agenor47

Bonjour Mark, Suite...et fin J'ai tout remis en place et même fait un peu de ménage. Tout baigne!!! j'y croyais plus et pourtant, le résultat est là... grâce à TOI. Un grand, grand merci pour ton aide et ta disponibilité. Ce fut pour moi l'occasion de découvrir plus en profondeur Zébulon ( j'avais jamais fait attention à la richesse du site jusqu'a présent) et son forum très actif même si je ne souhaite pas renouveler l'expérience trop souvent, lol. Je vais définitivement suivre tes conseils en matiére de sécurité avec Antivir + outpost + MBAM en version payante. J'ai viré tout le reste. Encore merci pour ton aide. agenor47

Merci docteur! lol Ben oui, tout baigne pour le moment (je touche du bois!). En tout cas je vais suivre tes conseils, à savoir -Conserver Antivir et même passer à la version Premium -Remettre en route Outpost -J'aurai bien conservé Spysweeper (je venais juste de renouveler la licence) mais bon, d'aprés tes dires il est pas au top actuellement et risque en plus d'utiliser des ressources inutilement! Par contre, que penses tu de Tea-Timer le module en temps réel de Spybot ? Est-il efficace? Enfin, je penses que mon fils aura retenu la leçon, vu le savon qu'il s'est pris @ +

B'jour Mark Ton dernier message est encourageant. Aurait-on enfin la peau de la bête? Avant d'aller bosser, voici le rapport ############################## | FindyKill V5.024 | # User : Yancau (Administrateurs) # CAUJOLLE-381D1A # Update on 09/01/2010 by El Desaparecido # Start at: 07:15:47 | 16/01/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Core2 Quad CPU Q6600 @ 2.40GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 77,93 Go (42,38 Go free) # NTFS # D:\ # Disque fixe local # 67,06 Go (53,22 Go free) [Applog] # NTFS # E:\ # Disque fixe local # 87,9 Go (38,89 Go free) [Données] # NTFS # F:\ # Disque fixe local # 32,25 Go (32,16 Go free) [sAUVEGARDE] # NTFS # G:\ # Disque fixe local # 120,41 Go (64,81 Go free) [Ma Musique] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\Sécurité\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Sécurité\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe D:\SéCURITé\A-SQUARED FREE\a2service.exe D:\Sécurité\Avira\AntiVir Desktop\avguard.exe D:\Systéme\Diskeeper Corporation\DkService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe D:\Utilitaires\CDBurnerXP\NMSAccessU.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe D:\Sécurité\Windows Defender\MSASCui.exe D:\Sécurité\Pest Patrol\caissdt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe D:\Sécurité\Avira\AntiVir Desktop\avgnt.exe D:\Utilitaires\Alt-Tab Thingy v4\attmain.exe D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe D:\Utilitaires\Launchy\Launchy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe ################## | C: | ################## | C:\WINDOWS | ################## | C:\WINDOWS\Prefetch | ################## | C:\WINDOWS\system32 | ################## | C:\WINDOWS\system32\drivers | ################## | C:\Documents and Settings\Yancau\Application Data | ################## | Temporary Internet Files | ################## | Registre | ################## | Etat | # Affichage des fichiers cachés : OK # Mode sans echec : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # windefend -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | Cracks > Keygens > Serials | "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\freecorder\Freecorder V2.2+crk\crack\Freecorder.exe" 26/10/2004 16:28 |Size 532480 |Crc32 ed3bf5fa |Md5 fa50b842187ee0f1d42530fbf73e7873 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Everest\keygen.exe" 06/09/2008 06:24 |Size 44544 |Crc32 6c5bcab8 |Md5 933330ee37194f0845342f4cacd5e6d9 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Winiso\KeyGen_WinISO5.3\winiso53.exe" 30/07/2008 21:40 |Size 7440 |Crc32 7c589e91 |Md5 a0d42b98f11125150feb3022b34e2e0b "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\eTrust\keygen.exe" 05/07/2006 19:41 |Size 173568 |Crc32 87532344 |Md5 5bf3b3ed78d112aa60865e680d7c3e87 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\GoodSync.8.0.0.0 + Keymaker-CORE\keygen.exe" 29/03/2008 22:48 |Size 118272 |Crc32 617bec76 |Md5 a51c73e436c2151d19330189835c62e5 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\Keygen\keygen.EXE" 30/09/2008 16:29 |Size 436736 |Crc32 68c628ec |Md5 64f7b016e077e63ff822696f32199d0c "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 "G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\Photoshop cs\Patch.exe" 12/11/2004 01:15 |Size 978593 |Crc32 ec6f6daa |Md5 c5f92bc7729bc95ee481ebd242d30e2f ################## | ! Fin du rapport # FindyKill V5.024 ! |

