ComboFix 11-09-01.03 - Etienne 02/09/2011 18:43:16.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3583.3156 [GMT 2:00] Lancé depuis: c:\documents and settings\Etienne\Bureau\ComboFix.exe FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Etienne\Application Data\0ad c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_build_01_85fa03ab.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_death_01_2d7f455a.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_farm_01_83d29398.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_gather_01_6d9aba71.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_idle_01_4db563f1.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_lumber_01_12c4c8ad.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_mine_01_71051016.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\female\f_walk_01_d8f1c675.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_attack_01_a17aa52a.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_death_01_81132de2.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_death_02_2bfd9d3c.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_idle_01_d847c237.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_idle_02_d67aaa5e.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_idle_03_fe66a298.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_idle_04_2be25ae5.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_run_01_19a8eb41.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_walk_01_008792e7.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\animation\quadraped\deer_walk_02_9b6a6800.psa c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\geo_medit_01_26277c69.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\geo_medit_02_b582b49d.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\geo_medit_03_06f60d5e.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\geo_medit_04_e0cd4947.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\geo_medit_05_97dc634c.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\geo_medit_06_844b2d35.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\underbrush_01_924224c5.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\gaia\underbrush_02_2f098dce.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\decal_stone_medit_a_63f3ed08.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\decal_struct_6x6_8345d08f.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\deer_antlers_b6f8ed48.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\helmet\hele_highcrest_50657146.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\helmet\helmet_corinthian_dual_65c7b5ab.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\m_cape_medium_eead6216.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\props\spear_hoplite_c6c43bc6.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\skeletal\deer_mesh_aa658f21.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\skeletal\f_dress_a42eea84.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\skeletal\f_tunic_a5aa5842.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\skeletal\m_tunic_long_95994cab.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\skeletal\m_tunic_short_83832003.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\hele_civic_props_b581ea88.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\hele_civic_round_746e9784.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\hele_civic_struct_c717b31e.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\hele_civic_tiles_long_72b77353.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\hele_civic_tiles_short_4be63752.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\hele_civic_trees_58086631.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\art\meshes\structural\settlement_1_d1610e58.pmd c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\fauna\chicken_48d4a3ea000001e0B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\fauna\deer_48d1db52000007f5B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\fauna\goat_48d4a3ea000001cfB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\fauna\sheep1_4a5b9802000001d0B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\aleppo_pine_48d1db520000036eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\carob_48d1db52000005b8B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\carob_top_48d1db5200000499B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\european_beech_48d1db520000026bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\european_beech_top_48d1db52000004c9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\lumbardypoplar_48d1db5200000288B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\lumbardypoplar_top_48d1db52000003dbB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\oak_48d1db5200000264B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\oak_top_48d1db52000003beB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\palm_medit_fan_palm_48d1db5200000355B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\flora\trees\pine_48d1db5200000558B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\geology\decal_stone_medit_a_49b03cbc000001f7B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\geology\metalmine_mediterranean_49b1cece00000509B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\geology\stonemine_mediterranean_49b03cbc00000509B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\fauna\deer_antlers_48d1db5200000112B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\flora\bush_medit_underbrush_4981567c00000343B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\flora\foliagebush_48d1db52000001c9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\flora\grass_medit_field_4978b2de00000502B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\flora\grass_soft_dry_small_48d1db5200000197B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\flora\grass_soft_dry_small_tall_48d1db52000001a1B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\structures\decals\dirt_6x6_4a3052540000011cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\structures\hellenes\civic_centre_props_4a3d541600000144B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\structures\hellenes\civic_centre_round_4a3d541600000127B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\structures\hellenes\civic_centre_tiles1_4a3d54160000011fB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\structures\hellenes\civic_centre_tiles2_4a3d541600000120B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\structures\hellenes\civic_centre_trees_4a3d54160000011dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\temp\l_sheath_49287d980000010aB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\cape_hele_ijv_e_1_48d1db520000013fB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\dudette_head_48d1db5200000453B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\head_hele_e_48d1db52000004c6B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\head_hele_h_48d1db52000004b9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\hele_helmet_csw_e_48d1db520000020eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\hele_hoplite_e_49b48e9e000004edB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\thrac_a_48d1db520000037eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\heads\thracian_cap_01_48d1db5200000158B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\hele_ijv_lboot_48d1db5200000117B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\hele_ijv_rboot_48d1db5200000117B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\shields\hele_pelta_e_48d1db52000002b8B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\shields\hele_round_back_48d1db520000011eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\shields\hele_round_e_48d1db520000043dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\shields\pelta_a_back_48d1db52000001daB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\weapons\jav_48d1db5200000219B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\weapons\spear_hoplite_49b20d90000000feB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\props\units\weapons\xiphos_48d1db520000023dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\structures\hellenes\civic_centre_new_4a3d54160000037cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\structures\wrld_settlement_1_490e17f40000014cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\units\hellenes\cavalry_swordsman_e_48d1db52000006adB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\units\hellenes\cavalry_swordsman_e_r_4a1f6bde00000640B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\units\hellenes\female_citizen_4a1f6bde00000edfB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\units\hellenes\infantry_javelinist_e_4b9be5a4000013a2B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\actors\units\hellenes\infantry_spearman_e_4a27217200001654B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\materials\basic_trans_48d1db520000003eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\materials\objectcolor_48d1db5200000044B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\materials\player_trans_48d1db5200000044B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\textures\terrain\types\biome-desert\terrains_48d1db52000000beB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\textures\terrain\types\biome-mediterranean\terrains_48d1db52000000c5B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\textures\terrain\types\grass\terrains_4ad24dc6000000b7B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\textures\terrain\types\special\blackness_4bb7217e000000cdB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\art\textures\terrain\types\special\terrains_4bb7217e000000b9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\fauna_chicken_49d39bd4000001b0B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\fauna_deer_48d1db52000001d3B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\fauna_goat_4aa09ef200000198B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\fauna_sheep_4a5b9a00000000fcB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_bush_berry_4a441b6c000000efB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_aleppo_pine_48d1db52000001b9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