03:04 ----A---- C:\Windows\system32\wextract.exe 2009-04-29 10:03:04 ----A---- C:\Windows\system32\webcheck.dll 2009-04-29 10:03:04 ----A---- C:\Windows\system32\mstime.dll 2009-04-29 10:03:04 ----A---- C:\Windows\system32\msfeedssync.exe 2009-04-29 10:03:04 ----A---- C:\Windows\system32\msfeeds.dll 2009-04-29 10:03:04 ----A---- C:\Windows\system32\iesetup.dll 2009-04-29 10:03:04 ----A---- C:\Windows\system32\ieakui.dll 2009-04-29 10:03:03 ----A---- C:\Windows\system32\vbscript.dll 2009-04-29 10:03:03 ----A---- C:\Windows\system32\url.dll 2009-04-29 10:03:03 ----A---- C:\Windows\system32\pngfilt.dll 2009-04-29 10:03:03 ----A---- C:\Windows\system32\jscript.dll 2009-04-29 10:03:03 ----A---- C:\Windows\system32\ieapfltr.dll 2009-04-29 10:03:03 ----A---- C:\Windows\system32\advpack.dll 2009-04-29 10:03:02 ----A---- C:\Windows\system32\iedkcs32.dll 2009-04-29 10:03:01 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\SetDepNx.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\PDMSetup.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\mshta.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\iexpress.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\ieUnatt.exe 2009-04-29 10:03:01 ----A---- C:\Windows\system32\iesysprep.dll 2009-04-29 10:03:01 ----A---- C:\Windows\system32\iertutil.dll 2009-04-29 10:03:01 ----A---- C:\Windows\system32\ie4uinit.exe 2009-04-29 10:03:00 ----A---- C:\Windows\system32\wininet.dll 2009-04-29 10:03:00 ----A---- C:\Windows\system32\urlmon.dll 2009-04-29 10:02:59 ----A---- C:\Windows\system32\ieframe.dll 2009-04-29 10:02:58 ----A---- C:\Windows\system32\mshtml.dll 2009-04-21 15:05:10 ----D---- C:\Program Files\DAEMON Tools Lite 2009-04-20 11:47:36 ----D---- C:\Users\Cyril\AppData\Roaming\DAEMON Tools Pro 2009-04-20 11:47:31 ----D---- C:\ProgramData\DAEMON Tools Lite 2009-04-20 11:46:54 ----D---- C:\Users\Cyril\AppData\Roaming\DAEMON Tools Lite 2009-04-20 10:45:50 ----A---- C:\Windows\system32\rpcss.dll 2009-04-20 10:45:49 ----A---- C:\Windows\system32\ntoskrnl.exe 2009-04-20 10:45:49 ----A---- C:\Windows\system32\ntkrnlpa.exe 2009-04-20 10:45:47 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2009-04-20 10:45:47 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2009-04-20 10:45:46 ----A---- C:\Windows\system32\sdohlp.dll 2009-04-20 10:45:46 ----A---- C:\Windows\system32\iasrecst.dll 2009-04-20 10:45:46 ----A---- C:\Windows\system32\iashost.exe 2009-04-20 10:45:46 ----A---- C:\Windows\system32\iasdatastore.dll 2009-04-20 10:45:46 ----A---- C:\Windows\system32\iasads.dll 2009-04-20 10:45:44 ----A---- C:\Windows\system32\winhttp.dll 2009-04-20 10:45:42 ----A---- C:\Windows\system32\xolehlp.dll 2009-04-20 10:45:42 ----A---- C:\Windows\system32\msdtcprx.dll 2009-04-20 10:45:38 ----A---- C:\Windows\system32\lsasrv.dll 2009-04-20 10:45:37 ----A---- C:\Windows\system32\secur32.dll 2009-04-20 10:45:37 ----A---- C:\Windows\system32\kernel32.dll 2009-04-20 10:45:37 ----A---- C:\Windows\system32\apilogen.dll 2009-04-20 10:45:37 ----A---- C:\Windows\system32\amxread.dll 2009-04-19 19:53:26 ----A---- C:\Windows\ffmpeg.exe 2009-04-19 19:53:24 ----D---- C:\Program Files\Hercules 2009-04-19 19:53:24 ----A---- C:\Windows\system32\SP7302.INI 2009-04-19 19:53:23 ----D---- C:\Windows\system32\HWC HD ======List of files/folders modified in the last 1 months====== 2009-05-09 04:51:58 ----D---- C:\Windows\system32\LogFiles 2009-05-08 20:09:23 ----RD---- C:\Program Files 2009-05-08 20:09:23 ----D---- C:\Windows\Prefetch 2009-05-08 20:03:41 ----D---- C:\Windows\System32 2009-05-08 19:27:38 ----D---- C:\Program Files\Mozilla Firefox 2009-05-08 19:06:53 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-05-08 19:06:52 ----D---- C:\Windows\inf 2009-05-08 19:06:07 ----D---- C:\Windows 2009-05-08 18:53:26 ----HD---- C:\Windows\system32\drivers 2009-05-08 15:02:32 ----D---- C:\Windows\Temp 2009-05-08 14:28:06 ----HD---- C:\ProgramData 2009-05-08 14:20:23 ----SHD---- C:\Windows\Installer 2009-05-08 14:20:23 ----D---- C:\Program Files\Common Files 2009-05-08 10:56:07 ----D---- C:\Windows\winsxs 2009-05-08 10:56:07 ----D---- C:\Program Files\Internet