yoda93

Le zip fait 1.84 Mo

Voici le rapport Combofix à la suite de la manip demandée. ComboFix 08-12-07.04 - GACHOD Sylvain 2008-12-09 10:12:27.6 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.426 [GMT 1:00] Lancé depuis: c:\documents and settings\GACHOD Sylvain\Bureau\TRALALA.exe Commutateurs utilisés :: c:\documents and settings\GACHOD Sylvain\Bureau\CFScript.txt * Un nouveau point de restauration a été créé FILE :: c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa.sys c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa2.sys . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\100750.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\101046.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\101515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\102187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\102500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\104234.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\107203.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\107531.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\108296.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\109625.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\110968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\111578.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\112140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\113171.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\121140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\121859.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\121968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\122562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123062.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123359.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123421.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123640.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\124078.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\124390.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\124703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\125125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\125703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\126265.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\126343.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\126640.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\127000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\128000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\137968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\138328.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\139187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\139843.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\139953.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\140093.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\140140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\140656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\141640.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\142046.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14968125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14970765.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14971656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14972453.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14973125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14973359.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14973890.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14975125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14975531.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15002703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15004671.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15004921.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15416796.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15440765.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15443109.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15443968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15524406.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15525562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15526046.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15562593.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15616015.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15616562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15616578.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15694046.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15695531.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15696250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15697156.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15698437.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15699187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15700937.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15701656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15701843.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15716187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15716718.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15716921.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15717109.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15718625.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15719609.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15720703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15721453.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15722140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15737750.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15738250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15738687.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15765359.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15766515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15766781.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\159500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\161093.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\161500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\161812.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\162171.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\163109.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\163250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\163718.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\164328.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\164625.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\169234.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\169859.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\169937.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\183734.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\185250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\186125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\187203.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\188062.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\188640.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\191140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\191921.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\192031.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\198031.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\198687.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\198718.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\205734.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\206234.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\206703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\207109.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\208546.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\209187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\210187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\211062.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\211515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\212015.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\213656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\214171.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\215203.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\216140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\216703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\225671.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\226218.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\226421.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\227078.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\227781.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\228296.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\231093.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\231578.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\231875.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\238562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\239515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\240000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\240656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\241656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\242359.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\242796.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\257546.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\257906.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\258203.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\266593.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\267953.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\268296.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\268859.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\270875.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\271406.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\272140.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\273000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\273312.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\289421.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\290671.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\291015.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30174781.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30182687.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30184859.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30185640.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30186484.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30247671.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30291500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30291968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30292250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30310468.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30354062.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30354265.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30354328.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30368484.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30369609.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30370406.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30371546.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30372703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30373515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30389843.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30390437.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30390875.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30398375.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30456921.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30457921.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30458437.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31006125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31008500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31009718.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31010515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31027421.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31027875.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31028281.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31028718.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31029000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\336843.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\337484.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\337562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35158265.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35158406.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35158500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35172156.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35174187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35175093.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35176562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35177640.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35178281.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35193312.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35193718.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35194093.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\353234.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\355250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\356078.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\357187.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\358515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\359125.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\373703.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\374062.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\374468.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44866250.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44878031.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44879796.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44880343.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44880968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44881328.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44881484.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44881906.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44882656.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44883156.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44963328.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45009453.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45009484.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45009500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45084671.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45085562.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45086015.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45086843.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45087781.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45088578.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45104156.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45105265.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45105578.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45112421.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45153812.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45154171.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45154437.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48000843.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48002343.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48003234.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48004281.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48005328.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48005781.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48006500.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48008750.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48009218.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\645906.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\646828.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\647078.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\660984.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\662468.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\663312.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\664531.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\665671.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\666234.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\682375.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\682968.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\683515.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\97000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\99000.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\99343.exe c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\99984.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-09 au 2008-12-09 )))))))))))))))))))))))))))))))))))) . 2008-12-08 10:27 . 2008-12-08 10:27 <REP> d-------- c:\program files\Panda Security 2008-12-07 23:38 . 2008-12-07 23:37 21,272,617 --a------ c:\windows\LPT$VPN.693 2008-12-07 23:37 . 2008-12-07 23:37 21,272,617 --a------ c:\windows\VPTNFILE.693 2008-12-07 23:36 . 2008-12-07 23:37 <REP> d-------- c:\windows\AU_Temp 2008-12-07 22:50 . 2008-12-07 22:52 <REP> d-------- c:\program files\Yahoo! 2008-12-07 22:33 . 2008-12-09 10:13 <REP> d--h----- c:\documents and settings\GACHOD Sylvain\Application Data\drivers 2008-12-05 17:01 . 2008-12-05 17:01 <REP> d-------- C:\Navigation 2008-12-05 16:54 . 2008-12-05 16:59 <REP> d-------- c:\program files\DestinatorApps 2008-11-15 20:28 . 2001-08-28 13:00 499,200 --a------ c:\windows\system32\gpedit.dll 2008-11-15 20:28 . 2002-08-29 10:44 284,160 --a------ c:\windows\system32\appmgr.dll 2008-11-15 20:28 . 2002-08-29 10:44 185,856 --a------ c:\windows\system32\gptext.dll 2008-11-15 20:28 . 2002-08-29 10:44 165,376 --a------ c:\windows\system32\appmgmts.dll 2008-11-15 20:28 . 2001-08-28 13:00 119,296 --a------ c:\windows\system32\fde.dll 2008-11-15 20:28 . 2002-08-29 10:44 70,144 --a------ c:\windows\system32\fdeploy.dll 2008-11-15 20:28 . 2001-08-28 13:00 34,352 --a------ c:\windows\system32\gpedit.msc 2008-11-12 09:10 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-12 09:08 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-09 06:11 --------- d-----w c:\program files\Microsoft ActiveSync 2008-12-07 22:37 91,744 ----a-w c:\windows\BPMNT.dll 2008-12-07 22:37 71,749 ----a-w c:\windows\hcextoutput.dll 2008-12-07 22:37 345,157 ----a-w c:\windows\tsc.exe 2008-12-07 22:37 1,213,784 ----a-w c:\windows\vsapi32.dll 2008-12-07 22:11 --------- d-----w c:\program files\DEFENSE PC 2008-12-05 15:49 --------- d-----w c:\program files\Ahead 2008-11-30 19:04 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-28 20:33 73,216 ----a-w c:\windows\ST6UNST.EXE 2008-11-28 20:33 249,856 ------w c:\windows\Setup1.exe 2008-11-22 02:05 3,532 ----a-w C:\drmHeader.bin 2008-11-20 18:01 --------- d-----w c:\documents and settings\GACHOD Sylvain\Application Data\dvdcss 2008-11-10 21:17 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-11-06 06:12 --------- d-----w c:\program files\DivX 2008-11-04 20:04 --------- d-----w c:\program files\Neuf 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll 2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll 2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll 2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll 2008-10-28 17:01 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-10-28 17:01 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-21 16:27 --------- d-----w c:\program files\Microsoft Silverlight 2008-10-19 09:26 --------- d-----w c:\program files\Fichiers communs\PC SOFT 2008-10-19 09:26 --------- d-----w c:\documents and settings\GACHOD Sylvain\Application Data\DDaussy 2008-10-19 09:26 --------- d-----w c:\documents and settings\All Users\Application Data\catalogue recettes cuisine 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-14 15:29 --------- d-----w c:\program files\crypteur documents 2008-10-14 15:28 --------- d-----w c:\program files\Axon Data 2008-10-11 17:11 --------- d-----w c:\documents and settings\GACHOD Sylvain\Application Data\Seven Zip 2008-10-11 17:11 --------- d-----w c:\documents and settings\All Users\Application Data\{02C45027-B817-41FE-A000-2799C43CEF41} 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll 2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll 2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll 2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll 2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe 2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll 2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll 2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll 2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll 2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe 2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll 2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll 2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll 2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll 2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys 2008-09-10 08:59 1,419,232 ----a-w c:\windows\system32\wdfcoinstaller01005.dll 2008-09-10 01:15 1,307,648 ----a-w c:\windows\system32\msxml6.dll 2008-02-01 19:45 47,360 ----a-w c:\documents and settings\GACHOD Sylvain\Application Data\pcouffin.sys 2007-06-07 18:49 8,192 --sha-w c:\program files\Thumbs.db 2007-03-09 16:48 3,202 -c--a-w c:\program files\RRIRJ.DAT 2007-02-01 16:02 1 ----a-w c:\documents and settings\GACHOD Sylvain\SI.bin 2006-12-13 20:32 40,856 ----a-w c:\program files\ffdssetts.reg 2006-12-13 20:32 119 ----a-w c:\program files\satsukidecodersettings.ini 2006-12-13 20:32 1,500 ----a-w c:\program files\ffdsasetts.reg 2005-07-09 06:46 89 -c--a-w c:\program files\rrirj.ini 2003-10-23 16:52 40,960 ----a-w c:\program files\Uninstall_CDS.exe 2001-12-07 11:00 1,585 -c--a-w c:\program files\Lisez-moi.txt 2001-07-31 09:46 766 ----a-w c:\program files\Uninst.ico 1997-07-18 13:53 229,888 ----a-w c:\program files\rrirjw32.exe 1996-01-17 16:14 766 ----a-w c:\program files\rrirj.ico 2005-10-24 09:13 66,560 --sha-r c:\windows\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r c:\windows\x2.64.exe 2007-12-30 12:09 8 --sha-r c:\windows\system32\567574EF83.sys 2005-10-28 16:44 308,224 --sha-w c:\windows\system32\avisynth.dll 2005-07-14 10:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll 2005-06-26 13:32 616,448 --sha-r c:\windows\system32\cygwin1.dll 2005-06-21 20:37 45,568 --sha-r c:\windows\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r c:\windows\system32\i420vfw.dll 2007-12-30 12:09 2,828 --sha-w c:\windows\system32\KGyGaAvL.sys 2005-02-28 11:16 240,128 --sha-r c:\windows\system32\x.264.exe 2004-01-25 17:18 70,656 --sha-w c:\windows\system32\yv12vfw.dll 2008-06-06 13:32 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008060620080607\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RestoreIT!"="c:\program files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" [2004-09-21 114688] "fenaffiche"="c:\program files\FenAffiche\Fenpowernet.exe" [2004-07-23 49152] "QuickTime Task"="c:\program files\quick time\qttask.exe" [2008-05-27 413696] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-25 185632] "VTTimer"="VTTimer.exe" [2005-03-08 c:\windows\system32\VTTimer.exe] "AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "VIDC.MJPG"= pvmjpg21.dll "VIDC.PVW2"= pvwv220.dll "VIDC.PIMJ"= pvljpg20.dll "vidc.i263"= c:\windows\system32\i263_32.drv "vidc.VP40"= vp4vfw.dll "VIDC.X264"= x264vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --a------ 2006-11-03 09:59 204288 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\quick time\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Temp\\CI_HITACHI\\MAJ_Hitachi.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\bitcomet\\BitComet.exe"= "c:\\WINDOWS\\system32\\svchost.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\JEU\\SteamApps\\xxx8575\\counter-strike source\\hl2.exe"= "e:\\JEU\\SteamApps\\xxx8575\\day of defeat\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\counter-strike\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\condition zero\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\condition zero deleted scenes\\hl.exe"= "c:\\Program Files\\HLSW\\hlsw.exe"= "c:\\Program Files\\e-mule\\eMule\\emule.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "e:\\Jeu Trackmania\\trackmania nation\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "e:\\trackmania forever\\TmNationsForever\\TmForever.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4672:UDP"= 4672:UDP:kad_reseau "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "5900:TCP"= 5900:TCP:assistance msn "3389:UDP"= 3389:UDP:assistance à distance "21:UDP"= 21:UDP:club "4672:TCP"= 4672:TCP:mulot "23430:TCP"= 23430:TCP:BitComet 23430 TCP "23430:UDP"= 23430:UDP:BitComet 23430 UDP "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "24192:TCP"= 24192:TCP:BitComet 24192 TCP "24192:UDP"= 24192:UDP:BitComet 24192 UDP "13941:TCP"= 13941:TCP:BitComet 13941 TCP "13941:UDP"= 13941:UDP:BitComet 13941 UDP "26228:TCP"= 26228:TCP:@xpsp2res.dll,-22009 "25204:TCP"= 25204:TCP:@xpsp2res.dll,-22009 R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.sys [2004-11-24 43512] R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2005-01-23 179482] R3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\Drivers\usbVM31b.sys [2008-03-20 91263] S3 actvcomm;actvcomm;c:\windows\system32\drivers\actvcomm.sys [2004-04-28 78848] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-09-10 13352] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2006-12-29 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2006-12-29 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2006-12-29 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2006-12-29 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2006-12-29 83344] S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\DRIVERS\k600bus.sys [2007-09-22 52384] S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\DRIVERS\k600mdfl.sys [2007-09-22 6096] S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\DRIVERS\k600mdm.sys [2007-09-22 87456] S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\DRIVERS\k600mgmt.sys [2007-09-22 79248] S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\DRIVERS\k600obex.sys [2007-09-22 77072] S3 PsSdk31;PsSdk31;\??\c:\windows\system32\Drivers\pssdk31.drv [2008-08-21 30272] S3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.drv [2008-08-21 37440] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\DRIVERS\usb8023.sys [2004-08-05 12800] S3 viafilter;VIA USB Filter;c:\windows\system32\Drivers\viausb1.sys [2007-07-01 9728] S3 vvftav;vvftav;c:\windows\system32\drivers\vvftav.sys [] S3 ZSMC0305;USB PC Camera VC305;c:\windows\system32\Drivers\usbVM305.sys [] . Contenu du dossier 'Tâches planifiées' 2008-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2008-12-05 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\tune up utilities\SystemOptimizer.exe [] 2005-11-19 c:\windows\Tasks\Recherche de virus de McAfee.com - Mon ordinateur (SY4PPNP19-GACHOD Sylvain).job - c:\progra~1\mcafee.com\vso\mcmnhdlr.exe [] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = 127.0.0.1 IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm TCP: {71BF9D82-2AA1-4FDA-B5E0-38CFCED69208} = 194.117.200.10,194.117.200.15 TCP: {D757C7C0-5818-4037-9050-25956FACD407} = 194.117.200.10,194.117.200.15 O16 -: Microsoft XML Parser for Java O16 -: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} - hxxp://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 -: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe O16 -: {27FA5271-12D2-43E3-9424-365A43236EE7} - hxxp://fr.pixaco.com/static/download/iedropupload.cab c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe c:\windows\Downloaded Program Files\live.ini c:\windows\Downloaded Program Files\scanoptions.tsi c:\windows\Downloaded Program Files\lang.ini c:\windows\Downloaded Program Files\ipsupd.dll c:\windows\Downloaded Program Files\bdupd.dll c:\windows\Downloaded Program Files\libfn.dll c:\windows\Downloaded Program Files\bdcore.dll c:\windows\Downloaded Program Files\oscan8.ocx O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab c:\windows\Downloaded Program Files\oscan8.inf O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab c:\windows\Downloaded Program Files\hardwaredetection.inf c:\windows\Downloaded Program Files\fireev.ocx - c:\windows\Downloaded Program Files\fireev.inf O16 -: {D3D0E7BC-170E-11D0-B2D1-00AA00B92B50} hxxp://singles.sfr.fr/dlm/ax/fireev.2.7.0.0.cab c:\windows\Downloaded Program Files\fireev.inf O16 -: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe O16 -: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} - hxxp://motive.club-internet.fr:2112/lwp/static/installers/WebflowActiveXInstaller_4-0-0.cab c:\windows\Downloaded Program Files\WebflowActiveXInstaller.inf FireFox -: Profile - c:\documents and settings\GACHOD Sylvain\Application Data\Mozilla\Firefox\Profiles\yzkz7tna.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-09 10:15:04 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet006\Services\PsSdk31] "ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv" [HKEY_LOCAL_MACHINE\system\ControlSet006\Services\PsSdkLBF] "ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv" . Heure de fin: 2008-12-09 10:16:49 ComboFix-quarantined-files.txt 2008-12-09 09:15:53 ComboFix2.txt 2008-12-09 08:53:57 ComboFix3.txt 2008-12-09 06:27:33 Avant-CF: 48 270 114 816 octets libres Après-CF: 48,246,214,656 octets libres 547 --- E O F --- 2008-11-12 08:17:38 Je te refais un scan Hijackthis et antivir maintenant ?