_carob_4a441b6c00000195B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_euro_beech_48d1db5200000196B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_medit_fan_palm_4a441b6c000001ccB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_oak_48d1db5200000189B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_pine_48d1db520000016aB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\flora_tree_poplar_lombardy_4a441b6c0000018fB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\geology_metal_mediterranean_495701a8000001a6B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\geology_stone_mediterranean_495701a8000001a1B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\gaia\special_settlement_49584894000000b4B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\structures\hele_civil_centre_4a3d541600000320B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_entity_48d1db5200000832B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_entity_full_48d1db520000039cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_entity_quasi_48d1db52000000a8B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_48d1db5200000170B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_flora_48d1db5200000153B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_flora_bush_48d1db5200000187B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_flora_bush_berry_48d1db52000002f5B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_flora_tree_49512a8c00000228B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_geo_48d1db520000015bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_geo_mineral_4a5930da00000268B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_gaia_geo_rock_497d2c8800000289B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_structure_49d84976000004f3B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_structure_civic_48d1db5200000107B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_structure_civic_civil_centre_4a3d541600000670B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_structure_gaia_settlement_4a79245c0000031dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_4bbf760000000754B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_cavalry_4be75094000006b6B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_cavalry_melee_49f9f57e00000340B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_cavalry_melee_swordsman_49f9f57e00000334B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_fauna_48d1db5200000258B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_fauna_herd_48d1db52000001f6B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_fauna_herd_passive_48d1db520000011aB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_fauna_hunt_48d1db5200000143B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_fauna_hunt_passive_48d1db520000011aB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_fauna_hunt_skittish_48d1db520000011cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_infantry_4be7509400000a84B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_infantry_melee_49f9f57e00000239B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_infantry_melee_spearman_49f9f57e0000047fB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_infantry_ranged_4b9be5a400000267B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_infantry_ranged_javelinist_49f9f57e00000565B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_support_4be72d400000020eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\template_unit_support_female_citizen_4a1f6bc600000b3aB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_cavalry_swordsman_a_4be72d40000003a2B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_cavalry_swordsman_b_4a7f04ea000005c2B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_cavalry_swordsman_e_4be72d4000000351B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_infantry_javelinist_a_49f9f57e00000344B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_infantry_javelinist_b_49f9f57e00000665B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_infantry_javelinist_e_49f9f57e00000210B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_infantry_spearman_a_49f9f57e000003abB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_infantry_spearman_b_49f9f57e00000626B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_infantry_spearman_e_49f9f57e0000032fB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\entities\units\hele_support_female_citizen_48d1db52000002c7B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\common\global_4b181cd200000544B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\common\icon_sprites_4b8ae3e40000c435B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\common\init_4b181cd20000079bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\common\setup_4bccb34a00001c87B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\common\sprite1_4b8ae3e400002b5dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\common\styles_4b8ae3e4000025afB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\loading\loading_4b181cd200000869B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