Explorer 2009-05-08 10:55:40 ----D---- C:\Windows\system32\catroot 2009-05-03 20:59:46 ----D---- C:\Windows\system32\WDI 2009-05-02 08:56:31 ----D---- C:\Windows\system32\catroot2 2009-04-29 10:54:12 ----D---- C:\Windows\rescache 2009-04-29 10:36:19 ----D---- C:\Windows\system32\migration 2009-04-29 10:36:19 ----D---- C:\Windows\system32\fr-FR 2009-04-29 10:36:19 ----D---- C:\Windows\system32\en-US 2009-04-29 10:36:19 ----D---- C:\Windows\PolicyDefinitions 2009-04-29 10:08:07 ----D---- C:\ProgramData\Microsoft Help 2009-04-29 10:07:18 ----RSD---- C:\Windows\assembly 2009-04-29 10:06:38 ----RSD---- C:\Windows\Fonts 2009-04-29 10:06:33 ----D---- C:\Program Files\Common Files\microsoft shared 2009-04-29 10:06:18 ----D---- C:\Program Files\Microsoft Works 2009-04-29 10:05:10 ----A---- C:\Windows\win.ini 2009-04-29 10:05:09 ----D---- C:\Program Files\Common Files\System 2009-04-21 15:09:03 ----D---- C:\Windows\LiveKernelReports 2009-04-21 00:59:06 ----D---- C:\Program Files\Windows Mail 2009-04-20 15:57:04 ----D---- C:\Windows\Debug 2009-04-20 14:12:52 ----SD---- C:\ProgramData\Microsoft 2009-04-20 11:47:36 ----D---- C:\Users\Cyril\AppData\Roaming\DAEMON Tools 2009-04-20 11:00:33 ----D---- C:\Windows\system32\wbem 2009-04-20 11:00:33 ----D---- C:\Windows\system32\manifeststore 2009-04-20 11:00:33 ----D---- C:\Windows\AppPatch 2009-04-19 19:54:18 ----D---- C:\Windows\twain_32 2009-04-19 19:53:22 ----HD---- C:\Program Files\InstallShield Installation Information ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R3 camfilt2;camfilt2; C:\Windows\system32\DRIVERS\camfilt2.sys [2008-02-27 98432] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-22 1788056] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-10 6144] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-06 8230496] R3 PAC7302;Hercules Classic Link; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-09-09 48128] R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [] S1 sK9Ou0s;sK9Ou0s; \??\C:\Users\Cyril\AppData\Roaming\drivers\srosa2.sys [2009-05-08 7168] S2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [] S3 amnez4ns;amnez4ns; C:\Windows\system32\drivers\amnez4ns.sys [] S3 amnez4ns;amnez4ns; C:\Windows\system32\drivers\amnez4ns.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-03-15 14336] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-06-05 454520] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 ZSMC301b;Philips SPC315NC Webcam; C:\Windows\System32\Drivers\usbVM31b.sys [] S4 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [] S4 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904] S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-01 136120] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-05-08 18752] S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-05-08 138680] S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-05-08 254040] S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-05-08 352920] -----------------EOF-----------------

Ma femme as utilisé emule pour installer un jeux type buble "machin" chez pas quoi, style tetris et compagnie et elle a cliqué sur le premier venu "puzzle buble mobile" enervé je l'ai supprimé

Merci pour ta réponse, je fais ce que tu me dis et je te recontacte Merci

Bonjour à tous, Il semble que Suite au téléchargement d'un jeux pour pc, l'ouverture du dossier ZIP obtenu a provoqué l'installation d'un virus. Symptôme, Ccleaner s'arrête des l'ouverture, avast ne répond plus, adware pas reconnu, msn ne se met plus en route. deamon tools idem Je ne comprends rien, les forum parlent à priori de vers bagle??? . Je ne suis pas très fort en informatique et plutôt prudent, ma femme a voulu utiliser E mule et voilà c'est la "cata" Comment puis je faire et que dois je faire pour avoir de l'aide Merci de votre réponse

salut, désolé j'ai mis du temps à te répondre, car en fait j'ai remis mon pc en etat en formatant mon system C: Je te passerais un rapport Hijack des que possible. Je sais pas si j'ai bien fait, en tout cas mon pc fonctionne mieux, et il semble que les malware et autres ont disparue. à plus et merci encore de ton aide.

