Virus Email-Worm.Bagle
Résolu/Fermé
A voir également:
- Virus Email-Worm.Bagle
- Comment creer un compte email - Guide
- Svchost.exe virus - Guide
- Email hotmail - Guide
- Cci email - Guide
- Faux message virus iphone ✓ - Forum iPhone
25 réponses
Utilisateur anonyme
11 oct. 2008 à 22:51
11 oct. 2008 à 22:51
Salut,
Telecharge FindyKill sur ton bureau :
--> Lance l installation avec les parametres par default
--> Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Telecharge FindyKill sur ton bureau :
--> Lance l installation avec les parametres par default
--> Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
je pense qu'il vaut mieux formater
tu penses mal
je ne suis pas un expert
raison de plus pour ne pas raconter des aneries
comment tu vas pouvoir t'en debarasser
regarde bien Chiquitine
tu penses mal
je ne suis pas un expert
raison de plus pour ne pas raconter des aneries
comment tu vas pouvoir t'en debarasser
regarde bien Chiquitine
Utilisateur anonyme
11 oct. 2008 à 23:05
11 oct. 2008 à 23:05
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
faznic
Messages postés
285
Date d'inscription
jeudi 27 septembre 2007
Statut
Membre
Dernière intervention
10 juillet 2010
35
11 oct. 2008 à 22:51
11 oct. 2008 à 22:51
Si tu ne peux pas ouvrir de fichiers .exe je ne vois pas comment tu vas pouvoir t'en debarasser donc je pense qu'il vaut mieux formater mais bon je ne suis pas un expert donc attend d'autres avis
au passage fais gaffe au trojan Backdoor, quelqu'un pourrait prendre le contrôle de ton pc
au passage fais gaffe au trojan Backdoor, quelqu'un pourrait prendre le contrôle de ton pc
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
12 oct. 2008 à 00:00
12 oct. 2008 à 00:00
pour repair oui c est normal
avast est inactif il va falloir le reinstallé et/ou
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->Antivir le telecharger
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
ensuite :
Telecharge malwarebytes
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
avast est inactif il va falloir le reinstallé et/ou
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->Antivir le telecharger
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
ensuite :
Telecharge malwarebytes
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Voila le rapport
----------------- FindyKill V4.005 ------------------
* User : Michel - MG-96C3A46E401F
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 11/10/08 par Chiquitine29
* Recherche effectuée à 23:00:14 le 11/10/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
Présent ! - C:\InfoSat.txt
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Present ! - C:\WINDOWS\prefetch\10839265.EXE-038B5A9F.pf
Present ! - C:\WINDOWS\prefetch\10846312.EXE-2F992E14.pf
Present ! - C:\WINDOWS\prefetch\10861171.EXE-19FF75AD.pf
Present ! - C:\WINDOWS\prefetch\14790875.EXE-1A28E434.pf
Present ! - C:\WINDOWS\prefetch\14820578.EXE-049417E6.pf
Present ! - C:\WINDOWS\prefetch\14835859.EXE-1269914F.pf
Present ! - C:\WINDOWS\prefetch\14841781.EXE-1463B013.pf
Present ! - C:\WINDOWS\prefetch\14911234.EXE-3389E5E4.pf
Present ! - C:\WINDOWS\prefetch\14917859.EXE-36B12C22.pf
Present ! - C:\WINDOWS\prefetch\14922750.EXE-16743478.pf
Present ! - C:\WINDOWS\prefetch\305140.EXE-0550D9C9.pf
Present ! - C:\WINDOWS\prefetch\339250.EXE-3714AC80.pf
Present ! - C:\WINDOWS\prefetch\352406.EXE-07036FF0.pf
Present ! - C:\WINDOWS\prefetch\457703.EXE-39DAB0BD.pf
Present ! - C:\WINDOWS\prefetch\48143140.EXE-219081AC.pf
Present ! - C:\WINDOWS\prefetch\48146015.EXE-286A2CE9.pf
Present ! - C:\WINDOWS\prefetch\48194890.EXE-24AD0A62.pf
Present ! - C:\WINDOWS\prefetch\48205437.EXE-263F3A34.pf
Present ! - C:\WINDOWS\prefetch\48210296.EXE-1968F996.pf
Present ! - C:\WINDOWS\prefetch\508281.EXE-347BED7B.pf
Present ! - C:\WINDOWS\prefetch\519750.EXE-38B5D18A.pf
Present ! - C:\WINDOWS\prefetch\825671.EXE-08632022.pf
Present ! - C:\WINDOWS\prefetch\868843.EXE-14B7E5C1.pf
Present ! - C:\WINDOWS\prefetch\873734.EXE-1986ED9E.pf
Present ! - C:\WINDOWS\prefetch\884468.EXE-2752C568.pf
Present ! - C:\WINDOWS\prefetch\FLEC006.EXE-298E62DF.pf
Present ! - C:\WINDOWS\prefetch\HLDRRR.EXE-106798BB.pf
Present ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Present ! - C:\WINDOWS\prefetch\MDELK.EXE-3482FBC5.pf
Present ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Présent ! - "C:\WINDOWS\system32\drivers\downld"
Present ! - C:\WINDOWS\system32\drivers\downld\11947640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1405500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1451640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14891250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14937640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15133890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15506640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15529390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15658390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\16012500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2042250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2077140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2222250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\222640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22785140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\245890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\267390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\287500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2885140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\296000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30473750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\305140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\323890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32934390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\335000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\361140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3722890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3823000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38559890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38591000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\387890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\393140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42792390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42797500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\431890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\444640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\472640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\476750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48025000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48331500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\510390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\522750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\536500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\541640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\590000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6509250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6543750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\839890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1186281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\12118281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1216531.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1381171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14490031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14594171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14723281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14848421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14903671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14935781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15002781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15420281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15459031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18404171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\213171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2154531.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2193671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\222421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\236671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\237781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\286031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\287031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2949781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\298171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30533031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\321421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\327921.exe
Present ! - C:\WINDOWS\system32\drivers\downld\33020531.exe
Present ! - C:\WINDOWS\system32\drivers\downld\331281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\363281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3678421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37460921.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3825281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3850171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38561671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38654281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\388171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39582281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\396031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\409171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\461281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\470031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\47956281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\47968421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48031171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48113781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48169031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48220671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\483671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\489031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\534671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\560671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\570421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\570781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\574671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\589921.exe
Present ! - C:\WINDOWS\system32\drivers\downld\628031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\655421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\825671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\958671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\985031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\996781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10719812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10722062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1409562.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14451812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14760062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14813062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14934812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14938312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14940312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15418062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\188812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1963812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1996562.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22898812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\281312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\285312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2859312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\332562.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37751312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3894812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42725812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42890312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\463062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48166062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6639312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\875312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10833203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10972203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\12037093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1205093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14450203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14564703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14811203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14922843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15019203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15518203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15541843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\16038953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18392843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18400203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22783703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22888593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\266343.exe
Present ! - C:\WINDOWS\system32\drivers\downld\283843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30613843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\318343.exe
Present ! - C:\WINDOWS\system32\drivers\downld\331843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\342703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\346843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\351203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37388593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37641703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37691703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37771593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\402093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42885453.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42931953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\452093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\457703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\469953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\480343.exe
Present ! - C:\WINDOWS\system32\drivers\downld\484593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\491843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\498203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\499953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\551843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\586703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\653203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6549453.exe
Present ! - C:\WINDOWS\system32\drivers\downld\704093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\757203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\876843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\891703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\924593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1029984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14764234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15453984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15562234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15589984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\196484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\198734.exe
Present ! - C:\WINDOWS\system32\drivers\downld\229234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\269984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\277734.exe
Present ! - C:\WINDOWS\system32\drivers\downld\283234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\363484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\365234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37384734.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42906234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\47965984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48110484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\487484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\500234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\614484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\701984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10758515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1128515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\12026765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14790875.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1480015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14829015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14839625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14939515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14954515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14982375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15201515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15420375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15951265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\182515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18270515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18274015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18352125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18389265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1962125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2130015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\218375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22825015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\231875.exe
Present ! - C:\WINDOWS\system32\drivers\downld\247625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\273375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\282625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2857125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2889375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2934265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\33029765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\332515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3819265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38594765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\388125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39580515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39728515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\412265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\414375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\468375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48146015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\541015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\643765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6512125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6607125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\762265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\837515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\869015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\871265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\874875.exe