Bonne nouvelle, je peux poster depuis la bécane infectée! Je t'envoie le nouveau rapport, bon courage OTL logfile created on: 15/01/2010 22:26:32 - Run 2 OTL by OldTimer - Version 3.1.25.0 Folder = C:\Documents and Settings\Yancau\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 82,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 77,93 Gb Total Space | 42,43 Gb Free Space | 54,45% Space Free | Partition Type: NTFS Drive D: | 67,06 Gb Total Space | 53,22 Gb Free Space | 79,36% Space Free | Partition Type: NTFS Drive E: | 87,90 Gb Total Space | 38,89 Gb Free Space | 44,24% Space Free | Partition Type: NTFS Drive F: | 32,25 Gb Total Space | 32,16 Gb Free Space | 99,73% Space Free | Partition Type: NTFS Drive G: | 120,41 Gb Total Space | 64,81 Gb Free Space | 53,82% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CAUJOLLE-381D1A Current User Name: Yancau Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/01/15 19:15:18 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe PRC - [2010/01/13 18:00:45 | 00,185,089 | ---- | M] (Avira GmbH) -- D:\Sécurité\Avira\AntiVir Desktop\avguard.exe PRC - [2010/01/13 18:00:45 | 00,108,289 | ---- | M] (Avira GmbH) -- D:\Sécurité\Avira\AntiVir Desktop\sched.exe PRC - [2010/01/10 16:20:11 | 00,160,592 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe PRC - [2009/12/29 19:00:44 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/12/29 19:00:43 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009/11/20 20:32:14 | 00,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009/11/17 20:27:02 | 18,789,408 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009/10/15 21:06:09 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- D:\Sécurité\a-squared Free\a2service.exe PRC - [2009/08/29 07:00:12 | 00,966,656 | ---- | M] () -- C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Local Settings\Apps\F.lux\flux.exe PRC - [2009/08/05 22:47:20 | 01,602,048 | ---- | M] (Copernic Inc.) -- D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe PRC - [2009/07/13 22:18:12 | 00,071,096 | ---- | M] () -- D:\Utilitaires\CDBurnerXP\NMSAccessU.exe PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/05/14 16:54:02 | 00,140,800 | ---- | M] (Nymithium Technologies™) -- D:\Utilitaires\Alt-Tab Thingy v4\attmain.exe PRC - [2009/04/17 13:17:40 | 01,349,912 | ---- | M] (Diskeeper Corporation) -- D:\Systéme\Diskeeper Corporation\DkService.exe PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- D:\Sécurité\Avira\AntiVir Desktop\avgnt.exe PRC - [2008/11/10 12:51:46 | 00,031,744 | ---- | M] (NirSoft) -- D:\Utilitaires\Volumouse\volumouse.exe PRC - [2008/08/05 19:16:40 | 00,286,720 | ---- | M] () -- D:\Utilitaires\Launchy\Launchy.exe PRC - [2008/04/14 03:34:29 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/03/24 21:05:36 | 00,306,176 | ---- | M] (KO Software) -- D:\Utilitaires\KO Approach\Approach.exe PRC - [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) -- D:\Sécurité\Windows Defender\MSASCui.exe PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- D:\Sécurité\Windows Defender\MsMpEng.exe PRC - [2006/03/23 17:06:38 | 00,880,128 | ---- | M] (Nero AG) -- C:\Program Files\ahead\InCD\InCDsrv.exe PRC - [2005/12/29 15:42:18 | 00,165,416 | ---- | M] (Computer Associates International, Inc.) -- D:\Sécurité\Pest Patrol\caissdt.exe PRC - [2002/11/07 13:48:50 | 00,143,360 | ---- | M] (Druide informatique inc.) -- D:\Bureautique & Gestion\Druide\Antidote\Gestionnaire Antidote.exe ========== Modules (SafeList) ========== MOD - [2010/01/15 19:15:18 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2010/01/13 18:00:45 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Sécurité\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/01/13 18:00:45 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Sécurité\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/12/29 19:00:43 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009/11/20 20:32:14 | 00,154,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2009/10/15 21:06:09 | 01,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- D:\SéCURITé\A-SQUARED FREE\a2service.exe -- (a2free) SRV - [2009/08/23 22:00:06 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009/08/17 13:01:44 | 00,099,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- D:\Utilitaires\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe -- (SandraAgentSrv) SRV - [2009/07/13 22:18:12 | 00,071,096 | ---- | M] () [Auto | Running] -- D:\Utilitaires\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/28 17:33:56 | 00,188,416 | ---- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD) SRV - [2009/04/17 13:17:40 | 01,349,912 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- D:\Systéme\Diskeeper Corporation\DkService.exe -- (Diskeeper) SRV - [2009/02/10 21:00:55 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca4ea3fcc82e76) Service Google Update (gupdate1ca4ea3fcc82e76) SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2007/04/13 07:49:00 | 00,101,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Sécurité\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/03/23 17:06:38 | 00,880,128 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only) SRV - [2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2010/01/13 18:00:45 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/01/13 18:00:45 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/11/21 03:34:54 | 10,235,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009/11/17 19:51:38 | 05,956,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/09/28 21:57:28 | 00,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/09/28 14:04:58 | 00,007,582 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDrm.sys -- (incdrm) DRV - [2009/09/27 17:39:54 | 00,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.sys -- (PCANDIS5) DRV - [2009/08/07 23:46:56 | 00,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- D:\Utilitaires\SiSoftware Sandra Lite 2009.SP4\WNt500x86\sandra.sys -- (SANDRA) DRV - [2009/06/17 09:56:18 | 00,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 09:56:06 | 00,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009/06/17 09:55:34 | 00,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2009/06/17 09:55:18 | 00,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2009/05/23 00:08:32 | 00,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone) DRV - [2009/03/30 10:32:47 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/17 18:11:30 | 00,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2009/02/13 12:34:33 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Sécurité\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/08/05 20:10:12 | 01,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008/04/13 17:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008/04/13 17:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007/03/15 07:12:02 | 00,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001) DRV - [2006/03/23 17:15:58 | 00,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2006/03/23 17:15:56 | 00,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass) DRV - [2006/01/04 15:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2004/08/13 11:56:20 | 00,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2002/08/30 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr IE - HKU\S-1-5-21-436374069-651377827-839522115-1003\S-1-5-21-436374069-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-651377827-839522115-1005\S-1-5-21-436374069-651377827-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Live Search" FF - prefs.js..browser.startup.homepage: "http://www.msn.fr/" FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.92 FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx??mkt=fr-FR&FORM=MICWU0&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\Internet\Firefox\components [2010/01/15 22:10:50 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\Internet\Firefox\plugins [2010/01/07 16:44:12 | 00,000,000 | ---D | M] [2009/09/27 20:42:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Extensions [2009/09/27 20:42:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Extensions\songbird@songbirdnest.com [2010/01/15 20:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions [2009/09/27 20:42:00 | 00,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} [2009/09/27 20:42:00 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{0899232a-cbab-11db-8314-0800200c9a66} [2009/09/27 20:42:00 | 00,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Simple Green) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{13b4437e-b706-11dc-8314-0800200c9a66} [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2) [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(3) [2009/09/27 20:41:51 | 00,000,000 | ---D | M] (Quick Locale Switcher) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F} [2009/09/27 20:41:51 | 00,000,000 | ---D | M] (Strata Aero) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E} [2009/09/27 20:41:51 | 00,000,000 | ---D | M] (Abstract Classic) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{2fbc1200-ad13-11db-abbd-0800200c9a66} [2010/01/10 15:13:54 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/09/27 20:41:48 | 00,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2009/09/27 20:41:48 | 00,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2009/09/27 20:41:48 | 00,000,000 | ---D | M] (Modern Modoki) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{4a428302-5267-4749-bb22-459b3236695f} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{57407AE0-868F-11DC-AD21-49A755D89593} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (View Source Chart) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{71073f20-deb8-11da-95c9-00e08161165f} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009/09/27 20:41:45 | 00,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (keywordManager) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{78b1f0cf-8cca-4503-81bc-8523d9218a43} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (keywordManager) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{78b1f0cf-8cca-4503-81bc-8523d9218a43}(2) [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (Firefox Showcase) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{8B41860E-5D30-4e96-BB09-CE22F491A481} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{95f24680-9e31-11da-a746-0800200c9a66} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa} [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}(2) [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (MEDIADICO Familial) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{b055c535-4a3a-11db-9659-00e08161165f} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{B5EDFBB0-9827-11DA-A72B-0800200C9A66} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{dc572301-7619-498c-a57d-39143191b318} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (GooglePreview) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (GooglePreview) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(2) [2009/09/27 20:42:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\exif_viewer@mozilla.doslash.org [2009/09/27 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\foxmarks@kei.com [2009/09/27 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\fr@dictionaries.addons.mozilla.org [2009/09/27 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\personas@christopher.beard [2009/09/27 20:42:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com [2009/09/27 20:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com-trash [2009/09/27 20:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\qtl.co.il@gmail.com [2009/09/27 20:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\staged-xpis(2) [2009/09/27 20:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions [2009/09/27 20:41:37 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/09/27 20:41:36 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{dc572301-7619-498c-a57d-39143191b318} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (iGraal) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{e411bb40-b04c-11d8-92e7-00d09e0179f2} [2009/09/27 20:41:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s7cdf7uj.default\extensions [2009/09/27 20:41:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\xxaleexd.Florian\extensions [2009/09/27 20:41:30 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\xxaleexd.Florian\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/09/27 20:41:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Sunbird\Profiles\uooxwoj1.default\extensions [2008/09/01 19:28:51 | 00,001,776 | ---- | M] () -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s7cdf7uj.default\searchplugins\live-search.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Sécurité\SpywareGuard\dlprotect.dll () O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found. O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Barre d'outils Copernic Desktop Search - Home) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - D:\Utilitaires\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000313.dll (Copernic Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-21-436374069-651377827-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-436374069-651377827-839522115-1003\..\Toolbar\WebBrowser: (Barre d'outils Copernic Desktop Search - Home) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - D:\Utilitaires\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000313.dll (Copernic Inc.) O3 - HKU\S-1-5-21-436374069-651377827-839522115-1003\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-21-436374069-651377827-839522115-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-436374069-651377827-839522115-1005\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [Alt-Tab Thingy] D:\Utilitaires\Alt-Tab Thingy v4\attmain.exe (Nymithium Technologies™) O4 - HKLM..\Run: [avgnt] D:\Sécurité\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CaISSDT] D:\Sécurité\Pest Patrol\caissdt.exe (Computer Associates International, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Windows Defender] D:\Sécurité\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-436374069-651377827-839522115-1003..\Run: [$Volumouse$] D:\Utilitaires\Volumouse\volumouse.exe (NirSoft) O4 - HKU\S-1-5-21-436374069-651377827-839522115-1003..\Run: [Copernic Desktop Search - Home] D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.) O4 - HKU\S-1-5-21-436374069-651377827-839522115-1003..\Run: [F.lux] C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Local Settings\Apps\F.lux\flux.exe () O4 - HKU\S-1-5-21-436374069-651377827-839522115-1003..\Run: [Gestionnaire Antidote.exe] D:\Bureautique & Gestion\Druide\Antidote\Gestionnaire Antidote.exe (Druide informatique inc.) O4 - HKU\S-1-5-21-436374069-651377827-839522115-1003..\Run: [Rainlendar2] D:\Utilitaires\Rainlendar2\Rainlendar2.exe File not found O4 - HKU\S-1-5-21-436374069-651377827-839522115-1003..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKU\S-1-5-21-436374069-651377827-839522115-1005..\Run: [Copernic Desktop Search - Home] D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.) O4 - Startup: C:\Documents and Settings\Administrateur.CAUJOLLE-381D1A\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = D:\Sécurité\SpywareGuard\sgmain.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Launchy.lnk = G:\Utilitaires\Launchy\Launchy.exe File not found O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\Florian\Menu Démarrer\Programmes\Démarrage\Outil de notification Live Search.lnk = C:\Documents and Settings\Yancau\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe File not found O4 - Startup: C:\Documents and Settings\Parents\Menu Démarrer\Programmes\Démarrage\KO Approach.lnk = G:\Utilitaires\KO Approach\Approach.exe File not found O4 - Startup: C:\Documents and Settings\Parents\Menu Démarrer\Programmes\Démarrage\Rainlendar.lnk = G:\Bureautique & Gestion\Rainlendar\Rainlendar.exe File not found O4 - Startup: C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Menu Démarrer\Programmes\Démarrage\KO Approach.lnk = D:\Utilitaires\KO Approach\Approach.exe (KO Software) O4 - Startup: C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Menu Démarrer\Programmes\Démarrage\Launchy.lnk = D:\Utilitaires\Launchy\Launchy.exe () O4 - Startup: C:\Documents and Settings\Yancau\Menu Démarrer\Programmes\Démarrage\Launchy.lnk = D:\Utilitaires\Launchy\Launchy.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-436374069-651377827-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-436374069-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKU\S-1-5-21-436374069-651377827-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-436374069-651377827-839522115-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xporter vers Microsoft Excel - D:\Bureautique & Gestion\Office Entreprise 2007\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Bureautique & Gestion\Office Entreprise 2007\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-436374069-651377827-839522115-1003\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-436374069-651377827-839522115-1005\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - D:\Sécurité\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - D:\Sécurité\SpywareGuard\spywareguard.dll () O30 - LSA: Security Packages - (| ---- | m] (microsoft corpora) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/07/30 15:17:46 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/26 15:55:20 | 00,057,856 | ---- | M] () - E:\AUTORISATION PARENTALE.doc -- [ NTFS ] O32 - AutoRun File - [2009/05/26 15:55:49 | 00,057,856 | ---- | M] () - E:\AUTORISATION PARENTALE1.doc -- [ NTFS ] O33 - MountPoints2\{bd482fec-ab89-11de-b62a-001e8ca539a0}\Shell\AutoRun\command - "" = J:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{bd482fec-ab89-11de-b62a-001e8ca539a0}\Shell\RoboForm2Go\command - "" = J:\PortableRoboForm.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/01/15 22:16:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\NymTec [2010/01/15 20:59:03 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Yancau\Recent [2010/01/15 19:16:00 | 00,546,816 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe [2010/01/15 18:02:26 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2010/01/14 19:18:49 | 00,000,000 | RHSD | C] -- C:\cmdcons [2010/01/14 19:18:04 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/01/14 19:18:04 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/01/14 19:18:04 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/01/14 19:18:04 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/01/14 07:33:55 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010/01/13 17:54:45 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/01/13 17:54:45 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/01/13 17:54:45 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/01/13 17:54:45 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/01/13 17:54:45 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/01/13 17:54:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira [2010/01/12 20:58:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\Sun [2010/01/12 20:47:25 | 00,086,528 | ---- | C] (Eric_71) -- C:\Documents and Settings\Yancau\Bureau\ZSc.exe [2010/01/11 21:13:00 | 00,000,000 | ---D | C] -- C:\FindyKill [2010/01/11 13:05:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SeaPort [2010/01/11 12:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/01/11 12:03:04 | 00,000,000 | ---D | C] -- C:\Qoobox [2010/01/10 21:04:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\Malwarebytes [2010/01/10 15:27:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\GoodSync [2009/12/29 19:01:23 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009/12/29 19:01:23 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009/12/29 19:01:23 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009/12/29 19:01:23 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2009/12/29 19:01:23 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2009/09/25 06:46:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore [2009/05/10 10:41:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MediaMonkey [2009/02/13 07:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/02/11 13:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2008/08/29 22:24:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2008/07/30 21:21:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Acronis [2008/07/30 15:35:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2008/07/30 15:20:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2008/07/30 15:17:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [4 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ] [16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/01/15 22:28:21 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{15CAFF63-A9F2-4B59-A661-58E5216B5481}.job [2010/01/15 22:26:00 | 00,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/01/15 22:17:34 | 00,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DC86F997-0858-488E-AE29-118EEC647C8D}.job [2010/01/15 22:16:41 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Alt-Tab Thingy.lnk [2010/01/15 22:09:38 | 00,262,558 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/01/15 21:47:49 | 00,000,320 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/15 21:45:02 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/01/15 21:45:02 | 00,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/01/15 21:44:47 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/01/15 21:44:45 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/01/15 21:14:12 | 00,500,872 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/01/15 21:14:11 | 01,094,578 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/01/15 21:14:11 | 00,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/01/15 21:14:11 | 00,080,748 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/01/15 21:14:11 | 00,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/01/15 21:13:32 | 00,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CFEC75F-EC5C-4CBB-B08D-98B496136766}.job [2010/01/15 20:59:15 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Yancau\NTUSER.DAT [2010/01/15 20:59:01 | 04,847,168 | -H-- | M] () -- C:\Documents and Settings\Yancau\Local Settings\Application Data\IconCache.db [2010/01/15 20:55:10 | 00,000,553 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk [2010/01/15 19:15:18 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe [2010/01/15 18:01:26 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/01/15 17:58:09 | 00,000,633 | ---- | M] () -- C:\Documents and Settings\Yancau\Bureau\Revo Uninstaller.lnk [2010/01/14 19:25:29 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/01/14 19:19:00 | 00,000,282 | RHS- | M] () -- C:\boot.ini [2010/01/14 19:12:18 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Yancau\ntuser.ini [2010/01/14 19:06:34 | 03,824,993 | R--- | M] () -- C:\Documents and Settings\Yancau\Bureau\agenor.exe [2010/01/14 07:42:45 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/01/13 18:00:45 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/01/13 18:00:45 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/01/13 17:54:58 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk [2010/01/12 20:44:20 | 00,086,528 | ---- | M] (Eric_71) -- C:\Documents and Settings\Yancau\Bureau\ZSc.exe [2010/01/11 10:56:11 | 13,388,362 | ---- | M] () -- C:\Documents and Settings\Yancau\Bureau\registre.reg [2010/01/10 21:03:39 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/01/02 00:30:03 | 00,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI [2009/12/29 19:00:42 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009/12/29 19:00:42 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009/12/29 19:00:42 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009/12/29 19:00:42 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2009/12/29 19:00:42 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2009/12/28 17:41:04 | 00,001,915 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Google Earth.lnk [4 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ] [16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/01/15 22:16:41 | 00,241,152 | ---- | C] () -- C:\WINDOWS\System32\attsetup.cpl [2010/01/15 22:16:41 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Alt-Tab Thingy.lnk [2010/01/15 20:55:10 | 00,000,553 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk [2010/01/15 17:58:09 | 00,000,633 | ---- | C] () -- C:\Documents and Settings\Yancau\Bureau\Revo Uninstaller.lnk [2010/01/15 17:57:12 | 00,000,320 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/14 19:19:00 | 00,000,212 | ---- | C] () -- C:\Boot.bak [2010/01/14 19:18:54 | 00,263,488 | ---- | C] () -- C:\cmldr [2010/01/14 19:18:04 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/01/14 19:18:04 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/01/14 19:18:04 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/01/14 19:18:04 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/01/14 19:18:04 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/01/14 18:59:56 | 03,824,993 | R--- | C] () -- C:\Documents and Settings\Yancau\Bureau\agenor.exe [2010/01/13 17:54:58 | 00,000,758 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk [2010/01/11 10:56:09 | 13,388,362 | ---- | C] () -- C:\Documents and Settings\Yancau\Bureau\registre.reg [2010/01/10 21:03:38 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/02 00:30:03 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI [2009/12/28 17:41:04 | 00,001,915 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Google Earth.lnk [2009/12/08 12:28:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PestPatrol5.INI [2009/11/09 17:23:18 | 11,988,992 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\sandra.mda [2009/11/08 23:22:30 | 00,000,028 | ---- | C] () -- C:\WINDOWS\Systems.ini [2009/10/28 22:48:34 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009/10/28 22:48:33 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009/10/28 22:48:29 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/10/28 22:48:29 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/10/28 22:48:27 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/10/28 22:48:26 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/10/15 20:46:46 | 00,000,046 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/10/14 20:20:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2009/10/14 20:20:35 | 00,003,513 | ---- | C] () -- C:\WINDOWS\Antidote.ini [2009/10/09 18:44:32 | 00,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2009/10/06 18:45:23 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009/09/27 17:43:38 | 00,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini [2009/09/27 17:00:44 | 00,015,043 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009/09/27 17:00:29 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009/09/27 17:00:25 | 00,014,714 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/09/27 17:00:12 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/08/02 23:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009/08/02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009/08/02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/09/03 20:47:36 | 00,000,464 | ---- | C] () -- C:\Program Files\bqdo.txt [2008/07/30 17:41:04 | 00,278,528 | ---- | C] () -- C:\Program Files\Fichiers communs\FDEUnInstaller.exe [2008/03/24 12:52:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C321E34 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8 @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2 < End of report >

Ben, concernant Revo Uninstaller j'ai rien vu de particulier. Je l'utilise de preference au programme de désinstallation du logiciel à supprimer. Je trouve qu'il élimine proprement ttes les traces, y compris dans le registre. Je me suis peut-être mal exprimé pour le mode sans échec. En fait, il me propose 2 comptes : - le compte admin créé au moment de l'install -un autre compte créé par mes soins avec les privigéges administrateurs Ca a tjs fonctionné de la sorte sans pb. A propos Mark, je retiens ta proposition concernant un choix de logiciels de sécurité ( freewares ou payants ) @+

Voila le rapport de MBAM ( il a rien trouvé). Par contre je n'ai pas vu Total Uninstaller sur le PC, ni sous C:\, ni sous D:\ qui est la partition dédiée aux progs. Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3570 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 15/01/2010 21:08:48 mbam-log-2010-01-15 (21-08-48).txt Type de recherche: Examen rapide Eléments examinés: 186745 Temps écoulé: 7 minute(s), 11 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 @+ Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Sorry, j'avais pas tout lu, notamment... la fin. Je vais lançer la manip ,mais en mode sans echec je n'ai accés qu'au compte administrateur et à un autre compte qui lui aussi a les pouvoirs d'administrateur. dois-je le modifier en compte utilisateur? Merci pour ta réponse @ bientôt

En réponse a tes 2 questions : - Pest patrol a bien été désinstallé - Acronis n'a pas été installé par mes soins, ni par ma femme non plus. Devines à qui je pense....donc, le logiciel peut être enlevé sans pb. @ +