Voilà les manips sont effectuées et tu trouveras les rapports demandés à la suite. Rapport Combofix : ComboFix 08-12-07.04 - GACHOD Sylvain 2008-12-09 9:45:20.5 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.396 [GMT 1:00] Lancé depuis: c:\documents and settings\GACHOD Sylvain\Bureau\TRALALA.exe Commutateurs utilisés :: c:\documents and settings\GACHOD Sylvain\Bureau\CFScript.txt * Un nouveau point de restauration a été créé FILE :: c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa.sys c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa2.sys c:\documents and settings\GACHOD Sylvain\Bureau\SYLVAIN\generateur de clé.exe c:\windows\system32\Smab.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa.sys c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa2.sys c:\documents and settings\GACHOD Sylvain\Bureau\SYLVAIN\generateur de clé.exe c:\windows\system32\Smab.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FBAPI -------\Legacy_SPAINFODRV -------\Legacy_SRVQXA -------\Service_FBAPI -------\Service_SPAInfoDrv -------\Service_SrvQxa ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-09 au 2008-12-09 )))))))))))))))))))))))))))))))))))) . 2008-12-08 10:27 . 2008-12-08 10:27 <REP> d-------- c:\program files\Panda Security 2008-12-07 23:38 . 2008-12-07 23:37 21,272,617 --a------ c:\windows\LPT$VPN.693 2008-12-07 23:37 . 2008-12-07 23:37 21,272,617 --a------ c:\windows\VPTNFILE.693 2008-12-07 23:36 . 2008-12-07 23:37 <REP> d-------- c:\windows\AU_Temp 2008-12-07 22:50 . 2008-12-07 22:52 <REP> d-------- c:\program files\Yahoo! 2008-12-07 22:33 . 2008-12-09 09:45 <REP> d--h----- c:\documents and settings\GACHOD Sylvain\Application Data\drivers 2008-12-05 17:01 . 2008-12-05 17:01 <REP> d-------- C:\Navigation 2008-12-05 16:54 . 2008-12-05 16:59 <REP> d-------- c:\program files\DestinatorApps 2008-11-15 20:28 . 2001-08-28 13:00 499,200 --a------ c:\windows\system32\gpedit.dll 2008-11-15 20:28 . 2002-08-29 10:44 284,160 --a------ c:\windows\system32\appmgr.dll 2008-11-15 20:28 . 2002-08-29 10:44 185,856 --a------ c:\windows\system32\gptext.dll 2008-11-15 20:28 . 2002-08-29 10:44 165,376 --a------ c:\windows\system32\appmgmts.dll 2008-11-15 20:28 . 2001-08-28 13:00 119,296 --a------ c:\windows\system32\fde.dll 2008-11-15 20:28 . 2002-08-29 10:44 70,144 --a------ c:\windows\system32\fdeploy.dll 2008-11-15 20:28 . 2001-08-28 13:00 34,352 --a------ c:\windows\system32\gpedit.msc 2008-11-12 09:10 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-12 09:08 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-09 06:11 --------- d-----w c:\program files\Microsoft ActiveSync 2008-12-07 22:37 91,744 ----a-w c:\windows\BPMNT.dll 2008-12-07 22:37 71,749 ----a-w c:\windows\hcextoutput.dll 2008-12-07 22:37 345,157 ----a-w c:\windows\tsc.exe 2008-12-07 22:37 1,213,784 ----a-w c:\windows\vsapi32.dll 2008-12-07 22:11 --------- d-----w c:\program files\DEFENSE PC 2008-12-05 15:49 --------- d-----w c:\program files\Ahead 2008-11-30 19:04 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-28 20:33 73,216 ----a-w c:\windows\ST6UNST.EXE 2008-11-28 20:33 249,856 ------w c:\windows\Setup1.exe 2008-11-22 02:05 3,532 ----a-w C:\drmHeader.bin 2008-11-20 18:01 --------- d-----w c:\documents and settings\GACHOD Sylvain\Application Data\dvdcss 2008-11-10 21:17 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-11-06 06:12 --------- d-----w c:\program files\DivX 2008-11-04 20:04 --------- d-----w c:\program files\Neuf 2008-10-28 17:01 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-10-28 17:01 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-21 16:27 --------- d-----w c:\program files\Microsoft Silverlight 2008-10-19 09:26 --------- d-----w c:\program files\Fichiers communs\PC SOFT 2008-10-19 09:26 --------- d-----w c:\documents and settings\GACHOD Sylvain\Application Data\DDaussy 2008-10-19 09:26 --------- d-----w c:\documents and settings\All Users\Application Data\catalogue recettes cuisine 2008-10-14 15:29 --------- d-----w c:\program files\crypteur documents 2008-10-14 15:28 --------- d-----w c:\program files\Axon Data 2008-10-11 17:11 --------- d-----w c:\documents and settings\GACHOD Sylvain\Application Data\Seven Zip 2008-10-11 17:11 --------- d-----w c:\documents and settings\All Users\Application Data\{02C45027-B817-41FE-A000-2799C43CEF41} 2008-02-01 19:45 47,360 ----a-w c:\documents and settings\GACHOD Sylvain\Application Data\pcouffin.sys 2007-06-07 18:49 8,192 --sha-w c:\program files\Thumbs.db 2007-03-09 16:48 3,202 -c--a-w c:\program files\RRIRJ.DAT 2007-02-01 16:02 1 ----a-w c:\documents and settings\GACHOD Sylvain\SI.bin 2006-12-13 20:32 40,856 ----a-w c:\program files\ffdssetts.reg 2006-12-13 20:32 119 ----a-w c:\program files\satsukidecodersettings.ini 2006-12-13 20:32 1,500 ----a-w c:\program files\ffdsasetts.reg 2005-07-09 06:46 89 -c--a-w c:\program files\rrirj.ini 2003-10-23 16:52 40,960 ----a-w c:\program files\Uninstall_CDS.exe 2001-12-07 11:00 1,585 -c--a-w c:\program files\Lisez-moi.txt 2001-07-31 09:46 766 ----a-w c:\program files\Uninst.ico 1997-07-18 13:53 229,888 ----a-w c:\program files\rrirjw32.exe 1996-01-17 16:14 766 ----a-w c:\program files\rrirj.ico 2005-10-24 09:13 66,560 --sha-r c:\windows\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r c:\windows\x2.64.exe 2007-12-30 12:09 8 --sha-r c:\windows\system32\567574EF83.sys 2005-10-28 16:44 308,224 --sha-w c:\windows\system32\avisynth.dll 2005-07-14 10:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll 2005-06-26 13:32 616,448 --sha-r c:\windows\system32\cygwin1.dll 2005-06-21 20:37 45,568 --sha-r c:\windows\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r c:\windows\system32\i420vfw.dll 2007-12-30 12:09 2,828 --sha-w c:\windows\system32\KGyGaAvL.sys 2005-02-28 11:16 240,128 --sha-r c:\windows\system32\x.264.exe 2004-01-25 17:18 70,656 --sha-w c:\windows\system32\yv12vfw.dll 2008-06-06 13:32 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008060620080607\index.dat . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\documents and settings\GACHOD Sylvain\Application Data\drivers ---- 2008-12-09 06:55 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\291015.exe 2008-12-09 06:55 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\290671.exe 2008-12-09 06:55 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\289421.exe 2008-12-09 06:54 863748 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\239515.exe 2008-12-09 06:54 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\231875.exe 2008-12-09 06:54 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\231578.exe 2008-12-09 06:54 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\231093.exe 2008-12-09 06:53 95027 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\161812.exe 2008-12-09 06:53 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\216703.exe 2008-12-09 06:53 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\216140.exe 2008-12-09 06:53 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\215203.exe 2008-12-09 06:53 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\214171.exe 2008-12-09 06:53 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\213656.exe 2008-12-09 06:53 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\212015.exe 2008-12-09 06:53 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\198718.exe 2008-12-09 06:53 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\198687.exe 2008-12-09 06:53 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\198031.exe 2008-12-09 06:52 67678 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\113171.exe 2008-12-09 06:52 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\142046.exe 2008-12-09 06:52 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\141640.exe 2008-12-09 06:52 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\140656.exe 2008-12-09 06:52 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\127000.exe 2008-12-09 06:52 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\126265.exe 2008-12-09 06:52 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\124390.exe 2008-12-09 06:52 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\140093.exe 2008-12-09 06:52 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\139953.exe 2008-12-09 06:52 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\128000.exe 2008-12-09 06:52 117836 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa.sys 2008-12-09 06:51 7168 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\srosa2.sys 2008-12-08 22:05 863748 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45112421.exe 2008-12-08 22:05 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45154437.exe 2008-12-08 22:05 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45154171.exe 2008-12-08 22:05 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45153812.exe 2008-12-08 22:04 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45088578.exe 2008-12-08 22:04 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45087781.exe 2008-12-08 22:04 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45086843.exe 2008-12-08 22:04 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45086015.exe 2008-12-08 22:04 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45085562.exe 2008-12-08 22:04 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45084671.exe 2008-12-08 22:04 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45105578.exe 2008-12-08 22:04 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45105265.exe 2008-12-08 22:04 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45104156.exe 2008-12-08 22:03 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45009500.exe 2008-12-08 22:03 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45009484.exe 2008-12-08 22:03 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\45009453.exe 2008-12-08 22:02 95027 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44963328.exe 2008-12-08 22:01 67678 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44866250.exe 2008-12-08 22:01 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44883156.exe 2008-12-08 22:01 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44882656.exe 2008-12-08 22:01 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44881906.exe 2008-12-08 22:01 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44880343.exe 2008-12-08 22:01 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44879796.exe 2008-12-08 22:01 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44878031.exe 2008-12-08 22:01 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44881484.exe 2008-12-08 22:01 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44881328.exe 2008-12-08 22:01 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\44880968.exe 2008-12-08 18:00 863748 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30398375.exe 2008-12-08 18:00 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30458437.exe 2008-12-08 18:00 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30457921.exe 2008-12-08 18:00 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30456921.exe 2008-12-08 17:59 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30373515.exe 2008-12-08 17:59 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30372703.exe 2008-12-08 17:59 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30371546.exe 2008-12-08 17:59 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30370406.exe 2008-12-08 17:59 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30369609.exe 2008-12-08 17:59 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30368484.exe 2008-12-08 17:59 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30390875.exe 2008-12-08 17:59 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30390437.exe 2008-12-08 17:59 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30389843.exe 2008-12-08 17:59 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30354328.exe 2008-12-08 17:59 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30354265.exe 2008-12-08 17:59 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30354062.exe 2008-12-08 17:58 95027 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30310468.exe 2008-12-08 17:58 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30292250.exe 2008-12-08 17:58 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30291968.exe 2008-12-08 17:58 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30291500.exe 2008-12-08 17:58 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30247671.exe 2008-12-08 17:56 67678 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30174781.exe 2008-12-08 17:56 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30185640.exe 2008-12-08 17:56 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30184859.exe 2008-12-08 17:56 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30182687.exe 2008-12-08 17:56 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\30186484.exe 2008-12-08 13:55 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15717109.exe 2008-12-08 13:55 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15716718.exe 2008-12-08 13:55 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15716187.exe 2008-12-08 13:55 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15766781.exe 2008-12-08 13:55 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15766515.exe 2008-12-08 13:55 3601 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15765359.exe 2008-12-08 13:54 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15699187.exe 2008-12-08 13:54 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15698437.exe 2008-12-08 13:54 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15697156.exe 2008-12-08 13:54 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15696250.exe 2008-12-08 13:54 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15695531.exe 2008-12-08 13:54 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15694046.exe 2008-12-08 13:53 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15616578.exe 2008-12-08 13:53 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15616562.exe 2008-12-08 13:53 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15616015.exe 2008-12-08 13:52 21412 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15562593.exe 2008-12-08 13:51 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15526046.exe 2008-12-08 13:51 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15525562.exe 2008-12-08 13:51 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15524406.exe 2008-12-08 13:50 67678 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15416796.exe 2008-12-08 13:50 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15443968.exe 2008-12-08 13:50 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15443109.exe 2008-12-08 13:50 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15440765.exe 2008-12-08 09:44 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\666234.exe 2008-12-08 09:44 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\665671.exe 2008-12-08 09:44 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\664531.exe 2008-12-08 09:44 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\663312.exe 2008-12-08 09:44 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\662468.exe 2008-12-08 09:44 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\660984.exe 2008-12-08 09:44 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\683515.exe 2008-12-08 09:44 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\682968.exe 2008-12-08 09:44 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\682375.exe 2008-12-08 09:43 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\647078.exe 2008-12-08 09:43 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\646828.exe 2008-12-08 09:43 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\645906.exe 2008-12-08 09:35 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123640.exe 2008-12-08 09:35 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123359.exe 2008-12-08 09:35 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\122562.exe 2008-12-08 09:35 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\111578.exe 2008-12-08 09:35 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\110968.exe 2008-12-08 09:35 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\109625.exe 2008-12-08 09:35 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\121968.exe 2008-12-08 09:35 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\121859.exe 2008-12-08 09:35 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\112140.exe 2008-12-08 09:10 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35178281.exe 2008-12-08 09:10 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35177640.exe 2008-12-08 09:10 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35176562.exe 2008-12-08 09:10 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35175093.exe 2008-12-08 09:10 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35174187.exe 2008-12-08 09:10 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35194093.exe 2008-12-08 09:10 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35193718.exe 2008-12-08 09:10 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35193312.exe 2008-12-08 09:09 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35172156.exe 2008-12-08 09:09 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35158500.exe 2008-12-08 09:09 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35158406.exe 2008-12-08 09:09 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\35158265.exe 2008-12-08 08:00 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31029000.exe 2008-12-08 08:00 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31028718.exe 2008-12-08 08:00 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31028281.exe 2008-12-08 08:00 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31009718.exe 2008-12-08 08:00 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31008500.exe 2008-12-08 08:00 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31006125.exe 2008-12-08 08:00 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31027875.exe 2008-12-08 08:00 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31027421.exe 2008-12-08 08:00 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\31010515.exe 2008-12-08 03:46 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15738687.exe 2008-12-08 03:46 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15738250.exe 2008-12-08 03:46 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15737750.exe 2008-12-08 03:45 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15722140.exe 2008-12-08 03:45 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15721453.exe 2008-12-08 03:45 