Present ! - C:\WINDOWS\system32\drivers\downld\887375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\927125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\966625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\980265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10827296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1095406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1097796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\11939406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\13178156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1379296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14439796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14486046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14901906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14908156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15008046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15011546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15106046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15418156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15464656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15470046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15540546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15647656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15947796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18350546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18414656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\184406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2087296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\231046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\234406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2959296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32997546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\348406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\356156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\358796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\367046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\367796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37343296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37344906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37639406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\377906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3804546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38666546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3911156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3920406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39571296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39628656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39715296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\405296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\409796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\446546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\479406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48232796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48319656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\503156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\527046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\540656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\545796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\574406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\614296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6626796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\663906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\827796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\831046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\855656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\897656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10967687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1141687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1469937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14857187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14906437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15563687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15573687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2151187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\267437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\327437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32928937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\333687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\353937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3853937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\386187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39675937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42744937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\439687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\447687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48227187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\496187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\532187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\557687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\602437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\856687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1035328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10762828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10829468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10845468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10874078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10883218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10983968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\13182718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1364468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14615718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14721468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15107718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15191828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15586718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\16030218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18455718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18464718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\186218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2000968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2127328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\225968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22870468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\278718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\298468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\305718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30582468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30630218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\328078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32895968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\335218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3680468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3728828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37430218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37470328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37688078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\377718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\417718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\419468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42748218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42900828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42904578.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42938218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\43011078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\43025078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\457968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\461218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\469828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\485718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\485968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\489328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\544968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\556078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\853578.exe
Present ! - C:\WINDOWS\system32\drivers\downld\929218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\976968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\979218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10730359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14471109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14811609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15130359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15925359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15926859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18326609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18439109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2213109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22829609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\269109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\272109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\283859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\292109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30470609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30528609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32893859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\351859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\394109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\395859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42983859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\450859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\520359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\543609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\924359.exe
»»»» Presence des fichiers dans C:\Documents and Settings\Michel\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\Michel\LOCALS~1\Temp
--------------- [ Registre / Startup ] ----------------
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
WooCnxMon REG_SZ C:\PROGRA~1\Wanadoo\CnxMon.exe
WOOWATCH REG_SZ C:\PROGRA~1\Wanadoo\Watch.exe
WOOTASKBARICON REG_SZ C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
NvCplDaemon REG_SZ RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
nwiz REG_SZ nwiz.exe /install
Easy-PrintToolBox REG_SZ C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
Omnipage REG_SZ C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
SoundMan REG_SZ SOUNDMAN.EXE
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
AppleSyncNotifier REG_SZ C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
NeroCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
msnmsgr REG_SZ "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
--------------- [ Registre / Clés infecteuses ] ----------------
Présent ! - HKEY_USERS\S-1-5-21-1343024091-1220945662-682003330-1004\Software\bisoft
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_CURRENT_USER\Software\bisoft
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 Demande=3 Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
/!\ Ip6Fw - Type de démarrage = 4
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Moutpoint2 ] ----------------
-> Recherche négative.
------------------- ! Fin du rapport ! --------------------
----------------- FindyKill V4.005 ------------------
* User : Michel - MG-96C3A46E401F
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 11/10/08 par Chiquitine29
* Recherche effectuée à 23:00:14 le 11/10/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
Présent ! - C:\InfoSat.txt
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Present ! - C:\WINDOWS\prefetch\10839265.EXE-038B5A9F.pf
Present ! - C:\WINDOWS\prefetch\10846312.EXE-2F992E14.pf
Present ! - C:\WINDOWS\prefetch\10861171.EXE-19FF75AD.pf
Present ! - C:\WINDOWS\prefetch\14790875.EXE-1A28E434.pf
Present ! - C:\WINDOWS\prefetch\14820578.EXE-049417E6.pf
Present ! - C:\WINDOWS\prefetch\14835859.EXE-1269914F.pf
Present ! - C:\WINDOWS\prefetch\14841781.EXE-1463B013.pf
Present ! - C:\WINDOWS\prefetch\14911234.EXE-3389E5E4.pf
Present ! - C:\WINDOWS\prefetch\14917859.EXE-36B12C22.pf
Present ! - C:\WINDOWS\prefetch\14922750.EXE-16743478.pf
Present ! - C:\WINDOWS\prefetch\305140.EXE-0550D9C9.pf
Present ! - C:\WINDOWS\prefetch\339250.EXE-3714AC80.pf
Present ! - C:\WINDOWS\prefetch\352406.EXE-07036FF0.pf
Present ! - C:\WINDOWS\prefetch\457703.EXE-39DAB0BD.pf
Present ! - C:\WINDOWS\prefetch\48143140.EXE-219081AC.pf
Present ! - C:\WINDOWS\prefetch\48146015.EXE-286A2CE9.pf
Present ! - C:\WINDOWS\prefetch\48194890.EXE-24AD0A62.pf
Present ! - C:\WINDOWS\prefetch\48205437.EXE-263F3A34.pf
Present ! - C:\WINDOWS\prefetch\48210296.EXE-1968F996.pf
Present ! - C:\WINDOWS\prefetch\508281.EXE-347BED7B.pf
Present ! - C:\WINDOWS\prefetch\519750.EXE-38B5D18A.pf
Present ! - C:\WINDOWS\prefetch\825671.EXE-08632022.pf
Present ! - C:\WINDOWS\prefetch\868843.EXE-14B7E5C1.pf
Present ! - C:\WINDOWS\prefetch\873734.EXE-1986ED9E.pf
Present ! - C:\WINDOWS\prefetch\884468.EXE-2752C568.pf
Present ! - C:\WINDOWS\prefetch\FLEC006.EXE-298E62DF.pf
Present ! - C:\WINDOWS\prefetch\HLDRRR.EXE-106798BB.pf
Present ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Present ! - C:\WINDOWS\prefetch\MDELK.EXE-3482FBC5.pf
Present ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
Présent ! - "C:\WINDOWS\system32\drivers\downld"
Present ! - C:\WINDOWS\system32\drivers\downld\11947640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1405500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1451640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14891250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14937640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15133890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15506640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15529390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15658390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\16012500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2042250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2077140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2222250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\222640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22785140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\245890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\267390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\287500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2885140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\296000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30473750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\305140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\323890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32934390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\335000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\361140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3722890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3823000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38559890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38591000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\387890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\393140.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42792390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42797500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\431890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\444640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\472640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\476750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48025000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48331500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\510390.exe
Present ! - C:\WINDOWS\system32\drivers\downld\522750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\536500.exe
Present ! - C:\WINDOWS\system32\drivers\downld\541640.exe
Present ! - C:\WINDOWS\system32\drivers\downld\590000.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6509250.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6543750.exe
Present ! - C:\WINDOWS\system32\drivers\downld\839890.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1186281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\12118281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1216531.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1381171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14490031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14594171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14723281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14848421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14903671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14935781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15002781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15420281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15459031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18404171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\213171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2154531.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2193671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\222421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\236671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\237781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\286031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\287031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2949781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\298171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30533031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\321421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\327921.exe
Present ! - C:\WINDOWS\system32\drivers\downld\33020531.exe
Present ! - C:\WINDOWS\system32\drivers\downld\331281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\363281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3678421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37460921.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3825281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3850171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38561671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38654281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\388171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39582281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\396031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\409171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\461281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\470031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\47956281.exe
Present ! - C:\WINDOWS\system32\drivers\downld\47968421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48031171.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48113781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48169031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48220671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\483671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\489031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\534671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\560671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\570421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\570781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\574671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\589921.exe
Present ! - C:\WINDOWS\system32\drivers\downld\628031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\655421.exe
Present ! - C:\WINDOWS\system32\drivers\downld\825671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\958671.exe
Present ! - C:\WINDOWS\system32\drivers\downld\985031.exe
