Se connecter / S'enregistrer
Votre question

Avast pas une aplication win32 valide

Tags :
  • Avast
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Décembre 2008 13:03:51

Bonjour :)  ,

Je fais appel à vous car j'ai attrapé un virus depuis 2 jours et je n'arrive pas à m'en débarrasser :pt1cable:  .
En faisant une mauvaise manip j'ai voulu supprimer un fichier douteux et je l'ai ouvert. Sanction immédiate: mon antivirus Avast s'est affolé :bounce:  .
J'ai éteint l'ordinateur et quand je l'ai rallumé l'icône de fonctionnement d'Avast avait disparu.
J'ai désinstallé Avast, je l'ai téléchargé à nouveau et je l'ai installé et relancé.
C'est là que j'ai eu le message "Avast n'est pas une application win32 valide" :kaola: 
En naviguant sur le forum j'ai vu que mon problème était connu et venait probablement du virus Bagle.
J'ai suivi quelques sujets et suivant les conseils j'ai chargé Findykill que j'ai exécuté.
J'ai eu droit 8 fois à une fenêtre "Windows - pas de disque" qui disait "Exception Processing Message 0xc0000013 Parameters 0x756192A0 0x00000004 0x756192A0 0x756192A0"
J'ai cliqué sur "continuer" et j'y ai eu droit encore 4 fois.
Enfin j'ai eu le rapport que je copie ci-dessous:

:love:  MERCI DE VOUS INTERESSER A MON PROBLEME :love: 

----------------- FindyKill V4.710 ------------------

* User : Jacques - JACQUES_BUREAU
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 12:37:14 le 22/12/2008
* Windows Vista - Internet Explorer 7.0.6001.18000

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Windows\system32\sdclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\Windows


»»»» Presence des fichiers dans C:\Windows\Prefetch

Found ! - C:\Windows\prefetch\20081025.EXE-844359FE.pf

»»»» Presence des fichiers dans C:\Windows\system32

Found ! [22/12/2008 10:19] - C:\Windows\system32\mdelk.exe
Found ! [22/12/2008 10:19] - C:\Windows\system32\wintems.exe
Found ! [22/12/2008 12:20] - C:\Windows\system32\ban_list.txt

»»»» Presence des fichiers dans C:\Windows\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\Windows\system32\drivers


»»»» Presence des fichiers dans C:\Users\Jacques\AppData\Roaming

Found ! [22/12/2008 01:44] - "C:\Users\Jacques\AppData\Roaming\m\flec006.exe"
Found ! [22/12/2008 01:44] - "C:\Users\Jacques\AppData\Roaming\m\list.oct"
Found ! [22/12/2008 01:44] - "C:\Users\Jacques\AppData\Roaming\m\data.oct"
Found ! [22/12/2008 01:44] - "C:\Users\Jacques\AppData\Roaming\m\srvlist.oct"
Found ! [22/12/2008 10:20] - "C:\Users\Jacques\AppData\Roaming\m\shared"
Found ! [21/12/2008 00:04] - "C:\Users\Jacques\AppData\Roaming\m"
Found ! [21/12/2008 00:03] - "C:\Users\Jacques\AppData\Roaming\drivers"
Found ! [22/12/2008 10:19] - "C:\Users\Jacques\AppData\Roaming\drivers\srosa.sys"
Found ! [22/12/2008 10:19] - "C:\Users\Jacques\AppData\Roaming\drivers\srosa2.sys"
Found ! [12/05/2006 10:03] - "C:\Users\Jacques\AppData\Roaming\drivers\winupgro.exe"
Found ! [22/12/2008 10:25] - "C:\Users\Jacques\AppData\Roaming\drivers\downld"
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\114364.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\115191.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\122148.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\122335.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\122429.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\122601.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\126969.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\128108.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\128420.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\130073.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\130229.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\132273.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\133443.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\133552.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\135284.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\136251.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\136828.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\136859.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\136875.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\136890.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\137717.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\138014.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\140525.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\140962.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\141118.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\141243.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\141321.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\142522.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\143364.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\143567.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\143786.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\143879.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\143895.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\144066.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\144113.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\144285.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\144503.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\145252.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\145954.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14735214.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14740752.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14743264.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14749052.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14752749.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14766227.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14767335.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14768068.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14773466.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14774199.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14774605.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14776289.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14776726.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14777069.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14782685.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14783029.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14783372.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14796632.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14804978.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839579.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839626.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839641.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839688.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839704.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14851607.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14852418.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14852605.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853057.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853479.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853759.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853962.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14854477.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14854727.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14854930.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14855413.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14855866.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14874508.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14874929.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14874976.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14875256.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14875319.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14875646.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14891777.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14892666.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14893041.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14895880.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14902791.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14903836.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14904257.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14910528.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14924412.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14924709.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14925192.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14925536.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\149277.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14937750.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14937906.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\14937984.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\150728.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\151133.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\151180.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\151242.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\152163.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\152256.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\152319.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\152600.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\152771.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\153052.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\153161.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\153380.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\153520.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\153754.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\155626.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\155673.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\155876.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157249.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157389.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157467.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157483.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157576.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157779.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\157841.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\158309.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\158387.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\158419.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\158684.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\160696.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\161445.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\161554.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\161617.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\161663.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\161773.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\161929.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\162272.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\162599.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\163161.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\163177.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\163301.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\163551.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\163567.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\164581.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\165641.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\166780.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167030.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167092.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167420.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167545.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167779.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167872.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\167888.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\168122.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\168325.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\168340.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\168449.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\169775.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\170134.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\171757.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\172755.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\172786.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\172927.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\173083.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\173129.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\173176.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\174206.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\174253.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\174284.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\174752.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\174767.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\175235.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\175984.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\176795.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\177029.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\177185.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\177497.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\177841.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\178293.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\178917.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\179307.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\182770.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\182786.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\183722.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\183737.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\184049.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\184065.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\184564.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\187419.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\194002.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\201880.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\203238.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\205032.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\205531.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\205656.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\207262.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\209041.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\211116.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\211662.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\212395.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\213518.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\213534.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\227355.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\228666.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\229118.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\229867.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\230600.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\231053.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\232831.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\233330.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\233502.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\233517.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\233642.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\234017.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\234048.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\234297.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\234313.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\239523.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\240569.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\240693.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\241910.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\242409.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\242581.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\242753.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\243189.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\243267.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\243798.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\243829.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\243845.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\246091.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\246512.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\246965.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\247401.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\247807.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\247854.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\247869.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\247979.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\247994.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\248291.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\248337.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\248493.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\248634.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\248759.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\248852.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249024.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249039.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249117.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249133.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249180.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249523.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249570.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\249929.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\250022.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\250272.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\250397.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\250459.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\251036.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\251723.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\251879.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\252347.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\252394.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\252721.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\253501.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\253642.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\254718.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\254734.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\254749.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\254874.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\255155.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\255326.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\255420.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\255826.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\255966.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256028.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256075.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256325.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256418.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256543.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256621.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256762.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\256777.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\257042.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\257120.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\257214.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\257245.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\257495.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\257838.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\258025.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\258150.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\258290.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\258478.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\258634.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\259492.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\260521.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\260974.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\261535.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\261816.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\262471.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\262783.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\262924.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\263236.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\263953.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\264702.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\265139.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\266371.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\267260.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\267713.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\268415.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\269179.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\269632.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\270692.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\271332.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\271426.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\271660.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\271691.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\271738.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\271769.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\272096.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\272330.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\272393.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\272658.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\272720.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\276012.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\276589.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\276823.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\276886.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277073.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277260.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277338.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277478.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277666.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277822.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277931.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\277946.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\278009.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\278258.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\282159.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\282486.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\282814.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\283672.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\284343.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\284670.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\285263.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\286932.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\287697.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\288071.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\288399.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\289725.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\290083.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\291066.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\291175.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\291565.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\291612.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\292002.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\292423.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\292798.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29327907.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29328546.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29328562.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29334225.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29340075.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29340543.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29340574.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29342586.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29344022.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29344427.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29346752.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29352492.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29353038.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29353428.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29354754.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29355503.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29355956.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29363990.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29364364.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29364723.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29385377.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423769.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423816.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423832.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423847.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29435407.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29435703.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29436312.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29436733.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29436764.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29437185.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29437482.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29437887.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29438215.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29438558.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29438667.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29439011.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\294436.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\294498.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29457434.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29457902.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29458230.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29460258.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29460586.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29460913.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29472223.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29478104.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29482784.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29483003.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29483798.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29483908.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29484188.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29484282.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511723.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511847.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511941.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511988.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29512019.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\29512066.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\295247.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\295465.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\297759.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\299350.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\299865.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\300099.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\300473.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\300816.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\301206.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\301955.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\302361.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\302407.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\302891.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\303000.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\303765.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\303858.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\304233.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\304295.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\304669.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\305262.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\305621.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\306994.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\308179.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\309349.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\309724.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\310395.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\311050.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\311331.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\311892.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\312470.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\312594.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\312891.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\316182.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\317618.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\318476.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\319006.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\321642.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\322173.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\322625.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\322890.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\323187.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\323624.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\323702.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\326120.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\327742.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\328179.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\328257.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\329224.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\329255.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\329380.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\329396.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\329458.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\329474.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332172.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332531.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332578.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332609.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332640.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332765.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332843.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\332984.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\333062.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\334731.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\335854.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\336306.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\336369.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\336977.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\337835.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\337991.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\338069.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\340940.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\341111.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\341189.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\343795.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\344278.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\344387.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\346634.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\346790.exe
Found ! [22/12/2008 10:25] - C:\Users\Jacques\AppData\Roaming\drivers\downld\346868.exe