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15720703.exe 2008-12-08 03:45 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15719609.exe 2008-12-08 03:45 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15718625.exe 2008-12-08 03:45 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15716921.exe 2008-12-08 03:45 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15701843.exe 2008-12-08 03:45 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15701656.exe 2008-12-08 03:45 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15700937.exe 2008-12-08 03:33 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14975531.exe 2008-12-08 03:33 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14975125.exe 2008-12-08 03:33 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14973890.exe 2008-12-08 03:33 5116 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15004921.exe 2008-12-08 03:33 5116 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15004671.exe 2008-12-08 03:33 5116 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\15002703.exe 2008-12-08 03:33 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14971656.exe 2008-12-08 03:33 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14970765.exe 2008-12-08 03:33 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14968125.exe 2008-12-08 03:33 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14973359.exe 2008-12-08 03:33 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14973125.exe 2008-12-08 03:33 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\14972453.exe 2008-12-07 23:28 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\258203.exe 2008-12-07 23:28 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\257906.exe 2008-12-07 23:28 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\257546.exe 2008-12-07 23:27 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\242796.exe 2008-12-07 23:27 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\242359.exe 2008-12-07 23:27 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\241656.exe 2008-12-07 23:27 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\240656.exe 2008-12-07 23:27 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\240000.exe 2008-12-07 23:27 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\238562.exe 2008-12-07 23:27 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\226421.exe 2008-12-07 23:27 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\226218.exe 2008-12-07 23:27 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\225671.exe 2008-12-07 23:26 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\164625.exe 2008-12-07 23:26 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\164328.exe 2008-12-07 23:26 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\163718.exe 2008-12-07 23:26 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\161500.exe 2008-12-07 23:26 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\161093.exe 2008-12-07 23:26 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\159500.exe 2008-12-07 23:26 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\163250.exe 2008-12-07 23:26 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\163109.exe 2008-12-07 23:26 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\162171.exe 2008-12-07 23:17 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\140140.exe 2008-12-07 23:17 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\139843.exe 2008-12-07 23:17 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\139187.exe 2008-12-07 23:17 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\107531.exe 2008-12-07 23:17 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\107203.exe 2008-12-07 23:17 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\104234.exe 2008-12-07 23:17 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\138328.exe 2008-12-07 23:17 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\137968.exe 2008-12-07 23:17 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\108296.exe 2008-12-07 23:02 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\188640.exe 2008-12-07 23:02 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\188062.exe 2008-12-07 23:02 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\187203.exe 2008-12-07 23:02 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\186125.exe 2008-12-07 23:02 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\185250.exe 2008-12-07 23:02 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\183734.exe 2008-12-07 23:02 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\206703.exe 2008-12-07 23:02 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\206234.exe 2008-12-07 23:02 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\205734.exe 2008-12-07 23:02 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\169937.exe 2008-12-07 23:02 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\169859.exe 2008-12-07 23:02 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\169234.exe 2008-12-07 23:00 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\102500.exe 2008-12-07 23:00 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\102187.exe 2008-12-07 23:00 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\101515.exe 2008-12-07 23:00 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\99343.exe 2008-12-07 23:00 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\99000.exe 2008-12-07 23:00 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\97000.exe 2008-12-07 23:00 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\99984.exe 2008-12-07 23:00 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\101046.exe 2008-12-07 23:00 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\100750.exe 2008-12-07 22:50 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\211515.exe 2008-12-07 22:50 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\211062.exe 2008-12-07 22:50 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\210187.exe 2008-12-07 22:50 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\209187.exe 2008-12-07 22:50 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\208546.exe 2008-12-07 22:50 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\207109.exe 2008-12-07 22:50 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\228296.exe 2008-12-07 22:50 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\227781.exe 2008-12-07 22:50 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\227078.exe 2008-12-07 22:50 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\192031.exe 2008-12-07 22:50 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\191921.exe 2008-12-07 22:50 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\191140.exe 2008-12-07 22:49 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\126640.exe 2008-12-07 22:49 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\126343.exe 2008-12-07 22:49 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\125703.exe 2008-12-07 22:49 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123421.exe 2008-12-07 22:49 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\123062.exe 2008-12-07 22:49 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\121140.exe 2008-12-07 22:49 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\125125.exe 2008-12-07 22:49 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\124703.exe 2008-12-07 22:49 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\124078.exe 2008-12-07 22:43 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\359125.exe 2008-12-07 22:43 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\358515.exe 2008-12-07 22:43 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\357187.exe 2008-12-07 22:43 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\356078.exe 2008-12-07 22:43 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\355250.exe 2008-12-07 22:43 766 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\353234.exe 2008-12-07 22:43 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\374468.exe 2008-12-07 22:43 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\374062.exe 2008-12-07 22:43 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\373703.exe 2008-12-07 22:42 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\337562.exe 2008-12-07 22:42 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\337484.exe 2008-12-07 22:42 3252 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\336843.exe 2008-12-07 22:41 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\273312.exe 2008-12-07 22:41 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\273000.exe 2008-12-07 22:41 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\272140.exe 2008-12-07 22:41 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\268296.exe 2008-12-07 22:41 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\267953.exe 2008-12-07 22:41 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\266593.exe 2008-12-07 22:41 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\271406.exe 2008-12-07 22:41 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\270875.exe 2008-12-07 22:41 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\268859.exe 2008-12-07 22:34 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48009218.exe 2008-12-07 22:34 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48008750.exe 2008-12-07 22:34 5849 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48006500.exe 2008-12-07 22:34 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48003234.exe 2008-12-07 22:34 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48002343.exe 2008-12-07 22:34 1508 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48000843.exe 2008-12-07 22:34 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48005781.exe 2008-12-07 22:34 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48005328.exe 2008-12-07 22:34 13242 --a------ c:\documents and settings\GACHOD Sylvain\Application Data\drivers\downld\48004281.exe 2005-09-13 04:05 860168 --------- c:\documents and settings\GACHOD Sylvain\Application Data\drivers\winupgro.exe ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RestoreIT!"="c:\program files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" [2004-09-21 114688] "fenaffiche"="c:\program files\FenAffiche\Fenpowernet.exe" [2004-07-23 49152] "QuickTime Task"="c:\program files\quick time\qttask.exe" [2008-05-27 413696] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-25 185632] "VTTimer"="VTTimer.exe" [2005-03-08 c:\windows\system32\VTTimer.exe] "AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "VIDC.MJPG"= pvmjpg21.dll "VIDC.PVW2"= pvwv220.dll "VIDC.PIMJ"= pvljpg20.dll "vidc.i263"= c:\windows\system32\i263_32.drv "vidc.VP40"= vp4vfw.dll "VIDC.X264"= x264vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --a------ 2006-11-03 09:59 204288 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\quick time\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Temp\\CI_HITACHI\\MAJ_Hitachi.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\bitcomet\\BitComet.exe"= "c:\\WINDOWS\\system32\\svchost.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\JEU\\SteamApps\\xxx8575\\counter-strike source\\hl2.exe"= "e:\\JEU\\SteamApps\\xxx8575\\day of defeat\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\counter-strike\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\condition zero\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\condition zero deleted scenes\\hl.exe"= "c:\\Program Files\\HLSW\\hlsw.exe"= "c:\\Program Files\\e-mule\\eMule\\emule.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "e:\\Jeu Trackmania\\trackmania nation\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "e:\\trackmania forever\\TmNationsForever\\TmForever.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4672:UDP"= 4672:UDP:kad_reseau "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "5900:TCP"= 5900:TCP:assistance msn "3389:UDP"= 3389:UDP:assistance à distance "21:UDP"= 21:UDP:club "4672:TCP"= 4672:TCP:mulot "23430:TCP"= 23430:TCP:BitComet 23430 TCP "23430:UDP"= 23430:UDP:BitComet 23430 UDP "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "24192:TCP"= 24192:TCP:BitComet 24192 TCP "24192:UDP"= 24192:UDP:BitComet 24192 UDP "13941:TCP"= 13941:TCP:BitComet 13941 TCP "13941:UDP"= 13941:UDP:BitComet 13941 UDP "26228:TCP"= 26228:TCP:@xpsp2res.dll,-22009 "25204:TCP"= 25204:TCP:@xpsp2res.dll,-22009 R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.sys [2004-11-24 43512] R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2005-01-23 179482] R3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\Drivers\usbVM31b.sys [2008-03-20 91263] S3 actvcomm;actvcomm;c:\windows\system32\drivers\actvcomm.sys [2004-04-28 78848] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-09-10 13352] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2006-12-29 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2006-12-29 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2006-12-29 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2006-12-29 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2006-12-29 83344] S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\DRIVERS\k600bus.sys [2007-09-22 52384] S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\DRIVERS\k600mdfl.sys [2007-09-22 6096] S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\DRIVERS\k600mdm.sys [2007-09-22 87456] S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\DRIVERS\k600mgmt.sys [2007-09-22 79248] S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\DRIVERS\k600obex.sys [2007-09-22 77072] S3 PsSdk31;PsSdk31;\??\c:\windows\system32\Drivers\pssdk31.drv [2008-08-21 30272] S3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.drv [2008-08-21 37440] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\DRIVERS\usb8023.sys [2004-08-05 12800] S3 viafilter;VIA USB Filter;c:\windows\system32\Drivers\viausb1.sys [2007-07-01 9728] S3 vvftav;vvftav;c:\windows\system32\drivers\vvftav.sys [] S3 ZSMC0305;USB PC Camera VC305;c:\windows\system32\Drivers\usbVM305.sys [] . Contenu du dossier 'Tâches planifiées' 2008-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2008-12-05 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\tune up utilities\SystemOptimizer.exe [] 2005-11-19 c:\windows\Tasks\Recherche de virus de McAfee.com - Mon ordinateur (SY4PPNP19-GACHOD Sylvain).job - c:\progra~1\mcafee.com\vso\mcmnhdlr.exe [] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = 127.0.0.1 IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm TCP: {71BF9D82-2AA1-4FDA-B5E0-38CFCED69208} = 194.117.200.10,194.117.200.15 TCP: {D757C7C0-5818-4037-9050-25956FACD407} = 194.117.200.10,194.117.200.15 O16 -: Microsoft XML Parser for Java O16 -: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} - hxxp://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 -: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe O16 -: {27FA5271-12D2-43E3-9424-365A43236EE7} - hxxp://fr.pixaco.com/static/download/iedropupload.cab c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe c:\windows\Downloaded Program Files\live.ini c:\windows\Downloaded Program Files\scanoptions.tsi c:\windows\Downloaded Program Files\lang.ini c:\windows\Downloaded Program Files\ipsupd.dll c:\windows\Downloaded Program Files\bdupd.dll c:\windows\Downloaded Program Files\libfn.dll c:\windows\Downloaded Program Files\bdcore.dll c:\windows\Downloaded Program Files\oscan8.ocx O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab c:\windows\Downloaded Program Files\oscan8.inf O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab c:\windows\Downloaded Program Files\hardwaredetection.inf c:\windows\Downloaded Program Files\fireev.ocx - c:\windows\Downloaded Program Files\fireev.inf O16 -: {D3D0E7BC-170E-11D0-B2D1-00AA00B92B50} hxxp://singles.sfr.fr/dlm/ax/fireev.2.7.0.0.cab c:\windows\Downloaded Program Files\fireev.inf O16 -: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe O16 -: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} - hxxp://motive.club-internet.fr:2112/lwp/static/installers/WebflowActiveXInstaller_4-0-0.cab c:\windows\Downloaded Program Files\WebflowActiveXInstaller.inf FireFox -: Profile - c:\documents and settings\GACHOD Sylvain\Application Data\Mozilla\Firefox\Profiles\yzkz7tna.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-09 09:49:32 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet006\Services\PsSdk31] "ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv" [HKEY_LOCAL_MACHINE\System\ControlSet006\Services\PsSdkLBF] "ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv" . ------------------------ Autres processus actifs ------------------------ . c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2008-12-09 9:53:55 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-09 08:53:43 ComboFix2.txt 2008-12-09 06:27:33 Avant-CF: 48 295 358 464 octets libres AprÞs-CF: 48,290,643,968 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP sans echec" /noexecute=optin /fastdetect /safeboot 545 --- E O F --- 2008-11-12 08:17:38 Rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:57:04, on 09/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\GACHOD Sylvain\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\bitcomet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [fenaffiche] "C:\Program Files\FenAffiche\Fenpowernet.exe" O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quick time\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\bitcomet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\bitcomet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\bitcomet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\bitcomet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe O16 - DPF: {27FA5271-12D2-43E3-9424-365A43236EE7} (PIXACO upload plugin) - http://fr.pixaco.com/static/download/iedropupload.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1205858377087 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_13.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D3D0E7BC-170E-11D0-B2D1-00AA00B92B50} (FireEvent Control) - http://singles.sfr.fr/dlm/ax/fireev.2.7.0.0.cab O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr:2112/lwp/st...aller_4-0-0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{71BF9D82-2AA1-4FDA-B5E0-38CFCED69208}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CCS\Services\Tcpip\..\{D757C7C0-5818-4037-9050-25956FACD407}: NameServer = 194.117.200.10,194.117.200.15 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a square\a-squared free\a2service.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\DEFENSE PC\AVG antispyware\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- End of file - 8961 bytes