Allez, dans la série on continue, voici les derniers rapports demandés OTL Extras logfile created on: 15/01/2010 19:19:10 - Run 1 OTL by OldTimer - Version 3.1.25.0 Folder = C:\Documents and Settings\Yancau\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 77,93 Gb Total Space | 42,63 Gb Free Space | 54,70% Space Free | Partition Type: NTFS Drive D: | 67,06 Gb Total Space | 53,22 Gb Free Space | 79,36% Space Free | Partition Type: NTFS Drive E: | 87,90 Gb Total Space | 38,88 Gb Free Space | 44,23% Space Free | Partition Type: NTFS Drive F: | 32,25 Gb Total Space | 32,16 Gb Free Space | 99,73% Space Free | Partition Type: NTFS Drive G: | 120,41 Gb Total Space | 64,81 Gb Free Space | 53,82% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: | 3,95 Gb Total Space | 2,23 Gb Free Space | 56,52% Space Free | Partition Type: FAT32 Computer Name: CAUJOLLE-381D1A Current User Name: Yancau Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hta [@ = ] -- Reg Error: Key error. File not found .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Internet\Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Bureautique & Gestion\Office Entreprise 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\Multimédia\VLC media player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OpenNew] -- cmd.exe /k cd %1 (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\Multimédia\VLC media player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Internet\P2P\Emule\emule.exe" = D:\Internet\P2P\Emule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = CANAL+ CANALSAT A LA DEMANDE "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series "{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17 "{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3E73666F-BC62-49A9-857D-C90A5B2CF899}" = Diskeeper 2009 Home "{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{55D1BF8E-EA8F-4969-82B9-B577010CFBCD}" = Microsoft Baseline Security Analyzer 2.1 "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.® L1 Gigabit Ethernet Driver "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12 "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.0 beta 1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C084BC61-E537-11DE-8616-005056806466}" = Google Earth "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP4 "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{CB004EB8-C6DD-4908-8D49-C8ABA082B346}" = Ciel Paye Evolution 9.00 Etudiants "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D085A1B6-90A4-11D3-82B7-00C04FA309DE}" = Microsoft Money 2001 "{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20 "{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{EFABFA23-0807-4BB3-8375-BE04923A5E37}" = Ciel Gestion Commerciale Evolution 9.0 Etudiants "{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3BCE8FA-0EE2-4628-BF02-AB5AF4077997}" = Ciel Compta Evolution 9.0 Etudiants "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Antidote" = Antidote "AtcL1" = Attansic L1 Gigabit Ethernet Driver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CanonMyPrinter" = Canon My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "CopernicDesktopSearch2" = Copernic Desktop Search - Home "CrystalDiskInfo_is1" = CrystalDiskInfo 3.2.0 "DMX5_is1" = DriverMax 5 "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition "Duplicate Cleaner_is1" = Duplicate Cleaner 1.4.3 "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "ENTERPRISER" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "Filetopia Client v3.04d" = Filetopia Client v3.04d "Foxit PDF Editor" = Foxit PDF Editor "ie8" = Windows Internet Explorer 8 "KLiteCodecPack_is1" = K-Lite Codec Pack 5.3.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MP Navigator EX 1.0" = Canon MP Navigator EX 1.0 "MRW!UninstallKey" = InCD EasyWrite Reader (Ahead Software) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NFO viewer_is1" = NFO viewer v 2.1 "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Picasa 3" = Picasa 3 "Revo Uninstaller" = Revo Uninstaller 1.85 "SpywareBlaster_is1" = SpywareBlaster 4.2 "SpywareGuard_is1" = SpywareGuard v2.2 "Steam App 34000" = Football Manager 2010 "SWF Extractor_is1" = SWF Extractor 2.3 "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.0.2 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Installation Windows Live "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12/11/2009 06:33:31 | Computer Name = CAUJOLLE-381D1A | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Error - 13/11/2009 09:05:48 | Computer Name = CAUJOLLE-381D1A | Source = ESENT | ID = 490 Description = svchost (1964) Une tentative d'ouverture du fichier "C:\WINDOWS\system32\CatRoot2\edb.log" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error - 13/11/2009 09:05:50 | Computer Name = CAUJOLLE-381D1A | Source = ESENT | ID = 490 Description = svchost (1964) Une tentative d'ouverture du fichier "C:\WINDOWS\system32\CatRoot2\edb.log" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error - 13/11/2009 09:06:29 | Computer Name = CAUJOLLE-381D1A | Source = ESENT | ID = 490 Description = svchost (1964) Une tentative d'ouverture du fichier "C:\WINDOWS\system32\CatRoot2\edb.log" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error - 13/11/2009 09:06:35 | Computer Name = CAUJOLLE-381D1A | Source = ESENT | ID = 490 Description = svchost (1964) Une tentative d'ouverture du fichier "C:\WINDOWS\system32\CatRoot2\edb.log" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error - 14/11/2009 15:42:22 | Computer Name = CAUJOLLE-381D1A | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x151ec1bc. Error - 14/11/2009 18:05:24 | Computer Name = CAUJOLLE-381D1A | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x04dea410. Error - 16/11/2009 15:49:55 | Computer Name = CAUJOLLE-381D1A | Source = Application Error | ID = 1000 Description = Application défaillante fm.exe, version 10.1.0.19311, module défaillant fm.exe, version 10.1.0.19311, adresse de défaillance 0x00cef952. Error - 18/11/2009 17:50:59 | Computer Name = CAUJOLLE-381D1A | Source = Application Error | ID = 1000 Description = Application défaillante fm.exe, version 10.1.0.19311, module défaillant fm.exe, version 10.1.0.19311, adresse de défaillance 0x00cef952. Error - 19/11/2009 17:23:54 | Computer Name = CAUJOLLE-381D1A | Source = Application Error | ID = 1000 Description = Application défaillante washengine.exe, version 0.0.0.0, module défaillant kernel32.dll, version 5.1.2600.5781, adresse de défaillance 0x00012afb. [ System Events ] Error - 14/01/2010 13:19:59 | Computer Name = CAUJOLLE-381D1A | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : AFD avgio avipbb ElbyCDIO Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv Tcpip Error - 14/01/2010 13:20:59 | Computer Name = CAUJOLLE-381D1A | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 14/01/2010 13:20:59 | Computer Name = CAUJOLLE-381D1A | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 14/01/2010 14:12:17 | Computer Name = CAUJOLLE-381D1A | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 15/01/2010 13:00:32 | Computer Name = CAUJOLLE-381D1A | Source = ssidrv | ID = 131098 Description = Error - 15/01/2010 13:00:51 | Computer Name = CAUJOLLE-381D1A | Source = Service Control Manager | ID = 7034 Description = Le service Moteur Webroot Spy Sweeper s'est terminé de façon inattendue pour la 1ème fois. Error - 15/01/2010 13:00:54 | Computer Name = CAUJOLLE-381D1A | Source = Service Control Manager | ID = 7034 Description = Le service Webroot Client Service s'est terminé de façon inattendue pour la 1ème fois. Error - 15/01/2010 13:01:02 | Computer Name = CAUJOLLE-381D1A | Source = PlugPlayManager | ID = 11 Description = Le périphérique Root\LEGACY_SSFS0BBC\0000 a disparu du système sans que sa suppression ait tout d'abord été préparée. Error - 15/01/2010 13:01:02 | Computer Name = CAUJOLLE-381D1A | Source = PlugPlayManager | ID = 11 Description = Le périphérique Root\LEGACY_SSHRMD\0000 a disparu du système sans que sa suppression ait tout d'abord été préparée. Error - 15/01/2010 13:01:02 | Computer Name = CAUJOLLE-381D1A | Source = PlugPlayManager | ID = 11 Description = Le périphérique Root\LEGACY_SSIDRV\0000 a disparu du système sans que sa suppression ait tout d'abord été préparée. < End of report > OTL logfile created on: 15/01/2010 19:19:10 - Run 1 OTL by OldTimer - Version 3.1.25.0 Folder = C:\Documents and Settings\Yancau\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 77,93 Gb Total Space | 42,63 Gb Free Space | 54,70% Space Free | Partition Type: NTFS Drive D: | 67,06 Gb Total Space | 53,22 Gb Free Space | 79,36% Space Free | Partition Type: NTFS Drive E: | 87,90 Gb Total Space | 38,88 Gb Free Space | 44,23% Space Free | Partition Type: NTFS Drive F: | 32,25 Gb Total Space | 32,16 Gb Free Space | 99,73% Space Free | Partition Type: NTFS Drive G: | 120,41 Gb Total Space | 64,81 Gb Free Space | 53,82% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: | 3,95 Gb Total Space | 2,23 Gb Free Space | 56,52% Space Free | Partition Type: FAT32 Computer Name: CAUJOLLE-381D1A Current User Name: Yancau Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010/01/15 19:15:18 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe PRC - [2010/01/13 18:00:45 | 00,185,089 | ---- | M] (Avira GmbH) -- D:\Sécurité\Avira\AntiVir Desktop\avguard.exe PRC - [2010/01/13 18:00:45 | 00,108,289 | ---- | M] (Avira GmbH) -- D:\Sécurité\Avira\AntiVir Desktop\sched.exe PRC - [2009/12/29 19:00:44 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/12/29 19:00:43 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009/11/20 20:32:14 | 00,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009/11/17 20:27:02 | 18,789,408 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009/10/15 21:06:09 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- D:\Sécurité\a-squared Free\a2service.exe PRC - [2009/08/05 22:47:20 | 01,602,048 | ---- | M] (Copernic Inc.) -- D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe PRC - [2009/07/13 22:18:12 | 00,071,096 | ---- | M] () -- D:\Utilitaires\CDBurnerXP\NMSAccessU.exe PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/17 13:17:40 | 01,349,912 | ---- | M] (Diskeeper Corporation) -- D:\Systéme\Diskeeper Corporation\DkService.exe PRC - [2009/04/17 02:35:18 | 00,408,424 | ---- | M] (Microsoft Corporation) -- D:\Bureautique & Gestion\Office Entreprise 2007\Office12\WINWORD.EXE PRC - [2009/03/02 13:08:11 | 00,209,153 | ---- | M] (Avira GmbH) -- D:\Sécurité\Avira\AntiVir Desktop\avgnt.exe PRC - [2008/08/05 19:16:40 | 00,286,720 | ---- | M] () -- D:\Utilitaires\Launchy\Launchy.exe PRC - [2008/04/14 03:34:29 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) -- D:\Sécurité\Windows Defender\MSASCui.exe PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- D:\Sécurité\Windows Defender\MsMpEng.exe PRC - [2006/03/23 17:06:38 | 00,880,128 | ---- | M] (Nero AG) -- C:\Program Files\ahead\InCD\InCDsrv.exe PRC - [2005/12/29 15:42:18 | 00,165,416 | ---- | M] (Computer Associates International, Inc.) -- D:\Sécurité\Pest Patrol\caissdt.exe ========== Modules (SafeList) ========== MOD - [2010/01/15 19:15:18 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe ========== Win32 Services (SafeList) ========== SRV - [2010/01/13 18:00:45 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Sécurité\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/01/13 18:00:45 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Sécurité\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/12/29 19:00:43 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009/11/20 20:32:14 | 00,154,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2009/10/15 21:06:09 | 01,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- D:\SéCURITé\A-SQUARED FREE\a2service.exe -- (a2free) SRV - [2009/08/23 22:00:06 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009/08/17 13:01:44 | 00,099,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- D:\Utilitaires\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe -- (SandraAgentSrv) SRV - [2009/07/13 22:18:12 | 00,071,096 | ---- | M] () [Auto | Running] -- D:\Utilitaires\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/28 17:33:56 | 00,188,416 | ---- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD) SRV - [2009/04/17 13:17:40 | 01,349,912 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- D:\Systéme\Diskeeper Corporation\DkService.exe -- (Diskeeper) SRV - [2009/02/10 21:00:55 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca4ea3fcc82e76) Service Google Update (gupdate1ca4ea3fcc82e76) SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2007/04/13 07:49:00 | 00,101,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Sécurité\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/03/23 17:06:38 | 00,880,128 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only) SRV - [2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Live Search" FF - prefs.js..browser.startup.homepage: "http://www.msn.fr/" FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.92 FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx??mkt=fr-FR&FORM=MICWU0&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\Internet\Firefox\components [2010/01/13 20:53:20 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\Internet\Firefox\plugins [2010/01/07 16:44:12 | 00,000,000 | ---D | M] [2009/09/27 20:42:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Extensions [2009/09/27 20:42:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Extensions\songbird@songbirdnest.com [2010/01/12 21:41:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions [2009/09/27 20:42:00 | 00,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} [2009/09/27 20:42:00 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{0899232a-cbab-11db-8314-0800200c9a66} [2009/09/27 20:42:00 | 00,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Simple Green) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{13b4437e-b706-11dc-8314-0800200c9a66} [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2) [2009/09/27 20:41:52 | 00,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(3) [2009/09/27 20:41:51 | 00,000,000 | ---D | M] (Quick Locale Switcher) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F} [2009/09/27 20:41:51 | 00,000,000 | ---D | M] (Strata Aero) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E} [2009/09/27 20:41:51 | 00,000,000 | ---D | M] (Abstract Classic) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{2fbc1200-ad13-11db-abbd-0800200c9a66} [2010/01/10 15:13:54 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/09/27 20:41:48 | 00,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2009/09/27 20:41:48 | 00,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2009/09/27 20:41:48 | 00,000,000 | ---D | M] (Modern Modoki) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{4a428302-5267-4749-bb22-459b3236695f} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{57407AE0-868F-11DC-AD21-49A755D89593} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (View Source Chart) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{71073f20-deb8-11da-95c9-00e08161165f} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB} [2009/09/27 20:41:47 | 00,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009/09/27 20:41:45 | 00,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (keywordManager) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{78b1f0cf-8cca-4503-81bc-8523d9218a43} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (keywordManager) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{78b1f0cf-8cca-4503-81bc-8523d9218a43}(2) [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (Firefox Showcase) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{8B41860E-5D30-4e96-BB09-CE22F491A481} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{95f24680-9e31-11da-a746-0800200c9a66} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2009/09/27 20:41:44 | 00,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa} [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}(2) [2009/09/27 20:41:43 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (MEDIADICO Familial) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{b055c535-4a3a-11db-9659-00e08161165f} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{B5EDFBB0-9827-11DA-A72B-0800200C9A66} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} [2009/09/27 20:41:42 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{dc572301-7619-498c-a57d-39143191b318} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (GooglePreview) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2009/09/27 20:41:41 | 00,000,000 | ---D | M] (GooglePreview) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(2) [2009/09/27 20:42:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\exif_viewer@mozilla.doslash.org [2009/09/27 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\foxmarks@kei.com [2009/09/27 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\fr@dictionaries.addons.mozilla.org [2009/09/27 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\personas@christopher.beard [2009/09/27 20:42:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com [2009/09/27 20:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com-trash [2009/09/27 20:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\qtl.co.il@gmail.com [2009/09/27 20:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\staged-xpis(2) [2009/09/27 20:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions [2009/09/27 20:41:37 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/09/27 20:41:36 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{dc572301-7619-498c-a57d-39143191b318} [2009/09/27 20:41:35 | 00,000,000 | ---D | M] (iGraal) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s2bjieew.Annie\extensions\{e411bb40-b04c-11d8-92e7-00d09e0179f2} [2009/09/27 20:41:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s7cdf7uj.default\extensions [2009/09/27 20:41:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\xxaleexd.Florian\extensions [2009/09/27 20:41:30 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\xxaleexd.Florian\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/09/27 20:41:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Sunbird\Profiles\uooxwoj1.default\extensions [2008/09/01 19:28:51 | 00,001,776 | ---- | M] () -- C:\Documents and Settings\Yancau\Application Data\Mozilla\Firefox\Profiles\s7cdf7uj.default\searchplugins\live-search.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Sécurité\SpywareGuard\dlprotect.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Barre d'outils Copernic Desktop Search - Home) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - D:\Utilitaires\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000313.dll (Copernic Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [avgnt] D:\Sécurité\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CaISSDT] D:\Sécurité\Pest Patrol\caissdt.exe (Computer Associates International, Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Sécurité\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Windows Defender] D:\Sécurité\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Copernic Desktop Search - Home] D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\Yancau\Menu Démarrer\Programmes\Démarrage\Launchy.lnk = D:\Utilitaires\Launchy\Launchy.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xporter vers Microsoft Excel - D:\Bureautique & Gestion\Office Entreprise 2007\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Bureautique & Gestion\Office Entreprise 2007\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - D:\Sécurité\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - D:\Sécurité\SpywareGuard\spywareguard.dll () O30 - LSA: Security Packages - (| ---- | m] (microsoft corpora) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/07/30 15:17:46 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/26 15:55:20 | 00,057,856 | ---- | M] () - E:\AUTORISATION PARENTALE.doc -- [ NTFS ] O32 - AutoRun File - [2009/05/26 15:55:49 | 00,057,856 | ---- | M] () - E:\AUTORISATION PARENTALE1.doc -- [ NTFS ] O32 - AutoRun File - [2008/11/27 12:13:44 | 00,000,197 | ---- | M] () - J:\AutoRun.inf -- [ FAT32 ] O33 - MountPoints2\{bd482fec-ab89-11de-b62a-001e8ca539a0}\Shell\AutoRun\command - "" = J:\PortableRoboForm.exe -- [2008/11/27 12:12:16 | 00,648,016 | ---- | M] (Siber Systems) O33 - MountPoints2\{bd482fec-ab89-11de-b62a-001e8ca539a0}\Shell\RoboForm2Go\command - "" = J:\PortableRoboForm.exe -- [2008/11/27 12:12:16 | 00,648,016 | ---- | M] (Siber Systems) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/09/27 13:14:04 | 00,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (16891891626803200) ========== Files/Folders - Created Within 14 Days ========== [2010/01/15 19:16:00 | 00,546,816 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe [2010/01/15 18:10:25 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Yancau\Recent [2010/01/15 18:02:26 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2010/01/14 19:18:49 | 00,000,000 | RHSD | C] -- C:\cmdcons [2010/01/14 19:18:04 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/01/14 19:18:04 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/01/14 19:18:04 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/01/14 19:18:04 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/01/13 17:54:45 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/01/13 17:54:45 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/01/13 17:54:45 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/01/13 17:54:45 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/01/13 17:54:45 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/01/13 17:54:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira [2010/01/12 20:58:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\Sun [2010/01/12 20:47:25 | 00,086,528 | ---- | C] (Eric_71) -- C:\Documents and Settings\Yancau\Bureau\ZSc.exe [2010/01/11 21:13:00 | 00,000,000 | ---D | C] -- C:\FindyKill [2010/01/11 13:05:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SeaPort [2010/01/11 12:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/01/11 12:03:04 | 00,000,000 | ---D | C] -- C:\Qoobox [2010/01/10 21:04:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\Malwarebytes [2010/01/10 15:27:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Yancau\Application Data\GoodSync [2009/09/25 06:46:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore [2009/05/10 10:41:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MediaMonkey [2009/02/13 07:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009/02/11 13:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2008/08/29 22:24:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2008/07/30 21:21:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Acronis [2008/07/30 15:35:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2008/07/30 15:20:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2008/07/30 15:17:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [4 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ] [16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 14 Days ========== [2010/01/15 19:18:00 | 00,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CFEC75F-EC5C-4CBB-B08D-98B496136766}.job [2010/01/15 19:18:00 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{15CAFF63-A9F2-4B59-A661-58E5216B5481}.job [2010/01/15 19:15:18 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yancau\Bureau\OTL.exe [2010/01/15 19:12:01 | 00,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DC86F997-0858-488E-AE29-118EEC647C8D}.job [2010/01/15 18:31:46 | 00,262,558 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010/01/15 18:26:00 | 00,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/01/15 18:14:31 | 00,000,320 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/15 18:11:44 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/01/15 18:11:43 | 00,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/01/15 18:11:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/01/15 18:11:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/01/15 18:10:36 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Yancau\NTUSER.DAT [2010/01/15 18:10:24 | 04,319,524 | -H-- | M] () -- C:\Documents and Settings\Yancau\Local Settings\Application Data\IconCache.db [2010/01/15 18:01:26 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/01/15 17:58:34 | 00,500,872 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/01/15 17:58:34 | 00,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/01/15 17:58:34 | 00,080,748 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/01/15 17:58:33 | 00,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/01/15 17:58:32 | 01,094,578 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/01/15 17:58:09 | 00,000,633 | ---- | M] () -- C:\Documents and Settings\Yancau\Bureau\Revo Uninstaller.lnk [2010/01/14 19:25:29 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/01/14 19:19:00 | 00,000,282 | RHS- | M] () -- C:\boot.ini [2010/01/14 19:12:18 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Yancau\ntuser.ini [2010/01/14 19:06:34 | 03,824,993 | R--- | M] () -- C:\Documents and Settings\Yancau\Bureau\agenor.exe [2010/01/14 07:42:45 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/01/13 18:00:45 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010/01/13 18:00:45 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/01/13 17:54:58 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk [2010/01/12 20:44:20 | 00,086,528 | ---- | M] (Eric_71) -- C:\Documents and Settings\Yancau\Bureau\ZSc.exe [2010/01/11 10:56:11 | 13,388,362 | ---- | M] () -- C:\Documents and Settings\Yancau\Bureau\registre.reg [2010/01/10 21:03:39 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/02 00:30:03 | 00,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI [4 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ] [16 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/01/15 17:58:09 | 00,000,633 | ---- | C] () -- C:\Documents and Settings\Yancau\Bureau\Revo Uninstaller.lnk [2010/01/15 17:57:12 | 00,000,320 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2010/01/14 19:19:00 | 00,000,212 | ---- | C] () -- C:\Boot.bak [2010/01/14 19:18:54 | 00,263,488 | ---- | C] () -- C:\cmldr [2010/01/14 19:18:04 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/01/14 19:18:04 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/01/14 19:18:04 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/01/14 19:18:04 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/01/14 19:18:04 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/01/14 18:59:56 | 03,824,993 | R--- | C] () -- C:\Documents and Settings\Yancau\Bureau\agenor.exe [2010/01/13 17:54:58 | 00,000,758 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Avira AntiVir Control Center.lnk [2010/01/11 10:56:09 | 13,388,362 | ---- | C] () -- C:\Documents and Settings\Yancau\Bureau\registre.reg [2010/01/10 21:03:38 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/01/02 00:30:03 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI [2009/12/08 12:28:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PestPatrol5.INI [2009/11/09 17:23:18 | 11,988,992 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\sandra.mda [2009/11/08 23:22:30 | 00,000,028 | ---- | C] () -- C:\WINDOWS\Systems.ini [2009/10/28 22:48:34 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009/10/28 22:48:33 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009/10/28 22:48:29 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/10/28 22:48:29 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/10/28 22:48:27 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/10/28 22:48:26 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/10/15 20:46:46 | 00,000,046 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/10/14 20:20:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2009/10/14 20:20:35 | 00,003,513 | ---- | C] () -- C:\WINDOWS\Antidote.ini [2009/10/09 18:44:32 | 00,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2009/10/06 18:45:23 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009/09/27 17:43:38 | 00,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini [2009/09/27 17:00:44 | 00,015,043 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009/09/27 17:00:29 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009/09/27 17:00:25 | 00,014,714 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009/09/27 17:00:12 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009/08/02 23:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009/08/02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009/08/02 23:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/09/03 20:47:36 | 00,000,464 | ---- | C] () -- C:\Program Files\bqdo.txt [2008/07/30 17:41:04 | 00,278,528 | ---- | C] () -- C:\Program Files\Fichiers communs\FDEUnInstaller.exe [2008/03/24 12:52:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll ========== LOP Check ========== [2009/09/30 20:50:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Canneverbe Limited [2009/10/09 18:38:04 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ [2009/10/09 18:46:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonIJPLM [2009/10/09 17:30:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ciel [2009/09/30 19:54:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation [2009/10/01 22:25:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft [2009/12/10 14:37:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Innovative Solutions [2009/10/01 08:05:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\RoboForm [2009/10/09 18:44:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft [2009/11/14 17:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sports Interactive [2010/01/13 17:47:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP [2009/10/12 13:44:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\.metamorphose [2009/10/06 18:32:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Canneverbe_Limited [2009/10/02 16:09:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Copernic [2010/01/10 16:50:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\GoodSync [2009/10/01 22:38:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Grisoft [2009/10/12 13:45:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\JetStart [2009/10/05 14:08:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Launchy [2009/11/14 17:50:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\Sports Interactive [2009/10/09 21:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Yancau\Application Data\VSRevoGroup [2010/01/15 18:14:31 | 00,000,320 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2010/01/15 19:18:00 | 00,000,450 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0CFEC75F-EC5C-4CBB-B08D-98B496136766}.job [2010/01/15 19:18:00 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{15CAFF63-A9F2-4B59-A661-58E5216B5481}.job [2010/01/15 19:12:01 | 00,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DC86F997-0858-488E-AE29-118EEC647C8D}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/19 15:20:54 | 18,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009/09/27 18:48:33 | 23,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2009/09/27 18:48:33 | 23,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys [2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004/08/19 15:20:54 | 18,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009/09/27 18:48:33 | 23,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2009/09/27 18:48:33 | 23,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008/04/13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008/04/13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008/04/13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0055\DriverFiles\i386\atapi.sys [2008/04/13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0059\DriverFiles\i386\atapi.sys [2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2004/08/19 15:09:26 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: NETLOGON.DLL > [2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/19 15:09:38 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004/08/19 15:09:40 | 00,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C321E34 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8 @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2 < End of report > @ bientôt