»»»» Presence des fichiers dans C:\Users\Jacques\AppData\Local\Temp


»»»» Presence des fichiers dans C:\Users\Jacques\Local Settings\Temporary Internet Files\Content.IE5

Found ! [21/12/2008 09:51] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64[1].jpg
Found ! [22/12/2008 10:22] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_1[1].jpg
Found ! [21/12/2008 17:59] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_2[1].jpg
Found ! [22/12/2008 10:22] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_2[2].jpg
Found ! [21/12/2008 09:50] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[1].jpg
Found ! [21/12/2008 19:34] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[2].jpg
Found ! [22/12/2008 01:23] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[3].jpg
Found ! [22/12/2008 01:23] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[4].jpg
Found ! [22/12/2008 01:43] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[6].jpg
Found ! [21/12/2008 13:54] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64[1].jpg
Found ! [22/12/2008 10:20] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64[2].jpg
Found ! [21/12/2008 13:56] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[1].jpg
Found ! [21/12/2008 23:20] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[2].jpg
Found ! [21/12/2008 23:20] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[3].jpg
Found ! [22/12/2008 01:45] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[4].jpg
Found ! [21/12/2008 09:53] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[1].jpg
Found ! [21/12/2008 17:59] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[2].jpg
Found ! [21/12/2008 19:37] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[3].jpg
Found ! [22/12/2008 01:46] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[4].jpg
Found ! [21/12/2008 17:57] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_3[1].jpg
Found ! [21/12/2008 23:18] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_3[2].jpg
Found ! [22/12/2008 10:19] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_3[3].jpg
Found ! [21/12/2008 09:51] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[1].jpg
Found ! [21/12/2008 13:54] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[2].jpg
Found ! [21/12/2008 23:18] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[3].jpg
Found ! [21/12/2008 23:18] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[4].jpg
Found ! [22/12/2008 01:23] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[5].jpg
Found ! [22/12/2008 01:44] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[6].jpg
Found ! [21/12/2008 09:53] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_1[1].jpg
Found ! [21/12/2008 09:53] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_1[2].jpg
Found ! [21/12/2008 13:56] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[1].jpg
Found ! [21/12/2008 19:37] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[2].jpg
Found ! [21/12/2008 23:20] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[3].jpg
Found ! [22/12/2008 01:46] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[4].jpg
Found ! [21/12/2008 17:57] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_3[1].jpg
Found ! [21/12/2008 17:57] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64[1].jpg
Found ! [22/12/2008 01:23] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64[2].jpg
Found ! [21/12/2008 17:59] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[1].jpg
Found ! [21/12/2008 17:59] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[2].jpg
Found ! [21/12/2008 19:37] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[3].jpg
Found ! [21/12/2008 19:37] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[4].jpg
Found ! [22/12/2008 10:22] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[5].jpg
Found ! [21/12/2008 13:56] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_2[1].jpg
Found ! [21/12/2008 09:50] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_3[1].jpg
Found ! [21/12/2008 13:54] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_3[2].jpg
Found ! [22/12/2008 01:23] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_3[3].jpg
Found ! [15/06/2008 22:04] - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0LNDZZME\A9O6P0RCALOBV2ECASAGBVXCA5L3ARJCA6UH648CA4V26GSCA0KN1AGCAUK0LLVCAZINNF7CA06OJ38CAQYK82QCA7NVIO7CAI58240CAB6461SCAIH02BKCAE9BP8DCAL4HD6MCAQXAMFOCAJCE8D0.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Acer Tour Reminder=C:\Acer\AcerTour\Reminder.exe
CollaborationHost=C:\Windows\system32\p2phost.exe -s
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Picasa Media Detector=C:\Program Files\Picasa2\PicasaMediaDetector.exe
<NO NAME>=
BTCLiveUpdate="C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
Acer Tour=
Acer Empowering Technology Monitor=C:\Acer\Empowering Technology\SysMonitor.exe
eDataSecurity Loader=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PCMService="C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
WarReg_PopUp=C:\Acer\WR_PopUp\WarReg_PopUp.exe
eRecoveryService=
Acer Tour Reminder=C:\Acer\AcerTour\Reminder.exe
Apanel=C:\ACERSW\config\NewSetApanel.cmd
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Windows Mobile Device Center=%windir%\WindowsMobile\wmdc.exe
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
RtHDVCpl=RtHDVCpl.exe
CanonSolutionMenu=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
CanonMyPrinter=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\key_generator]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Reminder]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\SkyTel]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Viewer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\Local AppWizard-Generated Applications\key_generator
Found ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\key_generator
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\FFC
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

Wlansvc - Type de démarrage = 3

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4

/!\ WinDefend - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe
D: - Lecteur fixe
J: - Lecteur fixe
K: - Lecteur fixe
L: - Lecteur fixe

+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------


Autres pages sur : avast aplication win32 valide

22 Décembre 2008 13:06:58

Re,

Relance FindyKill en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.


Note : Un redémarrage est parfois nécessaire, FindyKill vous enverra un message si cela est nécessaire.
22 Décembre 2008 13:11:57

Bonjour,
Merci de prendre mes soucis en compte!
Je lance Findykill et je reposte le rapport.
A tout'
Contenus similaires
22 Décembre 2008 13:36:38

Voilà le second rapport:



----------------- FindyKill V4.710 ------------------

* User : Jacques - JACQUES_BUREAU
* executed from : C:\Program Files\FindyKill
* Update on 21/12/08 par Chiquitine29
* Start at 13:15:16 the 22/12/2008
* Windows Vista - Internet Explorer 7.0.6001.18000


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\Windows


»»»» Supression files in C:\Windows\Prefetch

Deleted ! - C:\Windows\prefetch\20081025.EXE-844359FE.pf

»»»» Supression files in C:\Windows\system32

Deleted ! - C:\Windows\system32\mdelk.exe
Deleted ! - C:\Windows\system32\wintems.exe
Deleted ! - C:\Windows\system32\ban_list.txt

»»»» Supression files in C:\Windows\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\Windows\system32\drivers

Deleted ! - C:\Windows\system32\drivers\srosa.sys
Deleted ! - C:\Windows\system32\drivers\srosa2.sys