Bonjour Falkra et merci de ton aide à nouveau. J'ai effectué l'opération que tu m'as demandé. Avant je te note ce qui est apparu lors du lancement de Combofix, enfin TRALALA. 1 - "Vous ne pouvez pas renommer Combofix par TRALALA. Veuillez choisir un autre nom, de prùfùrence composù de caractères alphanumériques". Voyant ce message et surtout les "ù", j'ai laissé tourner car je me demandais si le message ne venait pas justement du virus ou autre vérole de mon pc et j'ai bien fait car ensuite l'utilitaire a démarré sans soucis et fait son travail. 2 - "Combofix a détecté que la console de récupération Windows n'était pas installé. Vous avez tout intérêt à le faire. Voulez vous le faire maintenant ?" J'ai préféré mettre non car je ne savais pas si cela faisait réellement partie d'un avertissement de Combofix ou autre. S'il faut le faire pourras tu me donner la manip ultérieurement et me dire à quoi sert cette console de récupération ? Voici maintenant le rapport de Combofix : ComboFix 08-12-07.04 - yoda 2008-12-09 7:08:37.4 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.429 [GMT 1:00] Lancé depuis: c:\documents and settings\yoda\Bureau\TRALALA.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\yoda\Application Data\m c:\documents and settings\yoda\Application Data\m\data.oct c:\documents and settings\yoda\Application Data\m\list.oct c:\documents and settings\yoda\Application Data\m\shared c:\documents and settings\yoda\Application Data\m\shared\[PROG-ENG].Symantec.Q&A.ver.4.02.(DOS.Application).zip c:\documents and settings\yoda\Application Data\m\shared\24U_DatabaseToWeb_1.0.1_(KeyGen).zip c:\documents and settings\yoda\Application Data\m\shared\3DMuse_Generator_2.03.zip c:\documents and settings\yoda\Application Data\m\shared\70-214_Microsoft_MCSA_Security_Security_7.00.05_[Patch].zip c:\documents and settings\yoda\Application Data\m\shared\Accelerate_Video_to_PSP_Converter_3.7.zip c:\documents and settings\yoda\Application Data\m\shared\Action Reminder 1.2.3.zip c:\documents and settings\yoda\Application Data\m\shared\AdFirewall_2.zip c:\documents and settings\yoda\Application Data\m\shared\Advanced_Security_Administrator_11.3.zip c:\documents and settings\yoda\Application Data\m\shared\Afree DVD to AVI DIVX MPEG WMV Ripper 5.0.zip c:\documents and settings\yoda\Application Data\m\shared\AI_Symbols_Pack_1_'Mixed'_1.0.0.zip c:\documents and settings\yoda\Application Data\m\shared\American_McGee_Presents_Bad_Day_L.A._demo.zip c:\documents and settings\yoda\Application Data\m\shared\AnimMenu_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Another_CPU_Meter_1.3.zip c:\documents and settings\yoda\Application Data\m\shared\ASP_XMLMaker_3.0.zip c:\documents and settings\yoda\Application Data\m\shared\Astro_For_Windows_2.25.zip c:\documents and settings\yoda\Application Data\m\shared\Audio_Playback_Recorder_3.9.zip c:\documents and settings\yoda\Application Data\m\shared\Auto_Typer_And_Auto_Clicker_1.3.zip c:\documents and settings\yoda\Application Data\m\shared\AutoPrint 3.08.zip c:\documents and settings\yoda\Application Data\m\shared\AutoSpec_2.1.zip c:\documents and settings\yoda\Application Data\m\shared\AVG.Anti-Virus.Pro.v7.1.407a804.Multilangages.Incl-Keygen.updated-fixed.01-2007.zip c:\documents and settings\yoda\Application Data\m\shared\BeClean_1.4.zip c:\documents and settings\yoda\Application Data\m\shared\Bildsoft_Crypter_2006_1.1.zip c:\documents and settings\yoda\Application Data\m\shared\Bytessence PassKeeper 2.5.5.9.zip c:\documents and settings\yoda\Application Data\m\shared\Cabaret_Stage_2.zip c:\documents and settings\yoda\Application Data\m\shared\CDmax 2.0.3.zip c:\documents and settings\yoda\Application Data\m\shared\CNumEdit_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Connection_Enumerator_1.03_Build_8.5.zip c:\documents and settings\yoda\Application Data\m\shared\CopyM8_1.zip c:\documents and settings\yoda\Application Data\m\shared\CovertMail 2.0.384.zip c:\documents and settings\yoda\Application Data\m\shared\DeDupe_1.6.4_Patch.zip c:\documents and settings\yoda\Application Data\m\shared\Desktop Buddy 2.0.zip c:\documents and settings\yoda\Application Data\m\shared\Desktop_Flash_Site_Builder_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Dial-up_Password_Recovery_Master_1.3.zip c:\documents and settings\yoda\Application Data\m\shared\Dictionary Autoswitcher 0.1.1.zip c:\documents and settings\yoda\Application Data\m\shared\DigiPhoto_Gallery_2.25.zip c:\documents and settings\yoda\Application Data\m\shared\Document_Backup_3.6.zip c:\documents and settings\yoda\Application Data\m\shared\Enchante Screensaver 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Engineer's Toolset 9.2.zip c:\documents and settings\yoda\Application Data\m\shared\FASTech_Traffic_Grapher_1.0.0.1.zip c:\documents and settings\yoda\Application Data\m\shared\File_Information_Editor.zip c:\documents and settings\yoda\Application Data\m\shared\FlipAlbum_Standard_6.0.zip c:\documents and settings\yoda\Application Data\m\shared\Flowchart4C# -_Code_to_Flowchart_to_Visio_-_VS.NET_Addin_1.1.0_Crack.zip c:\documents and settings\yoda\Application Data\m\shared\Ford Bronco Concept Screensaver.zip c:\documents and settings\yoda\Application Data\m\shared\Framy_Cloud_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\FreeBasic 0.18.4b.zip c:\documents and settings\yoda\Application Data\m\shared\Freedom_Notebook_6.0_(Cracked).zip c:\documents and settings\yoda\Application Data\m\shared\Frog 1.1.zip c:\documents and settings\yoda\Application Data\m\shared\Funpics 1.5.6.zip c:\documents and settings\yoda\Application Data\m\shared\Generic spreadsheet Charts 1.0.1.zip c:\documents and settings\yoda\Application Data\m\shared\GlobalFind_1.06.zip c:\documents and settings\yoda\Application Data\m\shared\Groove_Migrator_1.zip c:\documents and settings\yoda\Application Data\m\shared\GS Sounds 4.zip c:\documents and settings\yoda\Application Data\m\shared\Hard Drive Mechanic 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Hearts of Love 104s.zip c:\documents and settings\yoda\Application Data\m\shared\Hide Folders 2.4 Final.zip c:\documents and settings\yoda\Application Data\m\shared\HiDigit 1.1 (Serial).zip c:\documents and settings\yoda\Application Data\m\shared\Higher_English_Workout_2.zip c:\documents and settings\yoda\Application Data\m\shared\Home_&_Landscape_Design_Center_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Horoscope Vista Gadget 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Hubble’s_Hot_100_Part_4_Screensaver_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Hypnotica_3D_Screensaver_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\IE-Clean 1.3.zip c:\documents and settings\yoda\Application Data\m\shared\il.migliore.antivir.russo.in.italiano.zip c:\documents and settings\yoda\Application Data\m\shared\Instant_EBuilder_1.0_(KeyGen).zip c:\documents and settings\yoda\Application Data\m\shared\ircComponent.NET_2.0_(With_Crack).zip c:\documents and settings\yoda\Application Data\m\shared\Konsposé Hotspot 1.1.zip c:\documents and settings\yoda\Application Data\m\shared\Krawler[x]_0.34.1.29502.zip c:\documents and settings\yoda\Application Data\m\shared\Launch4j Executable Wrapper 3.0 pre-1.zip c:\documents and settings\yoda\Application Data\m\shared\Le Gros Million 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\LogMeister_2.6.20_Key.zip c:\documents and settings\yoda\Application Data\m\shared\London Daily Photo 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\LSFindReplaceDialogW_1.0.0.zip c:\documents and settings\yoda\Application Data\m\shared\Microsoft Antigen for Exchange 9.1.1097.0 with Antigen Spam Manager 9.0 with SP 1.zip c:\documents and settings\yoda\Application Data\m\shared\Microsoft_Word_Web_Browser_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\MP3 to SWF Converter 2.5 Build 909.zip c:\documents and settings\yoda\Application Data\m\shared\My Image Here 1.1.1.zip c:\documents and settings\yoda\Application Data\m\shared\Nero_Burning_Rom_6.6.1.15c_(KeyGen).zip c:\documents and settings\yoda\Application Data\m\shared\NiceGrid 2.20.zip c:\documents and settings\yoda\Application Data\m\shared\NJWIN_CJK_Viewer_1.92_Cracked.zip c:\documents and settings\yoda\Application Data\m\shared\Notables 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Offline Email Extractor 2.0 (Crack).zip c:\documents and settings\yoda\Application Data\m\shared\Okoker Removable Data Recovery 1.6.zip c:\documents and settings\yoda\Application Data\m\shared\Outpost 2 demo (compact) 1.0.zip c:\documents and settings\yoda\Application Data\m\shared\PauseProcess_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Photo2CD_1.1.zip c:\documents and settings\yoda\Application Data\m\shared\Pico-Converter_0.1.0.zip c:\documents and settings\yoda\Application Data\m\shared\PLT_Import_for_Rhino_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\ProgInfo_1.0.0_[serial].zip c:\documents and settings\yoda\Application Data\m\shared\ProjectTrack_-_Shareware_Edition_2007.0.6.341.zip c:\documents and settings\yoda\Application Data\m\shared\Quintessence_of_Wisdom_2.3.zip c:\documents and settings\yoda\Application Data\m\shared\Raining Screensaver 3.19.zip c:\documents and settings\yoda\Application Data\m\shared\RainWebRemote_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\RaptiComm_1.2_[Cracked].zip c:\documents and settings\yoda\Application Data\m\shared\RCLocalizer 1.8.0.1.zip c:\documents and settings\yoda\Application Data\m\shared\Read_in_Microsoft_Reader_1.1.3.zip c:\documents and settings\yoda\Application Data\m\shared\Recipe Library 5.0.zip c:\documents and settings\yoda\Application Data\m\shared\Recovery Time 1.6.zip c:\documents and settings\yoda\Application Data\m\shared\Registry Repair 4.0.0.30C.zip c:\documents and settings\yoda\Application Data\m\shared\Rendera 1.5.zip c:\documents and settings\yoda\Application Data\m\shared\Rocket_Lawyer_Living_Will_Edition_1.0.zip c:\documents and settings\yoda\Application Data\m\shared\Sacrifice_Sacrificial_Dawn_map.zip c:\documents and settings\yoda\Application Data\m\shared\Script Magic 1.7 With Crack.zip c:\documents and settings\yoda\Application Data\m\shared\SDP_Downloader_2.3.0.zip c:\documents and settings\yoda\Application Data\m\shared\Send2AllIms 1.2.8.zip c:\documents and settings\yoda\Application Data\m\shared\SharpReader 0.9.7.0.zip c:\documents and settings\yoda\Application Data\m\shared\Shop-Script_FREE_1.1.zip c:\documents and settings\yoda\Application Data\m\shared\Silent Fear Internet Radio 3.2.zip c:\documents and settings\yoda\Application Data\m\shared\Smart_Page_2005_2.0.zip c:\documents and settings\yoda\Application Data\m\shared\Spam_Filter_ISP_2.7.1.532.zip c:\documents and settings\yoda\Application Data\m\shared\Street_Challenge_1.3.1.zip c:\documents and settings\yoda\Application Data\m\shared\SwisSQL--Sybase_to_SQL_Server_2.1.zip c:\documents and settings\yoda\Application Data\m\shared\Take_Command_8.02_Build_94_(Crack).zip c:\documents and settings\yoda\Application Data\m\shared\TcsPdfIt 1.zip c:\documents and settings\yoda\Application Data\m\shared\TeleMessage Microsoft Outlook Plug-in 5.5.6.zip c:\documents and settings\yoda\Application Data\m\shared\The Green Search Widget 0.1.zip c:\documents and settings\yoda\Application Data\m\shared\TheaterTek_DVD_2.0_(With_Crack).zip c:\documents and settings\yoda\Application Data\m\shared\Tomb_Raider_Legend_next-generation_demo.zip c:\documents and settings\yoda\Application Data\m\shared\Torrent_Buster_1.3.zip c:\documents and settings\yoda\Application Data\m\shared\Trivial Pursuit Silver Screen Edition 1.zip c:\documents and settings\yoda\Application Data\m\shared\uCertify_-_MCSA_Practice_Test_for_Exam_SK0-002.-_160+_Questions_8.00.05_[Crack].zip c:\documents and settings\yoda\Application Data\m\shared\UDP_Serial_Port_Redirector_1.2.1_(Crack).zip c:\documents and settings\yoda\Application Data\m\shared\Unreal_Tournament_2003_-_Trojan_bot_skin.zip c:\documents and settings\yoda\Application Data\m\shared\USA_Shield_2.15.zip c:\documents and settings\yoda\Application Data\m\shared\Video DVD Maker PRO 3.1.0.5.zip c:\documents and settings\yoda\Application Data\m\shared\Vordur Install Manager 1.6.zip c:\documents and settings\yoda\Application Data\m\shared\Whizlabs J2EE Certification (SCBCD) Online Training 2.3.1 [serial].zip c:\documents and settings\yoda\Application Data\m\shared\WinMPG iPod Converter 2.0.zip c:\documents and settings\yoda\Application Data\m\shared\World_of_Warcraft_v1.4.0_French_patch.zip c:\documents and settings\yoda\Application Data\m\shared\Worlds_map.zip c:\documents and settings\yoda\Application Data\m\srvlist.oct C:\InfoSat.txt c:\program files\Microsoft ActiveSync\wcescomm.exe c:\windows\system\oeminfo.ini c:\windows\system32\ban_list.txt c:\windows\system32\mdelk.exe c:\windows\system32\tmp.reg c:\windows\system32\wintems.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SK9OU0S -------\Legacy_SROSA -------\Service_sK9Ou0s ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-09 au 2008-12-09 )))))))))))))))))))))))))))))))))))) . 2008-12-09 07:03 . 2008-12-09 07:03 <REP> d-------- C:\32788R22FWJFW 2008-12-08 10:27 . 2008-12-08 10:27 <REP> d-------- c:\program files\Panda Security 2008-12-07 23:38 . 2008-12-07 23:37 21,272,617 --a------ c:\windows\LPT$VPN.693 2008-12-07 23:37 . 2008-12-07 23:37 21,272,617 --a------ c:\windows\VPTNFILE.693 2008-12-07 23:36 . 2008-12-07 23:37 <REP> d-------- c:\windows\AU_Temp 2008-12-07 22:50 . 2008-12-07 22:52 <REP> d-------- c:\program files\Yahoo! 2008-12-07 22:33 . 2008-12-07 22:34 <REP> d--h----- c:\documents and settings\yoda\Application Data\drivers 2008-12-05 17:01 . 2008-12-05 17:01 <REP> d-------- C:\Navigation 2008-12-05 16:54 . 2008-12-05 16:59 <REP> d-------- c:\program files\DestinatorApps 2008-11-15 20:28 . 2001-08-28 13:00 499,200 --a------ c:\windows\system32\gpedit.dll 2008-11-15 20:28 . 2002-08-29 10:44 284,160 --a------ c:\windows\system32\appmgr.dll 2008-11-15 20:28 . 2002-08-29 10:44 185,856 --a------ c:\windows\system32\gptext.dll 2008-11-15 20:28 . 2002-08-29 10:44 165,376 --a------ c:\windows\system32\appmgmts.dll 2008-11-15 20:28 . 2001-08-28 13:00 119,296 --a------ c:\windows\system32\fde.dll 2008-11-15 20:28 . 2002-08-29 10:44 70,144 --a------ c:\windows\system32\fdeploy.dll 2008-11-15 20:28 . 2001-08-28 13:00 34,352 --a------ c:\windows\system32\gpedit.msc 2008-11-12 09:10 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-12 09:08 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-09 06:11 --------- d-----w c:\program files\Microsoft ActiveSync 2008-12-07 22:37 91,744 ----a-w c:\windows\BPMNT.dll 2008-12-07 22:37 71,749 ----a-w c:\windows\hcextoutput.dll 2008-12-07 22:37 345,157 ----a-w c:\windows\tsc.exe 2008-12-07 22:37 1,213,784 ----a-w c:\windows\vsapi32.dll 2008-12-07 22:11 --------- d-----w c:\program files\DEFENSE PC 2008-12-05 15:49 --------- d-----w c:\program files\Ahead 2008-11-30 19:04 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-28 20:33 73,216 ----a-w c:\windows\ST6UNST.EXE 2008-11-28 20:33 249,856 ------w c:\windows\Setup1.exe 2008-11-22 02:05 3,532 ----a-w C:\drmHeader.bin 2008-11-20 18:01 --------- d-----w c:\documents and settings\yoda\Application Data\dvdcss 2008-11-10 21:17 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-11-06 06:12 --------- d-----w c:\program files\DivX 2008-11-04 20:04 --------- d-----w c:\program files\Neuf 2008-10-28 17:01 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-10-28 17:01 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-21 16:27 --------- d-----w c:\program files\Microsoft Silverlight 2008-10-19 09:26 --------- d-----w c:\program files\Fichiers communs\PC SOFT 2008-10-19 09:26 --------- d-----w c:\documents and settings\yoda\Application Data\DDaussy 2008-10-19 09:26 --------- d-----w c:\documents and settings\All Users\Application Data\catalogue recettes cuisine 2008-10-14 15:29 --------- d-----w c:\program files\crypteur documents 2008-10-14 15:28 --------- d-----w c:\program files\Axon Data 2008-10-11 17:11 --------- d-----w c:\documents and settings\yoda\Application Data\Seven Zip 2008-10-11 17:11 --------- d-----w c:\documents and settings\All Users\Application Data\{02C45027-B817-41FE-A000-2799C43CEF41} 2008-02-01 19:45 47,360 ----a-w c:\documents and settings\yoda\Application Data\pcouffin.sys 2007-06-07 18:49 8,192 --sha-w c:\program files\Thumbs.db 2007-03-09 16:48 3,202 -c--a-w c:\program files\RRIRJ.DAT 2007-02-01 16:02 1 ----a-w c:\documents and settings\yoda\SI.bin 2006-12-13 20:32 40,856 ----a-w c:\program files\ffdssetts.reg 2006-12-13 20:32 119 ----a-w c:\program files\satsukidecodersettings.ini 2006-12-13 20:32 1,500 ----a-w c:\program files\ffdsasetts.reg 2005-07-09 06:46 89 -c--a-w c:\program files\rrirj.ini 2003-10-23 16:52 40,960 ----a-w c:\program files\Uninstall_CDS.exe 2001-12-07 11:00 1,585 -c--a-w c:\program files\Lisez-moi.txt 2001-07-31 09:46 766 ----a-w c:\program files\Uninst.ico 1997-07-18 13:53 229,888 ----a-w c:\program files\rrirjw32.exe 1996-01-17 16:14 766 ----a-w c:\program files\rrirj.ico 2005-10-24 09:13 66,560 --sha-r c:\windows\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r c:\windows\x2.64.exe 2007-12-30 12:09 8 --sha-r c:\windows\system32\567574EF83.sys 2005-10-28 16:44 308,224 --sha-w c:\windows\system32\avisynth.dll 2005-07-14 10:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll 2005-06-26 13:32 616,448 --sha-r c:\windows\system32\cygwin1.dll 2005-06-21 20:37 45,568 --sha-r c:\windows\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r c:\windows\system32\i420vfw.dll 2007-12-30 12:09 2,828 --sha-w c:\windows\system32\KGyGaAvL.sys 2006-04-27 08:24 2,945,024 --sha-r c:\windows\system32\Smab.dll 2005-02-28 11:16 240,128 --sha-r c:\windows\system32\x.264.exe 2004-01-25 17:18 70,656 --sha-w c:\windows\system32\yv12vfw.dll 2008-06-06 13:32 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008060620080607\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RestoreIT!"="c:\program files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" [2004-09-21 114688] "fenaffiche"="c:\program files\FenAffiche\Fenpowernet.exe" [2004-07-23 49152] "QuickTime Task"="c:\program files\quick time\qttask.exe" [2008-05-27 413696] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-25 185632] "VTTimer"="VTTimer.exe" [2005-03-08 c:\windows\system32\VTTimer.exe] "AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "VIDC.MJPG"= pvmjpg21.dll "VIDC.PVW2"= pvwv220.dll "VIDC.PIMJ"= pvljpg20.dll "vidc.i263"= c:\windows\system32\i263_32.drv "vidc.VP40"= vp4vfw.dll "VIDC.X264"= x264vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --a------ 2006-11-03 09:59 204288 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\quick time\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Temp\\CI_HITACHI\\MAJ_Hitachi.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\bitcomet\\BitComet.exe"= "c:\\WINDOWS\\system32\\svchost.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\JEU\\SteamApps\\xxx8575\\counter-strike source\\hl2.exe"= "e:\\JEU\\SteamApps\\xxx8575\\day of defeat\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\counter-strike\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\condition zero\\hl.exe"= "e:\\JEU\\SteamApps\\xxx8575\\condition zero deleted scenes\\hl.exe"= "c:\\Program Files\\HLSW\\hlsw.exe"= "c:\\Program Files\\e-mule\\eMule\\emule.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "e:\\Jeu Trackmania\\trackmania nation\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "e:\\trackmania forever\\TmNationsForever\\TmForever.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4672:UDP"= 4672:UDP:kad_reseau "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "5900:TCP"= 5900:TCP:assistance msn "3389:UDP"= 3389:UDP:assistance à distance "21:UDP"= 21:UDP:club "4672:TCP"= 4672:TCP:mulot "23430:TCP"= 23430:TCP:BitComet 23430 TCP "23430:UDP"= 23430:UDP:BitComet 23430 UDP "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "24192:TCP"= 24192:TCP:BitComet 24192 TCP "24192:UDP"= 24192:UDP:BitComet 24192 UDP "13941:TCP"= 13941:TCP:BitComet 13941 TCP "13941:UDP"= 13941:UDP:BitComet 13941 UDP "26228:TCP"= 26228:TCP:@xpsp2res.dll,-22009 "25204:TCP"= 25204:TCP:@xpsp2res.dll,-22009 R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.sys [2004-11-24 43512] R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2005-01-23 179482] R3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\Drivers\usbVM31b.sys [2008-03-20 91263] S2 FBAPI;FBAPI;\??\c:\windows\system32\drivers\FBAPI.sys [] S3 actvcomm;actvcomm;c:\windows\system32\drivers\actvcomm.sys [2004-04-28 78848] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-09-10 13352] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2006-12-29 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2006-12-29 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2006-12-29 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2006-12-29 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2006-12-29 83344] S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\DRIVERS\k600bus.sys [2007-09-22 52384] S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\DRIVERS\k600mdfl.sys [2007-09-22 6096] S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\DRIVERS\k600mdm.sys [2007-09-22 87456] S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\DRIVERS\k600mgmt.sys [2007-09-22 79248] S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\DRIVERS\k600obex.sys [2007-09-22 77072] S3 PsSdk31;PsSdk31;\??\c:\windows\system32\Drivers\pssdk31.drv [2008-08-21 30272] S3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.drv [2008-08-21 37440] S3 SPAInfoDrv;SPAInfoDrv;\??\c:\progra~1\MOBILE~1\bin\SPAInfoDrv.sys [] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\DRIVERS\usb8023.sys [2004-08-05 12800] S3 viafilter;VIA USB Filter;c:\windows\system32\Drivers\viausb1.sys [2007-07-01 9728] S3 vvftav;vvftav;c:\windows\system32\drivers\vvftav.sys [] S3 ZSMC0305;USB PC Camera VC305;c:\windows\system32\Drivers\usbVM305.sys [] S4 SrvQxa;SrvQxa;"\\?\c:\program files\Fichiers communs\System\lpt9.exe" [] . Contenu du dossier 'Tâches planifiées' 2008-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2008-12-05 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\tune up utilities\SystemOptimizer.exe [] 2005-11-19 c:\windows\Tasks\Recherche de virus de McAfee.com - Mon ordinateur (SY4PPNP19-yoda).job - c:\progra~1\mcafee.com\vso\mcmnhdlr.exe [] . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-ID - (no file) HKCU-Run-H/PC Connection Agent - c:\program files\Microsoft ActiveSync\wcescomm.exe HKCU-Run-PowerBar - (no file) Notify-AtiExtEvent - (no file) MSConfigStartUp-PC Connection Agent - c:\program files\Microsoft ActiveSync\wcescomm.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = 127.0.0.1 IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm TCP: {71BF9D82-2AA1-4FDA-B5E0-38CFCED69208} = 194.117.200.10,194.117.200.15 TCP: {D757C7C0-5818-4037-9050-25956FACD407} = 194.117.200.10,194.117.200.15 O16 -: Microsoft XML Parser for Java O16 -: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} - hxxp://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 -: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe O16 -: {27FA5271-12D2-43E3-9424-365A43236EE7} - hxxp://fr.pixaco.com/static/download/iedropupload.cab c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe c:\windows\Downloaded Program Files\live.ini c:\windows\Downloaded Program Files\scanoptions.tsi c:\windows\Downloaded Program Files\lang.ini c:\windows\Downloaded Program Files\ipsupd.dll c:\windows\Downloaded Program Files\bdupd.dll c:\windows\Downloaded Program Files\libfn.dll c:\windows\Downloaded Program Files\bdcore.dll c:\windows\Downloaded Program Files\oscan8.ocx O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab c:\windows\Downloaded Program Files\oscan8.inf O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_13.cab c:\windows\Downloaded Program Files\hardwaredetection.inf c:\windows\Downloaded Program Files\fireev.ocx - c:\windows\Downloaded Program Files\fireev.inf O16 -: {D3D0E7BC-170E-11D0-B2D1-00AA00B92B50} hxxp://singles.sfr.fr/dlm/ax/fireev.2.7.0.0.cab c:\windows\Downloaded Program Files\fireev.inf O16 -: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe O16 -: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} - hxxp://motive.club-internet.fr:2112/lwp/static/installers/WebflowActiveXInstaller_4-0-0.cab c:\windows\Downloaded Program Files\WebflowActiveXInstaller.inf FireFox -: Profile - c:\documents and settings\GACHOD Sylvain\Application Data\Mozilla\Firefox\Profiles\yzkz7tna.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= . . ------- Associations de fichier ------- . vbsfile\shell\edit\command=%SystemRoot%\System32\Notepad.exe %1 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-09 07:17:49 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet006\Services\PsSdk31] "ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv" [HKEY_LOCAL_MACHINE\System\ControlSet006\Services\PsSdkLBF] "ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv" . ------------------------ Autres processus actifs ------------------------ . c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2008-12-09 7:27:30 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-09 06:27:27 Avant-CF: 48 841 998 336 octets libres Après-CF: 48,239,075,328 octets libres 405 --- E O F --- 2008-11-12 08:17:38 Merci d'avance pour la suite.