Present ! - C:\WINDOWS\system32\drivers\downld\996781.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10719812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10722062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1409562.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14451812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14760062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14813062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14934812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14938312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14940312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15418062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\188812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1963812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1996562.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22898812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\281312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\285312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2859312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\332562.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37751312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3894812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42725812.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42890312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\463062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48166062.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6639312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\875312.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10833203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10972203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\12037093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1205093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14450203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14564703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14811203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14922843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15019203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15518203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15541843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\16038953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18392843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18400203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22783703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22888593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\266343.exe
Present ! - C:\WINDOWS\system32\drivers\downld\283843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30613843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\318343.exe
Present ! - C:\WINDOWS\system32\drivers\downld\331843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\342703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\346843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\351203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37388593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37641703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37691703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37771593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\402093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42885453.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42931953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\452093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\457703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\469953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\480343.exe
Present ! - C:\WINDOWS\system32\drivers\downld\484593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\491843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\498203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\499953.exe
Present ! - C:\WINDOWS\system32\drivers\downld\551843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\586703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\653203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6549453.exe
Present ! - C:\WINDOWS\system32\drivers\downld\704093.exe
Present ! - C:\WINDOWS\system32\drivers\downld\757203.exe
Present ! - C:\WINDOWS\system32\drivers\downld\876843.exe
Present ! - C:\WINDOWS\system32\drivers\downld\891703.exe
Present ! - C:\WINDOWS\system32\drivers\downld\924593.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1029984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14764234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15453984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15562234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15589984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\196484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\198734.exe
Present ! - C:\WINDOWS\system32\drivers\downld\229234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\269984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\277734.exe
Present ! - C:\WINDOWS\system32\drivers\downld\283234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\363484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\365234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37384734.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42906234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\47965984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48110484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\487484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\500234.exe
Present ! - C:\WINDOWS\system32\drivers\downld\614484.exe
Present ! - C:\WINDOWS\system32\drivers\downld\701984.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10758515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1128515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\12026765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14790875.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1480015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14829015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14839625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14939515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14954515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14982375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15201515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15420375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15951265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\182515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18270515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18274015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18352125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18389265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1962125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2130015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\218375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22825015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\231875.exe
Present ! - C:\WINDOWS\system32\drivers\downld\247625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\273375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\282625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2857125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2889375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2934265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\33029765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\332515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3819265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38594765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\388125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39580515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39728515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\412265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\414375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\468375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48146015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\541015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\643765.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6512125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6607125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\762265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\837515.exe
Present ! - C:\WINDOWS\system32\drivers\downld\869015.exe
Present ! - C:\WINDOWS\system32\drivers\downld\871265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\874875.exe
Present ! - C:\WINDOWS\system32\drivers\downld\887375.exe
Present ! - C:\WINDOWS\system32\drivers\downld\927125.exe
Present ! - C:\WINDOWS\system32\drivers\downld\966625.exe
Present ! - C:\WINDOWS\system32\drivers\downld\980265.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10827296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1095406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1097796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\11939406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\13178156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1379296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14439796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14486046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14901906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14908156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15008046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15011546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15106046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15418156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15464656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15470046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15540546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15647656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15947796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18350546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18414656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\184406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2087296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\231046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\234406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2959296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32997546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\348406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\356156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\358796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\367046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\367796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37343296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37344906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37639406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\377906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3804546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\38666546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3911156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3920406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39571296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39628656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39715296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\405296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\409796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\446546.exe
Present ! - C:\WINDOWS\system32\drivers\downld\479406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48232796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48319656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\503156.exe
Present ! - C:\WINDOWS\system32\drivers\downld\527046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\540656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\545796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\574406.exe
Present ! - C:\WINDOWS\system32\drivers\downld\614296.exe
Present ! - C:\WINDOWS\system32\drivers\downld\6626796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\663906.exe
Present ! - C:\WINDOWS\system32\drivers\downld\827796.exe
Present ! - C:\WINDOWS\system32\drivers\downld\831046.exe
Present ! - C:\WINDOWS\system32\drivers\downld\855656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\897656.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10967687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1141687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1469937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14857187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14906437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15563687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15573687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2151187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\267437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\327437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32928937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\333687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\353937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3853937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\386187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\39675937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42744937.exe
Present ! - C:\WINDOWS\system32\drivers\downld\439687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\447687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\48227187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\496187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\532187.exe
Present ! - C:\WINDOWS\system32\drivers\downld\557687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\602437.exe
Present ! - C:\WINDOWS\system32\drivers\downld\856687.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1035328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10762828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10829468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10845468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10874078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10883218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10983968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\13182718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\1364468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14615718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14721468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15107718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15191828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15586718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\16030218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18455718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18464718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\186218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2000968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2127328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\225968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22870468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\278718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\298468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\305718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30582468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30630218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\328078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32895968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\335218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3680468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\3728828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37430218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37470328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\37688078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\377718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\417718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\419468.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42748218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42900828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42904578.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42938218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\43011078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\43025078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\457968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\461218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\469828.exe
Present ! - C:\WINDOWS\system32\drivers\downld\485718.exe
Present ! - C:\WINDOWS\system32\drivers\downld\485968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\489328.exe
Present ! - C:\WINDOWS\system32\drivers\downld\544968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\556078.exe
Present ! - C:\WINDOWS\system32\drivers\downld\853578.exe
Present ! - C:\WINDOWS\system32\drivers\downld\929218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\976968.exe
Present ! - C:\WINDOWS\system32\drivers\downld\979218.exe
Present ! - C:\WINDOWS\system32\drivers\downld\10730359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14471109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\14811609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15130359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15925359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\15926859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18326609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\18439109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\2213109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\22829609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\269109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\272109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\283859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\292109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30470609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\30528609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\32893859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\351859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\394109.exe
Present ! - C:\WINDOWS\system32\drivers\downld\395859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\42983859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\450859.exe
Present ! - C:\WINDOWS\system32\drivers\downld\520359.exe
Present ! - C:\WINDOWS\system32\drivers\downld\543609.exe
Present ! - C:\WINDOWS\system32\drivers\downld\924359.exe
»»»» Presence des fichiers dans C:\Documents and Settings\Michel\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\Michel\LOCALS~1\Temp
--------------- [ Registre / Startup ] ----------------
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
WooCnxMon REG_SZ C:\PROGRA~1\Wanadoo\CnxMon.exe
WOOWATCH REG_SZ C:\PROGRA~1\Wanadoo\Watch.exe
WOOTASKBARICON REG_SZ C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
NvCplDaemon REG_SZ RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
nwiz REG_SZ nwiz.exe /install
Easy-PrintToolBox REG_SZ C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
Omnipage REG_SZ C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
SoundMan REG_SZ SOUNDMAN.EXE
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
AppleSyncNotifier REG_SZ C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
NeroCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
msnmsgr REG_SZ "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
--------------- [ Registre / Clés infecteuses ] ----------------
Présent ! - HKEY_USERS\S-1-5-21-1343024091-1220945662-682003330-1004\Software\bisoft
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_CURRENT_USER\Software\bisoft
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 Demande=3 Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
/!\ Ip6Fw - Type de démarrage = 4
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Moutpoint2 ] ----------------
-> Recherche négative.