»»»» Supression files in C:\Users\Jacques\AppData\Roaming

Deleted ! - "C:\Users\Jacques\AppData\Roaming\m\flec006.exe"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\m\list.oct"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\m\data.oct"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\m\srvlist.oct"
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\A-Key Calculator 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Aberration 1.02.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Act History & PopUp Killer 4.03.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Active WMV Video Splitter 1.3.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Adesign 1.5.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Agile MPEG Video Converter 2.9.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Alert Message Box 5.0.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\All in One SECRETMAKER 2007 5.0.7.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Altdo MOV to AVI WMV DVD Converter&Burner 8.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\AlwaysOnLine 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Australian Landscapes 02 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\AutoPage Plug-in for Adobe Acrobat 1.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\avast.4.antivirus.pro..+.firewall.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Avast.Professional.v4.6.731.WinALL.Keymaker-CORE-Only.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Azerbaijani Before You Know It Lite 3.6.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Battery Monitor 1.0.0.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\BDA WebCam 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Beautiful Rainbow Screensaver 3.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Binary Clock Gadget 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\BlueSense SDK 1.0 Rev.1692.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Boo! Theme.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Bulents Screen Recorder 4.2.15.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\CipherBox 0.1.25.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\CoffeeCup Effects Factory 2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\ColorSafe 1.5.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Colour Wizard 1.02.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Commando Sound Byte Assistant 0.8.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Compulator 1.9.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Crack Killer 1.20.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\D.Chronos PSP Stenography System 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\dBpowerAMP Music Converter 13.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Desktop Armor 1.3a.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Development Site toolbar for IE 4.5.134.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Earthquake 3D 2.44.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Easy HTML To Any Script Converter 3.0.0 Build 037.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\EasyClone 2008 Standard 5.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\EasyNN-plus 10.0a.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Easypad 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Edition.7.BearShare.4.serial.all.versions.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Embargo 001.003.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\EMCO Remote CmdLine 1.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Excel Export To Image (GIF) Software 7.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\FictionBook Writer 2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Find In Context 2.00.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Free Barbie Wallpaper 3 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Funny Pictures Screensaver 2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Garbage Sweeper 2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Go2Text 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Grapher.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Icon Ext 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\ICQ Maxthon Plugin 1.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\IMatch 3.6.0.63.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\IMVU 403.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Ini Files Manager 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Intel Hex File Compare 1.4.0.297.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\InTex MP3 Converter 3.01.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\iRejectTrash 1.03.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Kaspersky Anti-Virus Personal v5.0.388 - spanish.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Kaspersky.Anti-Virus.Personal.Pro.v5.0.383_Key.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Kaspersky.AntiVirus.Personal.5.0.142.Ita.con.manuale.e.key.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\KeyboardTest 3.0 Build 1000.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Keyfinder Package 1.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Keylogger Killer 1.5.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Liberty BASIC for Windows 4.03.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\McAfee_AntiSpyware_2_1_112_Enterprise.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Messenger Journaling 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Model Builder for Excel 2.2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\MorseCat 2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\MultiTranse 5.2.4.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\NanoTools 1.8.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\NaviblogFM Player 1.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Noisy Emailer 3.0.0.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\NuGenSQLWorks.NET 1.3.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Opera.Mobile.Browser.8.60u2..for.WM5.0.Pocket.PC.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Pack It! 1.4.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\panda.antivirus.platinum.6.04.00.keygen.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Personalised Plates 2006 1.0.0.4.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Phishing Doctor 2.1.1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\PhotoRescue Wizard 3.1.7.11394.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\PocketFMS 0.9.62.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Portello CMS Admin 1.2.04.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Poster Printer 1.0.0.10.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\PPPshar Pro 1.9.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\PurgeIE Pro 4.01.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\pViewerPRO 1.01.23t.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Quick Notes 1.0.0.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\QuickCut xp 1.4.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\RawEdit 0.2.0.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\rDiff 1.00.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Samaritan 2.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Screensaver Land 1.20.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\SecurityWorks 4.00.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Send-Safe Standalone 2.5 Build 920.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Setup Generator Pro 2001 3.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\ShellViewer 1.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Sky Of USA Weather Forecaster 1.07.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Smilie Inserter 0.7.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\SnifMon 4.127.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Softgroup VB Form Resize 7.6.0.15.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Sony [176x208] Etty Wall Ball 3D Mobile [W550i].zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Sorttag 1.0.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\SpamLock Security Wall Professional 1.0.4.9.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Speech Saver 1.0.1.1 Beta.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Studio Tax 2007.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Symantec.Norton.GoBack.v4.0.GERMAN.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\TfsAlert 0.3.0.0 Alpha.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\The Quote 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\ThumbTweak 1.00.0019.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\TimeZone Expert 2005 1.5.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\TorrentSpam Toolbar 1.0.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\TunnelRat 1.0.4.16245.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Ukulele Chord Learning Tool 1.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\UMLSpeed 0.14.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Vista4Experts 1.2.0.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\WeatherNotify 1.2.5.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\WebHopper Classic 1.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Webmaster SAPE 1.9.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Wedding Slideshow Studio 1.10.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\WMS Log Analyzer Professional Edition 1.5 Build 0075.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Word Repair 1.0.0.49.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\World Population Clock Vista Gadget.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\X Codec Pack 2.2.0 Build 514.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\yEd 2.4.2.2.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\YNAB Pro 1.1.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\Zipkey 8.07E.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\[1] [0] Brain Trainer Mobile Espa¤ol Nokia.zip
Deleted ! - C:\Users\Jacques\AppData\Roaming\m\shared\[Appz].Eset.NOD32.v2.50.25.Standard.edition.+.Fix.1.5.zip
Deleted ! - "C:\Users\Jacques\AppData\Roaming\m\shared"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\m"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\drivers\srosa.sys"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\drivers\srosa2.sys"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\drivers\winupgro.exe"
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\114364.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\115191.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\122148.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\122335.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\122429.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\122601.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\126969.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\128108.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\128420.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\130073.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\130229.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\132273.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\133443.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\133552.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\135284.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\136251.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\136828.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\136859.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\136875.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\136890.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\137717.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\138014.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\140525.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\140962.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\141118.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\141243.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\141321.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\142522.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\143364.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\143567.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\143786.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\143879.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\143895.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\144066.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\144113.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\144285.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\144503.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\145252.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\145954.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14735214.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14740752.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14743264.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14749052.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14752749.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14766227.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14767335.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14768068.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14773466.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14774199.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14774605.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14776289.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14776726.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14777069.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14782685.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14783029.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14783372.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14796632.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14804978.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839579.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839626.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839641.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839688.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14839704.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14851607.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14852418.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14852605.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853057.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853479.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853759.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14853962.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14854477.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14854727.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14854930.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14855413.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14855866.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14874508.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14874929.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14874976.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14875256.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14875319.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14875646.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14891777.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14892666.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14893041.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14895880.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14902791.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14903836.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14904257.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14910528.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14924412.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14924709.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14925192.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14925536.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\149277.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14937750.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14937906.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\14937984.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\150728.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\151133.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\151180.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\151242.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\152163.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\152256.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\152319.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\152600.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\152771.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\153052.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\153161.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\153380.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\153520.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\153754.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\155626.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\155673.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\155876.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157249.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157389.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157467.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157483.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157576.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157779.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\157841.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\158309.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\158387.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\158419.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\158684.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\160696.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\161445.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\161554.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\161617.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\161663.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\161773.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\161929.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\162272.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\162599.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\163161.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\163177.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\163301.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\163551.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\163567.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\164581.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\165641.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\166780.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167030.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167092.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167420.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167545.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167779.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167872.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\167888.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\168122.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\168325.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\168340.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\168449.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\169775.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\170134.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\171757.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\172755.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\172786.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\172927.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\173083.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\173129.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\173176.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\174206.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\174253.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\174284.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\174752.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\174767.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\175235.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\175984.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\176795.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\177029.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\177185.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\177497.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\177841.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\178293.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\178917.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\179307.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\182770.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\182786.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\183722.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\183737.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\184049.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\184065.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\184564.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\187419.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\194002.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\201880.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\203238.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\205032.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\205531.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\205656.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\207262.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\209041.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\211116.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\211662.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\212395.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\213518.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\213534.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\227355.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\228666.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\229118.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\229867.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\230600.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\231053.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\232831.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\233330.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\233502.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\233517.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\233642.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\234017.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\234048.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\234297.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\234313.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\239523.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\240569.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\240693.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\241910.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\242409.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\242581.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\242753.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\243189.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\243267.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\243798.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\243829.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\243845.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\246091.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\246512.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\246965.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\247401.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\247807.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\247854.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\247869.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\247979.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\247994.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\248291.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\248337.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\248493.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\248634.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\248759.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\248852.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249024.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249039.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249117.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249133.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249180.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249523.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249570.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\249929.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\250022.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\250272.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\250397.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\250459.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\251036.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\251723.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\251879.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\252347.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\252394.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\252721.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\253501.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\253642.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\254718.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\254734.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\254749.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\254874.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\255155.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\255326.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\255420.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\255826.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\255966.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256028.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256075.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256325.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256418.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256543.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256621.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256762.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\256777.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\257042.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\257120.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\257214.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\257245.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\257495.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\257838.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\258025.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\258150.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\258290.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\258478.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\258634.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\259492.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\260521.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\260974.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\261535.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\261816.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\262471.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\262783.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\262924.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\263236.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\263953.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\264702.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\265139.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\266371.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\267260.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\267713.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\268415.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\269179.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\269632.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\270692.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\271332.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\271426.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\271660.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\271691.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\271738.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\271769.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\272096.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\272330.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\272393.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\272658.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\272720.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\276012.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\276589.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\276823.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\276886.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277073.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277260.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277338.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277478.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277666.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277822.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277931.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\277946.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\278009.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\278258.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\282159.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\282486.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\282814.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\283672.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\284343.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\284670.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\285263.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\286932.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\287697.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\288071.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\288399.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\289725.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\290083.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\291066.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\291175.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\291565.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\291612.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\292002.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\292423.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\292798.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29327907.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29328546.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29328562.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29334225.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29340075.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29340543.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29340574.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29342586.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29344022.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29344427.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29346752.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29352492.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29353038.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29353428.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29354754.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29355503.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29355956.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29363990.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29364364.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29364723.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29385377.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423769.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423816.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423832.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29423847.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29435407.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29435703.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29436312.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29436733.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29436764.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29437185.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29437482.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29437887.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29438215.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29438558.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29438667.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29439011.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\294436.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\294498.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29457434.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29457902.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29458230.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29460258.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29460586.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29460913.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29472223.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29478104.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29482784.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29483003.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29483798.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29483908.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29484188.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29484282.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511723.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511847.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511941.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29511988.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29512019.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\29512066.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\295247.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\295465.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\297759.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\299350.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\299865.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\300099.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\300473.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\300816.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\301206.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\301955.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\302361.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\302407.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\302891.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\303000.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\303765.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\303858.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\304233.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\304295.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\304669.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\305262.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\305621.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\306994.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\308179.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\309349.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\309724.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\310395.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\311050.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\311331.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\311892.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\312470.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\312594.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\312891.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\316182.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\317618.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\318476.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\319006.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\321642.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\322173.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\322625.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\322890.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\323187.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\323624.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\323702.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\326120.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\327742.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\328179.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\328257.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\329224.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\329255.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\329380.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\329396.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\329458.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\329474.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332172.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332531.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332578.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332609.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332640.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332765.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332843.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\332984.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\333062.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\334731.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\335854.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\336306.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\336369.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\336977.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\337835.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\337991.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\338069.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\340940.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\341111.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\341189.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\343795.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\344278.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\344387.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\346634.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\346790.exe
Deleted ! - C:\Users\Jacques\AppData\Roaming\drivers\downld\346868.exe
Deleted ! - "C:\Users\Jacques\AppData\Roaming\drivers\downld"
Deleted ! - "C:\Users\Jacques\AppData\Roaming\drivers"

»»»» Supression files in C:\Users\Jacques\AppData\Local\Temp


»»»» Supression files in C:\Users\Jacques\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_1[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_2[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_2[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[4].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\06MRAHAB\b64_3[6].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_1[4].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_2[4].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_3[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_3[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ8X5TUI\b64_3[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[4].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[5].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64[6].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_1[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_1[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_2[4].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMI5Z1G4\b64_3[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[4].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_1[5].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_2[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_3[1].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_3[2].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UER4AQPJ\b64_3[3].jpg
Deleted ! - C:\Users\Jacques\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0LNDZZME\A9O6P0RCALOBV2ECASAGBVXCA5L3ARJCA6UH648CA4V26GSCA0KN1AGCAUK0LLVCAZINNF7CA06OJ38CAQYK82QCA7NVIO7CAI58240CAB6461SCAIH02BKCAE9BP8DCAL4HD6MCAQXAMFOCAJCE8D0.jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\Local AppWizard-Generated Applications\key_generator
Deleted ! - HKEY_USERS\S-1-5-21-709427035-338773287-4181523031-1000\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Wlansvc - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe
D: - Lecteur fixe
J: - Lecteur fixe
K: - Lecteur fixe
L: - Lecteur fixe

+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------



---------------- ! End of report ! ------------------


MERCI!!!!
22 Décembre 2008 19:30:15

Un petit Up pour me rappeler à votre souvenir :-)
23 Décembre 2008 00:05:02

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    23 Décembre 2008 00:43:15

    Bonsoir et merci pour la suite.
    J'ai chargé MBAM et j'ai fait la MàJ.
    En mode normal je réussis à l'ouvrir mais en mode sans échec j'ai un message d'erreur: "Run-time error '481': invalid picture"
    Que faire?
    23 Décembre 2008 10:18:49

    Suite:
    Ce matin quand j'allume l'ordi j'ai Spybot qui me dit:
    "Elément important du registre modifié: Valeur supprimée=Skytel.exe"
    Je n'ai pas accepté la modif, mais ai-je bien fait?
    23 Décembre 2008 12:08:08

    Bj
    Nouvel essai pour installer MBAM.
    Cette fois j'ai essayé de l'installer à partir du mode sans echec: même message "Run-time error '481': invalid picture"
    Je ne sais plus quoi faire!!!
    23 Décembre 2008 13:04:23

    Salut, t'inquiètes pas c'est tout à fait normal.
    Attend que FanDANGELDARK te réponde.