Bonjour, Je te parlais de du Scan Panda, là ou je n'avais pas bien suivi la procédure. J'ai retenté un scan mais rien à faire, "erreur page"??????? En ce qui concerne le scan "house" / Il m'indique des problème et les noms des objets, mais pas d'origine. Si je coche "supprimer", il me donne un message, qui explique que je risque de détruire des fichiers ou dossiers important. Donc comme tu dis que faire??? Voici des rapports de scan que j'ai effectué avec différents logiciels, est ce que tu peux me dire si c'est important, dangereux, peut on les supprimer??? ___________________________________________________________________________ Avast Nom du logiciel Malveillant Win32:Beagle-PJ [Wrm] Type du logiciel malveillant Virus/Ver Version VPS 000723-1, 12/03/2007 Dans C:\System Volume Information\_restore ______________________________________________________________________________ A-Squared Version - a-squared Free 2.5 Réglages Scan: Objets: Mémoire, Traces, Cookies, C:\, D:\, G:\ Scan archives: Marche Heuristiques: Marche Scan ADS: Marche Début du scan: 23/03/2007 10:18:17 c:\windows\system32\mciwndx.ocx Détecter: Trace.File.ISTbar C:\avenger\backup.zip/wintems.exe Détecter: Email-Worm.Win32.Bagle.ii C:\System Volume Information\_restore{37ED0FCD-7DB5-4F95-882B-B7F40D3F9615}\RP646\A0475134.exe Détecter: Email-Worm.Win32.Bagle.ii G:\System Volume Information\_restore{37ED0FCD-7DB5-4F95-882B-B7F40D3F9615}\RP642\A0472688.exe Détecter: Trojan-Downloader.Win32.Bagle.bp Scanné Fichiers: 75950 Traces: 221104 Cookies: 4 Processus: 33 Trouver Fichiers: 3 Traces: 1 Cookies: 0 Processus: 0 Clés de Registre: 0 Fin du Scan: 23/03/2007 10:46:49 Temps du Scan: 00:28:32 ______________________________________________________________________________ Ad-Aware Ad-Aware SE Build 1.06r1 Fichier journal créé le :vendredi 23 mars 2007 10:48:43 Created with Ad-Aware SE Personal, free for private use. Utilisation du fichier de définitions :SE1R162 21.03.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Références détectées lors de l’analyse : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(Index TAC :0):8 Nombre total de références »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Définir : Rechercher les entrées à risque négligeable Définir : Mode sécurisé (tjrs demander confirm.) Définir : Analyser les processus actifs Définir : Scan registry Définir : Analyser en profondeur le registre Définir : Analyser mes favoris IE pour rech. URL interdites Définir : Analyser mon fichier Hosts Extended Ad-Aware SE Settings =========================== Définir : Décharger les modules et les processus reconnus pendant l’analyse Définir : Anal. reg. pr tous utili. et non pr utili. actuel uniqmnt Définir : Toujours essayer de décharger les modules avant la suppression Définir : Lors de la suppression, décharger l’Explorateur et IE si nécessaire Définir : Perm. Win. supp. fich. en cours au proch. démar. Définir : Supprimer les objets en quarantaine après la restauration Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal Définir : Inclure un récapitulatif des références dans le fichier journal Définir : Inclure les détails des données ADS dans le fichier journal Définir : Émettre un son à la fin de l’analyse en cas de détection d'objets critiques 23-03-2007 10:48:43 - L’analyse a démarré. (Analyse complète du système) MRU List Objet reconnu ! Emplacement : : C:\Documents and Settings\Cyril\recent Description : list of recently opened documents MRU List Objet reconnu ! Emplacement : : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Objet reconnu ! Emplacement : : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Objet reconnu ! Emplacement : : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Objet reconnu ! Emplacement : : S-1-5-21-329068152-651377827-682003330-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Objet reconnu ! Emplacement : : S-1-5-21-329068152-651377827-682003330-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Objet reconnu ! Emplacement : : S-1-5-21-329068152-651377827-682003330-1004\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Objet reconnu ! Emplacement : : S-1-5-21-329068152-651377827-682003330-1004\software\microsoft\windows media\wmsdk\general Description : windows media sdk Affichage des processus en cours d'exécution »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 436 ThreadCreationTime : 23-03-2007 07:53:06 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 484 ThreadCreationTime : 23-03-2007 07:53:10 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 508 ThreadCreationTime : 