\msgbox\msgbox_4ba9447200000d1eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\page_loading_4b181cd20000012cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\page_msgbox_4b181cd2000000daB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\page_pregame_4b8ae3e400000182B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\page_session_new_4bdc54ea00000195B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\pregame\mainmenu_4bdf20760000cd01B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\pregame\sprites_4b8ae3e40000111aB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\pregame\styles_4b8ae3e400000082B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\session_new\session_4be60c54000026dcB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\session_new\sprites_4bacb4c400000a30B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\gui\session_new\styles_4bccb34a00000485B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\maps\scenarios\Latium_4a9628600003064eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\instancing_48d1db52000000f2B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\instancing_light_48d1db5200000138B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\instancing_lightp_48d1db5200000176B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\instancingp_48d1db5200000130B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\model_light_48d1db52000000efB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\model_lightp_48d1db520000012dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\shaders\water_high_48d1db52000000efB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\fauna_chicken_4bd1c5d0000001adB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\fauna_deer_4bbf766a0000013bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\fauna_goat_4bd1c5d0000001a8B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\fauna_sheep_4bbf766a000000ffB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_bush_berry_4b5c8156000000e8B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_aleppo_pine_4b5c8156000000f9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_carob_4b5c815600000108B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_euro_beech_4b5c8156000000ffB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_medit_fan_palm_4b5c815600000122B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_oak_4b5c8156000000e9B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_pine_4b5c8156000000ebB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\flora_tree_poplar_lombardy_4b5c81560000011bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\geology_metal_mediterranean_4b48d6ee000000b5B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\geology_stone_mediterranean_4b48d6ee000000b2B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\gaia\special_settlement_4b48d6ee000000bbB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\special\player_4b5a048200000048B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\structures\hele_civil_centre_4bd1c5d00000022dB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_entity_full_4b5a0482000000dfB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_entity_quasi_4b609562000000cdB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_4bda17e4000000acB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_flora_4bda17e400000132B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_flora_bush_4bda17e40000012eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_flora_bush_berry_4bd1e8f0000001ccB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_flora_tree_4bd1e8f000000194B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_geo_4bda17e400000133B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_geo_mineral_4bd1e8f00000019bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_gaia_geo_rock_4bd1e8f0000001bfB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_structure_4bda17e40000023bB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_structure_civic_4b5c8156000000a0B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_structure_civic_civil_centre_4bda17e400000328B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_structure_gaia_settlement_4bda17e400000204B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_4bda17e400000317B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_cavalry_4bd1c5d000000373B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_cavalry_melee_4bd1c5d00000017cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_cavalry_melee_swordsman_4b5c8156000000c7B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_fauna_4bd1e8f000000180B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_fauna_herd_4bd1c5d0000000cdB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_fauna_herd_passive_4b5c815600000077B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_fauna_hunt_4bd1c5d0000000cdB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_fauna_hunt_passive_4b5c815600000077B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_fauna_hunt_skittish_4b5c815600000077B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