------------------- ! Fin du rapport ! --------------------
faznic
Messages postés
285
Date d'inscription
jeudi 27 septembre 2007
Statut
Membre
Dernière intervention
10 juillet 2010
35
11 oct. 2008 à 23:07
11 oct. 2008 à 23:07
En réponse a magma, j'avais bien dis "mais bon je ne suis pas un expert donc attend d'autres avis" si tu n'a pas compris je vais te reexpliquer cette phrase qui dit en gros que COMME je ne suis PAS expert il vaut mieux qu'il attende des avis comme ceux de chiquitine, je voulais simplement aider ;) alors essaie de faire de même si tu t'y connais un minimum au lieu de rabaisser les autres :)
chimay8
Messages postés
7720
Date d'inscription
jeudi 1 mai 2008
Statut
Contributeur sécurité
Dernière intervention
3 janvier 2014
60
11 oct. 2008 à 23:10
11 oct. 2008 à 23:10
330 messages du même acabit???
faznic
Messages postés
285
Date d'inscription
jeudi 27 septembre 2007
Statut
Membre
Dernière intervention
10 juillet 2010
35
>
chimay8
Messages postés
7720
Date d'inscription
jeudi 1 mai 2008
Statut
Contributeur sécurité
Dernière intervention
3 janvier 2014
11 oct. 2008 à 23:13
11 oct. 2008 à 23:13
Nan nan t'inquiete pas, je voulais juste le remettre a ça place
Ah oui et je ne sais pas si ça a un rapport ou pas, mais dernièrement, quand je branche mon ipod et que je clique dessus pour accéder au disque dur (et non en passant par itunes) il ne s'ouvre pas, impossible de l'ouvrir, il y a un message d'erreur comme quoi ce fichier est déjà utilisé par une autre application, alors que non.
Voila je ne sais pas si ça a un rapport et si je dois refaire le scan avec FindyKill en branchant mon ipod?
Voila je ne sais pas si ça a un rapport et si je dois refaire le scan avec FindyKill en branchant mon ipod?
Voila, c'est fait, j'avais branché mon ipod aussi.
----------------- FindyKill V4.005 ------------------
* User : Michel - MG-96C3A46E401F
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 11/10/08 par Chiquitine29
* Suppression effectuée à 23:24:20 le 11/10/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** Suppression *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Suppression des fichiers dans C:
»»»» Suppression des fichiers dans C:\WINDOWS
»»»» Suppression des fichiers dans C:\WINDOWS\Prefetch
Supprimé ! - C:\WINDOWS\Prefetch\10861171.EXE-19FF75AD.pf
Supprimé ! - C:\WINDOWS\Prefetch\14841781.EXE-1463B013.pf
Supprimé ! - C:\WINDOWS\Prefetch\508281.EXE-347BED7B.pf
Supprimé ! - C:\WINDOWS\Prefetch\825671.EXE-08632022.pf
Supprimé ! - C:\WINDOWS\Prefetch\LUCOMS~1.EXE-02DB5950.pf
Supprimé ! - C:\WINDOWS\Prefetch\10846312.EXE-2F992E14.pf
Supprimé ! - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf
Supprimé ! - C:\WINDOWS\Prefetch\MAKEBT32.EXE-0336C647.pf
Supprimé ! - C:\WINDOWS\Prefetch\OPWARE32.EXE-1F9EAC07.pf
Supprimé ! - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-119778A1.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-147710F4.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-16688198.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1EFB9777.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2049FE3A.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2138A4AF.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2207A89C.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
Supprimé ! - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf
Supprimé ! - C:\WINDOWS\Prefetch\457703.EXE-39DAB0BD.pf
Supprimé ! - C:\WINDOWS\Prefetch\868843.EXE-14B7E5C1.pf
Supprimé ! - C:\WINDOWS\Prefetch\14911234.EXE-3389E5E4.pf
Supprimé ! - C:\WINDOWS\Prefetch\873734.EXE-1986ED9E.pf
Supprimé ! - C:\WINDOWS\Prefetch\10839265.EXE-038B5A9F.pf
Supprimé ! - C:\WINDOWS\Prefetch\14790875.EXE-1A28E434.pf
Supprimé ! - C:\WINDOWS\Prefetch\48146015.EXE-286A2CE9.pf
Supprimé ! - C:\WINDOWS\Prefetch\352406.EXE-07036FF0.pf
Supprimé ! - C:\WINDOWS\Prefetch\48210296.EXE-1968F996.pf
Supprimé ! - C:\WINDOWS\Prefetch\FLEC006.EXE-298E62DF.pf
Supprimé ! - C:\WINDOWS\Prefetch\48205437.EXE-263F3A34.pf
Supprimé ! - C:\WINDOWS\Prefetch\14820578.EXE-049417E6.pf
Supprimé ! - C:\WINDOWS\Prefetch\884468.EXE-2752C568.pf
Supprimé ! - C:\WINDOWS\Prefetch\14835859.EXE-1269914F.pf
Supprimé ! - C:\WINDOWS\Prefetch\14917859.EXE-36B12C22.pf
Supprimé ! - C:\WINDOWS\Prefetch\14922750.EXE-16743478.pf
Supprimé ! - C:\WINDOWS\Prefetch\305140.EXE-0550D9C9.pf
Supprimé ! - C:\WINDOWS\Prefetch\339250.EXE-3714AC80.pf
Supprimé ! - C:\WINDOWS\Prefetch\48143140.EXE-219081AC.pf
Supprimé ! - C:\WINDOWS\Prefetch\48194890.EXE-24AD0A62.pf
Supprimé ! - C:\WINDOWS\Prefetch\519750.EXE-38B5D18A.pf
Supprimé ! - C:\WINDOWS\Prefetch\DWTRIG20.EXE-1B5A890A.pf
Supprimé ! - C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
Supprimé ! - C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Supprimé ! - C:\WINDOWS\Prefetch\MDELK.EXE-3482FBC5.pf
Supprimé ! - C:\WINDOWS\Prefetch\HLDRRR.EXE-106798BB.pf
»»»» Suppression des fichiers dans C:\WINDOWS\system32
»»»» Suppression des fichiers dans C:\WINDOWS\system32\drivers
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1029984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1035328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10719812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10722062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10730359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10758515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10762828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10827296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10829468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10833203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10845468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10874078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10883218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1095406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10967687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10972203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1097796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10983968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1128515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1141687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1186281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\11939406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\11947640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\12026765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\12037093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1205093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\12118281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1216531.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\13178156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\13182718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1364468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1379296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1381171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1405500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1409562.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14439796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14450203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14451812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14471109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14486046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14490031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1451640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14564703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14594171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14615718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1469937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14721468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14723281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14760062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14764234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14790875.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1480015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14811203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14811609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14813062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14829015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14839625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14848421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14857187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14891250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14901906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14903671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14906437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14908156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14922843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14934812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14935781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14937640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14938312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14939515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14940312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14954515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14982375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15002781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15008046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15011546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15019203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15106046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15107718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15130359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15133890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15191828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15201515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15418062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15418156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15420281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15420375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15453984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15459031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15464656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15470046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15506640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15518203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15529390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15540546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15541843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15562234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15563687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15573687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15586718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15589984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15647656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15658390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15925359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15926859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15947796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15951265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\16012500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\16030218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\16038953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\182515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18270515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18274015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18326609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18350546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18352125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18389265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18392843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18400203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18404171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18414656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18439109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\184406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18455718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18464718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\186218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\188812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1962125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1963812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\196484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\198734.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1996562.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2000968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2042250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2077140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2087296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2127328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2130015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\213171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2151187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2154531.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\218375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2193671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2213109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2222250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\222421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\222640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\225968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22783703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22785140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22825015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22829609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22870468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22888593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22898812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\229234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\231046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\231875.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\234406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\236671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\237781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\245890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\247625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\266343.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\267390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\267437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\269109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\269984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\272109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\273375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\277734.