    Il reste plein de manip à faire pour te débarrasser de Bagle.
    Il va surement de dire de télécharger ComboFix.

    Soit patient il ne t'a pas oublié !

    Bonne continuation.

    Edit: Comme tu es sous Vista, pense bien à désactiver tes UACs.(pour combofix) Il faut savoir que Bagle casse la clé de registre EnableLUA qui correspond au UAC.
    23 Décembre 2008 13:39:07

    Re,

    Salut Tetar159 ;) 

    1) Ouvre Spybot , clique sur l'onglet Mode et choisis Mode Avancé
    Ne tiens pas compte de l'avertissement
    En bas à gauche , clique sur Outils
    Toujours dans la colonne de gauche , clique sur Résident ( pas dans la fenêtre centrale )
    Et décoche l'option Resident "TeaTimer" (Tu pourras la recocher lorsque nous aurons terminé)

    2) Fais un clic droit sur ComboFix (de sUBs) et choisis Enregistrer la cible (du lien) sous.

  • Choisis le Bureau, insère un trait d'union entre Combo et Fix de telle manière à obtenir Combo-Fix.exe, puis choisis Enregistrer.
  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    23 Décembre 2008 14:47:07

    Re

    Excuses-moi d'avoir relancé mais quand on est en rade on voudrait toujours que la solution soit donnée dans la minute!! Et pour aller plus vite on essaie soi-même de trouver des solutions.
    Donc voici le rapport de Combo-Fix:

    ComboFix 08-12-21.04 - Jacques 2008-12-23 14:26:24.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.1.1036.18.767.248 [GMT 1:00]
    Lancé depuis: c:\users\Jacques\Desktop\Combo-Fix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\acer\AcerTour\Reminder.exe
    c:\users\Jacques\AppData\Local\aiibmmgk.dat
    c:\users\Jacques\AppData\Local\aiibmmgk_nav.dat
    c:\users\Jacques\AppData\Local\aiibmmgk_navps.dat
    c:\users\Jacques\AppData\Roaming\drivers\downld
    c:\windows\system32\nvs2.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-23 au 2008-12-23 ))))))))))))))))))))))))))))))))))))
    .

    2018-11-10 19:06 . 2018-11-10 19:06 <REP> d-------- c:\users\Jacques\AppData\Roaming\MAGIX
    2018-11-10 19:02 . 2018-11-10 19:05 <REP> d-------- c:\users\All Users\MAGIX
    2018-11-10 19:02 . 2018-11-10 19:05 <REP> d-------- c:\programdata\MAGIX
    2018-11-10 19:02 . 2018-11-10 19:05 <REP> d-------- c:\program files\MAGIX
    2018-11-10 19:02 . 2007-04-27 10:43 120,200 --a------ c:\windows\System32\DLLDEV32i.dll
    2018-11-10 18:53 . 2018-11-10 19:06 <REP> d-------- c:\windows\System32\MAGIX
    2018-11-10 18:53 . 2008-04-15 16:14 700,416 --a------ c:\windows\System32\mgxoschk.dll
    2018-11-10 18:53 . 2018-11-10 19:05 6,651 --a------ c:\windows\mgxoschk.ini
    2008-12-23 11:47 . 2008-12-23 11:47 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2008-12-23 11:47 . 2008-12-03 19:54 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
    2008-12-23 11:47 . 2008-12-03 19:54 15,504 --a------ c:\windows\System32\drivers\mbam.sys
    2008-12-23 00:15 . 2008-12-23 00:15 <REP> d-------- c:\users\Jacques\AppData\Roaming\Malwarebytes
    2008-12-23 00:15 . 2008-12-23 00:15 <REP> d-------- c:\users\All Users\Malwarebytes
    2008-12-23 00:15 . 2008-12-23 00:15 <REP> d-------- c:\programdata\Malwarebytes
    2008-12-22 23:41 . 2008-12-23 14:28 <REP> d--h----- c:\users\Jacques\AppData\Roaming\drivers
    2008-12-22 14:18 . 2008-12-22 14:18 <REP> d-------- C:\rsit
    2008-12-22 14:18 . 2008-12-22 14:18 <REP> d-------- c:\program files\trend micro
    2008-12-22 11:10 . 2008-12-22 13:22 <REP> d-------- c:\program files\FindyKill
    2008-12-22 01:37 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
    2008-12-21 10:37 . 2008-12-21 10:36 21,525,613 --a------ c:\windows\LPT$VPN.723
    2008-12-21 10:36 . 2008-12-21 10:36 <REP> d-------- c:\windows\AU_Backup
    2008-12-21 10:36 . 2008-12-21 10:36 21,525,613 --a------ c:\windows\VPTNFILE.723
    2008-12-21 10:36 . 2008-12-21 10:36 1,973,163 --a------ c:\windows\tsc.ptn
    2008-12-21 10:36 . 2008-12-21 10:36 1,213,784 --a------ c:\windows\vsapi32.dll
    2008-12-21 10:36 . 2008-12-21 10:36 345,157 --a------ c:\windows\tsc.exe
    2008-12-21 10:36 . 2008-12-21 10:36 91,744 --a------ c:\windows\BPMNT.dll
    2008-12-21 10:36 . 2008-12-21 10:36 71,749 --a------ c:\windows\hcextoutput.dll
    2008-12-21 10:36 . 2008-12-21 19:25 803 --a------ c:\windows\tsc.ini
    2008-12-21 10:34 . 2008-12-21 10:36 <REP> d-------- c:\windows\AU_Temp
    2008-12-21 10:34 . 2008-12-21 10:34 <REP> d-------- c:\windows\AU_Log
    2008-12-21 10:34 . 2008-12-21 10:34 507,904 --a------ c:\windows\TMUPDATE.DLL
    2008-12-21 10:34 . 2008-12-21 10:34 286,720 --a------ c:\windows\PATCH.EXE
    2008-12-21 10:34 . 2008-12-21 10:34 69,689 --a------ c:\windows\UNZIP.DLL
    2008-12-21 10:34 . 2008-12-21 10:34 170 --a------ c:\windows\GetServer.ini
    2008-12-20 22:43 . 2008-12-20 22:43 <REP> d-------- c:\users\Jacques\AppData\Roaming\eSobi
    2008-12-20 18:12 . 2008-12-20 18:12 <REP> d-------- c:\users\All Users\eSellerate
    2008-12-20 18:12 . 2008-12-20 18:12 <REP> d-------- c:\programdata\eSellerate
    2008-12-20 18:12 . 2008-12-20 18:13 136 --ah----- c:\users\Jacques\AppData\Roaming\lakerda1967.sys
    2008-12-20 10:48 . 2008-12-20 10:48 <REP> d-------- c:\users\All Users\WindowsSearch
    2008-12-20 10:48 . 2008-12-20 10:48 <REP> d-------- c:\programdata\WindowsSearch
    2008-12-19 23:00 . 2008-12-19 23:00 <REP> d-------- c:\users\All Users\GARMIN
    2008-12-19 23:00 . 2008-12-19 23:00 <REP> d-------- c:\programdata\GARMIN
    2008-12-19 18:35 . 2008-12-20 00:51 <REP> d-------- c:\users\Jacques\AppData\Roaming\Download Manager
    2008-12-17 00:26 . 2008-12-17 00:26 <REP> d-------- C:\HiTRUSTDrive
    2008-12-17 00:21 . 2008-12-17 00:21 <REP> d-------- c:\program files\Garmin GPS Plugin
    2008-12-16 19:40 . 2008-12-16 19:42 <REP> d-------- c:\program files\Garmin
    2008-12-13 12:01 . 2008-12-20 01:09 <REP> d-------- c:\users\Jacques\AppData\Roaming\GARMIN
    2008-12-13 11:57 . 2008-12-20 10:38 <REP> d-------- C:\Garmin
    2008-12-11 10:51 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
    2008-12-10 11:40 . 2008-12-10 11:40 <REP> d-------- c:\users\Jacques\AppData\Roaming\Jean-Louis MOREL
    2008-12-10 11:40 . 2008-12-10 11:40 <REP> d-------- c:\users\All Users\Frise
    2008-12-10 11:40 . 2008-12-10 11:40 <REP> d-------- c:\programdata\Frise
    2008-12-10 11:39 . 2008-12-10 11:40 <REP> d-------- c:\program files\Frise
    2008-12-10 10:35 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
    2008-12-10 10:35 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
    2008-12-10 10:35 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
    2008-12-10 10:35 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll
    2008-12-10 10:34 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll
    2008-12-10 10:34 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll
    2008-12-10 10:34 . 2008-10-16 05:47 827,392 --a------ c:\windows\System32\wininet.dll
    2008-12-10 10:34 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe
    2008-12-07 10:38 . 2008-12-07 10:38 410,984 --a------ c:\windows\System32\deploytk.dll
    2008-11-26 16:46 . 2008-11-26 16:46 <REP> d-------- c:\program files\FileZilla FTP Client
    2008-11-26 09:48 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
    2008-11-26 09:47 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll
    2008-11-26 09:47 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
    2008-11-26 09:47 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
    2008-11-26 09:47 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
    2008-11-24 09:41 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
    2008-11-24 09:41 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
    2008-11-24 09:41 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
    2008-11-24 09:41 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
    2008-11-24 09:40 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
    2008-11-24 09:40 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
    2008-11-24 09:40 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
    2008-11-24 09:40 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
    2008-11-24 09:40 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-12-23 11:12 --------- d-----w c:\users\Jacques\AppData\Roaming\OpenOffice.org2
    2008-12-22 20:00 --------- d-----w c:\program files\Foxmail
    2008-12-22 00:36 --------- d-----w c:\program files\Alwil Software
    2008-12-20 21:52 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-12-20 21:43 --------- d-----w c:\programdata\eSobi
    2008-12-12 10:02 --------- d-----w c:\program files\Common Files\Adobe
    2008-12-11 10:01 --------- d-----w c:\program files\Windows Mail
    2008-12-07 09:37 --------- d-----w c:\program files\Java
    2008-12-04 12:22 --------- d-----w c:\users\Jacques\AppData\Roaming\dvdcss
    2008-11-26 23:12 --------- d-----w c:\users\Jacques\AppData\Roaming\FileZilla
    2008-11-10 10:49 --------- d-----w c:\program files\SoftChris
    2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
    2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
    2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
    2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
    2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
    2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
    2008-09-23 09:04 174 --sha-w c:\program files\desktop.ini
    2008-09-23 08:31 82,432 ----a-w c:\windows\System32\axaltocm.dll
    2008-09-23 08:31 101,888 ----a-w c:\windows\System32\ifxcardm.dll
    2007-12-19 11:31 0 ----a-w c:\users\Jacques\AppData\Roaming\wklnhst.dat
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
    "CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
    "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
    "BTCLiveUpdate"="c:\program files\LiveUpdate\LiveUpdate.exe" [2008-12-22 430080]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
    "PCMService"="c:\acer\Empowering Technology\eMode\PCM\PCMService.exe" [2007-01-12 151552]
    "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-07 136600]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-12-22 81000]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-03-11 c:\windows\RtHDVCpl.exe]
    "Skytel"="Skytel.exe" [2007-11-20 c:\windows\SkyTel.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