_infantry_4bd1c5d0000007e2B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_infantry_melee_4bd1c5d00000017eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_infantry_melee_spearman_4b6c917a0000010cB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_infantry_ranged_4bd1c5d000000234B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_infantry_ranged_javelinist_4bd1c5d0000001d3B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_support_4bd1e8f00000010eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\template_unit_support_female_citizen_4bd1c5d000000689B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_cavalry_swordsman_a_4be72d4000000283B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_cavalry_swordsman_b_4bd1c5d0000002ddB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_cavalry_swordsman_e_4be72d4000000284B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_infantry_javelinist_a_4bd1c5d000000255B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_infantry_javelinist_b_4bd1c5d00000031eB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_infantry_javelinist_e_4bd1c5d0000001bbB.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_infantry_spearman_a_4bd1c5d000000269B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_infantry_spearman_b_4bd1c5d000000329B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_infantry_spearman_e_4bd1c5d000000269B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\simulation\templates\units\hele_support_female_citizen_4b5c815600000114B.xmb c:\documents and settings\Etienne\Application Data\0ad\cache\mods\public\xmb\temp\players_49512a8c00000352B.xmb c:\documents and settings\Etienne\Application Data\0ad\logs\interestinglog.html c:\documents and settings\Etienne\Application Data\0ad\logs\mainlog.html c:\documents and settings\Etienne\Application Data\0ad\logs\system_info.txt c:\documents and settings\Etienne\errorlog.tmp c:\windows\$NtUninstallKB32385$ c:\windows\$NtUninstallKB32385$\304583513\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6} c:\windows\$NtUninstallKB32385$\304583513\click.tlb c:\windows\$NtUninstallKB32385$\304583513\L\bonlktdi c:\windows\$NtUninstallKB32385$\304583513\loader.tlb c:\windows\$NtUninstallKB32385$\304583513\U\@00000001 c:\windows\$NtUninstallKB32385$\304583513\U\@000000c0 c:\windows\$NtUninstallKB32385$\304583513\U\@000000cb c:\windows\$NtUninstallKB32385$\304583513\U\@000000cf c:\windows\$NtUninstallKB32385$\304583513\U\@80000000 c:\windows\$NtUninstallKB32385$\304583513\U\@800000c0 c:\windows\$NtUninstallKB32385$\304583513\U\@800000cb c:\windows\$NtUninstallKB32385$\304583513\U\@800000cf c:\windows\$NtUninstallKB32385$\3646551646 c:\windows\iun6002.exe c:\windows\system32\_000012_.tmp.dll c:\windows\system32\_000013_.tmp.dll c:\windows\system32\_000014_.tmp.dll c:\windows\system32\_000016_.tmp.dll c:\windows\system32\c_33312.nls c:\windows\system32\RC00C140.dll c:\windows\system32\RCD6D140.DLL c:\windows\system32\Temp . Une copie infectée de c:\windows\system32\drivers\redbook.sys a été trouvée et désinfectée Copie restaurée à partir de - The cat found it :) c:\windows\system32\msiexec.exe . . . est infecté!! . c:\windows\system32\wuauclt.exe . . . est infecté!! . c:\program files\Fichiers communs\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe . . . est infecté!! . c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe . . . est infecté!! . c:\program files\Java\jre6\bin\jqs.exe . . . est infecté!! . Une copie infectée de c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe a été trouvée et désinfectée Copie restaurée à partir de - c:\system volume information\_restore{219348D4-24AF-4CC2-AA5D-C7EA9EFC2554}\RP0\A0000010.exe . c:\program files\NVIDIA Corporation\nTune\nTuneService.exe . . . est infecté!! . c:\windows\system32\nvsvc32.exe . . . est infecté!! . c:\program files\OO Software\Defrag\oodag.exe . . . est infecté!! . c:\windows\system32\PnkBstrA.exe . . . est infecté!! . c:\windows\system32\PnkBstrB.exe . . . est infecté!! . c:\program files\VMware\VMware Workstation\vmware-authd.exe . . . est infecté!! . c:\windows\system32\vmnetdhcp.exe . . . est infecté!! . c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe . . . est infecté!! . c:\windows\system32\vmnat.exe . . . est infecté!! . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_SSHNAS -------\Legacy_WINDOWS_INTERNET_NAME_SERVICE -------\Service_12279359 . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-08-02 au 2011-09-02 )))))))))))))))))))))))))))))))))))) . . 2011-09-02 16:25 . 2011-09-02 16:01 58752 ----a-w- c:\windows\system32\drivers\redbook.sys 2011-09-02 14:19 . 2011-09-02 14:19 -------- d-----w- C:\_OTL 2011-09-02 12:23 . 2011-09-02 12:23 -------- d-----w- C:\TDSSKiller_Quarantine 2011-09-02 03:13 . 2011-09-02 03:13 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth 2011-09-02 02:15 . 2011-09-02 02:15 -------- d-----w- c:\program files\Ad-Remover 2011-09-02 02:13 . 2011-09-02 16:21 43408 --sha-w- c:\windows\system32\c_33312.nl_ 2011-09-02 01:49 . 2011-09-02 02:00 -------- d-----w- c:\windows\SxsCaPendDel 2011-09-02 01:28 . 