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\278718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\281312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\282625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\283234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\283843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\283859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\285312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2857125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2859312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\286031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\287031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\287500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2885140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2889375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\292109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2934265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2949781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2959296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\296000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\298171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\298468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30470609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30473750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\305140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30528609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30533031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\305718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30582468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30613843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30630218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\318343.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\321421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\323890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\327437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\327921.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\328078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32893859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32895968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32928937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32934390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32997546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\33020531.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\33029765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\331281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\331843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\332515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\332562.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\333687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\335000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\335218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\342703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\346843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\348406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\351203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\351859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\353937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\356156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\358796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\361140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\363281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\363484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\365234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\367046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\367796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3678421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3680468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3722890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3728828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37343296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37344906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37384734.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37388593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37430218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37460921.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37470328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37639406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37641703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37688078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37691703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37751312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37771593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\377718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\377906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3804546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3819265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3823000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3825281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3850171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3853937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38559890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38561671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38591000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38594765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\386187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38654281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38666546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\387890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\388125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\388171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3894812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3911156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3920406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\393140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\394109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39571296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39580515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39582281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\395859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\396031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39628656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39675937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39715296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39728515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\402093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\405296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\409171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\409796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\412265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\414375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\417718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\419468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42725812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42744937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42748218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42792390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42797500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42885453.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42890312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42900828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42904578.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42906234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42931953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42938218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42983859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\43011078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\43025078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\431890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\439687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\444640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\446546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\447687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\450859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\452093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\457703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\457968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\461218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\461281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\463062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\468375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\469828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\469953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\470031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\472640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\476750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\479406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\47956281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\47965984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\47968421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48025000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48031171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\480343.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48110484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48113781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48146015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48166062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48169031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48220671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48227187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48232796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48319656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48331500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\483671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\484593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\485718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\485968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\487484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\489031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\489328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\491843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\496187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\498203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\499953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\500234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\503156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\510390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\520359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\522750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\527046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\532187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\534671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\536500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\540656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\541015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\541640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\543609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\544968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\545796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\551843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\556078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\557687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\560671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\570421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\570781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\574406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\574671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\586703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\589921.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\590000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\602437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\614296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\614484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\628031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\643765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6509250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6512125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\653203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6543750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6549453.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\655421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6607125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6626796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\663906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6639312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\701984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\704093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\757203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\762265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\825671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\827796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\831046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\837515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\839890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\853578.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\855656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\856687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\869015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\871265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\874875.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\875312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\876843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\887375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\891703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\897656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\924359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\924593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\927125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\929218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\958671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\966625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\976968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\979218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\980265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\985031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\996781.exe
Supprimé ! - "C:\WINDOWS\system32\drivers\downld"
»»»» Suppression des fichiers dans C:\Documents and Settings\Michel\Application Data
»»»» Suppression des fichiers dans C:\DOCUME~1\Michel\LOCALS~1\Temp
--------------- [ Registre / Clés infecteuses ] ----------------
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
-> Certaines clés ont été supprimées au premier reboot ...
--------------- [ Etat / Redémarage des services ] ----------------
+- Mode sans echec restauré !
+- Services : [ Auto=2 Demande=3 Désactivé=4 ]
Ndisuio - Type de démarrage = 2
Wlansvc - Type de démarrage = 2
/!\ Ip6Fw - Type de démarrage = 4
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Nettoyage des supports amovibles ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
G: - Lecteur amovible
+- Suppression des fichiers :
Supprimé ! - G:\autorun.inf
Supprimé ! - G:\nideiect.com
--------------- [ Registre / Moutpoint2 ] ----------------
-> Recherche négative.