Salut Chris. Eh oui bienvenue au club comme tu dis, mais au moins on se sent beaucoup moins seul . Concernant ton probleme qui ressemeble à un rootkit d'apres ce que je lis dans tes premières lignes, as-tu essayé de télécharger un anti-rootkit justement et voir ce que cela donne en premier lieu. Je sais que le groupe grisoft ou AVG en a un gratuit. Maintenant peut-être que cette manip ne servira à rien au final. Vas voir là, ils parlent de ce que tu mentionnes dans ton post : http://www.symantec.com/fr/fr/security_res...-011710-0057-99 Et y en a plein d'autres ailleurs sur google. Sinon me concernant, j'ai réussi à fare un scan avec PANDA et a-square. par contre avec Kapersky il ne veut pas s'éxécuter et me notifie qu'un autre anti-virus est en fonction. Pour ceux qui liront ce post, voici les rapport a-square et PANDA. A-square : Version - a-squared Free 3.5 Dernière mise à jour : 07/12/2008 23:33:51 Paramètres des balayages : Éléments : Mémoire, Traces, Cookies, C:\, E:\ Balaye dans les archives : Marche Analyse heuristique : Marche Balaye dans les ADS : Marche Début du balayage : 07/12/2008 23:34:19 C:\Documents and Settings\Cookies\sylvain@247realmedia[1].txt Objets détectés : Trace.TrackingCookie.247realmedia!A2 C:\Documents and Settings\Cookies\sylvain@2o7[1].txt Objets détectés : Trace.TrackingCookie.2o7!A2 C:\Documents and Settings\Cookies\[email protected][1].txt Objets détectés : Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\cookies\[email protected][1].txt Objets détectés : Trace.TrackingCookie.adserver!A2 C:\Documents and Settings\Cookies\[email protected][1].txt Objets détectés : Trace.TrackingCookie.bs.serving-sys!A2 C:\Documents and Settings\Cookies\sylvain@commentcamarche[1].txt Objets détectés : Trace.TrackingCookie.com!A2 C:\Documents and Settings\Cookies\sylvain@com[1].txt Objets détectés : Trace.TrackingCookie.com!A2 C:\Documents and Settings\Cookies\sylvain@serving-sys[1].txt Objets détectés : Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Cookies\sylvain@smartadserver[1].txt Objets détectés : Trace.TrackingCookie.smartadserver!A2 C:\Documents and Settings\Cookies\sylvain@specificclick[2].txt Objets détectés : Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Cookies\sylvain@tribalfusion[2].txt Objets détectés : Trace.TrackingCookie.tribalfusion!A2 C:\Documents and Settings\Cookies\sylvain@weborama[1].txt Objets détectés : Trace.TrackingCookie.weborama!A2 Analysé Fichiers : 191580 Traces : 444088 Cookies : 130 Processus : 21 Objets trouvés Fichiers : 0 Traces : 0 Cookies : 12 Processus : 0 Clés de Registre : 0 Fin du balayage : 08/12/2008 06:20:27 Temps du balayage : 6:46:08 Rapport PANDA : ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-12-08 20:34:43 PROTECTIONS: 0 MALWARE: 4 SUSPECTS: 2 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP177\A0019146.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\Documents and Settings\Yoda\Application Data\drivers\srosa2.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP179\A0019261.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP175\A0017941.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP179\A0019222.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP175\A0018942.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP178\A0019159.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP177\A0019122.sys 00459277 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP179\A0019484.sys 02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\WINDOWS\system32\mdelk.exe 02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes No C:\WINDOWS\system32\wintems.exe 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP175\A0018943.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP179\A0019221.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP175\A0017942.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP178\A0019158.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP177\A0019147.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP179\A0019262.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP177\A0019123.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{A52C3862-AC83-49C6-A5FD-A969B32B6D8D}\RP179\A0019485.sys 02898935 W32/Bagle.RC.worm Virus/Worm No 0 Yes No C:\Documents and Settings\Yoda\Application Data\drivers\srosa.sys 04281341 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\Yoda\Bureau\SYLVAIN\generateur de clé.exe ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location @ ;=============================================================================== ================================================================================ = =================== No C:\Program Files\EXTRACTION vidéo sur site internet\vdownloader version 0.61.zip[VDownloader.exe] @ No C:\WINDOWS\system32\LineAudio.dll @ ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description @ ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== Ce qui donne ça en résumé avec le scan PANDA : Menaces avec désinfection gratuite (4) Niveau de risque faible (4) W32/Bagle.RC.w... Virus Latent(e) Afficher +Infos 1. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP179\A0019485.sys 2. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP179\A0019221.sys 3. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP177\A0019123.sys 4. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP178\A0019158.sys 5. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP177\A0019147.sys 6. C:\Documents and Settings\Yoda\Application Data\drivers\srosa.sys 7. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP175\A0017942.sys 8. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP175\A0018943.sys 9. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP179\A0019262.sys Generic Trojan Virus Latent(e) Afficher +Infos 1. C:\Documents and Settings\Yoda\Bureau\SYLVAIN\generateur de clé.exe W32/Bagle.RP.w... Virus Latent(e) Afficher +Infos 1. C:\WINDOWS\system32\wintems.exe 2. C:\WINDOWS\system32\mdelk.exe W32/Bagle.RC.w... Virus Latent(e) Afficher +Infos 1. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP177\A0019122.sys 2. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP179\A0019222.sys 3. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP177\A0019146.sys 4. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP178\A0019159.sys 5. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP175\A0017941.sys 6. C:\Documents and Settings\Yoda\Application Data\drivers\srosa2.sys 7. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP175\A0018942.sys 8. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP179\A0019261.sys 9. C:\System Volume Information\_restore{A52C386...FD-A969B32B6D8D}\RP179\A0019484.sys Fichiers suspects (2) C:\WINDOWS\system32\LineAudio.dll C:\Program Files\EXTRACTION vidéo sur site in...r version 0.61.zip[VDownloader.exe] Voili voilou, merci de votre aide pour la suite car j'ai rechopé le même virus que la dernière fois il me semble. Bon courage Chris.