    c:\users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
    OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-05-06 528384]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.mkdmp3enc"= c:\acer\EMPOWE~1\eMode\PCM\Kernel\Burner\MKDMP3Enc.ACM
    "SENTINEL"= snti386.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-709427035-338773287-4181523031-1000]
    "EnableNotificationsRef"=dword:0000000e

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{27A992E8-3191-4058-BDC4-1321D34A3BBD}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{825364F4-5206-4106-9837-CCC9FB893293}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{7544676B-122D-44D9-B6F1-22A42CF36183}"= UDP:c:\acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
    "{1A18564B-6511-4C7F-B95E-0AD529D9AAFD}"= TCP:c:\acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
    "TCP Query User{335CF837-A059-48C2-8721-61DEF3C4645B}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
    "UDP Query User{02A19C01-AF00-42CC-B261-9514C82F9607}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
    "{2BA60408-838A-4FD5-9278-73507407AFC9}"= UDP:5775:eMule_TCP
    "TCP Query User{45F74BEC-1B9B-4712-9396-F3A29B64A212}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
    "UDP Query User{02466527-C7C3-459E-9790-1BB4A6E46BB1}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
    "TCP Query User{602D78C1-F61B-4A70-9E26-9CAC72482D26}c:\\windows\\system32\\javaw.exe"= UDP:c:\windows\system32\javaw.exe:Java(TM) Platform SE binary
    "UDP Query User{FB933C72-1386-400D-84D8-A5C28FF621C4}c:\\windows\\system32\\javaw.exe"= TCP:c:\windows\system32\javaw.exe:Java(TM) Platform SE binary
    "TCP Query User{8F67B96A-C123-4C26-AFA3-B7D751C72EDB}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{5A8FFAA7-FD25-46B1-A8C4-32751503A8D6}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "{FE23B81A-31F1-4322-8C97-B57D11D95DD8}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{84E37A53-B5B3-44EB-A306-1DC2806F18D4}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "TCP Query User{CD7E0708-57F0-4A25-85F0-683FFC032940}c:\\program files\\foxmail\\foxhot.exe"= UDP:c:\program files\foxmail\foxhot.exe:Foxmail-Hotmail Proxy Application
    "UDP Query User{DA757E35-D432-4510-AF04-398DA74D9995}c:\\program files\\foxmail\\foxhot.exe"= TCP:c:\program files\foxmail\foxhot.exe:Foxmail-Hotmail Proxy Application

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
    "c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
    "c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:D ecryption

    R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2008-12-22 51792]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-02-07 810320]
    S2 HPFECP13;HPFECP13;c:\windows\system32\drivers\HPFECP13.SYS [1998-09-25 52800]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2018-11-10 1527900]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da9861f4-1428-11dd-a92e-001c252ed515}]
    \shell\AutoRun\command - N:\LaunchU3.exe -a

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Tâches planifiées'

    2018-11-10 c:\windows\Tasks\User_Feed_Synchronization-{EC9606B0-4CD5-420B-81C9-E08905CC31A9}.job
    - c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
    HKLM-Run-Apanel - c:\acersw\config\NewSetApanel.cmd
    HKLM-Run-Acer Tour - (no file)
    HKLM-Run-eRecoveryService - (no file)
    HKU-Default-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe



    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-23 14:30:56
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    [0] 0x00006500

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-12-23 14:39:02
    ComboFix-quarantined-files.txt 2008-12-23 13:38:59

    Avant-CF: 64 270 155 776 octets libres
    Après-CF: 64,034,324,480 octets libres

    224 --- E O F --- 2008-12-23 08:59:24


    A la prochaine !
    23 Décembre 2008 15:58:14

    Re,

    Désactive l'UAC (Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le)

    Télécharge Navilog (de Il-Mafioso)

  • Enregistre-le sur ton Bureau.
  • Installe-le en double cliquant sur navilog.exe.
  • Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]
  • Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    ! N'utilise pas l'option 2, 3 et 4 sans notre accord !
  • Patiente jusqu'à l'apparition de ce message :
    *** Analyse Termine le ..... ***
  • Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
  • Poste le rapport généré.

    Le rapport se trouve ici : C:\fixnavi.txt

    23 Décembre 2008 18:09:03

    Voilà le rapport, mais j'ai eu plusieurs messages d'erreurs comme quoi il ne pouvait pas éditer les txt :


    Search Navipromo version 3.7.0 commencé le 23/12/2008 à 17:15:46,52

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

    Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Jacques ( Administrator )
    BOOT : Normal boot




    C:\ (Local Disk) - NTFS - Total:111 Go (Free:60 Go)
    D:\ (Local Disk) - NTFS - Total:111 Go (Free:97 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - NTFS - Total:37 Go (Free:27 Go)
    K:\ (Local Disk) - NTFS - Total:97 Go (Free:6 Go)
    L:\ (Local Disk) - NTFS - Total:98 Go (Free:69 Go)


    Recherche executé en mode normal

    *** Recherche Programmes installés ***


    *** Recherche dossiers dans "C:\Windows" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


    *** Recherche dossiers dans "C:\ProgramData" ***


    *** Recherche dossiers dans "c:\users\jacques\appdata\roaming\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "C:\Users\Jacques\AppData\Local\virtualstore\Program Files" ***


    *** Recherche dossiers dans "C:\Users\Jacques\AppData\Roaming" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\Windows\system32" *

    * Recherche dans "C:\Users\Jacques\AppData\Local\Microsoft" *

    * Recherche dans "C:\Users\Jacques\AppData\Local\virtualstore\windows\system32" *

    * Recherche dans "C:\Users\Jacques\AppData\Local" *



    *** Recherche fichiers ***



    *** Recherche clés spécifiques dans le Registre ***
    !! Les clés trouvées ne sont pas forcément infectées !!


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\Windows\system32" :


    * Dans "C:\Users\Jacques\AppData\Local\Microsoft" :


    * Dans "C:\Users\Jacques\AppData\Local\virtualstore\windows\system32" :


    * Dans "C:\Users\Jacques\AppData\Local" :


    3)Recherche Certificats :

    Certificat Egroup absent !
    Certificat Electronic-Group trouvé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche autres dossiers et fichiers connus :



    *** Analyse terminée le 23/12/2008 à 18:05:10,60 ***


    A la prochaine!
    24 Décembre 2008 12:18:16

    Re,

  • Double clique sur le raccourci de Navilog.
  • Choisis l'option 2 puis valide. (Entrée)
  • Laisse toi guider.
  • Ton ordinateur va redémarrer, sinon fais le manuellement.
  • Ton bureau va disparaître.
  • Après un certain temps, le Bloc-notes va s'ouvrir.
  • Sauvegarde le rapport.
  • Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


    Démarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    VIP

    Si tu les trouves, fais ceci :
    * Sélectionne chacun de ces certificats et clique sur exporter. Enregistre le/les sur ton bureau.
    * Supprime ensuite ceux présents dans l'onglet "certificats" des options de ton naviguateur.