--------------- [ Recherche Cracks / Keygen ] ----------------
C:\Documents and Settings\Michel\Local Settings\Temporary Internet Files\Content.IE5\1BJMFURF\0-O1TSadUD-crack-s-[1].png
---------------- ! Fin du rapport ! ------------------
----------------- FindyKill V4.005 ------------------
* User : Michel - MG-96C3A46E401F
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 11/10/08 par Chiquitine29
* Suppression effectuée à 23:24:20 le 11/10/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** Suppression *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Suppression des fichiers dans C:
»»»» Suppression des fichiers dans C:\WINDOWS
»»»» Suppression des fichiers dans C:\WINDOWS\Prefetch
Supprimé ! - C:\WINDOWS\Prefetch\10861171.EXE-19FF75AD.pf
Supprimé ! - C:\WINDOWS\Prefetch\14841781.EXE-1463B013.pf
Supprimé ! - C:\WINDOWS\Prefetch\508281.EXE-347BED7B.pf
Supprimé ! - C:\WINDOWS\Prefetch\825671.EXE-08632022.pf
Supprimé ! - C:\WINDOWS\Prefetch\LUCOMS~1.EXE-02DB5950.pf
Supprimé ! - C:\WINDOWS\Prefetch\10846312.EXE-2F992E14.pf
Supprimé ! - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf
Supprimé ! - C:\WINDOWS\Prefetch\MAKEBT32.EXE-0336C647.pf
Supprimé ! - C:\WINDOWS\Prefetch\OPWARE32.EXE-1F9EAC07.pf
Supprimé ! - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-119778A1.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-147710F4.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-16688198.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1EFB9777.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2049FE3A.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2138A4AF.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2207A89C.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf
Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
Supprimé ! - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf
Supprimé ! - C:\WINDOWS\Prefetch\457703.EXE-39DAB0BD.pf
Supprimé ! - C:\WINDOWS\Prefetch\868843.EXE-14B7E5C1.pf
Supprimé ! - C:\WINDOWS\Prefetch\14911234.EXE-3389E5E4.pf
Supprimé ! - C:\WINDOWS\Prefetch\873734.EXE-1986ED9E.pf
Supprimé ! - C:\WINDOWS\Prefetch\10839265.EXE-038B5A9F.pf
Supprimé ! - C:\WINDOWS\Prefetch\14790875.EXE-1A28E434.pf
Supprimé ! - C:\WINDOWS\Prefetch\48146015.EXE-286A2CE9.pf
Supprimé ! - C:\WINDOWS\Prefetch\352406.EXE-07036FF0.pf
Supprimé ! - C:\WINDOWS\Prefetch\48210296.EXE-1968F996.pf
Supprimé ! - C:\WINDOWS\Prefetch\FLEC006.EXE-298E62DF.pf
Supprimé ! - C:\WINDOWS\Prefetch\48205437.EXE-263F3A34.pf
Supprimé ! - C:\WINDOWS\Prefetch\14820578.EXE-049417E6.pf
Supprimé ! - C:\WINDOWS\Prefetch\884468.EXE-2752C568.pf
Supprimé ! - C:\WINDOWS\Prefetch\14835859.EXE-1269914F.pf
Supprimé ! - C:\WINDOWS\Prefetch\14917859.EXE-36B12C22.pf
Supprimé ! - C:\WINDOWS\Prefetch\14922750.EXE-16743478.pf
Supprimé ! - C:\WINDOWS\Prefetch\305140.EXE-0550D9C9.pf
Supprimé ! - C:\WINDOWS\Prefetch\339250.EXE-3714AC80.pf
Supprimé ! - C:\WINDOWS\Prefetch\48143140.EXE-219081AC.pf
Supprimé ! - C:\WINDOWS\Prefetch\48194890.EXE-24AD0A62.pf
Supprimé ! - C:\WINDOWS\Prefetch\519750.EXE-38B5D18A.pf
Supprimé ! - C:\WINDOWS\Prefetch\DWTRIG20.EXE-1B5A890A.pf
Supprimé ! - C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
Supprimé ! - C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Supprimé ! - C:\WINDOWS\Prefetch\MDELK.EXE-3482FBC5.pf
Supprimé ! - C:\WINDOWS\Prefetch\HLDRRR.EXE-106798BB.pf
»»»» Suppression des fichiers dans C:\WINDOWS\system32
»»»» Suppression des fichiers dans C:\WINDOWS\system32\drivers
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1029984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1035328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10719812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10722062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10730359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10758515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10762828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10827296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10829468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10833203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10845468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10874078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10883218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1095406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10967687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10972203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1097796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\10983968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1128515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1141687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1186281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\11939406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\11947640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\12026765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\12037093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1205093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\12118281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1216531.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\13178156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\13182718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1364468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1379296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1381171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1405500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1409562.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14439796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14450203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14451812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14471109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14486046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14490031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1451640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14564703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14594171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14615718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1469937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14721468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14723281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14760062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14764234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14790875.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1480015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14811203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14811609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14813062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14829015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14839625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14848421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14857187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14891250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14901906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14903671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14906437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14908156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14922843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14934812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14935781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14937640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14938312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14939515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14940312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14954515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\14982375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15002781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15008046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15011546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15019203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15106046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15107718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15130359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15133890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15191828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15201515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15418062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15418156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15420281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15420375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15453984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15459031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15464656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15470046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15506640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15518203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15529390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15540546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15541843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15562234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15563687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15573687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15586718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15589984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15647656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15658390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15925359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15926859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15947796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\15951265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\16012500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\16030218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\16038953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\182515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18270515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18274015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18326609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18350546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18352125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18389265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18392843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18400203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18404171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18414656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18439109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\184406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18455718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\18464718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\186218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\188812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1962125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1963812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\196484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\198734.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\1996562.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2000968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2042250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2077140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2087296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2127328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2130015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\213171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2151187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2154531.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\218375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2193671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2213109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2222250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\222421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\222640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\225968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22783703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22785140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22825015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22829609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22870468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22888593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\22898812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\229234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\231046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\231875.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\234406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\236671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\237781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\245890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\247625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\266343.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\267390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\267437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\269109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\269984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\272109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\273375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\277734.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\278718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\281312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\282625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\283234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\283843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\283859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\285312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2857125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2859312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\286031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\287031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\287500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2885140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2889375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\292109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2934265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2949781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\2959296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\296000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\298171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\298468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30470609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30473750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\305140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30528609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30533031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\305718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30582468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30613843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\30630218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\318343.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\321421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\323890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\327437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\327921.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\328078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32893859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32895968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32928937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32934390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\32997546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\33020531.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\33029765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\331281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\331843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\332515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\332562.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\333687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\335000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\335218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\342703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\346843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\348406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\351203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\351859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\353937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\356156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\358796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\361140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\363281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\363484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\365234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\367046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\367796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3678421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3680468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3722890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3728828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37343296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37344906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37384734.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37388593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37430218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37460921.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37470328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37639406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37641703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37688078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37691703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37751312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\37771593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\377718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\377906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3804546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3819265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3823000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3825281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3850171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3853937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38559890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38561671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38591000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38594765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\386187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38654281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\38666546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\387890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\388125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\388171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3894812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3911156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\3920406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\393140.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\394109.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39571296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39580515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39582281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\395859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\396031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39628656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39675937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39715296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\39728515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\402093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\405296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\409171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\409796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\412265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\414375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\417718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\419468.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42725812.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42744937.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42748218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42792390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42797500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42885453.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42890312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42900828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42904578.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42906234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42931953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42938218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\42983859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\43011078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\43025078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\431890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\439687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\444640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\446546.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\447687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\450859.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\452093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\457703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\457968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\461218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\461281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\463062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\468375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\469828.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\469953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\470031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\472640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\476750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\479406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\47956281.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\47965984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\47968421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48025000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48031171.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\480343.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48110484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48113781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48146015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48166062.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48169031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48220671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48227187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48232796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48319656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\48331500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\483671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\484593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\485718.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\485968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\487484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\489031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\489328.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\491843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\496187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\498203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\499953.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\500234.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\503156.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\510390.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\520359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\522750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\527046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\532187.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\534671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\536500.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\540656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\541015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\541640.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\543609.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\544968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\545796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\551843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\556078.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\557687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\560671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\570421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\570781.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\574406.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\574671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\586703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\589921.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\590000.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\602437.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\614296.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\614484.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\628031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\643765.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6509250.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6512125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\653203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6543750.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6549453.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\655421.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6607125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6626796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\663906.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\6639312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\701984.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\704093.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\757203.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\762265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\825671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\827796.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\831046.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\837515.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\839890.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\853578.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\855656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\856687.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\869015.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\871265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\874875.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\875312.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\876843.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\887375.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\891703.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\897656.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\924359.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\924593.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\927125.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\929218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\958671.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\966625.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\976968.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\979218.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\980265.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\985031.exe
Supprimé ! - C:\WINDOWS\system32\drivers\downld\996781.exe
Supprimé ! - "C:\WINDOWS\system32\drivers\downld"
»»»» Suppression des fichiers dans C:\Documents and Settings\Michel\Application Data
»»»» Suppression des fichiers dans C:\DOCUME~1\Michel\LOCALS~1\Temp
--------------- [ Registre / Clés infecteuses ] ----------------
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
-> Certaines clés ont été supprimées au premier reboot ...