2011-09-02 01:28 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2011-09-02 01:22 . 2010-12-20 17:32 551936 -c----w- c:\windows\system32\dllcache\oleaut32.dll 2011-09-02 01:19 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2011-09-02 01:19 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2011-09-02 01:17 . 2011-04-30 03:01 758784 -c----w- c:\windows\system32\dllcache\vgx.dll 2011-09-02 01:17 . 2011-06-23 18:31 105984 -c----w- c:\windows\system32\dllcache\url.dll 2011-09-02 01:17 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2011-09-02 00:58 . 2011-09-02 00:58 4194304 ----a-w- c:\windows\system32\bonlktdi.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-02 16:16 . 2008-05-02 10:49 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys 2011-09-02 15:56 . 2008-04-14 12:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys 2011-09-02 15:54 . 2001-05-07 21:00 23040 ----a-w- c:\windows\system32\PSAPI.dll 2011-09-02 02:59 . 2008-04-14 12:00 54144 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2011-09-02 02:12 . 2008-04-14 12:00 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys 2011-07-15 13:29 . 2008-12-19 14:15 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2008-04-14 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-06 17:52 . 2011-03-30 23:22 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 17:52 . 2011-03-30 23:22 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-02 01:07 . 2011-07-02 01:07 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys 2011-06-24 14:10 . 2009-05-30 21:34 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:31 . 2009-03-08 03:34 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:31 . 2009-03-08 03:34 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:31 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05 . 2009-03-08 03:35 385024 ----a-w- c:\windows\system32\html.iec 2011-06-20 17:44 . 2008-04-22 17:01 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-06-06 11:35 . 2009-02-09 13:59 1859072 ----a-w- c:\windows\system32\win32k.sys 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-25 . B5B1080D35974C0E718D64280761BCD5 . 182912 . . [5.1.2600.5588] . . c:\windows\system32\drivers\ndis.sys . [-] 2008-11-18 . 4C51D5275AE8A16999EDFE7E647D00DE . 576384 . . [5.1.2600.5712] . . c:\windows\system32\drivers\ntfs.sys . [-] 2008-07-28 . 367DE8E5F638C091F49273144274F629 . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys . [-] 2008-04-03 . FFE24AE35137096F1093EC25DA961822 . 78336 . . [5.1.2600.5574] . . c:\windows\system32\browser.dll . [-] 2009-02-09 . F83B964469D230F445613C44DF9FE25D . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll . [-] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe . [-] 2008-11-21 . 684C664E9FBB006A2587C76B7113B1F6 . 512000 . . [5.1.2600.5714] . . c:\windows\system32\winlogon.exe . [-] 2009-08-06 . C1BD669C43A9EF205C1568DC7183FAA8 . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe . [-] 2008-07-07 20:24 . 157F9C595FD0D10502497DC4C1348D17 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll . [-] 2009-03-21 . C3AF0EEE26B59484E674673E3016AAB7 . 1056768 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll . [7] 2009-03-15 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2008-10-29 . 06B8485FB1DA9A552B10AB978CD1AC85 . 343040 . . [7.0.2600.5701] . . c:\windows\system32\msvcrt.dll [-] 2008-10-29 . A4C4A54FD7E31179CB5BDF7896DF3DF7 . 343040 . . [7.0.2600.5701] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5701_x-ww_40d12c25\msvcrt.dll . [-] 2008-07-28 . D019B43E41859B6720401F4197B37C01 . 247808 . . [5.1.2600.5649] . . c:\windows\system32\mswsock.dll [7] 2008-06-20 . C759B3790D3BA760C52E218EF4886DAC . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [7] 2008-06-20 . 6F5F546A92C7B6AE45DB1D6910781EB0 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll . [-] 2009-02-06 . 7D2D5E286A679276ED6FE34859449F3F . 407552 . . [5.1.2600.5755] . . c:\windows\system32\netlogon.dll . [-] 2008-08-06 . 600D8464B0C68E54B11DCCAC1F64A6C3 . 249856 . . [5.1.2600.5654] . . c:\windows\system32\tapisrv.dll . [-] 2008-07-03 . 6877DBD462E7C25057ABD01A970972AF . 1037824 . . [6.00.2900.5634] . . c:\windows\explorer.exe . [-] 2008-12-26 . ECF1470CE31CA9022B4AA8C3783D568B . 299008 . . [5.1.2600.5733] . . c:\windows\system32\termsrv.dll . [-] 2008-04-28 . 7DDA0A176DDBFC176A4E3B79730C2050 . 347648 . . [5.1.2600.5589] . . c:\windows\system32\hnetcfg.dll . [-] 2008-05-13 . C080E2BD8C51A598F64AA50889D2863D . 1689088 . . [5.03.2600.5601] . . c:\windows\system32\d3d9.dll . . [-] 2008-07-04 . E2C5A67803E526854FE1F1D1598FE0EC . 178688 . . [5.1.2600.5635] . . c:\windows\system32\w32time.