Bonsoir Mark, On s'y recolle ? Rien de nouveau depuis hier, je peux tjs surfer sauf sur qqes rares sites, notamment les forums. Je te livre le nouveau rapport findykill, tout chaud! ############################## | FindyKill V5.024 | # User : Yancau (Administrateurs) # CAUJOLLE-381D1A # Update on 09/01/2010 by El Desaparecido # Start at: 18:11:52 | 15/01/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Core2 Quad CPU Q6600 @ 2.40GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 77,93 Go (42,39 Go free) # NTFS # D:\ # Disque fixe local # 67,06 Go (53,19 Go free) [Applog] # NTFS # E:\ # Disque fixe local # 87,9 Go (38,88 Go free) [Données] # NTFS # F:\ # Disque fixe local # 32,25 Go (32,16 Go free) [sAUVEGARDE] # NTFS # G:\ # Disque fixe local # 120,41 Go (64,81 Go free) [Ma Musique] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\Sécurité\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\spoolsv.exe D:\Sécurité\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe D:\SéCURITé\A-SQUARED FREE\a2service.exe D:\Sécurité\Avira\AntiVir Desktop\avguard.exe D:\Systéme\Diskeeper Corporation\DkService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe D:\Utilitaires\CDBurnerXP\NMSAccessU.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## | C: | ################## | C:\WINDOWS | ################## | C:\WINDOWS\Prefetch | Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-16ABE98D.pf Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-29DA3169.pf ################## | C:\WINDOWS\system32 | ################## | C:\WINDOWS\system32\drivers | ################## | C:\Documents and Settings\Yancau\Application Data | Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5854937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5855140.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5855343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5855625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5855828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5874984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5880328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5880531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5885687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5886796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5895171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5895812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5896437.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5896750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5896968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5897359.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5897765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5898281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5898703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5898921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5899203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5899640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5900062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5900265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5900484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5900640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5900796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5901906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5902593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5902796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5903000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5903296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5903578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5903984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5904406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5905531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5906156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5906828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5907546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5909343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5910859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5911187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5911468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5911765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5912078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5912593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5912796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5913031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5913265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5913421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5913593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5914203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5914984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5916031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5916812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5917031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5917234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5917421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5917609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5918625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5919562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5919750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5920968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5922375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5923046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5923890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5924500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5924718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5925203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5925593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5926000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5926203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5926375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5926593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5926796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5927000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5927187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5927812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5928421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5928625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5928843.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5929046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5933859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5934453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5934875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5935171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5964484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5965281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5965703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5967265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5968750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5969171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5969562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5970078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5970484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5970687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5970906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\5971109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6013500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6014109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6014703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6015015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6015296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6015718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6016109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6016515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6016921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6017140.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6017937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6020062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6020968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6021234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6021500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6021687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6024750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6025171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6025609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6026390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6026875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6029312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6031187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6031375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6051859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6052390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6056937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6057125.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6057328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6057531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6057734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6058171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6058562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6059468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6060093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6061406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6061828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6062656.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6062937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6063203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6063578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6064015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6064437.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6067015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6076625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6076859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6077078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6077312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6077562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6077859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6078078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6078734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6079421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6079984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6080187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6080406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6080640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6081062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6081500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6083734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6085109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6085343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6085531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6085765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6086000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6086656.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6087234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6087421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6087578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6087796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6088015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6088203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6088406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6089015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6094578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6094968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6095343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6095562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6137875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6138281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6138671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6138906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6139109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6139265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6140390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6140546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6140781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6141171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6141484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6141968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6142453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6142687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6142875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6143156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6143359.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6144281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6148343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6148687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6148906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6149156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6149343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6149593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6149812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6150031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6150234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6151078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6151484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6151687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6151890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6152828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6159406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6159718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6159984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6160515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6160968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6169734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6170625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6171906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6172671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6173875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6175000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6175296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6209531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6215140.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6219765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6219937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6220156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6220578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6220984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6221656.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6222406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6222890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6223390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6227593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6234375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6234656.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6276796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6277250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6277625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6277875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6278109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6278390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6278671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6278906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6279093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6280859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6282406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6282640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6282890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6283062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6283250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6284250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6284875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6285062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6285281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6287000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6288984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6289187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6289390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6289812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6290156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6292312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6294906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6298046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6300937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6301453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6301687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6301906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6302125.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6302343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6302578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6311875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6312187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6312421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6312593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6312859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6313031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6313421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6314078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6316375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6317812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6318281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6339359.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6343218.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6347015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6347218.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6347453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6347765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6347984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6348421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6348890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6349406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6358765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6359984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6360656.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6361562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6362343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6362953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6363468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6364234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6369296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6369921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6372484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6372890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6406656.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6406843.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6407015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6407265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6407500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6408046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6408421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6410328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6413515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6413703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6413906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6414406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6414906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6415359.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6415812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6416046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6416312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6416515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6416734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6417250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6417750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\6418500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\winupgro.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers ################## | Références de comparaison Bagle MD5 : | File : C:\Qoobox\Quarantine\C\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\winupgro.exe.vir -> Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f ################## | Autres suppressions ... | Supprimé ! "D:\Utilitaires\Rainlendar2\Rainlendar2.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0031521.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0031540.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0031578.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0031646.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0031668.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032673.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032681.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032915.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032918.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032919.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0035078.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP186\A0036413.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP186\A0036566.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP189\A0037304.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f Supprimé ! "C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP193\A0038076.exe" -> Size : 844800 | Crc32 : f8e06a5c | Md5 : 0fec902a87795cb614a7c7844e13bf0f ################## | Temporary Internet Files | ################## | Registre | ################## | Etat | # Mode sans echec : OK # Affichage des fichiers cachés : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # windefend -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | PEH | ################## | Cracks > Keygens > Serials | "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\freecorder\Freecorder V2.2+crk\crack\Freecorder.exe" 26/10/2004 16:28 |Size 532480 |Crc32 ed3bf5fa |Md5 fa50b842187ee0f1d42530fbf73e7873 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Everest\keygen.exe" 06/09/2008 06:24 |Size 44544 |Crc32 6c5bcab8 |Md5 933330ee37194f0845342f4cacd5e6d9 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Winiso\KeyGen_WinISO5.3\winiso53.exe" 30/07/2008 21:40 |Size 7440 |Crc32 7c589e91 |Md5 a0d42b98f11125150feb3022b34e2e0b "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\eTrust\keygen.exe" 05/07/2006 19:41 |Size 173568 |Crc32 87532344 |Md5 5bf3b3ed78d112aa60865e680d7c3e87 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\GoodSync.8.0.0.0 + Keymaker-CORE\keygen.exe" 29/03/2008 22:48 |Size 118272 |Crc32 617bec76 |Md5 a51c73e436c2151d19330189835c62e5 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\Keygen\keygen.EXE" 30/09/2008 16:29 |Size 436736 |Crc32 68c628ec |Md5 64f7b016e077e63ff822696f32199d0c "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 "G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\Photoshop cs\Patch.exe" 12/11/2004 01:15 |Size 978593 |Crc32 ec6f6daa |Md5 c5f92bc7729bc95ee481ebd242d30e2f ################## | ! Fin du rapport # FindyKill V5.024 ! |