--------------- [ Etat / Redémarage des services ] ----------------
+- Mode sans echec restauré !
+- Services : [ Auto=2 Demande=3 Désactivé=4 ]
Ndisuio - Type de démarrage = 2
Wlansvc - Type de démarrage = 2
/!\ Ip6Fw - Type de démarrage = 4
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Nettoyage des supports amovibles ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
G: - Lecteur amovible
+- Suppression des fichiers :
Supprimé ! - G:\autorun.inf
Supprimé ! - G:\nideiect.com
--------------- [ Registre / Moutpoint2 ] ----------------
-> Recherche négative.
--------------- [ Recherche Cracks / Keygen ] ----------------
C:\Documents and Settings\Michel\Local Settings\Temporary Internet Files\Content.IE5\1BJMFURF\0-O1TSadUD-crack-s-[1].png
---------------- ! Fin du rapport ! ------------------
Utilisateur anonyme
11 oct. 2008 à 23:40
11 oct. 2008 à 23:40
telecharge ce fichier :
http://sd-1.archive-host.com/membres/up/116615172019703188/repair.rar
dezippe le (extarire)
double clic sur repair.bat
ensuite verife ton ipod et ton wifi/connection
puis :
Télécharge HijackThis (outils de dignostic) ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
http://sd-1.archive-host.com/membres/up/116615172019703188/repair.rar
dezippe le (extarire)
double clic sur repair.bat
ensuite verife ton ipod et ton wifi/connection
puis :
Télécharge HijackThis (outils de dignostic) ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
Alors tout d'abord, j'ai bien dézippé le fichier repair, mais quand je clique dessus, il s'ouvre et se quitte immédiatement, je ne sais pas si c'est normal ou pas?
Mais sinon, j'avais reessayé avant d'ouvrir mon ipod et ça marchait! et là ça marche toujours.
Pour la suite, voila la note :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:45:22, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8579AC-918A-4AF7-92EE-3831E28FD6E2}: NameServer = 111.111.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AF204C-BA1B-41D9-A883-2AC9B5E645AF}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
Mais sinon, j'avais reessayé avant d'ouvrir mon ipod et ça marchait! et là ça marche toujours.
Pour la suite, voila la note :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:45:22, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8579AC-918A-4AF7-92EE-3831E28FD6E2}: NameServer = 111.111.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AF204C-BA1B-41D9-A883-2AC9B5E645AF}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
D'accord, je vais faire tout ça demain, je suis fatigué!
Merci pour cette aide rapide.
Je poste la suite demain.
Merci pour cette aide rapide.
Je poste la suite demain.
Bonjour,
Alors, j'ai bien désinstallé avast! (j'ai du passer en mode sans echec car le fichier aswclear que j'avais téléchargé pr désinstaller avast ne voulait pas se lancer en mode normal).
Puis j'ai téléchargé Antivir, je l'ai installé. Puis Malwarebytes.
Et j'ai lancé le scan du pc et j'ai également coché pr scanner l'ipod, mais c'est très long pr l'ipod, il scanne toutes les musiques. Est ce nécessaire de laisser scanner tout l'ipod car je pense qu'il y en a encore pour un moment, alors qu'il a fini pr le pc. ?!
Alors, j'ai bien désinstallé avast! (j'ai du passer en mode sans echec car le fichier aswclear que j'avais téléchargé pr désinstaller avast ne voulait pas se lancer en mode normal).
Puis j'ai téléchargé Antivir, je l'ai installé. Puis Malwarebytes.
Et j'ai lancé le scan du pc et j'ai également coché pr scanner l'ipod, mais c'est très long pr l'ipod, il scanne toutes les musiques. Est ce nécessaire de laisser scanner tout l'ipod car je pense qu'il y en a encore pour un moment, alors qu'il a fini pr le pc. ?!
Alors, ça y est, enfin fini.
Voila le rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1259
Windows 5.1.2600 Service Pack 2
12/10/2008 21:49:07
mbam-log-2008-10-12 (21-49-07).txt
Type de recherche: Examen complet (C:\|D:\|G:\|)
Eléments examinés: 145833
Temps écoulé: 10 hour(s), 32 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 145
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\Sonia\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Sonia\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GatherBird Tell Me When A File Changes 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GatherInfo Suite 2006 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gatineau Park in 360 degrees 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gator 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gator Adware Removal Tool 1.0.2.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gator News Ticker 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GATree 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gattaca Server 1.25.54.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAUDI 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GaugeBuilder 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gauguin Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAUMONT 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gauss 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GaussSum 2.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gaviri PocketSearch 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAVSubmit 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAX Professional 3.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAX reloaded 1.00.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GaX Unit Converter 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gaysenger 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazebo In The Snow Demo Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazo Digi-Book 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Desktop Clock II 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz File Manager 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Interest Calculator 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Memory Monitor 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Reboot 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Temp Cleaner 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gazzarelli font 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazzebot 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GB-PVR 1.2.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GB0-180 - Huawei Certified Network Engineer Practice Exam Questions 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gb2Big 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBand 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbAnimator 5.5.282.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbCase 2.1.30.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbCodeLib 9.0.188.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbData 2.0.122.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbFind 7.1.319.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbGallery 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbGallery Lite 4.2.245.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBK Music 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbNavigate 2.1.59.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbOfficeTimer 7.2.232.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBookmarks via Right Click 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbPlot 4.0.220.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gBrain 0.5.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbRegistry 1.3.28.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbReplace 4.1.27.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbSIRTS 2.5.105.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbText 5.3.269.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBTimelapse 2.0.20.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gBurner 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GButts 1.4.8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbVRML 10.1.424.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbWebCam 5.5.281.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbWebCam Lite 5.5.288.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbXML 1.2.189.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GC TrayMaster 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gCAD3D 1.0.82.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCALDaemon 1.0 Beta 16.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCalQuickTab 0.3.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gccc 1.152.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCChk 1.3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCD 1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCH Guitar Academy course (Unit 1) 3.50.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GChorus 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GClip 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GcMail 4.0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gcmd 1.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCMNotes 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCN 2.9.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GComp 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GComp2 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCompris 8.3BETA3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GConvert 5.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCPUID 2.0.0122.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS Budget 1.03.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS DayCare 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS DentOffice 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS GPS Simulator 2.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS MedOffice 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS MedSup 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS MedTrans 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS TrayClock 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCstar 1.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gd 2.0.34.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GD Color Converter 1.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GD Splitter 1.0.0.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GD Winamp Control 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDataPipe 1.0.0.750.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdCipher 1.0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDelay 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDI Watch 1.1.1.211.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdImageBox ActiveX - Image Viewer OCX 2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdImageBox Pro - Image Viewer ActiveX 2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdIMDbImporter Lite 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDirections 1.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDIView 1.03.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gDocsBar 0.5.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gdow 1.020070401.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gdow 2007 2008.0422.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdPicture Light OCX 4.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdPicture Pro Image OCX 5.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdPoll 1.1.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdRSS Reader 2.1.0.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS 2000 PRO 1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS Child Menu 4.0.0.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS Images and Document Maps 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS Utilities 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdShredder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdShutdown2 2.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDSIIExporter 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdsViewer 2.0.129.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdTwain OCX 1.10.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdTwain PRO OCX 1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdTwain Pro SDK Twain ActiveX Control 1.4.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDuckDly 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdViewer OCX 4.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdViewer Pro OCX - Image Viewer ActiveX 4.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE Express 0.1.2 Beta.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE Replica 1.2.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE Tree Trunk 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE-Graph 2.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE-Path 1.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Geant4 8.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Geany 0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GEAR CD-RW 7.02 RC3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GEAR DVD 7.02 RC3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\~$RD2736.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\~WRD2736.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\mpa03708.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\b8de_appcompat.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CarteVitale.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CV_BernardGuerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CV_BernardGuerbet2.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CV_Xavier GUERBET.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_Allianz_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_EDF_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_Natixis_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_Total_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