Bonjour à toutes et tous. Eh oui me re-voilà de retour suite à une belle merdouille qui vient de me tomber sur le coin du clavier. Donc hier soir, je télécharge via un site connu un utilitaire afin de pouvoir récupérer et réparer des fichiers photos endommagés sur une carte SD. Jusque là tout va bien. Pour plus de sécurité, comme d'habitude, je fais un scan avec Antivir. Mais c'est là que les soucis commencent. En fait Antivir ne se lance pas et mon pc s'éteint direct. Ca me rappelle maklheureusement le soucis reglé par Falkra il y a quelques mois. Je redémarre donc la bête et essaie de nouveau Antivir, mais en vain. J'essaie de passer Spybot, AVG anti-spyware, C cleaner, Malwarebyte mais en vain également car à chaque fois il me signale des erreurs. Le seul utilitaire qui fonctionne est A-square, mais il ne me détecte que des cookies. Je prévois pour ma venue sur ces pages et essaie un scan en ligne avec secuser (mais mon pc plante au bout d'une heure à chaque fois) donc pas de rapport pour vous. Lorsque j'essaie de lancer Hijackthis, il me signlae que c'est une application Win32 invalide, donc impossible également de vous afficher un rapport. J'essaie de relancer une énième fois Antivir, mais toujours rien Je le désinstalle et viens sur vos pages pour avoir l'exécutable et le réinstaller. Mais durant l'instalation il m'est notifié "Impossible de créer basic\avartkt.dll". J'ai essayée une restauration à hier matin également, mais il me signale qu'il est impossible de restaurer le systeme à cette date et heure. Idem pour d'autres d'ailleurs. Donc là malgré les manips que j'ai faite, rien ne se passe et j'ai remarqué ce matin que le processus systeme oscillait entre 10 et 80%. Si dans le processus il y a "winupgro.exe" que je n'avais jamais vu auparavant. IL monopolise 14 765ko lors de son activité. J'ai également essayé de démarrer en mode sans échec avec prise en charge ou non et vouilà ce que l'on me signale. en gros j'ai un soucis sur le pc (je le savais ça par contre) et que le mode sans échec ne peut être lancé sous peine de créer des dommages sur la machine. Un message d'erreur est joint : "STOP : 0x0000007B (0x81c6528, 0xc0000034, 0x00000000, 0x00000000). Il m'est demandé également d'éxécuter cela : CHKDSK /F. Ne sachant pas ce que c'est j'ai préféré ne pas lancer cette commande. Donc là franchement, je m'en remet à vos connaissances afin de réparer cette machine. Merci d'avance à ceux qui m'aideront.