Bonsoir Mark, J'ai bien tout suivi, voici le rapport ComboFix 10-01-14.01 - Yancau 14/01/2010 19:20:28.3.4 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2332 [GMT 1:00] Lancé depuis: c:\documents and settings\Yancau\Bureau\agenor.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\166093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\166296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\166484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\166687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\166875.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\181156.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\192125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\195328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\195531.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\206281.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\207015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\231375.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\232328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\233000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\236687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\236984.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\237203.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\237812.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\238281.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\238921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\239437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\239625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\239937.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\240421.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\240937.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\241140.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\241343.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\241515.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\241687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\242359.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\243062.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\243265.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\243531.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\243796.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\244046.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\244531.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\245031.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\245718.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\246437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\246656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\246875.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\248421.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\249921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\250234.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\250484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\250906.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\251359.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\251671.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\251859.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\252093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\252328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\252484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\252656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\253359.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\254093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\254984.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\255890.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\256093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\256296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\256765.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\256968.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\258109.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\259468.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\259656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\261203.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\262000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\262734.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\263312.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\263875.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\264109.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\264328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\264796.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\265265.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\265437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\265609.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\265812.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\266000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\266187.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\266406.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\267265.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\267937.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\268156.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\268375.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\268546.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\273500.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\274015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\274531.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\274750.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\303828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\304328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\304828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\306296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\307890.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\308296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\308671.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\309140.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\309625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\309859.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\310078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\310281.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\353171.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\353875.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\357515.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\357812.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\358093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\358468.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\358875.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\359375.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\359890.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\360093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\360906.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\363203.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\364265.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\364515.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\364765.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\364953.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\367921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\368312.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\368703.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\369281.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\369843.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\371578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\373921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\374109.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\394593.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\394984.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\397250.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\397515.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\397703.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\397921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\398125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\398578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\399046.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\399828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\400375.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\400859.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\401375.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\401671.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\401937.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\402187.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\402437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\402968.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\403484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\407078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\410796.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\411015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\411265.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\411484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\411718.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\412000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\412234.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\412968.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\413687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\413921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\414109.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\414328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\414562.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\415078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\415578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\417015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\418390.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\418578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\418765.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\419000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\419234.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\419625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\419937.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\420125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\420281.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\420500.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\421421.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\421593.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\421781.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\422468.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\423187.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\423671.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\424140.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\424359.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\424578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\425296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\426062.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\426578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\427156.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\428203.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\428406.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\428562.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\430046.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\430296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\430609.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\430984.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\431296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\431765.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\432250.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\432437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\432625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\432828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\433000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\434031.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\435046.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\435250.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\435453.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\435625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\435796.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\436000.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\436218.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\436468.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\436671.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\437484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\438250.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\438437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\438734.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\439671.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\445171.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\445453.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\445703.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\446171.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\446593.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\447656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\451703.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\452406.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\453125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\455421.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\456453.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\456687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\491015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\491843.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\492703.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\492875.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\493078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\493562.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\494062.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\494718.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\495437.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\496109.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\496687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\497734.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\498625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\498828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\541171.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\541578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\541953.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\542171.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\542406.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\542609.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\542828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\543031.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\543218.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\545046.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\546859.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\547093.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\547312.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\547484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\547656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\548343.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549031.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549218.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549406.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\550046.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\550640.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\550828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\551015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\551359.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\551656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\552750.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\563906.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\568421.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\568640.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\568859.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\572078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\572296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\572531.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\572734.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\572921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\573125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\573328.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\573484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\573656.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\573828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\577296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\577781.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\579718.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\581125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\581687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\582234.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\582500.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\582781.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\586906.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\590281.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\590484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\590687.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\590906.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\591125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\591640.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\592171.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\592765.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\593187.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\593921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\594625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\595703.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\596625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\597234.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\597828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\598343.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\603484.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\604203.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\604921.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\605250.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\638968.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\639125.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\639296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\639625.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\639937.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\640343.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\640734.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\642750.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\645406.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\645578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\645765.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\646375.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\646984.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\647531.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\648078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\648296.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\648578.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\652015.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\652234.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\652828.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\653500.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\654078.exe c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\winupgro.exe C:\LOG.TXT . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-14 au 2010-01-14 )))))))))))))))))))))))))))))))))))) . 2010-01-14 06:33 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-01-13 21:32 . 2010-01-14 18:25 -------- d--h--w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\drivers 2010-01-13 17:00 . 2010-01-13 16:59 404737 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\update.exe 2010-01-13 17:00 . 2010-01-13 16:59 345345 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\update.dll 2010-01-13 17:00 . 2009-04-17 16:07 87297 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\updaterc.dll 2010-01-13 17:00 . 2009-03-03 10:21 9985 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\updguirc.dll 2010-01-13 17:00 . 2009-02-24 12:16 117505 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\updgui.dll 2010-01-13 17:00 . 2009-02-17 13:49 79105 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\updext.dll 2010-01-13 17:00 . 2008-10-20 07:38 126721 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\scewxmlw.dll 2010-01-13 16:54 . 2010-01-13 17:00 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-01-13 16:54 . 2009-03-30 09:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-01-13 16:54 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-01-13 16:54 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-01-13 16:54 . 2010-01-13 16:54 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira 2010-01-11 20:13 . 2010-01-13 21:20 -------- d-----w- C:\FindyKill 2010-01-11 12:05 . 2010-01-11 12:05 -------- d-----w- c:\windows\system32\SeaPort 2010-01-11 08:51 . 2010-01-11 08:51 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Local Settings\Application Data\Help 2010-01-10 20:04 . 2010-01-10 20:04 -------- d-----w- c:\documents and settings\Yancau\Application Data\Malwarebytes 2010-01-10 20:03 . 2010-01-10 20:03 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-01-10 14:27 . 2010-01-10 15:50 -------- d-----w- c:\documents and settings\Yancau\Application Data\GoodSync 2010-01-10 14:13 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll 2010-01-10 14:13 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2010-01-10 14:13 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2010-01-10 14:13 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2010-01-08 11:27 . 2010-01-06 11:08 4726272 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\libs\cooliris190.dll 2010-01-08 11:27 . 2010-01-06 11:08 4725760 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\libs\cooliris192.dll 2010-01-08 11:27 . 2010-01-06 11:08 103424 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\libs\pixomatic.dll 2010-01-08 11:27 . 2010-01-06 11:08 57856 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\components\coolirisstub.dll 2010-01-08 11:27 . 2010-01-06 11:08 545280 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2010-01-08 11:27 . 2010-01-06 11:08 344064 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2010-01-08 11:27 . 2010-01-06 11:08 153600 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2010-01-07 15:58 . 2010-01-07 15:58 -------- d-----w- c:\documents and settings\Florian.CAUJOLLE-381D1A\Application Data\Media Player Classic 2010-01-03 15:36 . 2010-01-03 15:42 -------- d-----w- c:\documents and settings\Florian.CAUJOLLE-381D1A\Application Data\dvdcss 2010-01-03 14:08 . 2010-01-04 14:53 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\vlc 2010-01-01 23:20 . 2010-01-01 23:20 -------- d-----w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Application Data\Megaupload 2009-12-29 18:01 . 2009-12-29 18:00 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-28 17:18 . 2009-12-17 15:37 31936 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll 2009-12-28 17:18 . 2009-12-17 15:37 349552 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe.exe 2009-12-28 17:18 . 2009-12-17 15:37 67360 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlus_Helper.dll 2009-12-28 17:18 . 2009-12-17 15:37 29344 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-14 16:56 . 2002-08-30 12:00 80748 ----a-w- c:\windows\system32\perfc00C.dat 2010-01-14 16:56 . 2002-08-30 12:00 500872 ----a-w- c:\windows\system32\perfh00C.dat 2010-01-13 20:46 . 2009-10-14 19:57 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\GoodSync 2010-01-13 20:46 . 2009-10-01 07:04 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\RoboForm 2010-01-13 16:47 . 2009-09-28 19:39 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP 2010-01-13 16:44 . 2008-07-30 20:06 -------- d-----w- c:\program files\McAfee 2010-01-13 16:44 . 2008-07-30 20:06 -------- d-----w- c:\program files\Fichiers communs\McAfee 2010-01-11 21:23 . 2009-09-28 19:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2010-01-10 12:10 . 2009-10-14 19:54 -------- d-----w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Application Data\GoodSync 2010-01-09 13:19 . 2009-10-25 14:30 -------- d-----w- c:\documents and settings\Florian.CAUJOLLE-381D1A\Application Data\vlc 2010-01-08 16:01 . 2009-10-02 13:32 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Spotify 2010-01-04 13:38 . 2009-10-14 16:45 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\dvdcss 2010-01-01 23:19 . 2008-07-30 14:49 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-29 18:00 . 2008-08-02 21:55 -------- d-----w- c:\program files\Java 2009-12-29 18:00 . 2009-11-22 18:28 152576 ----a-w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-29 17:19 . 2009-12-08 21:28 79488 ----a-w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-29 17:18 . 2009-12-08 21:27 152576 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-29 17:18 . 2009-12-08 21:26 79488 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-10 21:52 . 2009-10-12 12:14 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help 2009-12-10 19:52 . 2009-10-06 20:32 -------- d-----w- c:\program files\NVIDIA Corporation 2009-12-10 13:37 . 2009-12-10 13:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Innovative Solutions 2009-12-08 15:57 . 2009-12-08 15:57 1547264 ----a-w- c:\windows\is-LO919.exe 2009-12-08 11:04 . 2009-12-08 11:04 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\CA 2009-12-08 11:04 . 2009-12-08 11:04 -------- d-----w- c:\program files\Fichiers communs\Scanner 2009-12-05 19:10 . 2009-12-05 19:10 38208 ----a-w- c:\documents and settings\Default User.WINDOWS\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-12-04 17:24 . 2009-12-04 17:24 -------- d-----w- c:\program files\Canal+ 2009-12-02 21:12 . 2009-12-02 21:12 -------- d-----w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Foxit Software 2009-11-27 20:22 . 2009-11-27 20:20 -------- d-----w- c:\program files\Foxit Software 2009-11-27 20:21 . 2009-11-27 20:21 -------- d-----w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Application Data\Foxit Software 2009-11-25 20:52 . 2008-08-31 13:22 -------- d-----w- c:\program files\Google 2009-11-21 15:58 . 2004-08-19 14:09 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-20 19:32 . 2009-11-20 19:32 278120 ----a-w- c:\windows\system32\nvmccs.dll 2009-11-19 21:23 . 2009-09-29 17:14 164 ----a-w- c:\windows\install.dat 2009-11-19 20:42 . 2009-09-27 16:18 592488 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-11-17 19:27 . 2009-10-29 20:21 358944 ----a-w- c:\windows\vncutil.exe 2009-11-17 19:27 . 2009-09-27 16:08 84512 ----a-w- c:\windows\SOUNDMAN.EXE 2009-11-17 19:27 . 2009-09-27 16:08 1833504 ----a-w- c:\windows\SkyTel.exe 2009-11-17 19:27 . 2009-09-27 16:08 1489440 ----a-w- c:\windows\RtlUpd.exe 2009-11-17 19:27 . 2009-09-27 16:08 9721888 ----a-w- c:\windows\RTLCPL.EXE 2009-11-17 19:27 . 2009-10-29 20:21 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll 2009-11-17 19:27 . 2009-10-29 20:21 129568 ----a-w- c:\windows\RtkAudioService.exe 2009-11-17 19:27 . 2009-09-27 16:08 18789408 ----a-w- c:\windows\RTHDCPL.EXE 2009-11-17 19:26 . 2009-09-27 16:08 2177568 ----a-w- c:\windows\MicCal.exe 2009-11-17 19:26 . 2009-09-27 16:14 64032 ----a-w- c:\windows\ALCMTR.EXE 2009-11-17 19:26 . 2009-09-27 16:08 2815520 ----a-w- c:\windows\ALCWZRD.EXE 2009-11-17 18:51 . 2009-09-27 16:08 5956608 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2009-11-09 16:26 . 2009-11-09 16:26 1801 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\xmlA7.tmp 2009-11-09 16:26 . 2009-11-09 16:26 13360 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\xmlA5.tmp 2009-11-09 16:26 . 2009-11-09 16:26 0 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\xmlA6.tmp 2009-11-09 16:26 . 2009-11-09 16:26 8757 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\xmlA4.tmp 2009-11-09 10:10 . 2009-11-09 10:10 4045527 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-11-07 20:45 . 2009-11-07 20:45 152576 ----a-w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Application Data\Sun\Java\jre1.6.0_16\lzma.dll 2009-11-07 20:44 . 2009-11-07 20:44 152576 ----a-w- c:\documents and settings\Parents.CAUJOLLE-381D1A\Application Data\Sun\Java\jre1.6.0_16\lzma.dll 2009-11-06 14:19 . 2009-09-30 18:21 1563008 ----a-w- c:\windows\WRSetup.dll 2009-11-06 11:00 . 2009-04-21 16:27 23152 ----a-w- c:\windows\system32\drivers\sshrmd.sys 2009-11-06 11:00 . 2009-04-21 16:27 176752 ----a-w- c:\windows\system32\drivers\ssidrv.sys 2009-11-06 11:00 . 2009-04-21 16:27 29808 ----a-w- c:\windows\system32\drivers\ssfs0bbc.sys 2009-11-02 19:42 . 2009-10-15 10:49 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-02 13:03 . 2009-10-29 20:10 53248 ----a-w- c:\windows\system32\CSVer.dll 2009-11-02 12:48 . 2009-09-27 16:08 831488 ----a-w- c:\windows\RtlExUpd.dll 2009-10-30 00:29 . 2009-10-30 00:29 2146304 ----a-w- c:\windows\system32\GPhotos.scr 2009-10-29 20:54 . 2009-09-30 19:50 45704 ----a-w- c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-29 07:42 . 2004-08-19 14:09 916480 ------w- c:\windows\system32\wininet.dll 2009-10-28 21:01 . 2009-10-28 20:19 733 ---ha-w- C:\os264931.bin 2009-10-27 18:00 . 2009-10-28 21:48 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-10-21 05:39 . 2004-08-19 14:09 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2004-08-19 14:09 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-19 12:40 . 2009-10-02 20:00 45704 ----a-w- c:\documents and settings\Florian.CAUJOLLE-381D1A\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-27 10:48 . 2008-07-30 16:41 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe 2008-09-03 19:47 . 2008-09-03 19:47 464 ----a-w- c:\program files\bqdo.txt . ((((((((((((((((((((((((((((( SnapShot@2010-01-11_21.45.49 ))))))))))))))))))))))))))))))))))))))))) . + 2010-01-14 18:13 . 2010-01-14 18:13 16384 c:\windows\Temp\Perflib_Perfdata_690.dat + 2010-01-14 18:13 . 2010-01-14 18:13 16384 c:\windows\Temp\Perflib_Perfdata_560.dat + 2002-08-30 12:00 . 2010-01-14 16:56 67448 c:\windows\system32\perfc009.dat - 2002-08-30 12:00 . 2010-01-11 20:06 67448 c:\windows\system32\perfc009.dat + 2002-08-30 12:00 . 2009-10-15 16:32 81920 c:\windows\system32\fontsub.dll - 2002-08-30 12:00 . 2009-07-29 04:35 81920 c:\windows\system32\fontsub.dll + 2010-01-13 16:54 . 2010-01-13 17:00 28520 c:\windows\system32\drivers\ssmdrv.sys - 2009-07-29 04:35 . 2009-07-29 04:35 81920 c:\windows\system32\dllcache\fontsub.dll + 2009-07-29 04:35 . 2009-10-15 16:32 81920 c:\windows\system32\dllcache\fontsub.dll - 2009-09-27 10:36 . 2010-01-11 20:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2009-09-27 10:36 . 2010-01-14 18:13 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2009-09-27 10:36 . 2010-01-11 20:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2009-09-27 10:36 . 2010-01-14 18:13 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2009-09-27 10:36 . 2010-01-11 20:33 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-09-27 10:36 . 2010-01-14 18:13 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2004-08-19 14:09 . 2009-10-15 16:32 119808 c:\windows\system32\t2embed.dll - 2004-08-19 14:09 . 2009-07-29 04:35 119808 c:\windows\system32\t2embed.dll + 2002-08-30 12:00 . 2010-01-14 16:56 432492 c:\windows\system32\perfh009.dat - 2002-08-30 12:00 . 2010-01-11 20:06 432492 c:\windows\system32\perfh009.dat + 2009-07-29 04:35 . 2009-10-15 16:32 119808 c:\windows\system32\dllcache\t2embed.dll - 2009-07-29 04:35 . 2009-07-29 04:35 119808 c:\windows\system32\dllcache\t2embed.dll + 2009-09-29 20:10 . 2010-01-14 18:13 245760 c:\windows\system32\config\systemprofile\IETldCache\index.dat - 2009-09-29 20:10 . 2010-01-11 20:33 245760 c:\windows\system32\config\systemprofile\IETldCache\index.dat + 2009-09-27 18:24 . 2010-01-05 00:17 29634504 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Copernic Desktop Search - Home"="d:\utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe" [2009-08-05 1602048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="d:\sécurité\Windows Defender\MSASCui.exe" [2006-11-03 866584] "CaISSDT"="d:\sécurité\Pest Patrol\caissdt.exe" [2005-12-29 165416] "eTrustPPAP"="d:\sécurité\Pest Patrol\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" [2009-12-08 258048] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544] "RTHDCPL"="RTHDCPL.EXE" [2009-11-17 18789408] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-29 149280] "Malwarebytes Anti-Malware (reboot)"="d:\sécurité\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "avgnt"="d:\sécurité\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-11-06 6515784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Parents.CAUJOLLE-381D1A\Menu D‚marrer\Programmes\D‚marrage\ KO Approach.lnk - d:\utilitaires\KO Approach\Approach.exe [2007-3-24 306176] Launchy.lnk - d:\utilitaires\Launchy\Launchy.exe [2008-8-2 286720] c:\documents and settings\Administrateur.CAUJOLLE-381D1A\Menu D‚marrer\Programmes\D‚marrage\ SpywareGuard.lnk - d:\s‚curit‚\SpywareGuard\sgmain.exe [2003-8-29 360448] c:\documents and settings\Yancau\Menu D‚marrer\Programmes\D‚marrage\ Launchy.lnk - d:\utilitaires\Launchy\Launchy.exe [2008-8-2 286720] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-9-12 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoSimpleStartMenu"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Internet\\P2P\\Emule\\emule.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [21/04/2009 17:27 29808] R2 a2free;a-squared Free Service;d:\sécurité\a-squared Free\a2service.exe [22/12/2008 21:12 1858144] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;d:\sécurité\Avira\AntiVir Desktop\sched.exe [13/01/2010 17:54 108289] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [29/10/2009 21:17 10384] R2 WinDefend;Windows Defender;d:\sécurité\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [30/09/2009 19:22 1201640] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [27/09/2009 17:11 38656] S1 vdiwnzi2;AVZ-BC Kernel Driver;\??\c:\windows\system32\Drivers\vdiwnzi2.sys --> c:\windows\system32\Drivers\vdiwnzi2.sys [?] S2 gupdate1ca4ea3fcc82e76;Service Google Update (gupdate1ca4ea3fcc82e76);c:\program files\Google\Update\GoogleUpdate.exe [10/02/2009 21:01 133104] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/10/2009 21:20 1684736] S3 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [28/04/2009 17:33 188416] S3 SandraAgentSrv;SiSoftware Deployment Agent Service;d:\utilitaires\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe [09/11/2009 17:23 99176] . Contenu du dossier 'Tâches planifiées' 2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 20:00] 2010-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-10 20:00] 2010-01-14 c:\windows\Tasks\User_Feed_Synchronization-{0CFEC75F-EC5C-4CBB-B08D-98B496136766}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] 2010-01-14 c:\windows\Tasks\User_Feed_Synchronization-{15CAFF63-A9F2-4B59-A661-58E5216B5481}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] 2010-01-14 c:\windows\Tasks\User_Feed_Synchronization-{DC86F997-0858-488E-AE29-118EEC647C8D}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Examen supplémentaire ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - d:\bureau~1\OFFICE~1\Office12\EXCEL.EXE/3000 TCP: {D01067A4-022D-46B4-838A-E5520AEF5AAC} = 8.8.8.8,8.8.8.4 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=fr&q= FF - component: c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - component: d:\utilitaires\Copernic Desktop Search - Home\FirefoxConnector\components\CSPXPCOMBridge.dll FF - plugin: c:\documents and settings\Yancau\Application Data\Mozilla\Firefox\Profiles\c2h5xsp4.Yannick\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\documents and settings\Yancau\Application Data\Mozilla\plugins\npcoolirisplugin.dll FF - plugin: c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npCpVod.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: d:\internet\Firefox\plugins\np-mswmp.dll FF - plugin: d:\internet\Firefox\plugins\npzylomgamesplayer.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.notify.interval - 600000 FF - user.js: content.switch.threshold - 1000000 FF - user.js: nglayout.initialpaint.delay - 600 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-14 19:25 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2010-01-14 19:27:05 ComboFix-quarantined-files.txt 2010-01-14 18:27 ComboFix2.txt 2010-01-11 11:50 Avant-CF: 45 268 930 560 octets libres Après-CF: 45 235 433 472 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 8EB1452D29100D1A8D1D983CCFA41261