23-03-2007 07:53:11 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 552 ThreadCreationTime : 23-03-2007 07:53:11 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applications Services et Contrôleur InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 564 ThreadCreationTime : 23-03-2007 07:53:12 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 720 ThreadCreationTime : 23-03-2007 07:53:12 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 804 ThreadCreationTime : 23-03-2007 07:53:16 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 872 ThreadCreationTime : 23-03-2007 07:53:16 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 944 ThreadCreationTime : 23-03-2007 07:53:17 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1068 ThreadCreationTime : 23-03-2007 07:53:17 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1152 ThreadCreationTime : 23-03-2007 07:53:17 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1272 ThreadCreationTime : 23-03-2007 07:53:18 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Explorateur Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : EXPLORER.EXE #:13 [a2service.exe] FilePath : c:\program files\a-squared free\ ProcessID : 1372 ThreadCreationTime : 23-03-2007 07:53:18 BasePriority : Normal FileVersion : 2.5.0.79 ProductVersion : 2.5.0.0 ProductName : a-squared CompanyName : Emsi Software GmbH FileDescription : a-squared Service InternalName : a2service LegalCopyright : © 2003-2007 Emsi Software GmbH OriginalFilename : a2service.exe #:14 [aswupdsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1436 ThreadCreationTime : 23-03-2007 07:53:18 BasePriority : Normal #:15 [ashserv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1464 ThreadCreationTime : 23-03-2007 07:53:18 BasePriority : Normal FileVersion : 4, 7, 936, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus FileDescription : avast! antivirus service InternalName : aswServ LegalCopyright : Copyright © 2007 ALWIL Software OriginalFilename : aswServ.exe #:16 [guard.exe] FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\ ProcessID : 1512 ThreadCreationTime : 23-03-2007 07:53:19 BasePriority : Normal FileVersion : 7, 5, 0, 47 ProductVersion : 7, 5, 0, 47 ProductName : AVG Anti-Spyware CompanyName : Anti-Malware Development a.s. FileDescription : AVG Anti-Spyware guard InternalName : AVG Anti-Spyware guard LegalCopyright : Copyright © 2006 Anti-Malware Development a.s. OriginalFilename : guard.exe #:17 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1768 ThreadCreationTime : 23-03-2007 07:53:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:18 [mouseelf.exe] FilePath : C:\PROGRA~1\GENIUS~2\ ProcessID : 160 ThreadCreationTime : 23-03-2007 07:53:31 BasePriority : Normal FileVersion : 1.02.00 ProductVersion : 1.02.00 ProductName : Wireless TwinTouch+ CompanyName : Genius FileDescription : Wireless TwinTouch+ InternalName : mouseelf LegalCopyright : Copyright © KYE Systems Corp. 1998-2002 LegalTrademarks : Genius OriginalFilename : mouseelf.exe #:19 [atiptaxx.exe] FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\ ProcessID : 172 ThreadCreationTime : 23-03-2007 07:53:31 BasePriority : Normal FileVersion : 6.14.10.5145 ProductVersion : 6.14.10.5145 ProductName : ATI Desktop Component CompanyName : ATI Technologies, Inc. FileDescription : ATI Desktop Control Panel InternalName : Atiptaxx.exe LegalCopyright : Copyright © 1998-2005 ATI Technologies Inc. OriginalFilename : Atiptaxx.exe #:20 [cfd.exe] FilePath : C:\Program Files\BroadJump\Client Foundation\ ProcessID : 208 ThreadCreationTime : 23-03-2007 07:53:32 BasePriority : Normal #:21 [vm_sti.exe] FilePath : C:\WINDOWS\ ProcessID : 332 ThreadCreationTime : 23-03-2007 07:53:33 BasePriority : Normal FileVersion : 4, 2, 610, 4 ProductVersion : 4, 2, 610, 4 ProductName : BIGDOG CompanyName : BIGDOG FileDescription : BIGDOG InternalName : BIGDOG LegalCopyright : Copyright 2002 LegalTrademarks : BIGDOG OriginalFilename : BigDog.exe Comments : For Windows XP only #:22 [mixer.exe] FilePath : C:\WINDOWS\ ProcessID : 348 ThreadCreationTime : 23-03-2007 07:53:33 BasePriority : Normal FileVersion : 1.58 ProductVersion : 1.58 ProductName : Mixer CompanyName : C-Media Electronic Inc. (www.cmedia.com.tw) FileDescription : Mixer InternalName : Mixer LegalCopyright : Copyright © 1997-2002 LegalTrademarks : NONE OriginalFilename : Mixer.EXE Comments : Feng Min-Chih (min_chih@cmedia.com.tw) #:23 [ashdisp.exe] FilePath : C:\PROGRA~1\ALWILS~1\Avast4\ ProcessID : 356 ThreadCreationTime : 23-03-2007 07:53:34 BasePriority : Normal FileVersion : 4, 