    Ensuite pour chacun des certificats présents sur ton bureau :
    * Va sur le site Web :
    http://www.bleepingcomputer.com/submit-malware.php?chan...
    * Copie/colle ceci dans la case 'Link to Topic' :
    le nom du certificat (Montorgueil ,......)
    * Copie/colle ceci dans la case 'Browse to the File' :
    Le certificat correspondant que tu avais exportés vers ton bureau

    Si c'est fait, supprime enfin le certificat présent sur ton bureau.

    Les programmes suivants installent cette infection :

    * Go-astro
    * GoRecord
    * HotTVPlayer
    * Live Player
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * sudoplanet
    * Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
    * Sur le site www.games-desktop.com (Ne pas aller dessus!)

  • Poste le rapport sauvegardé auparavant (C:\cleannavi.txt) ainsi qu'un nouveau rapport Hijackthis.
    24 Décembre 2008 13:10:54

    Bjr,

    J'ai lancé Navilog et j'ai eu le rapport.
    Dans les options internet/Contenu/Certificats/éditeurs approuvés il n'y avait rien. J'ai donc sauté cette étape.

    Voici le rapport cleannavi, et à la suite le log de Hijackthis

    --------------------------------------
    Clean Navipromo version 3.7.0 commencé le 24/12/2008 à 12:31:03,41

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

    Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Jacques ( Administrator )
    BOOT : Normal boot




    C:\ (Local Disk) - NTFS - Total:111 Go (Free:60 Go)
    D:\ (Local Disk) - NTFS - Total:111 Go (Free:97 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - NTFS - Total:37 Go (Free:27 Go)
    K:\ (Local Disk) - NTFS - Total:97 Go (Free:6 Go)
    L:\ (Local Disk) - NTFS - Total:98 Go (Free:69 Go)


    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\Windows\System32" *


    * Suppression dans "C:\Users\Jacques\AppData\Local\Microsoft" *


    * Suppression dans "C:\Users\Jacques\AppData\Local\virtualstore\windows\system32" *


    * Suppression dans "C:\Users\Jacques\AppData\Local" *



    *** Suppression dossiers dans "C:\Windows" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


    *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


    *** Suppression dossiers dans "C:\ProgramData" ***


    *** Suppression dossiers dans c:\users\jacques\appdata\roaming\micros~1\windows\startm~1\programs ***


    *** Suppression dossiers dans "C:\Users\Jacques\AppData\Local\virtualstore\Program Files" ***


    *** Suppression dossiers dans "C:\Users\Jacques\AppData\Roaming" ***



    *** Suppression fichiers ***


    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\Windows\Temp effectué !
    Nettoyage contenu C:\Users\Jacques\AppData\Local\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\Windows\system32" *


    * Dans "C:\Users\Jacques\AppData\Local\Microsoft" *


    * Dans "C:\Users\Jacques\AppData\Local\virtualstore\windows\system32" *


    * Dans "C:\Users\Jacques\AppData\Local" *


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup absent !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !


    *** Recherche autres dossiers et fichiers connus ***



    *** Nettoyage terminé le 24/12/2008 à 12:35:26,85 ***

    ---------------------------------------------------------
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Jacques at 2008-12-24 12:54:34
    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
    System drive C: has 62 GB (54%) free of 114 GB
    Total RAM: 767 MB (28% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:54:56, on 24/12/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\conime.exe
    C:\Acer\Empowering Technology\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Windows\System32\mobsync.exe
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Windows\system32\sdclt.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Jacques\Desktop\RSIT.exe
    C:\Program Files\trend micro\Jacques.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-18\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - J:\Program Files\Jeux de cartes\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - J:\Program Files\Jeux de cartes\Titan Poker\casino.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://www.secuser.com
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

    --
    End of file - 8314 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{EC9606B0-4CD5-420B-81C9-E08905CC31A9}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-07 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-07 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe [2007-01-24 319488]
    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168]
    "PCMService"=C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe [2007-01-12 151552]
    "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-07 136600]
    "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-11 5296128]
    "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-15 644696]
    "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-04 1603152]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-12-22 81000]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
    "CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-19 192000]
    "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]
    "BTCLiveUpdate"=C:\Program Files\LiveUpdate\LiveUpdate.exe [2008-12-22 430080]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

    C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
    "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
    "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:D ecryption"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da9861f4-1428-11dd-a92e-001c252ed515}]
    shell\AutoRun\command - N:\LaunchU3.exe -a


    ======File associations======

    .scr - open - C:\Windows\NOTEPAD.EXE "%1"
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2018-11-10 19:06:23 ----D---- C:\Users\Jacques\AppData\Roaming\MAGIX
    2018-11-10 19:04:31 ----A---- C:\Windows\system32\MXRestore.exe
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\TTIC32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\TTI32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\STRING32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\mgxcdr.txt
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\DLLTPO32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\DLLRES32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\DLLRD32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\DLLPTL32.dll
    2018-11-10 19:04:30 ----A---- C:\Windows\system32\DLLPRJ32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLPRF32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLPNT32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLMSC32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLIX.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLISO32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLIO32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLIMG32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLDRV32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLDIR32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLDEV32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLCPY32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLCDF32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLCDA32.dll
    2018-11-10 19:04:29 ----A---- C:\Windows\system32\DLLAV32.dll
    2018-11-10 19:02:53 ----D---- C:\ProgramData\MAGIX
    2018-11-10 19:02:35 ----A---- C:\Windows\system32\DLLDEV32i.dll
    2018-11-10 19:02:12 ----D---- C:\Program Files\MAGIX
    2018-11-10 18:53:17 ----D---- C:\Windows\system32\MAGIX
    2018-11-10 18:53:17 ----A---- C:\Windows\system32\mgxoschk.dll
    2018-11-10 18:53:17 ----A---- C:\Windows\mgxoschk.ini
    2008-12-24 12:31:03 ----A---- C:\cleannavi.txt
    2008-12-23 17:15:46 ----A---- C:\fixnavi.txt
    2008-12-23 17:13:59 ----D---- C:\Program Files\Navilog1
    2008-12-23 14:39:15 ----D---- C:\Windows\temp
    2008-12-23 14:39:03 ----A---- C:\ComboFix.txt
    2008-12-23 14:23:26 ----A---- C:\Windows\zip.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\VFIND.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\SWXCACLS.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\SWSC.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\SWREG.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\sed.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\NIRCMD.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\grep.exe
    2008-12-23 14:23:26 ----A---- C:\Windows\fdsv.exe
    2008-12-23 14:23:21 ----D---- C:\Windows\ERDNT
    2008-12-23 14:23:21 ----D---- C:\Qoobox
    2008-12-23 14:23:21 ----D---- C:\Combo-Fix
    2008-12-23 11:47:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-12-23 00:26:24 ----A---- C:\Windows\ntbtlog.txt
    2008-12-23 00:15:21 ----D---- C:\Users\Jacques\AppData\Roaming\Malwarebytes
    2008-12-23 00:15:14 ----D---- C:\ProgramData\Malwarebytes
    2008-12-22 23:41:35 ----HD---- C:\Users\Jacques\AppData\Roaming\drivers
    2008-12-22 14:18:02 ----D---- C:\Program Files\trend micro
    2008-12-22 14:18:01 ----D---- C:\rsit
    2008-12-22 13:15:16 ----A---- C:\FindyKill.txt
    2008-12-22 11:10:43 ----D---- C:\Program Files\FindyKill
    2008-12-22 01:37:17 ----A---- C:\Windows\system32\aswBoot.exe
    2008-12-21 10:36:23 ----D---- C:\Windows\AU_Backup
    2008-12-21 10:36:22 ----A---- C:\Windows\tsc.ini
    2008-12-21 10:36:22 ----A---- C:\Windows\tsc.exe
    2008-12-21 10:36:22 ----A---- C:\Windows\hcextoutput.dll
    2008-12-21 10:36:21 ----A---- C:\Windows\vsapi32.dll
    2008-12-21 10:36:21 ----A---- C:\Windows\BPMNT.dll
    2008-12-21 10:34:42 ----A---- C:\Windows\GetServer.ini
    2008-12-21 10:34:41 ----D---- C:\Windows\AU_Temp
    2008-12-21 10:34:40 ----D---- C:\Windows\AU_Log
    2008-12-21 10:34:38 ----A---- C:\xscan.txt
    2008-12-21 10:34:28 ----A---- C:\Windows\TMUPDATE.DLL
    2008-12-21 10:34:27 ----A---- C:\Windows\UNZIP.DLL
    2008-12-21 10:34:26 ----A---- C:\Windows\PATCH.EXE
    2008-12-20 22:43:17 ----D---- C:\Users\Jacques\AppData\Roaming\eSobi
    2008-12-20 18:12:12 ----D---- C:\ProgramData\eSellerate
    2008-12-20 18:10:56 ----A---- C:\Users\Jacques\AppData\Roaming\docXConverter (3).ini
    2008-12-20 10:48:22 ----D---- C:\ProgramData\WindowsSearch
    2008-12-19 23:00:28 ----D---- C:\ProgramData\GARMIN
    2008-12-19 18:35:12 ----D---- C:\Users\Jacques\AppData\Roaming\Download Manager
    2008-12-19 10:15:20 ----A---- C:\Windows\system32\mshtml.dll
    2008-12-17 00:26:17 ----D---- C:\HiTRUSTDrive
    2008-12-17 00:21:03 ----D---- C:\Program Files\Garmin GPS Plugin
    2008-12-16 19:40:54 ----D---- C:\Program Files\Garmin
    2008-12-13 12:01:26 ----D---- C:\Users\Jacques\AppData\Roaming\GARMIN
    2008-12-13 11:57:45 ----D---- C:\Garmin
    2008-12-11 10:51:08 ----A---- C:\Windows\system32\tzres.dll
    2008-12-10 11:40:39 ----D---- C:\ProgramData\Frise
    2008-12-10 11:40:20 ----D---- C:\Users\Jacques\AppData\Roaming\Jean-Louis MOREL
    2008-12-10 11:39:57 ----D---- C:\Program Files\Frise
    2008-12-10 10:35:29 ----A---- C:\Windows\explorer.exe
    2008-12-10 10:35:24 ----A---- C:\Windows\system32\gdi32.dll
    2008-12-10 10:35:15 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-12-10 10:35:13 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-12-10 10:35:01 ----A---- C:\Windows\system32\shell32.dll
    2008-12-10 10:34:36 ----A---- C:\Windows\system32\urlmon.dll
    2008-12-10 10:34:33 ----A---- C:\Windows\system32\ieframe.dll
    2008-12-10 10:34:31 ----A---- C:\Windows\system32\wininet.dll
    2008-12-10 10:34:30 ----A---- C:\Windows\system32\mstime.dll
    2008-12-10 10:34:29 ----A---- C:\Windows\system32\iertutil.dll
    2008-12-10 10:34:25 ----A---- C:\Windows\system32\jsproxy.dll
    2008-12-10 10:34:16 ----A---- C:\Windows\system32\mf.dll
    2008-12-10 10:34:15 ----A---- C:\Windows\system32\WMVCORE.DLL
    2008-12-10 10:34:13 ----A---- C:\Windows\system32\WMNetMgr.dll
    2008-12-10 10:34:13 ----A---- C:\Windows\system32\logagent.exe
    2008-12-07 10:38:33 ----A---- C:\Windows\system32\javaws.exe
    2008-12-07 10:38:33 ----A---- C:\Windows\system32\deploytk.dll
    2008-12-07 10:38:32 ----A---- C:\Windows\system32\javaw.exe
    2008-12-07 10:38:32 ----A---- C:\Windows\system32\java.exe
    2008-11-26 16:46:13 ----D---- C:\Program Files\FileZilla FTP Client
    2008-11-26 09:48:00 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2008-11-26 09:47:57 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2008-11-26 09:47:56 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2008-11-26 09:47:56 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2008-11-26 09:47:53 ----A---- C:\Windows\system32\connect.dll