Bonjour Falkra. J'ai téléchargé Dial-a-fix et l'ai lancé. par contre une fenêtre s'ouvre avec juste l'option tooltips cochée. J'ai beau cliquer sur "GO" mais rien ne se passe. peut-être faut il faire autre chose afin que cela lance quoique ce soit. J'ai tout de même fait une copie du log, mais je ne sais pas si cela va t'avancer à quelque chose : Notes about this log: 1) "->" denotes an external command being executed, and "-> (number)" indicates the return code from the previous command 2) Not all external command return codes are accurate, or useful 3) Sometimes commands return 0 (no error) even when they fail or crash 4) If an error occurs while registering an object, please send an email to: [email protected] and include a copy of this log DAF version: v0.60.0.24 --- System info --- OS: Microsoft Windows XP Service Pack 3 IE version: 7.0.5730.13 MPC: 76412-OEM CPU: AMD Sempron 2500+ (~1750MHz) BIOS: 26/08/2004 Memory (approx): 703MB Uptime: 12 hour(s) Current directory: C:\Documents and Settings\yoda\Bureau\Dial-a-fix-v0.60.0.24 --- 15/06/2008 21:46:12 -- Dial-a-fix : [v0.60.0.24] -- started 21:46:12 | Policy scan started 21:46:12 | Policy scan ended - no restrictive policies were found Voili voilou