7, 936, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus FileDescription : avast! service GUI component InternalName : aswDisp LegalCopyright : Copyright © 2007 ALWIL Software OriginalFilename : aswDisp.exe #:24 [jusched.exe] FilePath : C:\Program Files\Java\jre1.5.0_11\bin\ ProcessID : 364 ThreadCreationTime : 23-03-2007 07:53:34 BasePriority : Normal #:25 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 400 ThreadCreationTime : 23-03-2007 07:53:36 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:26 [nmbgmonitor.exe] FilePath : C:\Program Files\Fichiers communs\Ahead\lib\ ProcessID : 432 ThreadCreationTime : 23-03-2007 07:53:37 BasePriority : Normal #:27 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2172 ThreadCreationTime : 23-03-2007 07:53:49 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:28 [usnsvc.exe] FilePath : C:\Program Files\MSN Messenger\ ProcessID : 2720 ThreadCreationTime : 23-03-2007 07:54:09 BasePriority : Normal FileVersion : 8.1.0178.00 ProductVersion : 8.1.0178 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger Sharing USN Journal Reader Service InternalName : usnsvc.exe LegalCopyright : Copyright © Microsoft Corporation. All rights reserved. OriginalFilename : usnsvc.exe #:29 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 3096 ThreadCreationTime : 23-03-2007 08:11:18 BasePriority : Normal FileVersion : 7.00.6000.16414 (vista_gdr.070108-1520) ProductVersion : 7.00.6000.16414 ProductName : Windows® Internet Explorer CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE.EXE #:30 [acrord32.exe] FilePath : C:\Program Files\Adobe\Acrobat 6.0\Reader\ ProcessID : 3512 ThreadCreationTime : 23-03-2007 08:42:19 BasePriority : Normal FileVersion : 6.0.1.2003110300 ProductVersion : 6.0.1.2003110300 ProductName : Adobe Reader CompanyName : Adobe Systems Incorporated FileDescription : Adobe Reader 6.0 LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved. OriginalFilename : AcroRd32.exe #:31 [wisptis.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3556 ThreadCreationTime : 23-03-2007 08:42:21 BasePriority : High FileVersion : 1.0.2201.0 (xpsp1.020820-1800) ProductVersion : 1.0.2201.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Microsoft Tablet PC Platform Component InternalName : WISPTIS.EXE LegalCopyright : Copyright © 1998-2002 Microsoft Corporation. OriginalFilename : WISPTIS.EXE #:32 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3340 ThreadCreationTime : 23-03-2007 09:48:26 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Résultat de l’analyse de la mémoire : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse du registre démarrée »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat de l’analyse du registre : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse approfondie du registre démarrée »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat de l’analyse approfondie du registre : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse des cookies de suivi lancée »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat de l’analyse des cookies de suivi : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse et examen approfondis des fichiers (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat de l’analyse du disque pour C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse et examen approfondis des fichiers (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat de l’analyse du disque pour D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse et examen approfondis des fichiers (G:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat de l’analyse du disque pour G:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 Analyse du fichier Hosts…... Emplacement du fichier Hosts :"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat d’analyse du fichier Hosts : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entrées analysées. Nouv. obj. critiques :0 Objets détectés jusqu'à présent : 8 Analyses conditionnelles en cours... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Résultat d’analyse conditionnelle : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Nouv. obj. critiques : 0 Objets détectés jusqu'à présent : 8 10:55:04 Analyse terminée Récap. de cette anal. »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Durée tot. analyse :00:06:20.766 Objets analysés :147466 Objets identifiés :0 Objets ignorés :0 Nouv. obj. critiques :0 _____________________________________________________________________________________ Merci encore pour ton aide et j'espère que tu pourras encore me soutenir sur la suite