Et voici tout chaud le rapport kindykill ############################## | FindyKill V5.024 | # User : Yancau (Administrateurs) # CAUJOLLE-381D1A # Update on 09/01/2010 by El Desaparecido # Start at: 22:05:27 | 13/01/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Core2 Quad CPU Q6600 @ 2.40GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Enabled # AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 77,93 Go (42,45 Go free) # NTFS # D:\ # Disque fixe local # 67,06 Go (53,19 Go free) [Applog] # NTFS # E:\ # Disque fixe local # 87,9 Go (38,88 Go free) [Données] # NTFS # F:\ # Disque fixe local # 32,25 Go (32,16 Go free) [sAUVEGARDE] # NTFS # G:\ # Disque fixe local # 120,41 Go (64,81 Go free) [Ma Musique] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\Sécurité\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\spoolsv.exe D:\Sécurité\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe D:\SéCURITé\A-SQUARED FREE\a2service.exe C:\WINDOWS\Explorer.EXE D:\Sécurité\Avira\AntiVir Desktop\avguard.exe D:\Systéme\Diskeeper Corporation\DkService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe D:\Utilitaires\CDBurnerXP\NMSAccessU.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe ################## | C: | ################## | C:\WINDOWS | ################## | C:\WINDOWS\Prefetch | Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-16ABE98D.pf Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-29DA3169.pf ################## | C:\WINDOWS\system32 | ################## | C:\WINDOWS\system32\drivers | ################## | C:\Documents and Settings\Yancau\Application Data | Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1022390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1022578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1022796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1023078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1023359.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1023953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1024406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1026343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1028421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1028640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1028890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1029453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1030031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1030484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1030953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1031234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1031515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1032375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1032625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1033203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1033718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\1034406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\477390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\477609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\477843.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\478046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\478265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\503828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\504046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\504281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\511421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\512062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\517515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\518312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\518937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\519593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\519812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\520062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\520468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\520890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\521343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\532015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\532234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\532625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\533046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\533281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\533531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\533718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\533906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\534562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\535187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\535453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\535687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\535953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\536250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\536671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\537093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\537796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\538500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\538734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\538984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\540937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\542859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\543187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\543359.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\543859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\544312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\544546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\544781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\545015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\545390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\545562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\545968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\546562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\547250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\548296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\549937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\550984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\552156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\552343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\553687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\554921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\555625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\556203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\556765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\556984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\557218.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\558296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\558718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\558890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\559093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\559296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\559515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\559718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\560031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\560640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\561296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\561531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\561765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\561953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\566796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\567468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\567937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\568859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\598328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\598765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\599218.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\600687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\602296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\602734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\603156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\603562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\604015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\604234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\604484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\604718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\647796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\648437.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\649078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\649390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\649703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\650109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\650515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\650937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\651375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\651578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\652453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\662437.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\666515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\666812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\667109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\667328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\672718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\673125.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\673546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\674250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\674812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\676265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\677765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\677984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\698500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\698796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\701234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\701484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\701765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\701984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\702203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\702609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\703015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\704515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\705421.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\705843.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\706343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\706937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\707265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\707546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\707828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\708234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\708687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\712906.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\755875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\756140.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\756406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\756687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\756953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\757625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\758375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\758687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\758921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\759156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\759453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\759859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\760312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\762515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\764031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\764281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\764640.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\765156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\765453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\765937.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\766343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\766484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\766687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\767000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\767234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\767453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\767687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\768328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\768968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\772390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\772812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\773046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\773296.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\774000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\774703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\775046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\775515.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\776281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\776562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\776781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\778093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\778250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\778531.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\778953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\779390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\779921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\780453.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\780718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\780953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\781125.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\781328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\782218.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\783156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\783390.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\783625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\784046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\784312.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\784562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\784796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\785031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\785250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\785968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\786578.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\786781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\787000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\787953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\793546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\793828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\794140.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\794671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\795171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\799062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\803625.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\804921.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\805671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\806859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\808093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\808343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\842781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\843828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\844984.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\845171.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\845375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\845781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\846187.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\846859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\889734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\890828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\891562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\892890.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\935234.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\935687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\936203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\936468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\936718.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\937015.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\937250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\937500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\937765.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\939468.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\941109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\941406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\941703.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\941953.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\942156.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\942859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\943562.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\943781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\944000.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\944671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\945328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\945593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\945875.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\946437.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\946781.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\947593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\948375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\948546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\948750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\949375.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\949687.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\950031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\950265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\950546.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\950828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\951093.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\951328.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\951609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\951812.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\952031.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\952250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\952671.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\953078.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\954609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\956109.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\956609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\957140.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\957750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\958046.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\963343.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\967265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\967484.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\967734.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\967968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\968218.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\968750.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\969281.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\972796.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\976437.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\977500.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\978203.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\979265.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\980062.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\980828.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\981406.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\981859.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\986968.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\987593.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\988250.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld\988609.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\downld Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers\winupgro.exe Supprimé ! C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Application Data\drivers ################## | Autres suppressions ... | ################## | Temporary Internet Files | ################## | Registre | ################## | Etat | # Mode sans echec : OK # Affichage des fichiers cachés : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # windefend -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | PEH | ################## | Cracks > Keygens > Serials | "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\freecorder\Freecorder V2.2+crk\crack\Freecorder.exe" 26/10/2004 16:28 |Size 532480 |Crc32 ed3bf5fa |Md5 fa50b842187ee0f1d42530fbf73e7873 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Everest\keygen.exe" 06/09/2008 06:24 |Size 44544 |Crc32 6c5bcab8 |Md5 933330ee37194f0845342f4cacd5e6d9 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Winiso\KeyGen_WinISO5.3\winiso53.exe" 30/07/2008 21:40 |Size 7440 |Crc32 7c589e91 |Md5 a0d42b98f11125150feb3022b34e2e0b "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\eTrust\keygen.exe" 05/07/2006 19:41 |Size 173568 |Crc32 87532344 |Md5 5bf3b3ed78d112aa60865e680d7c3e87 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\GoodSync.8.0.0.0 + Keymaker-CORE\keygen.exe" 29/03/2008 22:48 |Size 118272 |Crc32 617bec76 |Md5 a51c73e436c2151d19330189835c62e5 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\Keygen\keygen.EXE" 30/09/2008 16:29 |Size 436736 |Crc32 68c628ec |Md5 64f7b016e077e63ff822696f32199d0c "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 "G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\Photoshop cs\Patch.exe" 12/11/2004 01:15 |Size 978593 |Crc32 ec6f6daa |Md5 c5f92bc7729bc95ee481ebd242d30e2f ################## | ! Fin du rapport # FindyKill V5.024 ! | @+