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560] "FG Time Sync"="c:\program files\FG Time Sync\FG Time Sync.exe" [2007-07-07 49152] "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] "SuperF4"="c:\program files\SuperF4\SuperF4.exe" [2009-08-19 34816] "WebcamMaxAutoRun"="c:\program files\WebcamMax\WebcamMax.exe" [2011-04-11 6052592] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Volkey"="c:\program files\Volkey\Volkey.exe" [2006-02-02 192512] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-08-15 30003200] "nwiz"="nwiz.exe" [2009-04-30 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "AdobeCS4ServiceManager"="c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] "HD Tune"="c:\progra~1\HDTUNE~1\HDTune.exe" [2007-09-02 401408] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "boinctray"="c:\program files\BOINC\boinctray.exe" [2008-11-17 58112] "boincmgr"="c:\program files\BOINC\boincmgr.exe" [2008-11-17 3916544] "Profiler"="c:\program files\Saitek\Software\Profiler.exe" [2005-06-14 159744] "SaiMfd"="c:\program files\Saitek\Software\SaiMfd.exe" [2005-06-17 126976] "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416] "Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2009-12-20 941320] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "Simpo PDF Creator Pro Server"="c:\program files\Simpo PDF Creator Pro\SpcProSrv.exe" [2010-12-11 101376] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-17 2548552] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] . c:\documents and settings\Etienne\Menu D‚marrer\Programmes\D‚marrage\ SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2009-4-22 3921528] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMHelp"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-01-29 21:17 64592 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2009-06-16 00:21 133104 ----atw- c:\documents and settings\Etienne\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-06-25 18:32 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "JavaQuickStarterService"=2 (0x2) "gusvc"=2 (0x2) "gupdatem"=3 (0x3) "gupdate1c9f5c3874b63a4"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"= "c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"= "c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"= "c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"= "c:\\Program Files\\FlashFXP\\flashfxp.exe"= "c:\\Program Files\\TwonkyMedia\\twonkymediaserver.exe"= "c:\\Program Files\\TwonkyMedia\\twonkymedia.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\FlashFXP 4\\FlashFXP.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server "51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server "51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31/05/2009 00:01 717296] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [06/01/2011 17:37 239368] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [06/01/2011 17:37 27576] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [09/04/2009 15:18 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [09/04/2009 15:21 94360] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [26/10/2009 18:32 10448] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [31/03/2011 01:22 366640] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25/06/2010 19:07 35088] R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Fichiers communs\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [24/09/2006 20:22 11776] R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [22/10/2009 06:00 70704] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [31/03/2011 01:22 22712] R3 UltraMonMirror;UltraMonMirror;c:\windows\system32\drivers\UltraMonMirror.sys [24/09/2006 20:23 3584] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [31/05/2009 11:46 845184] S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;"c:\program files\Fichiers communs\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe" -service --> c:\program files\Fichiers communs\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [?] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [09/04/2009 15:19 731840] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe --> c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [?] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 05:46 284016] S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [02/07/2011 03:07 38976] S3 QCEmerald;QuickCam Web Logitech;c:\windows\system32\drivers\OVCE.sys [14/02/2010 02:37 31872] S3 SaiHFF0D;SaiHFF0D;c:\windows\system32\drivers\SaiHFF0D.sys [04/06/2009 13:30 176000] S3 SaiUFF0D;SaiUFF0D;c:\windows\system32\drivers\SaiUFF0D.sys [04/06/2009 13:30 27136] S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [15/05/2010 13:22 33006] S3 usb2vcom;USB to Serial Bridge Controller;c:\windows\system32\drivers\usb2vcom.sys [07/05/2010 12:38 30368] S4 gupdate1c9f5c3874b63a4;Service Google Update (gupdate1c9f5c3874b63a4);c:\program files\Google\Update\GoogleUpdate.exe [25/06/2009 20:34 133104] S4 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25/06/2009 20:34 133104] . Contenu du dossier 'Tâches planifiées' . 2011-09-02 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-25 18:32] . 2011-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-25 18:34] . 2011-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-25 18:34] . 2011-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1326574676-1801674531-1003Core.job - c:\documents and settings\Etienne\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-16 00:21] . 2011-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1326574676-1801674531-1003UA.job - c:\documents and settings\Etienne\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-16 00:21] . 