Voila le rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1259
Windows 5.1.2600 Service Pack 2
12/10/2008 21:49:07
mbam-log-2008-10-12 (21-49-07).txt
Type de recherche: Examen complet (C:\|D:\|G:\|)
Eléments examinés: 145833
Temps écoulé: 10 hour(s), 32 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 145
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\Sonia\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Sonia\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GatherBird Tell Me When A File Changes 1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GatherInfo Suite 2006 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gatineau Park in 360 degrees 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gator 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gator Adware Removal Tool 1.0.2.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gator News Ticker 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GATree 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gattaca Server 1.25.54.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAUDI 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GaugeBuilder 1.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gauguin Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAUMONT 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gauss 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GaussSum 2.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gaviri PocketSearch 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAVSubmit 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAX Professional 3.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GAX reloaded 1.00.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GaX Unit Converter 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gaysenger 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazebo In The Snow Demo Screensaver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazo Digi-Book 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Desktop Clock II 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz File Manager 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Interest Calculator 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Memory Monitor 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Reboot 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazz Temp Cleaner 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gazzarelli font 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gazzebot 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GB-PVR 1.2.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GB0-180 - Huawei Certified Network Engineer Practice Exam Questions 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gb2Big 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBand 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbAnimator 5.5.282.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbCase 2.1.30.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbCodeLib 9.0.188.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbData 2.0.122.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbFind 7.1.319.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbGallery 4.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbGallery Lite 4.2.245.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBK Music 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbNavigate 2.1.59.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbOfficeTimer 7.2.232.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBookmarks via Right Click 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbPlot 4.0.220.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gBrain 0.5.4.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbRegistry 1.3.28.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbReplace 4.1.27.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbSIRTS 2.5.105.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbText 5.3.269.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GBTimelapse 2.0.20.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gBurner 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GButts 1.4.8.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbVRML 10.1.424.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbWebCam 5.5.281.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbWebCam Lite 5.5.288.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gbXML 1.2.189.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GC TrayMaster 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gCAD3D 1.0.82.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCALDaemon 1.0 Beta 16.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCalQuickTab 0.3.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gccc 1.152.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCChk 1.3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCD 1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCH Guitar Academy course (Unit 1) 3.50.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GChorus 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GClip 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GcMail 4.0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gcmd 1.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCMNotes 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCN 2.9.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GComp 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GComp2 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCompris 8.3BETA3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GConvert 5.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCPUID 2.0.0122.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS Budget 1.03.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS DayCare 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS DentOffice 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS GPS Simulator 2.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS MedOffice 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS MedSup 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS MedTrans 9.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCS TrayClock 2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GCstar 1.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gd 2.0.34.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GD Color Converter 1.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GD Splitter 1.0.0.18.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GD Winamp Control 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDataPipe 1.0.0.750.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdCipher 1.0.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDelay 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDI Watch 1.1.1.211.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdImageBox ActiveX - Image Viewer OCX 2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdImageBox Pro - Image Viewer ActiveX 2.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdIMDbImporter Lite 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDirections 1.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDIView 1.03.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gDocsBar 0.5.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gdow 1.020070401.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Gdow 2007 2008.0422.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdPicture Light OCX 4.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdPicture Pro Image OCX 5.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdPoll 1.1.1.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdRSS Reader 2.1.0.9.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS 2000 PRO 1.06.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS Child Menu 4.0.0.10.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS Images and Document Maps 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDS Utilities 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdShredder 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\gdShutdown2 2.0.0.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDSIIExporter 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdsViewer 2.0.129.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdTwain OCX 1.10.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdTwain PRO OCX 1.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdTwain Pro SDK Twain ActiveX Control 1.4.5.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GDuckDly 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdViewer OCX 4.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GdViewer Pro OCX - Image Viewer ActiveX 4.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE Express 0.1.2 Beta.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE Replica 1.2.0.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE Tree Trunk 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE-Graph 2.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GE-Path 1.4.2.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Geant4 8.3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\Geany 0.11.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GEAR CD-RW 7.02 RC3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonia\Application Data\m\shared\GEAR DVD 7.02 RC3.zip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\~$RD2736.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\~WRD2736.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\mpa03708.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Local Settings\Temp\b8de_appcompat.txt (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CarteVitale.jpg (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CV_BernardGuerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CV_BernardGuerbet2.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\CV_Xavier GUERBET.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_Allianz_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_EDF_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_Natixis_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
C:\Documents and Settings\Xavier\Bureau\LettreDeMotivation_Total_bernardguerbet.doc (Trojan.Extension.Exploit) -> Quarantined and deleted successfully.
Utilisateur anonyme
12 oct. 2008 à 22:07
12 oct. 2008 à 22:07
en effet 10 H ....
réouvre malewarebyte
va sur quaranatine
supprime tout
refais sun scan hijackthi spost le rapport et on termine
réouvre malewarebyte
va sur quaranatine
supprime tout
refais sun scan hijackthi spost le rapport et on termine
Oui, c'est l'analyse de l'ipod qui a mis environ 7h (je pense que c'est parce que je l'avais branché à un port qui n'est pas rapide).
Voila le rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:44, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1343024091-1220945662-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Caroline')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 User Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8579AC-918A-4AF7-92EE-3831E28FD6E2}: NameServer = 111.111.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AF204C-BA1B-41D9-A883-2AC9B5E645AF}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
Voila le rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:44, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1343024091-1220945662-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Caroline')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 User Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8579AC-918A-4AF7-92EE-3831E28FD6E2}: NameServer = 111.111.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AF204C-BA1B-41D9-A883-2AC9B5E645AF}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
Oui, c'est l'analyse de l'ipod qui a mis environ 7h (je pense que c'est parce que je l'avais branché à un port qui n'est pas rapide).
Voila le rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:44, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1343024091-1220945662-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Caroline')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 User Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8579AC-918A-4AF7-92EE-3831E28FD6E2}: NameServer = 111.111.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AF204C-BA1B-41D9-A883-2AC9B5E645AF}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
Voila le rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:44, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1343024091-1220945662-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Caroline')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - S-1-5-21-1343024091-1220945662-682003330-1006 User Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip\uzqkst.exe (User 'Caroline')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8579AC-918A-4AF7-92EE-3831E28FD6E2}: NameServer = 111.111.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8AF204C-BA1B-41D9-A883-2AC9B5E645AF}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)