Bonsoir, me revoilou! J'ai suivi tes instructions, à savoir - désinstallation des 2 antivirus + parefeu -install d'antivir + maj + scan Pas mal de saloperies détectées par Antivir que j'ai supprimé (voir rapport ci-dessous). Le truc qui me chagrine c'est que, si j'ai à nouveau accés à internet, je ne peux pas poster sur le forum car la page de Zébulon se ferme automatiquement des que je clique sur le lien Sécurité dans le forum. Sinon aucun pb pour naviguer sur tous les autres sites... a part le forum Zebulon!!!! Ce qui m'oblige à poster depuis le portable de mon épouse. Voici le rapport Antivir Avira AntiVir Personal Date de création du fichier de rapport : mercredi 13 janvier 2010 18:02 La recherche porte sur 1527629 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : CAUJOLLE-381D1A Informations de version : BUILD.DAT : 9.0.0.74 21698 Bytes 04/12/2009 13:56:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/01/2010 17:00:45 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 10:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 10:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 17:00:44 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 17:00:45 VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 17:00:45 VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 17:00:45 VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 17:00:45 VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 17:00:45 VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 17:00:45 VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 17:00:45 VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 17:00:45 VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 17:00:45 VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 17:00:45 VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 17:00:45 VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 17:00:45 VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 17:00:45 VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 17:00:45 VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 17:00:45 VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 17:00:45 VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 17:00:45 VBASE018.VDF : 7.10.2.30 198144 Bytes 21/12/2009 17:00:45 VBASE019.VDF : 7.10.2.63 187392 Bytes 24/12/2009 17:00:45 VBASE020.VDF : 7.10.2.93 195072 Bytes 29/12/2009 17:00:45 VBASE021.VDF : 7.10.2.131 201216 Bytes 07/01/2010 17:00:45 VBASE022.VDF : 7.10.2.158 192000 Bytes 11/01/2010 17:00:45 VBASE023.VDF : 7.10.2.159 2048 Bytes 11/01/2010 17:00:45 VBASE024.VDF : 7.10.2.160 2048 Bytes 11/01/2010 17:00:45 VBASE025.VDF : 7.10.2.161 2048 Bytes 11/01/2010 17:00:45 VBASE026.VDF : 7.10.2.162 2048 Bytes 11/01/2010 17:00:45 VBASE027.VDF : 7.10.2.163 2048 Bytes 11/01/2010 17:00:45 VBASE028.VDF : 7.10.2.164 2048 Bytes 11/01/2010 17:00:45 VBASE029.VDF : 7.10.2.165 2048 Bytes 11/01/2010 17:00:45 VBASE030.VDF : 7.10.2.166 2048 Bytes 11/01/2010 17:00:45 VBASE031.VDF : 7.10.2.179 174080 Bytes 13/01/2010 17:00:45 Version du moteur : 8.2.1.134 AEVDF.DLL : 8.1.1.2 106867 Bytes 13/01/2010 17:00:45 AESCRIPT.DLL : 8.1.3.7 594296 Bytes 13/01/2010 17:00:45 AESCN.DLL : 8.1.3.0 127348 Bytes 13/01/2010 17:00:45 AESBX.DLL : 8.1.1.1 246132 Bytes 13/01/2010 17:00:45 AERDL.DLL : 8.1.3.4 479605 Bytes 13/01/2010 17:00:45 AEPACK.DLL : 8.2.0.4 422263 Bytes 13/01/2010 17:00:45 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 13/01/2010 17:00:45 AEHEUR.DLL : 8.1.0.194 2228599 Bytes 13/01/2010 17:00:45 AEHELP.DLL : 8.1.9.0 237943 Bytes 13/01/2010 17:00:45 AEGEN.DLL : 8.1.1.83 369014 Bytes 13/01/2010 17:00:45 AEEMU.DLL : 8.1.1.0 393587 Bytes 13/01/2010 17:00:45 AECORE.DLL : 8.1.9.1 180598 Bytes 13/01/2010 17:00:45 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 14:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 13/01/2010 17:00:45 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 15:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 15:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 13/01/2010 17:00:42 RCTEXT.DLL : 9.0.73.0 88321 Bytes 13/01/2010 17:00:42 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: d:\sécurité\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, E:, F:, G:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : mercredi 13 janvier 2010 18:02 La recherche d'objets cachés commence. '74518' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'PPActiveDetection.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SSU.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'Launchy.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'DesktopSearchService.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'SpySweeperUI.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'RTHDCPL.EXE' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'caissdt.exe' - '1' module(s) sont contrôlés Processus de recherche 'MSASCui.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'SpySweeper.exe' - '1' module(s) sont contrôlés Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés Processus de recherche 'NMSAccessU.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'DkService.exe' - '1' module(s) sont contrôlés Processus de recherche 'a2service.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'InCDsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'MsMpEng.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'WRConsumerService.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '43' processus ont été contrôlés avec '43' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'E:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'F:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'G:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '57' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVcodec.zip [RESULTAT] Contient le code suspect GEN/PwdZIP C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032914.exe [0] Type d'archive: RSRC --> Object [1] Type d'archive: CAB (Microsoft) --> Setup_02.exe [2] Type d'archive: RSRC --> Object [3] Type d'archive: CAB (Microsoft) --> Setup_01.exe [4] Type d'archive: RSRC --> Object [5] Type d'archive: CAB (Microsoft) --> Setup_00.exe [6] Type d'archive: RSRC --> Object [7] Type d'archive: CAB (Microsoft) --> LINKOP~1.EXE [RESULTAT] Contient le cheval de Troie TR/Agent.46080.15 --> BA5993~1.EXE [RESULTAT] Contient le modèle de détection du dropper DR/Agent.dub --> Install.exe [RESULTAT] Contient le cheval de Troie TR/Genome.bjgv C:\WINDOWS\system32\SsiEfr.exe [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\WINDOWS\system32\wrLZMA.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Recherche débutant dans 'D:\' <Applog> D:\Internet\P2P\Emule\Incoming\(ELITE)Driver Genius Professional Edition v9 0 0 180 Por Gamolama.zip [0] Type d'archive: ZIP --> setup.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Swizzor.IM.1 D:\Internet\P2P\Emule\Incoming\(Incl Keygen) Drivermax Pro.rar [0] Type d'archive: RAR --> Setup.exe [1] Type d'archive: RSRC --> Object [2] Type d'archive: CAB (Microsoft) --> Setup_02.exe [3] Type d'archive: RSRC --> Object [4] Type d'archive: CAB (Microsoft) --> Setup_01.exe [5] Type d'archive: RSRC --> Object [6] Type d'archive: CAB (Microsoft) --> Setup_00.exe [7] Type d'archive: RSRC --> Object [8] Type d'archive: CAB (Microsoft) --> LINKOP~1.EXE [RESULTAT] Contient le cheval de Troie TR/Agent.46080.15 --> BA5993~1.EXE [RESULTAT] Contient le modèle de détection du dropper DR/Agent.dub --> Install.exe [RESULTAT] Contient le cheval de Troie TR/Genome.bjgv --> patch\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Genome.bjgv D:\Internet\P2P\Emule\Incoming\Driver Genius Pro 2008 v8.0.316 Keygen-HeartBug.rar [0] Type d'archive: RAR --> Driver Genius Pro 2008 v8.0.316+Keygen-HeartBug\Keygen\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Spy.128000 D:\Internet\P2P\Emule\Incoming\Drivermax 4 7 Incl Serial [h33t][mambo04].zip [0] Type d'archive: ZIP --> setup.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Swizzor.382139L D:\Internet\P2P\Emule\Incoming\Vertus.Fluid.Mask 2.0.3+TutorialF7.[Oslonet.net].rar [0] Type d'archive: RAR --> Vertus Fluid Mask 2.0.3 + Tutorial F7\Vertus Fluid Mask 2.03 instalka\patch\patch.exe [RESULTAT] Contient le cheval de Troie TR/Hupigon.2454528 Recherche débutant dans 'E:\' <Données> Recherche débutant dans 'F:\' <SAUVEGARDE> Recherche débutant dans 'G:\' <Ma Musique> G:\Ma Musique\Download\Softissimo Reverso Pro 5.0 + serie Fr.exe [0] Type d'archive: ACE SFX (self extracting) --> Softissimo Reverso Pro 5.0 Fr\English\EFFE\instmsiw.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. G:\Ma Musique\Musique_genres\Pop Rock\Nouveau dossier\True Image 9 fr marche nikel.rar [0] Type d'archive: RAR --> True Image 9 fr marche nikel\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen Début de la désinfection : C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVcodec.zip [RESULTAT] Contient le code suspect GEN/PwdZIP [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bbd2118.qua' ! C:\System Volume Information\_restore{5C48B599-E7F5-4097-A6B0-6CEE0E0505CA}\RP179\A0032914.exe [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b7e20dc.qua' ! C:\WINDOWS\system32\wrLZMA.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [AVERTISSEMENT] Erreur lors de la création d'une copie de sécurité du fichier. Le fichier n'a pas été supprimé. Code d'erreur : 26004 [AVERTISSEMENT] Impossible de trouver le fichier source. [REMARQUE] Tentative en cours d'exécuter l'action à l'aide de la bibliothèque ARK. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b9a211e.qua' ! D:\Internet\P2P\Emule\Incoming\(ELITE)Driver Genius Professional Edition v9 0 0 180 Por Gamolama.zip [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b9a20f1.qua' ! D:\Internet\P2P\Emule\Incoming\(Incl Keygen) Drivermax Pro.rar [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bbc20f5.qua' ! D:\Internet\P2P\Emule\Incoming\Driver Genius Pro 2008 v8.0.316 Keygen-HeartBug.rar [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bb7211f.qua' ! D:\Internet\P2P\Emule\Incoming\Drivermax 4 7 Incl Serial [h33t][mambo04].zip [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '48fb8c78.qua' ! D:\Internet\P2P\Emule\Incoming\Vertus.Fluid.Mask 2.0.3+TutorialF7.[Oslonet.net].rar [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bc02112.qua' ! G:\Ma Musique\Musique_genres\Pop Rock\Nouveau dossier\True Image 9 fr marche nikel.rar [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bc32139.qua' ! Fin de la recherche : mercredi 13 janvier 2010 20:36 Temps nécessaire: 1:42:47 Heure(s) La recherche a été effectuée intégralement 19224 Les répertoires ont été contrôlés 1049759 Des fichiers ont été contrôlés 13 Des virus ou programmes indésirables ont été trouvés 1 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 9 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 3 Impossible de contrôler des fichiers 1049742 Fichiers non infectés 8179 Les archives ont été contrôlées 5 Avertissements 10 Consignes 74518 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés

Bonsoir, me revoilou! J'ai suivi tes instructions, à savoir - désinstallation des 2 antivirus + parefeu -install d'antivir + maj + scan Pas mal de saloperies détectées par Antivir que j'ai supprimé (voir ra

Rebonjour, Dans la mesure ou mon fils a téléchargé plusieurs logiciels, cracks,etc... sur Emule, je suis convaincu que le virus vient de là. J'ai donc fait le ménage et suprrimé tous les fichiers téléchargés. Des le début de l'infection, un pop-up avec winupgro.exe apparaissait et le parefeu me signalait qu'il avait bloqué des paquets suspects. Suite au diverses manips le pop-up a disparu mais le message du parefeu persiste. J'ai remarqué également que le mot de passe que j'avais mis dans le bios pour empecher mon fils d'accéder en permanence au micro avait disparu sans qu'il ait modifié quoi que ce soit. Je te tiens au courant, dans la soirée, pour la poursuite des opérations. agenor47

Bonjour Mark, Je ferai ttes les manips ce soir aprés le boulot. Juste une précision. Le fichier incriminé, dixit mon fils, existe depuis au moins 2 ou 3 ans. Donc, je ne pense pas qu'il soit en cause mais je suivrai néammoins tes instructions. @+

Avant d'aller de coucher, voici le rapport findykill apres le 2éme passage . En attendant ta réponse Mark, je te souhaite une bonne nuit. ############################## | FindyKill V5.024 | # User : Yancau (Administrateurs) # CAUJOLLE-381D1A # Update on 09/01/2010 by El Desaparecido # Start at: 21:57:50 | 12/01/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Core2 Quad CPU Q6600 @ 2.40GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Enabled # AV : Spyware Doctor with AntiVirus 7.0.0.92 [ (!) Disabled | Updated ] # AV : McAfee VirusScan Enterprise 8.5.0.781 [ Enabled | Updated ] # FW : Outpost Firewall Pro[ Enabled ]6.5.5 # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 77,93 Go (42,6 Go free) # NTFS # D:\ # Disque fixe local # 67,06 Go (53,16 Go free) [Applog] # NTFS # E:\ # Disque fixe local # 87,9 Go (38,91 Go free) [Données] # NTFS # F:\ # Disque fixe local # 32,25 Go (32,16 Go free) [sAUVEGARDE] # NTFS # G:\ # Disque fixe local # 120,41 Go (64,77 Go free) [Ma Musique] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\Sécurité\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe D:\SéCURITé\A-SQUARED FREE\a2service.exe C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe D:\Systéme\Diskeeper Corporation\DkService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe D:\Utilitaires\CDBurnerXP\NMSAccessU.exe C:\Program Files\McAfee\Common Framework\naPrdMgr.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe ################## | C: | ################## | C:\WINDOWS | ################## | C:\WINDOWS\Prefetch | Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-16ABE98D.pf ################## | C:\WINDOWS\system32 | ################## | C:\WINDOWS\system32\drivers | ################## | C:\Documents and Settings\Yancau\Application Data | ################## | Autres suppressions ... | ################## | Temporary Internet Files | ################## | Registre | ################## | Etat | # Mode sans echec : OK # Affichage des fichiers cachés : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # windefend -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | PEH | ################## | Cracks > Keygens > Serials | "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\freecorder\Freecorder V2.2+crk\crack\Freecorder.exe" 26/10/2004 16:28 |Size 532480 |Crc32 ed3bf5fa |Md5 fa50b842187ee0f1d42530fbf73e7873 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Everest\keygen.exe" 06/09/2008 06:24 |Size 44544 |Crc32 6c5bcab8 |Md5 933330ee37194f0845342f4cacd5e6d9 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Winiso\KeyGen_WinISO5.3\winiso53.exe" 30/07/2008 21:40 |Size 7440 |Crc32 7c589e91 |Md5 a0d42b98f11125150feb3022b34e2e0b "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\eTrust\keygen.exe" 05/07/2006 19:41 |Size 173568 |Crc32 87532344 |Md5 5bf3b3ed78d112aa60865e680d7c3e87 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\GoodSync.8.0.0.0 + Keymaker-CORE\keygen.exe" 29/03/2008 22:48 |Size 118272 |Crc32 617bec76 |Md5 a51c73e436c2151d19330189835c62e5 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\Keygen\keygen.EXE" 30/09/2008 16:29 |Size 436736 |Crc32 68c628ec |Md5 64f7b016e077e63ff822696f32199d0c "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 "G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\Photoshop cs\Patch.exe" 12/11/2004 01:15 |Size 978593 |Crc32 ec6f6daa |Md5 c5f92bc7729bc95ee481ebd242d30e2f ################## | ! Fin du rapport # FindyKill V5.024 ! |

Me revoila! Mon antivirus et le parefeu fonctionne normalement. Par contre, impossibilité d'atteindre un qque site. A chaque tentative de connection, Outpost me signale tjs qu'un paquet suspect a été bloqué. En fait, cette alerte se manifeste depuis l'infection ce qui me laisse à penser que des traces du virus subsistent. Voici le nouveau rapport -- Report -- . G:\Ma Musique\Download\Expert PDF Printer Pro v2.0.0_regged.zip | keygen.exe <-- DELETED G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\MediaMonkey.Gold.v3.0.2.1134.Multilingual.Incl.Keymaker-CORE.zip | MediaMonkey.Gold.v3.0.2.1134.Multilingual.Incl.Keymaker-CORE/keygen.exe <-- DELETED G:\Ma Musique\Musique_genres\Logiciels\Softs\Systran Pro Standard 4 + Harrap's Shorter Dictionnaire Fr-En + Kgen.zip | SYSTRAN/crack/keygen.exe <-- FAILED TO DELETE . -- EOF --

Bonsoir Mark, Tout d'abord, merci de t'interesser à mon pb. Pour répondre à tes interrogations : - je me connecte à internet grace au portable de mon épouse - Avant de poster sur le forum, j'ai recherché d'autres personnes ayant connu le même souci. J'ai aussi scanné le pc avec differents antispywares et supprimé dans la base de registre ttes les clés relatives à winupgro. Malgré tout, je ne peux tjs pas accéder à internet ( en fait, je n'ai accés a aucun site) et outpost firewall me signale en permanence qu'il a bloqué des paquets suspects. Je constate également que le virus recrée en permanence un dossier driver sous C: contenant winupgro.exe, même apres suppression. Comme demandé voila le rapport généré par Zip_Scan -- Report -- . G:\Ma Musique\Download\Expert PDF Printer Pro v2.0.0_regged.zip | keygen.exe <-- FOUND G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\MediaMonkey.Gold.v3.0.2.1134.Multilingual.Incl.Keymaker-CORE.zip | MediaMonkey.Gold.v3.0.2.1134.Multilingual.Incl.Keymaker-CORE/keygen.exe <-- FOUND G:\Ma Musique\Musique_genres\Logiciels\Softs\Systran Pro Standard 4 + Harrap's Shorter Dictionnaire Fr-En + Kgen.zip | SYSTRAN/crack/keygen.exe <-- FOUND . -- EOF --

Bonsoir, Malgré mon interdiction, mon fils a téléchargé sur emule des cracks, keygen et autres salop.....s. Et bien sur, il a fini par choper un virus qui m'empeches toutes connections à internet. Voila le fichier généré par Findykill en esperant que qq'un sur le forum saura l'interpreter. Merci pour votre aide ############################## | FindyKill V5.024 | # User : Yancau (Administrateurs) # CAUJOLLE-381D1A # Update on 09/01/2010 by El Desaparecido # Start at: 18:34:25 | 12/01/2010 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Core2 Quad CPU Q6600 @ 2.40GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # AV : Spyware Doctor with AntiVirus 7.0.0.92 [ (!) Disabled | Updated ] # AV : McAfee VirusScan Enterprise 8.5.0.781 [ Enabled | Updated ] # FW : Outpost Firewall Pro[ Enabled ]6.5.5 # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 77,93 Go (42,19 Go free) # NTFS # D:\ # Disque fixe local # 67,06 Go (53,03 Go free) [Applog] # NTFS # E:\ # Disque fixe local # 87,9 Go (38,89 Go free) [Données] # NTFS # F:\ # Disque fixe local # 32,25 Go (32,16 Go free) [sAUVEGARDE] # NTFS # G:\ # Disque fixe local # 120,41 Go (64,77 Go free) [Ma Musique] # NTFS # H:\ # Disque CD-ROM # I:\ # Disque CD-ROM # J:\ # Disque amovible # 3,95 Go (2,23 Go free) [LOGICIELS] # FAT32 ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\Sécurité\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe D:\SéCURITé\A-SQUARED FREE\a2service.exe C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe D:\Systéme\Diskeeper Corporation\DkService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\Program Files\McAfee\Common Framework\naPrdMgr.exe D:\Utilitaires\CDBurnerXP\NMSAccessU.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\WINDOWS\system32\svchost.exe D:\Sécurité\Windows Defender\MSASCui.exe D:\Sécurité\Pest Patrol\caissdt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe D:\Utilitaires\Copernic Desktop Search - Home\DesktopSearchService.exe D:\Utilitaires\Launchy\Launchy.exe C:\Program Files\Webroot\WebrootSecurity\SSU.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## | C: | Présent ! J:\autorun.inf ################## | C:\WINDOWS | ################## | C:\WINDOWS\Prefetch | ################## | C:\WINDOWS\system32 | ################## | C:\WINDOWS\system32\drivers | ################## | C:\Documents and Settings\Yancau\Application Data | ################## | Temporary Internet Files | ################## | Registre | ################## | Etat | # Affichage des fichiers cachés : OK # Mode sans echec : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # windefend -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) ################## | Cracks > Keygens > Serials | "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\freecorder\Freecorder V2.2+crk\crack\Freecorder.exe" 26/10/2004 16:28 |Size 532480 |Crc32 ed3bf5fa |Md5 fa50b842187ee0f1d42530fbf73e7873 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Everest\keygen.exe" 06/09/2008 06:24 |Size 44544 |Crc32 6c5bcab8 |Md5 933330ee37194f0845342f4cacd5e6d9 "C:\Documents and Settings\Parents\Bureau\Nouveau dossier\image logiciels\Winiso\KeyGen_WinISO5.3\winiso53.exe" 30/07/2008 21:40 |Size 7440 |Crc32 7c589e91 |Md5 a0d42b98f11125150feb3022b34e2e0b "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\eTrust\keygen.exe" 05/07/2006 19:41 |Size 173568 |Crc32 87532344 |Md5 5bf3b3ed78d112aa60865e680d7c3e87 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\GoodSync.8.0.0.0 + Keymaker-CORE\keygen.exe" 29/03/2008 22:48 |Size 118272 |Crc32 617bec76 |Md5 a51c73e436c2151d19330189835c62e5 "C:\Documents and Settings\Parents.CAUJOLLE-381D1A\Bureau\Nouveau dossier\Keygen\keygen.EXE" 30/09/2008 16:29 |Size 436736 |Crc32 68c628ec |Md5 64f7b016e077e63ff822696f32199d0c "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 "G:\Ma Musique\Musique_genres\Logiciels\Cracks Keygen\Photoshop cs\Patch.exe" 12/11/2004 01:15 |Size 978593 |Crc32 ec6f6daa |Md5 c5f92bc7729bc95ee481ebd242d30e2f ################## | ! Fin du rapport # FindyKill V5.024 ! |