Oki merci m'seur

Oui je parle du fichier RegKey que j'ai enregistrer suite à la manip faite à partir de la commande éxécuter. Je le vire lui ? Merci pour tes recherches

Non je n'ai rien de ça, enfin je ne pense pas. Sinon je peux voir cela où ? Par contre est-ce-que je peux effacer le fichier que j'ai enregistré à la racine du DD ?

Bon ben ça ne change rien du tout en fait. Comme indiqué, j'ai refais un double clique sur le fichier dans le menu racine du disque pour rétablir les parametre antécédents. PS : J'ai une amie qui vient d'ouvrir un topic concernant un virus MSN que je n'ai réussi à lui faire retirer, c'est Oakley Karou, si tu pouvais lui filer un ptit coup de main ce serait sympa aussi Merci

Bonjour Falkra . Voici le rapport que tu m'as demandé : REGEDIT4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout\DosKeybCodes] "00000402"="bg" "00000404"="ch" "00000405"="cz" "00000406"="dk" "00000407"="gr" "00000408"="gk" "00000409"="us" "0000040A"="sp" "0000040B"="su" "0000040C"="fr" "0000040E"="hu" "0000040F"="is" "00000410"="it" "00000411"="jp" "00000412"="ko" "00000413"="nl" "00000414"="no" "00000415"="pl" "00000416"="br" "00000418"="ro" "00000419"="ru" "0000041A"="yu" "0000041B"="sl" "0000041C"="us" "0000041D"="sv" "0000041F"="tr" "00000422"="us" "00000423"="us" "00000424"="yu" "00000425"="et" "00000426"="us" "00000427"="us" "00000804"="ch" "00000807"="sg" "00000809"="uk" "0000080A"="la" "0000080C"="be" "00000813"="be" "00000816"="po" "00000C0C"="cf" "00000C1A"="us" "00001009"="us" "0000100C"="sf" "00001809"="us" "00010402"="us" "00010405"="cz" "00010407"="gr" "00010408"="gk" "00010409"="dv" "0001040A"="sp" "0001040E"="hu" "00010410"="it" "00010415"="pl" "00010419"="ru" "0001041B"="sl" "0001041F"="tr" "00010426"="us" "00010C0C"="cf" "00010C1A"="us" "00020408"="gk" "00020409"="us" "00030409"="usl" "00040409"="usr" "00050408"="gk" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout\DosKeybIDs] "00000410"="141" "0000041F"="179" "00010408"="220" "00010410"="142" "00010415"="214" "0001041F"="440" "00020408"="319" Bonne lecture

Voilà, j'ai éxécuté les dernières instructions et supprimé les outils utilisés. Pas de soucis pour voir ce dernier ptit soucis concernant le raccourci WIN+E, mais serai moins dispo ce week end car je bosse. J'essairai tout de même de suivre tes instructions. Merci encore pour tes interventions, ta disponibilité et tes instructions claires et éfficaces. Merci également à Desch. Bon week-end Falkra.

Voilà, combofix a été supprimé correctement apparemment. Effectivement, il reste WIN+E mais comme je te disais c'était par flémardise que j'utilisais ce raccourci. Là j'ai remis le poste de travail sur le bureau et le panneau de config en menu dans démarrer. Donc ça vaaller. Euuuh pour smitfraudfix, Navilog1 on fait quoi ? Sinon, je ne vois pas d'autres choses à faire, sauf si tu souhaites que je te poste un rapport quelconque pour que tu sois sur que tout va bien. Les fichiers en quarantaine de ANTIVIR on en fait quoi aussi, à moins qu'ils soient dans Qoobox qui a été supprimé ? Sinon, je viens de voir que sur le disque C j'avais ça : upload_moi_numéro de mon PC.tar (fichier winzip exécutable de 10.9 Mo) Quelle est cette chose ?

Merci, Voilà c'est fait, le fichier est transmis. J'espere que tu y trouveras ce que tu voulais et surtout qu'il y a tout dedans Je garde le .rar sur mon DD ou je peux le retirer maintenant ?

Merci merci Donc le dossier Qoobox fait à l'origine 2.67 Mo contenant 67 fichiers et 11 dossiers. Après zipage, enfin "rarage" car je prefere le .rar, il ne fait plus que 561 Ko. Par quel moyen souhaites tu que je te le transmette ?

Euuh, question iiote peut-être mais je désactive comment ANTIVIR ?, car ça j'ai jamais fait à par désinstaller directement .

Arf, j'ai modifié la dernière partie de mon post juste au moment où tu écrivais le tien apparemment. oki, vais regardé le topic dont tu m'as donné le lien, mais un peu plus tard car je dois m'absenter. Te tiens au courant en tout cas dans la soirée;) Donc pour te répondre je n'ai pas WordPerfect ni Systran et suis sous XP édition familiale. Le raccourci clavier WIN+R fonctionne correctement. Sinon ne t'embete pas pour ce raccourci car en fait je n'utilisais que celui là par flémardise lol. Le principal étant que tu m'aies aidé à néttoyer ma machine, récupérer les fonctions relatives au bureau et panneau de config ainsi que l'accès aux dossiers... Par contre concernant smitfraudfix (je lui en veux à celui-là ), je le vire ou pas ? Et pour ce qui est dans les zones de quarantaine des divers logiciels utilisés, je fais quoi ?

Alors, les touches WIN et E fonctionnent individuellement sans problemes. Je n'ai pas de raccourci du poste de travail sur le bureau car je l'avais retiré pour éviter des erreurs, mais lorsque je l'ai remis il fonctionne et s'ouvre normalement suite à un double clic. Dans les accessoires j'ai également le raccourci expolrer et il fonctionne aussi normalement après essai. Donc je n'ai que celui du menu démarrer et celui figurant dans accessoires. Par contre le raccourci explorer du menu démarrer bien que je l'ai en liste maintenant comme mentionné plus haut m'affiche toujours le même message qu'avant contrairement au panneau de config qui lui est en fonction. Je l'ai donc désactivé de nouveau pour le remettre en lien à partir des propriétés de la barre de tache. A la suite de cela je l'ai affiché sur le bureau et il fonctionne tout à fait correctement.

Alors, en fait je viens de ruser mais grâce à toi. Je m'épate moi-même là Donc j'ai le nouveau menu démarrer et suis repassé dans l'ancien. Effectivement en cochant la case que tu m'as mentionné ça me donne acces au panneau de config via une liste. Et malheureusement en repassant au nouveau suite à la manip, même message d'erreur. Donc là fonctionnenment accru de mes 2 neurones et hop je coche la case "afficher le panneau de config en tant que menu" et j'ai la même liste que dans l'ancien style et ça marche. Et j'ai fait cela pour chaque élément du menu démarrer. Bon j'aime pas trop ce que cela donne car je préferais avant mais ça le fait tout de même. Par contre le raccourci clavier WIN+E ne fonctionne toujours pas. D'après ce que j'ai pu comprendre et tu me diras si je me trompe, ce sont les liens qui donnent accès à ces dossiers qui ne sont plus valides, car en cochant la case pour les faire passer en menu ça marche.

Ben c'est non :P En fait j'ai dans la partie de droite : ab (par défaut) --- REG_SZ --- (valeur non définie) NoDrives --- REG_DWORD --- 0x00000000 (0) NoDriveTypeAutoRun --- REG_DWORD --- 0x00000091 (145)

Non là ça passe sans soucis avec cette commande, d'ailleurs c'était comme cela que j'accedais au panneau de config depuis mes soucis.

Ben non, toujours le même message en retour que ce soit pour le panneau de config ou le raccourci clavi du poste de travail.

Non c'est bien en faisant démarrer, panneau de config sans passer par la commande éxécuter que ça me notifie cela.

Ben savoir si ça a reglés d'autres trucs je sais pas, mais déjà l'accès au dossier se fait normalement et tout ce qu'il y avait dans ces mêmes dossiers est toujours là et accessible également. En tout cas ça été super éfficace. Si j'ai remarqué que l'exécution des logiciels se faisait beaucoup plus rapidement. Concernant Win+E, l'accès au panneau de config via la commande démarrer c'est toujours le meme brin lol. Ca me marque ça : "Aucun programme n'est associé pour éxécuter cette action. Créez une association en utilisant l'application Option des dossiers dans le Panneau de Configuration". Par contre si j'affiche le poste de travail sur le bureau, là j'y accède sans soucis. Je sais pas ce que j'ai chopé mais en tout cas c'était un sacré truc.