    ======List of files/folders modified in the last 1 months======

    2018-11-10 19:06:45 ----RSD---- C:\Windows\Fonts
    2008-12-24 12:54:45 ----D---- C:\Windows\Prefetch
    2008-12-24 12:36:48 ----D---- C:\Users\Jacques\AppData\Roaming\OpenOffice.org2
    2008-12-24 12:35:25 ----D---- C:\Windows\System32
    2008-12-24 12:08:22 ----SHD---- C:\Windows\Installer
    2008-12-24 10:51:22 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-23 17:13:59 ----RD---- C:\Program Files
    2008-12-23 16:35:04 ----SHD---- C:\System Volume Information
    2008-12-23 14:39:17 ----D---- C:\Windows\system32\fr-FR
    2008-12-23 14:39:15 ----D---- C:\Windows
    2008-12-23 14:31:05 ----A---- C:\Windows\system.ini
    2008-12-23 14:28:51 ----D---- C:\Windows\system32\drivers
    2008-12-23 14:28:50 ----D---- C:\Windows\AppPatch
    2008-12-23 14:28:50 ----D---- C:\Program Files\Common Files
    2008-12-23 00:22:22 ----D---- C:\Windows\system32\catroot2
    2008-12-23 00:15:14 ----HD---- C:\ProgramData
    2008-12-22 23:57:29 ----D---- C:\Windows\rescache
    2008-12-22 23:13:42 ----D---- C:\Windows\winsxs
    2008-12-22 21:00:15 ----D---- C:\Program Files\Foxmail
    2008-12-22 20:24:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-12-22 20:24:26 ----D---- C:\Windows\inf
    2008-12-22 16:55:40 ----D---- C:\Messagerie Foxmail
    2008-12-22 13:22:22 ----SD---- C:\Windows\Downloaded Program Files
    2008-12-22 01:36:40 ----D---- C:\Program Files\Alwil Software
    2008-12-20 22:52:04 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-12-20 22:43:00 ----D---- C:\ProgramData\eSobi
    2008-12-19 10:15:48 ----D---- C:\Windows\system32\catroot
    2008-12-18 18:21:30 ----SD---- C:\Users\Jacques\AppData\Roaming\Microsoft
    2008-12-13 12:11:32 ----D---- C:\Windows\system32\Tasks
    2008-12-12 11:02:35 ----D---- C:\ProgramData\Adobe
    2008-12-12 11:02:05 ----D---- C:\Program Files\Common Files\Adobe
    2008-12-12 11:01:05 ----D---- C:\Program Files\Adobe
    2008-12-11 11:01:27 ----D---- C:\Program Files\Windows Mail
    2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe
    2008-12-09 12:55:35 ----D---- C:\hegames
    2008-12-07 10:37:57 ----D---- C:\Program Files\Java
    2008-12-04 13:22:34 ----D---- C:\Users\Jacques\AppData\Roaming\dvdcss
    2008-11-27 00:12:36 ----D---- C:\Users\Jacques\AppData\Roaming\FileZilla

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792]
    R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
    R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-14 2427392]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-11 2077080]
    R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-06 6144]
    R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-03-23 240128]
    S1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
    S2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
    S2 HPFECP13;HPFECP13; C:\Windows\System32\drivers\HPFECP13.SYS [1998-09-25 52800]
    S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [1997-05-30 64512]
    S3 catchme;catchme; \??\C:\Combo-Fix\catchme.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 winusb;Pilote WinUsb; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-19 31616]
    S4 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
    S4 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-29 28672]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-03-14 569344]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe [2007-01-12 274520]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe [2007-01-12 118870]
    R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512]
    R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-12 262247]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-17 72704]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-12-22 18752]
    S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-12-22 155160]
    S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-12-22 254040]
    S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-12-22 352920]

    -----------------EOF-----------------

    Si tu ne reviens pas avant je te souhaite un Joyeux Noël, moi je serai en ligne jusqu'environ 18 h, et après c'est réveillon avec toute la famille!

    25 Décembre 2008 11:55:25

    Re,

    joyeux Noël :) 

    ça semble propre.

    Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur Do a system scan and save a logfile.
  • Poste ici le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.
    25 Décembre 2008 13:54:51

    Bonjour et Joyeux Noël à toi aussi.

    Un super merci pour tout le mal que tu te donnes pour réparer nos ennuis!

    Voici le rapport d'Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:50:11, on 25/12/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Acer\Empowering Technology\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\System32\p2phost.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Windows\system32\sdclt.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-18\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - J:\Program Files\Jeux de cartes\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - J:\Program Files\Jeux de cartes\Titan Poker\casino.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://www.secuser.com
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

    --
    End of file - 8261 bytes


    Est-ce que je peux essayer de remettre Avast?

    Merci encore et à la prochaine.
    25 Décembre 2008 19:56:23

    Re,

    On va en profiter pour mettre mieux :) 


    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Local Protection, choisis Scanner.
  • Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Aide : Comment installer et utiliser AntiVir.

    ;) 
    26 Décembre 2008 11:10:09

    Bjr

    Voilà, j'ai installé Antivir et j'ai scanné.
    Voilà le rapport:



    Avira AntiVir Personal
    Date de création du fichier de rapport : vendredi 26 décembre 2008 00:37

    La recherche porte sur 1119750 souches de virus.

    Détenteur de la licence :Avira AntiVir PersonalEdition Classic
    Numéro de série : 0000149996-ADJIE-0001
    Plateforme : Windows Vista
    Version de Windows :( Service Pack 1) [6.0.6001]
    Mode Boot : Mode sans échec
    Identifiant : Jacques
    Nom de l'ordinateur :JACQUES_BUREAU

    Informations de version :
    BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00
    AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
    LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
    ANTIVIR1.VDF : 7.1.1.33 1705984 Bytes 24/12/2008 23:25:56
    ANTIVIR2.VDF : 7.1.1.34 2048 Bytes 24/12/2008 23:25:56
    ANTIVIR3.VDF : 7.1.1.37 39424 Bytes 25/12/2008 23:25:57
    Version du moteur: 8.2.0.45
    AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
    AESCRIPT.DLL : 8.1.1.19 336252 Bytes 25/12/2008 23:26:07
    AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41
    AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
    AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
    AEOFFICE.DLL : 8.1.0.33 196987 Bytes 25/12/2008 23:26:06
    AEHEUR.DLL : 8.1.0.75 1524087 Bytes 25/12/2008 23:26:05
    AEHELP.DLL : 8.1.2.0 119159 Bytes 25/12/2008 23:26:01
    AEGEN.DLL : 8.1.1.8 323956 Bytes 25/12/2008 23:26:00
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
    AECORE.DLL : 8.1.5.2 172405 Bytes 25/12/2008 23:25:59
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
    AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
    RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43