2011-09-02 c:\windows\Tasks\User_Feed_Synchronization-{716426C4-AB8B-4820-A82C-02109A9FD116}.job - c:\windows\system32\msfeedssync.exe [2008-04-14 03:31] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll Trusted Zone: chat-land.org TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 FF - ProfilePath - c:\documents and settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\ FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - user.js: extentions.y2layers.installId - 4b6fb496-4597-416e-9d92-99980102dffb . - - - - ORPHELINS SUPPRIMES - - - - . BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-OpAgent - OpAgent.exe Notify-AtiExtEvent - (no file) SafeBoot-05788667.sys SafeBoot-06924634.sys SafeBoot-14254993.sys SafeBoot-62685472.sys AddRemove-Look@LAN_1.0 - c:\windows\iun6002.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-02 18:54 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose, ZwOpenFile . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 . CreateFile("\\.\PHYSICALDRIVE0"): Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. device: opened successfully user: error reading MBR kernel: MBR read successfully user != kernel MBR !!! . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-1993962763-1326574676-1801674531-1003\Software\SecuROM\License information*] "datasecu"=hex:eb,a8,ea,f5,48,5f,f1,1f,85,5e,2e,8c,06,49,0c,65,53,3e,0e,f6,0f, 76,46,af,b5,a5,3d,0b,4a,de,c8,70,3d,12,6e,ef,18,1d,89,6b,a0,69,cc,77,11,ec,\ "rkeysecu"=hex:64,72,28,51,23,35,18,17,54,5e,ac,72,42,d8,b1,48 . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG12.00.00.01PROFESSIONAL"="9AB6DE5DFA0E211996521E32E5B611A5A723A77B4AF506CE276A5E19667D9ABF36D96486B5A292E93737AD0FC63FA5C08B8EEC9DEF3A87FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D9DB7CE019D40AA5CA6A0AC4980AC7933FE01AA108C4C89D05D9DD4A27C74D97AB0C59F4CCFCD8E5B4D2627ECBD1F975C336CC4C4390C99E2CF943CD5344366D6C9F808207A7E868A633B21A997C65865E4EF68D74A9BB2EB1E2F18948C562A86F1DDC24BABEB4F2BF7596A2F6D7614C7A96AA0D14414AD059E87378E9C129658606A89C329E893DF4477C556548B4E195A6CD591AE00865B6D6B50C6F9CDC12C93CAF9CEBABB9FDEC5BAD94DE6D9AF0596BAD947935F5BACE9DE7A93BFD763F649DD95892D1E6671BD82309241A881CABFD0DDFA80A771D0B617B11F0F7258440839C06351BEFEF630DD387C863232BD7CDA7B0408BF312DBA7E57E88B4F223095224721FA3DA062E891C4335B26D5C4363AAC924205253FA1342FC3DB9AE5EAFE9653588432AA38F1968A346AA7A35D9B0651A649C47E175A0BE1D6AC6FEABA95C2787748A69F921E19A4CFE04DF4149F84AC97BB4510591889FB9CAC6020796B8C2CBB2999A4220379922AEF22C88C77B7E50E3CBDD2BDD1E9EDE310F19593DA0C46BA8BFB03A6784D35BDCD2544001C4D0987F05BE111421B8B4E0F9B0089FE0A06DB56332A789CDBD3D5B3C92C37CEAC05D585BC7D33E93E8DD3644C3872B6888AD9F79B2B80D0A11993DF76EC148F6F2D2027F588980BAA103FCE64BB76A83B5C46DF013C3C3850916C1387140824E1395F0A108C48ACEB142F14B8AB53BB07628383263640BECB322814CA549A97074461E485B4619A3F7D95FA934B5A9B89EAC9DA4118328F2CCFE32B838566B713CEC6F049D091E298163BCEAF05F03912A725637C83CA1DBEA511A7E7A21D97713A87EDBBD41ED91C88B8DFBFE48F48A42DF49C753E599B8251F35AA4CA7F8CBC50EB1EB7D9DF962666FD01E81DC3417775EC8C3FB2C0842F552498D73F66B049B9124887994273C5A2CD0BC380AFE0765D16BB5E6DF615A99810BC94E83CE21B88EA36EB74468F3B17BED8DC8A872641A6C9B54D23054E90E4F7A3625101C36C2E3E381970FECF7F003B4A355616D42CF63A0CF9260AF4B36971AFBB28C63BAA83A31FB6B296583B7C82C242A43676BD57E8D2C7733A9497B864C58F40B67276438A43E00847974E9228A96D5BDBD632B530230B26D876F5C78CD0C1900AD7A60D347F28E1E2BACAA9906A14030A85F763B9198E03C02EB9717DBD2732919D44E3B63010D2CB34760FF8F685C85BD7B31506D590ECE11104F5197D8EE630B90C2F7B3A1012FC3D4DF16FC008FCFB653DE4697EC1F03D37" . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'winlogon.exe'(816) c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll c:\windows\system32\msv1_0.dll c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . - - - - - - - > 'lsass.exe'(872) c:\windows\system32\guard32.dll c:\windows\system32\msv1_0.dll . - - - - - - - > 'explorer.exe'(3096) c:\windows\system32\guard32.dll c:\windows\system32\msi.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Microsoft Office\Office12\1036\GrooveIntlResource.dll c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\RUNDLL32.EXE c:\program files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE c:\windows\system32\wscntfy.exe c:\program files\BOINC\boinc.exe c:\windows\system32\taskmgr.exe c:\documents and settings\All Users\Application Data\BOINC\projects\www.worldcommunitygrid.org\wcg_hpf2_rosetta_6.40_windows_intelx86 c:\documents and settings\All Users\Application Data\BOINC\projects\www.worldcommunitygrid.org\wcg_dsfl_6.19_windows_intelx86 c:\documents and settings\All Users\Application Data\BOINC\projects\www.worldcommunitygrid.org\wcg_dsfl_vina_6.19_windows_intelx86 . ************************************************************************** . Heure de fin: 2011-09-02 18:58:27 - La machine a redémarré ComboFix-quarantined-files.txt 2011-09-02 16:58 . Avant-CF: 4 298 162 176 octets libres Après-CF: 4 396 564 480 octets libres . - - End Of File - - 2293F4853CFFB398CC9D9A15D8A62F95