    Configuration pour la recherche actuelle :
    Nom de la tâche..................: Sélection manuelle
    Fichier de configuration.........: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Documentation....................: bas
    Action principale................: interactif
    Action secondaire................: ignorer
    Recherche sur les secteurs d'amorçage maître: marche
    Recherche sur les secteurs d'amorçage: marche
    Secteurs d'amorçage..............: C:, D:, E:, F:, G:, H:, I:, J:, K:, L:,
    Recherche dans les programmes actifs: marche
    Recherche en cours sur l'enregistrement: marche
    Recherche de Rootkits............: arrêt
    Fichier mode de recherche........: Sélection de fichiers intelligente
    Recherche sur les archives.......: marche
    Limiter la profondeur de récursivité: 20
    Archive Smart Extensions.........: marche
    Heuristique de macrovirus........: marche
    Heuristique fichier..............: moyen

    Début de la recherche : vendredi 26 décembre 2008 00:37

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsm.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wininit.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '17' processus ont été contrôlés avec '17' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD1
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD2
    [INFO] Aucun virus trouvé !
    [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
    [INFO] Veuillez relancer la recherche avec les droits d'administrateur
    Secteur d'amorçage maître HD3
    [INFO] Aucun virus trouvé !
    [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
    [INFO] Veuillez relancer la recherche avec les droits d'administrateur
    Secteur d'amorçage maître HD4
    [INFO] Aucun virus trouvé !
    [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
    [INFO] Veuillez relancer la recherche avec les droits d'administrateur
    Secteur d'amorçage maître HD5
    [INFO] Aucun virus trouvé !
    [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
    [INFO] Veuillez relancer la recherche avec les droits d'administrateur

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'D:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'F:\'
    [INFO] Aucun support de données inséré dans le lecteur 'F:\' !
    Secteur d'amorçage 'G:\'
    [INFO] Aucun support de données inséré dans le lecteur 'G:\' !
    Secteur d'amorçage 'H:\'
    [INFO] Aucun support de données inséré dans le lecteur 'H:\' !
    Secteur d'amorçage 'I:\'
    [INFO] Aucun support de données inséré dans le lecteur 'I:\' !
    Secteur d'amorçage 'J:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'K:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'L:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence.
    Le registre a été contrôlé ( '49' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\' <ACER>
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\Qoobox\Quarantine\C\Acer\AcerTour\Reminder.exe.vir
    [RESULTAT] Contient le cheval de Troie TR/Dldr.Bagle.aic
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c11ccc.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    C:\Users\Jacques\Desktop\FindyKill.exe
    [RESULTAT] Contient le modèle de détection du dropper DR/Tool.PsKill.K.39
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49c21d8c.qua' !
    C:\Users\Jacques\Downloads\FindyKill.exe
    [RESULTAT] Contient le modèle de détection du dropper DR/Tool.PsKill.K.39
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49c21d9a.qua' !
    Recherche débutant dans 'D:\' <DATA>
    D:\applications\Adobe Photoshop Cs2 v9 French Keygen\Adobe Photoshop CS2 v9.00 FR + keygen\CRACK ET KEYGEN\1er option (facile)\err.exe
    [RESULTAT] Contient le modèle de détection du ver WORM/Autorun.cxl
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c62152.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    Recherche débutant dans 'E:\'
    Impossible d'ouvrir le chemin à contrôler E:\ !
    Erreur système [21]: Le périphérique n'est pas prêt.
    Recherche débutant dans 'F:\'
    Impossible d'ouvrir le chemin à contrôler F:\ !
    Erreur système [21]: Le périphérique n'est pas prêt.
    Recherche débutant dans 'G:\'
    Impossible d'ouvrir le chemin à contrôler G:\ !
    Erreur système [21]: Le périphérique n'est pas prêt.
    Recherche débutant dans 'H:\'
    Impossible d'ouvrir le chemin à contrôler H:\ !
    Erreur système [21]: Le périphérique n'est pas prêt.
    Recherche débutant dans 'I:\'
    Impossible d'ouvrir le chemin à contrôler I:\ !
    Erreur système [21]: Le périphérique n'est pas prêt.
    Recherche débutant dans 'J:\' <Ext_pgrm>
    J:\Program Files\0Applications\Adobe Photoshop Cs2 v9 French Keygen.zip
    [0] Type d'archive: ZIP
    --> Adobe Photoshop CS2 v9.00 FR + keygen/CRACK ET KEYGEN/1er option (facile)/Keygen Photoshop CS2 Fr.exe
    [RESULTAT] Contient le modèle de détection du ver WORM/Autorun.cxl
    [AVERTISSEMENT] Impossible de copier le fichier dans le répertoire de quarantaine.
    [AVERTISSEMENT] Erreur dans l'initialisation de la quarantaine !
    [REMARQUE] Fichier supprimé.
    J:\Program Files\0Applications\Adobe Photoshop Cs2 v9 French Keygen\Adobe Photoshop CS2 v9.00 FR + keygen\CRACK ET KEYGEN\1er option (facile)\err.exe
    [RESULTAT] Contient le modèle de détection du ver WORM/Autorun.cxl
    [REMARQUE] Une copie de sécurité a été créée sous le nom 49c62429.qua ( QUARANTAINE )
    [REMARQUE] Fichier supprimé.
    J:\Program Files\0Applications\cracks\Norton_Antivirus_2002_French_by_FFF.zip
    [0] Type d'archive: ZIP
    --> Crack_NAV2002.exe
    [RESULTAT] Contient le cheval de Troie TR/Crypt.CFI.Gen
    [REMARQUE] Fichier supprimé.
    J:\Program Files\Adobe\Photoshop 9\Adobe Photoshop Cs2 v9 French Keygen\Adobe Photoshop CS2 v9.00 FR + keygen\CRACK ET KEYGEN\1er option (facile)\err.exe
    [RESULTAT] Contient le modèle de détection du ver WORM/Autorun.cxl
    [REMARQUE] Fichier supprimé.
    Recherche débutant dans 'K:\' <Ext_medias>
    Recherche débutant dans 'L:\' <Ext_divers>
    L:\00sauvegarde_portable\disqueD\Applications\cracks\Norton_Antivirus_2002_French_by_FFF.zip
    [0] Type d'archive: ZIP
    --> Crack_NAV2002.exe
    [RESULTAT] Contient le cheval de Troie TR/Crypt.CFI.Gen
    [REMARQUE] Fichier supprimé.


    Fin de la recherche : vendredi 26 décembre 2008 09:36
    Temps nécessaire: 8:58:46 Heure(s)

    La recherche a été effectuée intégralement

    25779 Les répertoires ont été contrôlés
    999773 Des fichiers ont été contrôlés
    9 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    7 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    5 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    1 Impossible de contrôler des fichiers
    999763 Fichiers non infectés
    8922 Les archives ont été contrôlées
    6 Avertissements
    9 Consignes

    Il a encore trouvé une dizaine d'anomalies!!! (qu'Avast, que j'ai installé précédemment puis désinstallé, n'avait pas trouvées !?!)

    Tout semble bien propre maintenant.
    Qu'est-ce que je fais des différents logiciels de nettoyage que tu m'as fait installer?
    En tout cas, merci pour tout.
    26 Décembre 2008 12:05:03

    Re,

    Justement si Avast! les trouvent pas, c'est justement qu'il est moins performant.

    Déjà tu peux virer tout tes cracks si tu veux éviter la ré-infection...
    27 Décembre 2008 15:24:37

    Re,

    Effectivement ;) 

    Plus de soucis sinon ,?
    27 Décembre 2008 16:00:29

    Effectivement plus de soucis!! :sol: 
    Mon ordi est plus rapide, on sent qu'il n'y a plus de parasites qui freinent.
    J'ai l'impression d'avoir un ordi version light :) 
    Un SUPER MERCI à FanDANGELDARK et à toute l'équipe. Sans vous je ne sais pas comment j'aurai fait!
    Il me reste encore à supprimer un tas de fichiers que j'ai retrouvés et qui ne servent à rien ou qui font double emploi.

    [:16megs] encore et si on se rencontre: [:_tom_:2]

    Je ferai de la pub pour votre site :love: 

    Je peux dire que "mon problème est résolu", "je bloque ces paroles" et "c'est mon dernier mot, fanDANGELDARK" [:_tom_:3]
    27 Décembre 2008 16:24:27

    Non Fandufandangeldark :D 

    A bientôt.
    27 Décembre 2008 16:31:23

    Oui, à bientôt, parce que maintenant c'est le portable qui rame!!!!!
    Je crois que je vais bientôt faire un nouveau post !
    27 Décembre 2008 18:53:35

    :) 

    Prévention :

    - Nettoyage des fichiers temporaires :

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.


    Telecharge ATFcleaner sur ton Bureau.

  • Double-clique sur l'exécutable téléchargé.
  • Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
  • Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
  • Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.

    Aide : Comment utiliser AFTCleaner.

    -- Restauration Système :

    Désactive-Réactive la restauration système.

    Méthode XP :
    Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
    Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
    Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Méthode Vista :
    Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
    Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
    Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Aide : Comment Désactiver-Réactiver la Restauration Système.

    --- Affichage normal des fichiers :

    Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
    - Décoche Afficher les fichiers et dossiers cachés
    - Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
    clique sur Appliquer, puis OK.

    ---- Suppression des outils installés :

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Supprime maintenant ToolsCleaner.

    ----- Remise en place des protections, protection du système avec les Mises à Jour ! :

    Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
    Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
    Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
    Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)

    Un petit mot à propos de Java :

    Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
    Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
    C'est donc très important que tu désinstalles les anciennes versions de Java.

  • Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes
  • Déinstalles toutes les versions de Java exceptée la plus récente.

    Aide : Comment utiliser Secunia Software Inspector.

    ------ Ton infection, tu la dénonces ? :

    Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints
  • Ton(tes) infection(s) : Egdaccess/Magic.control/Navipromo, Bagle.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections.

    Aide : Comment dénoncer mon infection sur Malware Complaints.

    Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS