Se connecter / S'enregistrer
Votre question

pc de plus en plus lent.........[résolu]

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Août 2007 02:12:44

bonjour,n'y connaissant rien au pc,je viens vers vous pour demander de l'aide mon pc ralenti de plus en plusj'ai fais des scans:
Logfile of HijackThis v1.99.1
Scan saved at 01:48:21, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe
C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Documents and Settings\johnny girot\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [thncpvjper] c:\windows\system32\thncpvjper.exe thncpvjper
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Lyad] C:\Program Files\Lyrod\Lyad\lyrod.exe autostart
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://caebmm.imgag.com/imgag/cp/install/crusher-cae.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

et :
Search Navipromo version 2.0.7 commencé le 09/08/2007 à 1:52:36,87

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.08.2007 a 18h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\johnny girot\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.

[+] Started on 08/09/07 at 01:52:38.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .........................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 08/09/07 at 01:58:02 (return code = 0).


*** Recherche fichiers ***




*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control

HKEY_CURRENT_USER\Software\Lanconfig trouvé !


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********

3)Recherche Certificats :


*** Recherche avec GenericNaviSearch Beta ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!

Fichiers trouvés :

C:\WINDOWS\system32\ddblleg.exe trouvé !
C:\WINDOWS\system32\ihjqcae.exe trouvé !
C:\WINDOWS\system32\okqwvkypl.exe trouvé !
C:\WINDOWS\system32\xzcobqzkf.exe trouvé !
C:\WINDOWS\system32\zhvelaawus.exe trouvé !
C:\WINDOWS\system32\ziagqqrff.exe trouvé !

Fichiers suspects :

Aucun Fichier suspect trouvé !


*** Analyse Terminé le 09/08/2007 à 1:58:17,56 ***
++++++++++++++++++++++++++++++++++++++++++++++
dites moi au moins si on peut faire quelques choses, merci d'avance!!!!! :hello: 

Autres pages sur : lent resolu

9 Août 2007 12:09:31

Bonjour,pourriez vous au moins me dire si on peux faire quelques chose ici,ou aller reporter mon pc.cette nuit a 3h00 il retournais bien et ce matin rebelotte....Ras le bol!!merci.
9 Août 2007 16:27:19

Bonjour


Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Poste son rapport avec un nouveau Hijackthis
Contenus similaires
11 Août 2007 01:17:56

bonjour,chercheur désolé mais ca a ramé et ma souris a grillé!!!!!
voila les rapport:
.

Clean Navipromo version 2.0.5 commencé le 11/08/2007 à 1:10:12,60

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO

Mode suppression automatique avec prise en charge résultats Blacklight



*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)


*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\johnny girot\Application Data ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\johnny girot\Local Settings\Temp effectué !


*** Sauvegarde du registre vers dossier Backupnavi***


sauvegarde du registre réalise avec succes !


*** Nettoyage registre ***


Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche et Suppression Heuristique :

*
**
***
****
*****
******
*******
********

3)Contrôle présence clés Rootkit dans le registre :

Aucune autre clés présente dans le registre !

4)Certificats :


*** Nettoyage termine le 11/08/2007 à 1:13:35,46 ***

++++++++++++++++++++++++++++++++++++++++++++++++
Logfile of HijackThis v1.99.1
Scan saved at 01:17:21, on 11/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\johnny girot\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://caebmm.imgag.com/imgag/cp/install/crusher-cae.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

.
voila ,merci.
11 Août 2007 01:22:57

Bonjour


On continue.

Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
11 Août 2007 13:08:30

bonjour,c'est pas évident!!!merci de ton aide...
+
ComboFix 07-08-09.3 - "johnny girot" 2007-08-11 12:56:05.1 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.462 [GMT 2:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\ActivationCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\CustomerEmail
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\CustomerName
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\InstallPath
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\OID
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\PCID
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\ProductCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\Suspicious
C:\DOCUME~1\JOHNNY~1\APPLIC~1\..\err.log
C:\DOCUME~1\JOHNNY~1\APPLIC~1\..\ResErrors.log
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner\activator_info.txt
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner\Logs\Activate.log
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner\Logs\update.log
C:\DOCUME~1\JOHNNY~1\Bureau.\internet explorer.lnk
C:\DOCUME~1\JOHNNY~1\Bureau\DriveCleaner.lnk
C:\DOCUME~1\nini\APPLIC~1\..\err.log
C:\DOCUME~1\nini\APPLIC~1\..\ResErrors.log
C:\DOCUME~1\nini\APPLIC~1\DriveCleaner
C:\DOCUME~1\nini\APPLIC~1\DriveCleaner 2006
C:\DOCUME~1\nini\APPLIC~1\DriveCleaner 2006\Logs\Activate.log
C:\DOCUME~1\nini\APPLIC~1\DriveCleaner\Logs\update.log
C:\WINDOWS\system32\stera.log


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\nm


((((((((((((((((((((((((( Files Created from 2007-07-11 to 2007-08-11 )))))))))))))))))))))))))))))))


2007-08-11 12:54 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-10 21:06 <REP> d-------- C:\Program Files\Rockstar Games
2007-08-10 17:52 127,034 -r------- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-08-10 16:10 <REP> d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Logitech
2007-08-10 16:05 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2007-08-10 16:04 69,760 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-08-10 16:04 55,808 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
2007-08-10 16:04 13,568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS
2007-08-10 16:03 94,208 --a------ C:\WINDOWS\KHALMNPR.Exe
2007-08-10 16:03 53,248 --a------ C:\WINDOWS\system32\KemXML.dll
2007-08-10 16:03 36,736 --a------ C:\WINDOWS\system32\drivers\LHidUsbK.sys
2007-08-10 16:03 27,008 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
2007-08-10 16:03 155,648 --a------ C:\WINDOWS\system32\kemutb.dll
2007-08-10 16:03 126,976 --a------ C:\WINDOWS\system32\KemUtil.dll
2007-08-10 16:03 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
2007-08-10 16:03 <REP> d-------- C:\Program Files\Logitech
2007-08-10 16:03 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2007-08-09 01:52 3,290 --a------ C:\WINDOWS\system32\gnc.exe
2007-08-09 01:17 <REP> d-------- C:\Program Files\Navilog1
2007-08-09 01:04 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-09 00:20 <REP> d-------- C:\Program Files\MegaWorld
2007-08-09 00:00 10,485,760 --a------ C:\DOCUME~1\JOHNNY~1\ntuser.dat
2007-08-08 21:58 <REP> d-------- C:\WINDOWS\system32\JVeffect
2007-08-06 12:39 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-04 13:36 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2007-07-31 21:09 <REP> d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Apple Computer
2007-07-31 14:38 65,536 --------- C:\WINDOWS\system32\mavideo.scr
2007-07-31 14:35 <REP> d-------- C:\Program Files\QuickTime
2007-07-31 14:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-07-17 16:08 138,368 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-07-17 16:07 <REP> d-------- C:\Program Files\Spyware Terminator
2007-07-17 16:07 <REP> d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Spyware Terminator
2007-07-17 16:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
2007-07-17 15:33 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-07-16 11:36 268,800 --a------ C:\WINDOWS\system32\ddblleg.exe
2007-07-14 09:59 272,896 --a------ C:\WINDOWS\system32\ihjqcae.exe
2007-07-11 15:42 <REP> d-------- C:\Program Files\RegCleaner
2007-07-11 13:29 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-11 12:51 --------- d-------- C:\Program Files\Wanadoo
2007-08-11 00:59 65602 --a--c--- C:\WINDOWS\system32\perfc00C.dat
2007-08-11 00:59 449740 --a--c--- C:\WINDOWS\system32\perfh00C.dat
2007-08-10 21:06 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-10 19:52 --------- d-------- C:\Program Files\Metin2_France
2007-08-09 00:20 --------- d-------- C:\Program Files\Google
2007-08-09 00:20 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\EPSON
2007-07-31 22:40 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Micro Application
2007-07-31 14:39 --------- d-------- C:\Program Files\Micro Application
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a--c--- C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a--c--- C:\WINDOWS\system32\AVASTSS.scr
2007-07-20 19:38 --------- d-------- C:\Program Files\Fichiers communs\DriveCleaner
2007-07-11 14:24 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Lavasoft
2007-07-10 15:57 --------- d-------- C:\Program Files\USS
2007-07-08 11:58 265216 --a------ C:\WINDOWS\system32\zhvelaawus.exe
2007-07-06 10:57 263680 --a------ C:\WINDOWS\system32\ziagqqrff.exe
2007-07-04 10:43 261632 --a------ C:\WINDOWS\system32\okqwvkypl.exe
2007-07-03 22:08 263168 --a------ C:\WINDOWS\system32\xzcobqzkf.exe
2007-07-03 10:52 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Zango
2007-06-28 05:12 288256 --a------ C:\WINDOWS\system32\nsauzllv.exe
2007-06-26 05:11 271872 --a------ C:\WINDOWS\system32\zlieddan.exe
2007-06-23 11:34 269312 --a------ C:\WINDOWS\system32\gusaqk.exe
2007-06-18 20:28 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\DivX
2007-06-17 20:00 --------- d-------- C:\Program Files\Winamp
2007-06-17 19:16 --------- d-------- C:\Program Files\Dictionnaire
2007-06-17 14:04 --------- d-------- C:\Program Files\Mission Maulwurf
2007-06-14 10:26 400384 --a--c--- C:\WINDOWS\system32\gkamwlmsi.exe
2007-05-16 17:13 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2006-12-03 22:31 278528 --a--c--- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{07AA283A-43D7-4CBE-A064-32A21112D94D}"= C:\Program Files\Zango\bin\10.0.275.0\HostIE.dll [ ]

[HKEY_CLASSES_ROOT\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
[HKEY_CLASSES_ROOT\HostIE.Bho]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-01 16:16]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
"nwiz"="nwiz.exe" [2005-04-01 16:16 C:\WINDOWS\system32\nwiz.exe]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 17:53]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-04-01 16:16]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00]
"Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2001-09-04 23:30]
"MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-06-21 15:28]
"LaunchApp"="Alaunch" []
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 05:00]
"eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 09:03]
"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 06:00]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-21 15:39]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-07-31 14:35]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-07-17 16:07]
"NWEReboot"="" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-03-28 17:38 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-10 17:52]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-03-17 15:06:14]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-10 17:52:13]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-10 16:03:32]
Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe [2000-07-12 15:14:38]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OPTENET_FILTER"=2 (0x2)

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;C:\WINDOWS\system32\DRIVERS\nvcchflt.sys
R0 prohlp02;StarForce Protection Helper Driver v2;C:\WINDOWS\system32\drivers\prohlp02.sys
R0 prosync1;StarForce Protection Synchronization Driver v1;C:\WINDOWS\system32\drivers\prosync1.sys
R0 sfhlp01;StarForce Protection Helper Driver;C:\WINDOWS\system32\drivers\sfhlp01.sys
R1 AmdK8;Pilote de processeur AMD Athlon64;C:\WINDOWS\system32\DRIVERS\AmdK8.sys
R1 hidfltr;HID Filter Driver;C:\WINDOWS\system32\drivers\MWhid.sys
R1 prodrv06;StarForce Protection Environment Driver v6;C:\WINDOWS\system32\drivers\prodrv06.sys
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
R2 int15.sys;int15.sys;\??\C:\Program Files\Acer\eRecovery\int15.sys
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 L8042Kbd;Logitech SetPoint Keyboard Driver;C:\WINDOWS\system32\Drivers\L8042Kbd.sys
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;C:\WINDOWS\system32\Drivers\L8042mou.sys
R3 LMouKE;Logitech SetPoint Mouse Filter Driver;C:\WINDOWS\system32\Drivers\LMouKE.sys
R3 NTIDrvr;Upper Class Filter Driver;C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
R3 P0630VID;Creative WebCam Live!;C:\WINDOWS\system32\DRIVERS\P0630Vid.sys
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver;C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys
S3 SQTECH905C;DaulCamera;C:\WINDOWS\system32\Drivers\Capt905c.sys
S3 USB_RNDIS;Inventel Gateway;C:\WINDOWS\system32\DRIVERS\usb8023.sys
S4 OPTENET_FILTER;Securitoo Control Parental;C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{97ea610b-f05d-11db-a5b3-00016cdda2fa}]
AutoRun\command- J:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbd55612-fd4a-11db-a5ce-00016cdda2fa}]
AutoRun\command- J:\InstallTomTomHOME.exe


Contents of the 'Scheduled Tasks' folder
2007-08-11 10:58:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-11 13:02:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-11 13:05:16 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-11 13:05

--- E O F ---
+++++++++++++++++++++++++++++++++++++++++++++++
Logfile of HijackThis v1.99.1
Scan saved at 13:07:57, on 11/08/2007
Platform: Waindows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Documents and Settings\johnny girot\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://caebmm.imgag.com/imgag/cp/install/crusher-cae.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

11 Août 2007 14:33:03

Re


Encore des corrections.


Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://caebmm.imgag.com/imgag/cp/i [...] er-cae.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Copie (Ctrl+C) le texte ci-dessous :

File::
C:\WINDOWS\system32\gnc.exe
C:\WINDOWS\system32\ddblleg.exe
C:\WINDOWS\system32\ihjqcae.exe
C:\WINDOWS\system32\zhvelaawus.exe
C:\WINDOWS\system32\ziagqqrff.exe
C:\WINDOWS\system32\okqwvkypl.exe
C:\WINDOWS\system32\xzcobqzkf.exe
C:\WINDOWS\system32\nsauzllv.exe
C:\WINDOWS\system32\zlieddan.exe
C:\WINDOWS\system32\gusaqk.exe
C:\WINDOWS\system32\gkamwlmsi.exe

Folder::
C:\Program Files\Zango
C:\Program Files\Fichiers communs\DriveCleaner
C:\Documents and Settings\johnny girot\Application Data\Zango

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{07AA283A-43D7-4CBE-A064-32A21112D94D}"=-
[-HKEY_CLASSES_ROOT\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D}]
[-HKEY_CLASSES_ROOT\HostIE.Bho.1]
[-HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
[-HKEY_CLASSES_ROOT\HostIE.Bho]


Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt



Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
11 Août 2007 21:07:14

re :
ComboFix 07-08-09.3 - "johnny girot" 2007-08-11 20:36:50.2 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.485 [GMT 2:00]
Command switches used :: C:\Documents and Settings\johnny girot\Mes documents\bloc note\CFScript.txt
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\ActivationCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\CustomerEmail
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\CustomerName
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\CustomerPassword
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\NeededACRetransfer
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\OID
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\PCID
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\ProductCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriveCleaner\Data\Suspicious
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner\activator_info.txt
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner\Logs\Activate.log
C:\Documents and Settings\johnny girot\Application Data\Zango
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\020106ta223_em.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\020106ta223_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta316_arrow.ani
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta316_cr.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta316_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta319_arrow.ani
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta319_cr.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta319_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta323_arrow.ani
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta323_cr.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta323_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta325_arrow.ani
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta325_cr.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta325_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\eskin\FileManager.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte10_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte11_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte12_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte13_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte14_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte19_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte20_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte21_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte9_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030203lib_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102angel_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102bigluf_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102bigsmile_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102birthday_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102cheers_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102flo_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102good_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102jump_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102king_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102lough_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102luf_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102smile_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102smiled_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102sor_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102thanx_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102uhu_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\040103ahh_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\040103wow_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\040104_emi2_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\042102_1134_112_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103big_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103gig_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103hm_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103nomail_emoti_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103norm_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema15_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema16_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema17_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema18_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema19_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema20_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema21_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema24_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema25_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema26_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema30_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema33_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema34_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\062802hippi_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\062802jumpie_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\080402argh_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\080402oops_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\080402ouch_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\082502no_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\082502yes_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_boring1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_confused_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_fantastic_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_feel_better_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_gimme_break_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_heehee_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_hlopaet_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_ign_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_lol_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_no_comment_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_peace_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_smashing_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_sm.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_sm2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_smli.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_smli2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\blocked.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\blocked2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_add-but.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_back-but.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\business_promo.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\buttondir.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\components.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css_cattree.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css_flashpreview.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css2_main.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css2_pagingmodule.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css2_topbuttons.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\cursors.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\delete.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\edit_clear_sound.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\edit_fs.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\edit_select.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-543450.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-548964.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-589306.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-591943.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-592579.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-598579.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-603763.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-9595.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-9696.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511745-514279.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-backgrounds.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-bcards.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-ecards.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-emoticons.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-estationery.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-funny.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-help.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-images.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-info.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-more.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-my.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-new.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-new2.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-options.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-people.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-photo.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-tell.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-temp.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-text.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-voice.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-premium-email-premium.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-t1-bg.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-temp-bg.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\estatationery.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\flashpatch.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\flashpreview.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\fs3.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\hotbar_promo.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_checked_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_close_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_edit_preview.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_edit_send.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_flash_preview.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_recently_used.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_remove_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_sand-clock2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_tell_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_tree_null.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_unchecked_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_barlayout.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_barlayout2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_barlayout4.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_corner_left.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_local_logo.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_basetemplate.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hbgroups.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hbobject3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hbobjectset3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hotbarwrapper.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_texts3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_xmltree3nf.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\layout.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\linkpathlegal.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\n.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_b_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_bb_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_f_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_ff_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\progress.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\sales_buttons.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\searchbtn.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\submit.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_bg.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_bga.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_bgia.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_l.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_la.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_lia.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_r.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_ra.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_ria.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tree_dots.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tree_minus.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tree_plus.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_animations.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_backgrounds.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_ecards.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_emoticons.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_notifiers.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_text.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\zango_btn.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\business_promo.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\buttondir.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\code.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\cursors.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\email-def.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\email-temp-bg.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\images.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\layout.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\localcontent.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\progress.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\sales_buttons.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\treexml.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\zango_btn.xip
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte10_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte11_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte12_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte13_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte14_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte19_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte20_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte21_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte9_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030203lib_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102angel_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102bigluf_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102bigsmile_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102birthday_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102cheers_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102flo_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102good_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102jump_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102king_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102lough_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102luf_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102smile_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102smiled_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102sor_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102thanx_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102uhu_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\040103ahh_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\040103wow_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\040104_emi2_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\042102_1134_112_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103big_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103gig_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103hm_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103nomail_emoti_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103norm_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema15_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema16_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema17_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema18_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema19_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema20_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema21_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema24_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema25_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema26_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema30_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema33_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema34_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\062802hippi_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\062802jumpie_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\080402argh_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\080402oops_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\080402ouch_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\082502no_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\082502yes_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_boring1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_confused_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_crying_ugly_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_fantastic_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_feel_better_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_gimme_break_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_heehee_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_hlopaet_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_ign_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_lol_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_no_comment_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_peace_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_smashing_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_talk2thehand_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\block_sm.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\block_sm2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\block_smli.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\block_smli2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\blocked.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\blocked2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_add-but.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_back-but.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\business_promo.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\buttondir.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\components.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css_cattree.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css_flashpreview.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css2_main.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css2_pagingmodule.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css2_topbuttons.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\cursors.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\delete.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\edit_clear_sound.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\edit_fs.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\edit_select.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-543450.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-548964.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-589306.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-591943.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-592579.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-598579.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-603763.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-9595.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511724-9696.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-511745-514279.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-backgrounds.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-bcards.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-ecards.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-emoticons.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-estationery.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-funny.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-help.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-images.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-info.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-more.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-my.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-new.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-new2.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-options.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-people.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-photo.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-tell.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-temp.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-text.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def-email-voice.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-def.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-premium-email-premium.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-t1-bg.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-temp-bg.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\estatationery.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\flashpatch.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\flashpreview.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\fs3.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\hotbar_promo.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_checked_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_close_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_edit_preview.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_edit_send.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_flash_preview.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_recently_used.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_remove_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_sand-clock2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_tell_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_tree_null.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_unchecked_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_barlayout.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_barlayout2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_barlayout4.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_corner_left.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_local_logo.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_basetemplate.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_hbgroups.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_hbobject3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_hbobjectset3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_hotbarwrapper.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_iteratorsandreaders3nf.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_pagingmoduleobj3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_texts3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_xmltree3nf.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\layout.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\linkpathlegal.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\n.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\nav_b_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\nav_bb_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\nav_f_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\nav_ff_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\pro_hb_fo_word.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\progress.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\sales_buttons.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\searchbtn.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\submit.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_bg.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_bga.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_bgia.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_l.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_la.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_lia.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_r.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_ra.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tab_ria.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tree_dots.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tree_minus.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\tree_plus.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_animations.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_backgrounds.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_ecards.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_emoticons.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_notifiers.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_text.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\zango_btn.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte10_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte11_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte12_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte13_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte14_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte19_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte20_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte21_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030104_emte9_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\030203lib_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102angel_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102bigluf_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102bigsmile_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102birthday_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102cheers_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102flo_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102good_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102jump_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102king_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102lough_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102luf_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102smile_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102smiled_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102sor_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102thanx_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\033102uhu_1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\040103ahh_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\040103wow_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\040104_emi2_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\042102_1134_112_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\050103big_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\050103gig_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\050103hm_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\050103nomail_emoti_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\050103norm_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema15_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema16_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema17_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema18_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema19_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema20_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema21_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema24_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema25_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema26_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema30_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema33_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\060104_ema34_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\062802hippi_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\062802jumpie_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\080402argh_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\080402oops_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\080402ouch_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\082502no_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\082502yes_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_boring1_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_confused_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_crying_ugly_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_fantastic_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_feel_better_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_gimme_break_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_heehee_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_hlopaet_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_ign_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_lol_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_no_comment_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_peace_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_smashing_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\110103_talk2thehand_prv.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\block_sm.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\block_sm2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\block_smli.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\block_smli2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\blocked.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\blocked2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_add-but.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_back-but.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_left_cut_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_left_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_left_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_middle_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_middle_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_right_cut_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_right_enabled_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\btn_right_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\business_promo.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\buttondir.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\components.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\css_cattree.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\css_flashpreview.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\css2_main.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\css2_pagingmodule.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\css2_topbuttons.css
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\cursors.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\delete.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\edit_clear_sound.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\edit_fs.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\edit_select.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-543450.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-548964.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-589306.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-591943.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-592579.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-598579.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-603763.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-9595.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511724-9696.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-511745-514279.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-backgrounds.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-bcards.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-ecards.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-emoticons.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-estationery.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-funny.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-help.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-images.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-info.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-more.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-my.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-new.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-new2.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-options.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-people.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-photo.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-tell.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-temp.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-text.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def-email-voice.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-def.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-premium-email-premium.mnu
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-t1-bg.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\email-temp-bg.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\estatationery.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\flashpatch.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\flashpreview.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\fs3.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\hotbar_promo.htm
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_checked_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_close_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_close_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_edit_preview.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_edit_send.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_flash_preview.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_recently_used.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_remove_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_remove_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_sand-clock2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_tell_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_tell_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_tree_null.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_unchecked_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\icon_unchecked_pressed_1.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\img_barlayout.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\img_barlayout2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\img_barlayout4.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\img_corner_left.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\img_local_logo.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_basetemplate.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_hbgroups.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_hbobject3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_hbobjectset3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_hotbarwrapper.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_iteratorsandreaders3nf.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_pagingmoduleobj3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_texts3.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\js2_xmltree3nf.js
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\layout.cdf
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\linkpathlegal.txt
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\n.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\nav_b_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\nav_bb_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\nav_f_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\nav_ff_2.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\pro_hb_fo_word.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\progress.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\sales_buttons.res
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\searchbtn.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\submit.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_bg.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_bga.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_bgia.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_l.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_la.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_lia.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_r.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_ra.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tab_ria.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tree_dots.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tree_minus.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\tree_plus.gif
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\treedata_animations.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\treedata_backgrounds.xml
C:\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\2\treedata_ecards.xml
C:\Documents and Setting
11 Août 2007 21:11:21

j'ai refais un scan au cas ou
Logfile of HijackThis v1.99.1
Scan saved at 21:09:14, on 11/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\_OTMoveIt\MovedFiles\Program Files\DriveCleaner 2006\DC.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\johnny girot\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

11 Août 2007 21:37:36

bonsoir

je poste juste pour faire gagner du temps à chercheur.
ton rapport Combofix n'est pas complet, poste le en entier stp.

il est ici:
C:\ComboFix.txt
11 Août 2007 21:59:24

bonsoir Sham-Rock merci quand je vais dans c:\ j'ai combo fix et ca j'espère que c'est bon:
[code]
2001-02-27 12:55 384 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\progress.xip.vir
2001-02-27 12:55 384 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\progress.xip.vir
2001-02-27 12:55 384 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip.vir
2002-06-10 14:13 269 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\business_promo.xip.vir
2002-06-10 14:13 269 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\business_promo.xip.vir
2002-10-24 14:55 51 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip.vir
2002-10-24 14:56 51 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip.vir
2002-10-24 14:56 51 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip.vir
2003-07-17 15:46 3432 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip.vir
2003-09-14 12:17 188 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip.vir
2003-09-17 15:37 1232 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip.vir
2003-12-10 15:59 70 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\linkpathlegal.xip.vir
2003-12-15 12:55 80 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\linkpathlegal.xip.vir
2004-05-23 14:45 19333 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\images.xip.vir
2004-05-23 14:45 19333 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\images.xip.vir
2004-07-11 13:44 189278 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\localcontent.xip.vir
2004-07-11 13:44 189278 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\localcontent.xip.vir
2005-03-09 14:13 224 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\hotbar_promo.xip.vir
2005-03-09 14:13 229 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\hotbar_promo.xip.vir
2005-07-11 14:26 23444 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip.vir
2005-07-11 14:26 61095 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip.vir
2005-07-11 14:26 83545 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip.vir
2006-02-15 11:13 16874 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\sales_buttons.xip.vir
2006-04-05 19:01 2 --a--c--- C:\Qoobox\Quarantine\C\WINDOWS\system32\stera.log.vir
2006-06-18 15:40 21629 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\sales_buttons.xip.vir
2006-08-07 14:39 8572 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip.vir
2006-08-15 15:09 8482 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip.vir
2006-08-23 14:05 7555 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\zango.xip.vir
2006-10-15 20:15 0 --a--c--- C:\Qoobox\Quarantine\C\DOCUME~1\JOHNNY~1\err.log.vir
2006-11-13 10:03 39781 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\code.xip.vir
2007-01-03 18:21 3920 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\zango1.xip.vir
2007-01-04 10:09 1271 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip.vir
2007-01-30 12:07 9556 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\treexml.xip.vir
2007-02-21 14:07 9927 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\treexml.xip.vir
2007-02-26 17:50 39784 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\code.xip.vir
2007-03-18 15:32 71 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip.vir
2007-03-21 10:57 1411 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip.vir
2007-03-21 15:01 1649 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\cursors.xip.vir
2007-03-21 15:01 1649 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\cursors.xip.vir
2007-03-21 15:01 1649 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip.vir
2007-03-21 18:25 2495 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\zango_btn.xip.vir
2007-03-21 18:25 2495 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\zango_btn.xip.vir
2007-03-22 09:12 1303 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip.vir
2007-03-26 10:50 1250 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip.vir
2007-04-04 10:13 17629 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip.vir
2007-04-04 10:13 5681 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip.vir
2007-04-04 10:59 173728 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip.vir
2007-04-04 10:59 41563 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip.vir
2007-04-25 13:14 4733 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\pro_hb_fo_word.xip.vir
2007-04-25 14:17 0 --a--c--- C:\Qoobox\Quarantine\C\DOCUME~1\nini\err.log.vir
2007-04-25 14:17 169 --a--c--- C:\Qoobox\Quarantine\C\DOCUME~1\nini\APPLIC~1\DriveCleaner 2006\Logs\Activate.log.vir
2007-04-26 13:48 0 --a--c--- C:\Qoobox\Quarantine\C\Program Files\Fichiers communs\DriveCleaner\err.log.vir
2007-05-02 17:20 348 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip.vir
2007-05-07 16:26 8952 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\email-t1-bg.xip.vir
2007-05-07 16:26 8952 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\email-t1-bg.xip.vir
2007-05-18 15:23 8952 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip.vir
2007-05-21 11:25 2448 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip.vir
2007-05-29 12:59 1078 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\email-def.xip.vir
2007-05-29 14:33 1078 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\email-def.xip.vir
2007-06-09 05:20 807 --a------ C:\Qoobox\Quarantine\C\DOCUME~1\JOHNNY~1\Bureau\Internet Explorer.lnk.vir
2007-06-17 11:25 3753 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\email-temp-bg.xip.vir
2007-06-17 11:25 3753 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\email-temp-bg.xip.vir
2007-06-17 13:17 1097 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\layout.xip.vir
2007-06-17 13:18 1109 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\layout.xip.vir
2007-07-02 13:09 473 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\DownLoad\buttondir.xip.vir
2007-07-02 13:09 495 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\DownLoad\buttondir.xip.vir
2007-07-02 20:05 6514 --a--c--- C:\Qoobox\Quarantine\C\DOCUME~1\nini\ResErrors.log.vir
2007-07-02 20:15 2193 --a--c--- C:\Qoobox\Quarantine\C\DOCUME~1\nini\APPLIC~1\DriveCleaner\Logs\update.log.vir
2007-07-02 21:07 1899 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000021726.vir
2007-07-02 21:07 1918 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027957.vir
2007-07-02 21:07 1929 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705284.vir
2007-07-02 21:07 1937 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000037228.vir
2007-07-02 21:07 1965 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705316.vir
2007-07-02 21:07 1966 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\212398.vir
2007-07-02 21:07 1977 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\29242.sdf.vir
2007-07-02 21:07 1982 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705036.vir
2007-07-02 21:07 2061 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027874.vir
2007-07-02 21:07 2079 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052701.vir
2007-07-02 21:07 2153 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753084.vir
2007-07-03 10:52 1009 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_boring1_prv.gif.vir
2007-07-03 10:52 103 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_unchecked_1.gif.vir
2007-07-03 10:52 104 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif.vir
2007-07-03 10:52 1077 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\062802jumpie_prv.gif.vir
2007-07-03 10:52 1079 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css2_pagingmodule.css.vir
2007-07-03 10:52 1087 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css_cattree.css.vir
2007-07-03 10:52 109 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\blocked.gif.vir
2007-07-03 10:52 1090 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema15_prv.gif.vir
2007-07-03 10:52 1098 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102luf_1_prv.gif.vir
2007-07-03 10:52 1107 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_fantastic_prv.gif.vir
2007-07-03 10:52 111 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_corner_left.gif.vir
2007-07-03 10:52 11133 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_xmltree3nf.js.vir
2007-07-03 10:52 1121 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_gimme_break_prv.gif.vir
2007-07-03 10:52 114 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\edit_fs.htm.vir
2007-07-03 10:52 11408 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_ecards.xml.vir
2007-07-03 10:52 1154 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_feel_better_prv.gif.vir
2007-07-03 10:52 116 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_checked_1.gif.vir
2007-07-03 10:52 1166 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_peace_prv.gif.vir
2007-07-03 10:52 1169 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\buttondir.txt.vir
2007-07-03 10:52 118 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_remove_1.gif.vir
2007-07-03 10:52 118 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_remove_pressed_1.gif.vir
2007-07-03 10:52 1283 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema20_prv.gif.vir
2007-07-03 10:52 129 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\delete.gif.vir
2007-07-03 10:52 1297 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema18_prv.gif.vir
2007-07-03 10:52 130 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\042102_1134_112_prv.gif.vir
2007-07-03 10:52 1312 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_smashing_prv.gif.vir
2007-07-03 10:52 136 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102smile_1_prv.gif.vir
2007-07-03 10:52 13758 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js.vir
2007-07-03 10:52 1418 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema19_prv.gif.vir
2007-07-03 10:52 14197 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_backgrounds.xml.vir
2007-07-03 10:52 1469 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\040104_emi2_prv.gif.vir
2007-07-03 10:52 1479 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103norm_prv.gif.vir
2007-07-03 10:52 149 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_middle_enabled_1.gif.vir
2007-07-03 10:52 149 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_middle_pressed_1.gif.vir
2007-07-03 10:52 1513 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte13_prv.gif.vir
2007-07-03 10:52 157 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\edit_select.gif.vir
2007-07-03 10:52 1649 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte12_prv.gif.vir
2007-07-03 10:52 165 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_left_enabled_1.gif.vir
2007-07-03 10:52 165 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_left_pressed_1.gif.vir
2007-07-03 10:52 165 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_right_enabled_1.gif.vir
2007-07-03 10:52 16522 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\flashpreview.htm.vir
2007-07-03 10:52 166 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_right_pressed_1.gif.vir
2007-07-03 10:52 1668 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_texts3.js.vir
2007-07-03 10:52 16799 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_animations.xml.vir
2007-07-03 10:52 1685 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103big_prv.gif.vir
2007-07-03 10:52 16859 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-temp-bg.res.vir
2007-07-03 10:52 1694 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema16_prv.gif.vir
2007-07-03 10:52 174 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_edit_send.gif.vir
2007-07-03 10:52 1785 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema17_prv.gif.vir
2007-07-03 10:52 18091 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hbgroups.js.vir
2007-07-03 10:52 1820 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103gig_prv.gif.vir
2007-07-03 10:52 1846 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103hm_prv.gif.vir
2007-07-03 10:52 192 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102birthday_1_prv.gif.vir
2007-07-03 10:52 2021 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_heehee_prv.gif.vir
2007-07-03 10:52 2021 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_ign_prv.gif.vir
2007-07-03 10:52 203 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_tell_1.gif.vir
2007-07-03 10:52 203 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_tell_pressed_1.gif.vir
2007-07-03 10:52 204 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_f_2.gif.vir
2007-07-03 10:52 2053 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_no_comment_prv.gif.vir
2007-07-03 10:52 207 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_back-but.gif.vir
2007-07-03 10:52 2080 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_confused_prv.gif.vir
2007-07-03 10:52 2143 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css2_main.css.vir
2007-07-03 10:52 216 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_sm2.gif.vir
2007-07-03 10:52 233 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102smiled_1_prv.gif.vir
2007-07-03 10:52 233 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_smli2.gif.vir
2007-07-03 10:52 2369 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif.vir
2007-07-03 10:52 239 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102king_1_prv.gif.vir
2007-07-03 10:52 2464 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_barlayout4.gif.vir
2007-07-03 10:52 2503 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hbobject3.js.vir
2007-07-03 10:52 25140 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\020106ta223_prv.gif.vir
2007-07-03 10:52 254 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102good_1_prv.gif.vir
2007-07-03 10:52 2585 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\progress.res.vir
2007-07-03 10:52 2685 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\components.cdf.vir
2007-07-03 10:52 2726 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte10_prv.gif.vir
2007-07-03 10:52 2779 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_hlopaet_prv.gif.vir
2007-07-03 10:52 288 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_add-but.gif.vir
2007-07-03 10:52 293 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\submit.gif.vir
2007-07-03 10:52 2973 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_lol_prv.gif.vir
2007-07-03 10:52 3042 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_barlayout.gif.vir
2007-07-03 10:52 311 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\blocked2.gif.vir
2007-07-03 10:52 330 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_flash_preview.gif.vir
2007-07-03 10:52 3312 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema34_prv.gif.vir
2007-07-03 10:52 33293 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_basetemplate.js.vir
2007-07-03 10:52 334 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102jump_1_prv.gif.vir
2007-07-03 10:52 335 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_edit_preview.gif.vir
2007-07-03 10:52 3395 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema25_prv.gif.vir
2007-07-03 10:52 3406 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema26_prv.gif.vir
2007-07-03 10:52 346 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\020106ta223_em.htm.vir
2007-07-03 10:52 354 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_bgia.gif.vir
2007-07-03 10:52 356 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\040103wow_prv.gif.vir
2007-07-03 10:52 3582 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_text.xml.vir
2007-07-03 10:52 3621 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte19_prv.gif.vir
2007-07-03 10:52 3655 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema21_prv.gif.vir
2007-07-03 10:52 370 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\hotbar_promo.htm.vir
2007-07-03 10:52 3753 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif.vir
2007-07-03 10:52 383 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102angel_1_prv.gif.vir
2007-07-03 10:52 3883 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte20_prv.gif.vir
2007-07-03 10:52 39 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-my.mnu.vir
2007-07-03 10:52 40 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-new.mnu.vir
2007-07-03 10:52 41 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-info.mnu.vir
2007-07-03 10:52 41 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-more.mnu.vir
2007-07-03 10:52 41 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-new2.mnu.vir
2007-07-03 10:52 41 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-tell.mnu.vir
2007-07-03 10:52 41 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-temp.mnu.vir
2007-07-03 10:52 41 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-text.mnu.vir
2007-07-03 10:52 42 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-9595.mnu.vir
2007-07-03 10:52 42 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-9696.mnu.vir
2007-07-03 10:52 42 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-bcards.mnu.vir
2007-07-03 10:52 42 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-funny.mnu.vir
2007-07-03 10:52 42 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-photo.mnu.vir
2007-07-03 10:52 42 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-voice.mnu.vir
2007-07-03 10:52 421 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102lough_1_prv.gif.vir
2007-07-03 10:52 43 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-ecards.mnu.vir
2007-07-03 10:52 43 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-images.mnu.vir
2007-07-03 10:52 43 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-people.mnu.vir
2007-07-03 10:52 4359 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema33_prv.gif.vir
2007-07-03 10:52 438 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102uhu_1_prv.gif.vir
2007-07-03 10:52 438 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\080402ouch_prv.gif.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-543450.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-548964.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-589306.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-591943.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-592579.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-598579.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511724-603763.mnu.vir
2007-07-03 10:52 44 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-options.mnu.vir
2007-07-03 10:52 452 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\searchbtn.gif.vir
2007-07-03 10:52 4523 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte14_prv.gif.vir
2007-07-03 10:52 4534 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\layout.cdf.vir
2007-07-03 10:52 46 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif.vir
2007-07-03 10:52 46 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-emoticons.mnu.vir
2007-07-03 10:52 465 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030203lib_prv.gif.vir
2007-07-03 10:52 47053 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\fs3.htm.vir
2007-07-03 10:52 48 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-511745-514279.mnu.vir
2007-07-03 10:52 48 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-backgrounds.mnu.vir
2007-07-03 10:52 48 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-estationery.mnu.vir
2007-07-03 10:52 48 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-premium-email-premium.mnu.vir
2007-07-03 10:52 49 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\n.gif.vir
2007-07-03 10:52 490 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\080402argh_prv.gif.vir
2007-07-03 10:52 49064 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\sales_buttons.res.vir
2007-07-03 10:52 492 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\business_promo.htm.vir
2007-07-03 10:52 495 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css2_topbuttons.css.vir
2007-07-03 10:52 505 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102cheers_1_prv.gif.vir
2007-07-03 10:52 512 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102flo_1_prv.gif.vir
2007-07-03 10:52 52 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif.vir
2007-07-03 10:52 52 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_tree_null.gif.vir
2007-07-03 10:52 5232 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\zango_btn.res.vir
2007-07-03 10:52 530 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_ria.gif.vir
2007-07-03 10:52 54 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tree_dots.gif.vir
2007-07-03 10:52 55107 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-t1-bg.res.vir
2007-07-03 10:52 555 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_lia.gif.vir
2007-07-03 10:52 561 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hotbarwrapper.js.vir
2007-07-03 10:52 562 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_la.gif.vir
2007-07-03 10:52 562 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_ra.gif.vir
2007-07-03 10:52 578 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102thanx_1_prv.gif.vir
2007-07-03 10:52 580 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_bga.gif.vir
2007-07-03 10:52 5869 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte9_prv.gif.vir
2007-07-03 10:52 591 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\062802hippi_prv.gif.vir
2007-07-03 10:52 597 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\040103ahh_prv.gif.vir
2007-07-03 10:52 597 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\estatationery.gif.vir
2007-07-03 10:52 612 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\flashpatch.js.vir
2007-07-03 10:52 615 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_local_logo.gif.vir
2007-07-03 10:52 62 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_sm.gif.vir
2007-07-03 10:52 62 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def-email-help.mnu.vir
2007-07-03 10:52 6284 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\cursors.res.vir
2007-07-03 10:52 6286 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\email-def.cdf.vir
2007-07-03 10:52 64 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_bg.gif.vir
2007-07-03 10:52 6452 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js.vir
2007-07-03 10:52 6495 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte21_prv.gif.vir
2007-07-03 10:52 65 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_r.gif.vir
2007-07-03 10:52 66 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_close_pressed_1.gif.vir
2007-07-03 10:52 66 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tree_minus.gif.vir
2007-07-03 10:52 6679 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\030104_emte11_prv.gif.vir
2007-07-03 10:52 67 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_close_1.gif.vir
2007-07-03 10:52 678 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102sor_1_prv.gif.vir
2007-07-03 10:52 688 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_sand-clock2.gif.vir
2007-07-03 10:52 694 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102bigluf_1_prv.gif.vir
2007-07-03 10:52 70 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tree_plus.gif.vir
2007-07-03 10:52 706 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_notifiers.xml.vir
2007-07-03 10:52 73 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\block_smli.gif.vir
2007-07-03 10:52 731 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\080402oops_prv.gif.vir
2007-07-03 10:52 735 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\082502no_prv.gif.vir
2007-07-03 10:52 74 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\edit_clear_sound.gif.vir
2007-07-03 10:52 767 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\082502yes_prv.gif.vir
2007-07-03 10:52 7864 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema24_prv.gif.vir
2007-07-03 10:52 8098 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\treedata_emoticons.xml.vir
2007-07-03 10:52 81 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_b_2.gif.vir
2007-07-03 10:52 82 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\linkpathlegal.txt.vir
2007-07-03 10:52 833 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\tab_l.gif.vir
2007-07-03 10:52 845 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\css_flashpreview.css.vir
2007-07-03 10:52 85 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\icon_recently_used.gif.vir
2007-07-03 10:52 865 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\050103nomail_emoti_prv.gif.vir
2007-07-03 10:52 877 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\060104_ema30_prv.gif.vir
2007-07-03 10:52 879 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\img_barlayout2.gif.vir
2007-07-03 10:52 88 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_bb_2.gif.vir
2007-07-03 10:52 88 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\nav_ff_2.gif.vir
2007-07-03 10:52 946 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\033102bigsmile_1_prv.gif.vir
2007-07-03 10:52 9690 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOI\static\1\js2_hbobjectset3.js.vir
2007-07-03 10:53 0 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta316_cr.htm.vir
2007-07-03 10:53 0 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta323_cr.htm.vir
2007-07-03 10:53 0 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta325_cr.htm.vir
2007-07-03 10:53 12970 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta316_arrow.ani.vir
2007-07-03 10:53 2134 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta323_prv.gif.vir
2007-07-03 10:53 30162 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta323_arrow.ani.vir
2007-07-03 10:53 30162 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta325_arrow.ani.vir
2007-07-03 10:53 3312 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta325_prv.gif.vir
2007-07-03 10:53 633 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta316_prv.gif.vir
2007-07-03 10:57 0 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta319_cr.htm.vir
2007-07-03 10:57 1077 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta319_prv.gif.vir
2007-07-03 10:57 12970 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\040107ta319_arrow.ani.vir
2007-07-03 10:57 532 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\eskin\FileManager.txt.vir
2007-07-03 22:54 1932 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\3755917.sdf.vir
2007-07-03 22:54 1950 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\3338.vir
2007-07-03 22:54 1950 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79977.vir
2007-07-03 22:54 1950 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79986.vir
2007-07-03 22:54 1966 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69626.vir
2007-07-03 22:54 1971 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\93910.vir
2007-07-03 23:56 2079 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6546.vir
2007-07-03 23:56 2079 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705243.vir
2007-07-03 23:56 2094 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000037224.vir
2007-07-04 21:47 2012 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\64737.vir
2007-07-05 01:29 1974 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\704965.vir
2007-07-05 01:29 2010 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705263.vir
2007-07-05 01:29 2026 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705256.vir
2007-07-05 01:29 2101 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\3893096.sdf.vir
2007-07-05 01:38 1926 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67226.vir
2007-07-05 01:38 1940 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\3852962.sdf.vir
2007-07-05 01:38 1941 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34174.vir
2007-07-05 01:38 1947 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\713199.vir
2007-07-05 01:38 2010 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\74398.vir
2007-07-06 20:59 24338 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\static\1\zango.res.vir
2007-07-06 21:38 1936 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49587.vir
2007-07-06 21:38 1947 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\86379.vir
2007-07-06 21:38 1952 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\1384900.sdf.vir
2007-07-06 21:38 1962 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\52253.vir
2007-07-06 21:38 2051 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024421.vir
2007-07-06 21:38 2093 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\35000.vir
2007-07-06 21:38 2110 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\10110.vir
2007-07-06 21:40 1009 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_boring1_prv.gif.vir
2007-07-06 21:40 103 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_unchecked_1.gif.vir
2007-07-06 21:40 104 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_unchecked_pressed_1.gif.vir
2007-07-06 21:40 104335 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\sales_buttons.res.vir
2007-07-06 21:40 10439 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_backgrounds.xml.vir
2007-07-06 21:40 1077 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\062802jumpie_prv.gif.vir
2007-07-06 21:40 1079 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css2_pagingmodule.css.vir
2007-07-06 21:40 1087 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css_cattree.css.vir
2007-07-06 21:40 109 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\blocked.gif.vir
2007-07-06 21:40 1090 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema15_prv.gif.vir
2007-07-06 21:40 1098 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102luf_1_prv.gif.vir
2007-07-06 21:40 1103 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\buttondir.txt.vir
2007-07-06 21:40 1107 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_fantastic_prv.gif.vir
2007-07-06 21:40 111 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_corner_left.gif.vir
2007-07-06 21:40 11133 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_xmltree3nf.js.vir
2007-07-06 21:40 1121 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_gimme_break_prv.gif.vir
2007-07-06 21:40 114 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\edit_fs.htm.vir
2007-07-06 21:40 1154 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_feel_better_prv.gif.vir
2007-07-06 21:40 116 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_checked_1.gif.vir
2007-07-06 21:40 1166 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_peace_prv.gif.vir
2007-07-06 21:40 118 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_remove_1.gif.vir
2007-07-06 21:40 118 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_remove_pressed_1.gif.vir
2007-07-06 21:40 1283 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema20_prv.gif.vir
2007-07-06 21:40 129 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\delete.gif.vir
2007-07-06 21:40 1297 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema18_prv.gif.vir
2007-07-06 21:40 130 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\042102_1134_112_prv.gif.vir
2007-07-06 21:40 1312 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_smashing_prv.gif.vir
2007-07-06 21:40 13224 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\treedata_animations.xml.vir
2007-07-06 21:40 136 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102smile_1_prv.gif.vir
2007-07-06 21:40 13758 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_iteratorsandreaders3nf.js.vir
2007-07-06 21:40 1418 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema19_prv.gif.vir
2007-07-06 21:40 1469 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\040104_emi2_prv.gif.vir
2007-07-06 21:40 1479 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103norm_prv.gif.vir
2007-07-06 21:40 149 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_middle_enabled_1.gif.vir
2007-07-06 21:40 149 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_middle_pressed_1.gif.vir
2007-07-06 21:40 1513 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte13_prv.gif.vir
2007-07-06 21:40 157 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\edit_select.gif.vir
2007-07-06 21:40 1649 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\030104_emte12_prv.gif.vir
2007-07-06 21:40 165 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_left_enabled_1.gif.vir
2007-07-06 21:40 165 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_left_pressed_1.gif.vir
2007-07-06 21:40 165 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_right_enabled_1.gif.vir
2007-07-06 21:40 16522 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\flashpreview.htm.vir
2007-07-06 21:40 166 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_right_pressed_1.gif.vir
2007-07-06 21:40 1668 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_texts3.js.vir
2007-07-06 21:40 1685 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103big_prv.gif.vir
2007-07-06 21:40 16859 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\email-temp-bg.res.vir
2007-07-06 21:40 1694 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema16_prv.gif.vir
2007-07-06 21:40 174 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_edit_send.gif.vir
2007-07-06 21:40 1785 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\060104_ema17_prv.gif.vir
2007-07-06 21:40 18091 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_hbgroups.js.vir
2007-07-06 21:40 1820 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103gig_prv.gif.vir
2007-07-06 21:40 1846 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\050103hm_prv.gif.vir
2007-07-06 21:40 192 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102birthday_1_prv.gif.vir
2007-07-06 21:40 2021 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_heehee_prv.gif.vir
2007-07-06 21:40 2021 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_ign_prv.gif.vir
2007-07-06 21:40 203 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_tell_1.gif.vir
2007-07-06 21:40 203 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\icon_tell_pressed_1.gif.vir
2007-07-06 21:40 204 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\nav_f_2.gif.vir
2007-07-06 21:40 2053 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_no_comment_prv.gif.vir
2007-07-06 21:40 207 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\btn_back-but.gif.vir
2007-07-06 21:40 2080 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_confused_prv.gif.vir
2007-07-06 21:40 2143 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\css2_main.css.vir
2007-07-06 21:40 216 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\block_sm2.gif.vir
2007-07-06 21:40 233 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102smiled_1_prv.gif.vir
2007-07-06 21:40 233 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\block_smli2.gif.vir
2007-07-06 21:40 2369 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\110103_talk2thehand_prv.gif.vir
2007-07-06 21:40 239 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102king_1_prv.gif.vir
2007-07-06 21:40 2464 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\img_barlayout4.gif.vir
2007-07-06 21:40 2503 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\js2_hbobject3.js.vir
2007-07-06 21:40 254 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Application Data\Zango\v3.0\HostOL\static\1\033102good_1_prv.gif.vir
2007-07-06 21:40 2585 --a--c--- C:\Qoobox\Quarantine\C\Documents and Settings\johnny girot\Appli
11 Août 2007 22:25:21

depuis que j'ai fais le comboFix,je peux ouvrir la fenètre orange mais pas aller sur internet,programme d'erreur a chaque fois:
DOCUMENT~1\JOHNNY~1\LOCALS~1\Temp\1e5e_appcompat.txt
mais quand je lance un scan je ne le trouve pas ,que dois je faire merci.A L'AIDE....Je ne peux pas enlever orange sinon plus d'internet,qu'est ce que je peux faire?a part combofix,combofix2 et combofix-quarantined-files,je ne trouve pas combofix.txt
11 Août 2007 23:36:59

j'ai refais un comboFix:
ComboFix 07-08-09.3 - "johnny girot" 2007-08-11 23:29:32.3 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.557 [GMT 2:00]


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner
C:\DOCUME~1\JOHNNY~1\APPLIC~1\DriveCleaner\Logs\update.log
C:\DOCUME~1\JOHNNY~1\Bureau\DriveCleaner.lnk


((((((((((((((((((((((((( Files Created from 2007-07-11 to 2007-08-11 )))))))))))))))))))))))))))))))


2007-08-11 20:49 <REP> d-------- C:\Program Files\Securitoo
2007-08-11 12:54 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-10 21:06 <REP> d-------- C:\Program Files\Rockstar Games
2007-08-10 17:52 127,034 -r------- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-08-10 16:10 <REP> d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Logitech
2007-08-10 16:05 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2007-08-10 16:04 69,760 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-08-10 16:04 55,808 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
2007-08-10 16:04 13,568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS
2007-08-10 16:03 94,208 --a------ C:\WINDOWS\KHALMNPR.Exe
2007-08-10 16:03 53,248 --a------ C:\WINDOWS\system32\KemXML.dll
2007-08-10 16:03 36,736 --a------ C:\WINDOWS\system32\drivers\LHidUsbK.sys
2007-08-10 16:03 27,008 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
2007-08-10 16:03 155,648 --a------ C:\WINDOWS\system32\kemutb.dll
2007-08-10 16:03 126,976 --a------ C:\WINDOWS\system32\KemUtil.dll
2007-08-10 16:03 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
2007-08-10 16:03 <REP> d-------- C:\Program Files\Logitech
2007-08-10 16:03 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2007-08-09 01:52 3,290 --a------ C:\WINDOWS\system32\gnc.exe
2007-08-09 01:17 <REP> d-------- C:\Program Files\Navilog1
2007-08-09 01:04 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-09 00:20 <REP> d-------- C:\Program Files\MegaWorld
2007-08-09 00:00 10,485,760 --a------ C:\DOCUME~1\JOHNNY~1\ntuser.dat
2007-08-08 21:58 <REP> d-------- C:\WINDOWS\system32\JVeffect
2007-08-06 12:39 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-04 13:36 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2007-07-31 21:09 <REP> d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Apple Computer
2007-07-31 14:38 65,536 --------- C:\WINDOWS\system32\mavideo.scr
2007-07-31 14:35 <REP> d-------- C:\Program Files\QuickTime
2007-07-31 14:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-07-17 16:08 138,368 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-07-17 16:07 <REP> d-------- C:\Program Files\Spyware Terminator
2007-07-17 16:07 <REP> d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Spyware Terminator
2007-07-17 16:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
2007-07-17 15:33 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-07-16 11:36 268,800 --a------ C:\WINDOWS\system32\ddblleg.exe
2007-07-14 09:59 272,896 --a------ C:\WINDOWS\system32\ihjqcae.exe
2007-07-11 15:42 <REP> d-------- C:\Program Files\RegCleaner
2007-07-11 13:29 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-11 23:06 --------- d-------- C:\Program Files\Wanadoo
2007-08-11 22:18 --------- d-------- C:\Program Files\Metin2_France
2007-08-11 20:52 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-11 00:59 65602 --a--c--- C:\WINDOWS\system32\perfc00C.dat
2007-08-11 00:59 449740 --a--c--- C:\WINDOWS\system32\perfh00C.dat
2007-08-09 00:20 --------- d-------- C:\Program Files\Google
2007-08-09 00:20 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\EPSON
2007-07-31 22:40 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Micro Application
2007-07-31 14:39 --------- d-------- C:\Program Files\Micro Application
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a--c--- C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a--c--- C:\WINDOWS\system32\AVASTSS.scr
2007-07-11 14:24 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\Lavasoft
2007-07-10 15:57 --------- d-------- C:\Program Files\USS
2007-07-08 11:58 265216 --a------ C:\WINDOWS\system32\zhvelaawus.exe
2007-07-06 10:57 263680 --a------ C:\WINDOWS\system32\ziagqqrff.exe
2007-07-04 10:43 261632 --a------ C:\WINDOWS\system32\okqwvkypl.exe
2007-07-03 22:08 263168 --a------ C:\WINDOWS\system32\xzcobqzkf.exe
2007-06-28 05:12 288256 --a------ C:\WINDOWS\system32\nsauzllv.exe
2007-06-26 05:11 271872 --a------ C:\WINDOWS\system32\zlieddan.exe
2007-06-23 11:34 269312 --a------ C:\WINDOWS\system32\gusaqk.exe
2007-06-18 20:28 --------- d-------- C:\DOCUME~1\JOHNNY~1\APPLIC~1\DivX
2007-06-17 20:00 --------- d-------- C:\Program Files\Winamp
2007-06-17 19:16 --------- d-------- C:\Program Files\Dictionnaire
2007-06-17 14:04 --------- d-------- C:\Program Files\Mission Maulwurf
2007-06-14 10:26 400384 --a--c--- C:\WINDOWS\system32\gkamwlmsi.exe
2007-05-16 17:13 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2006-12-03 22:31 278528 --a--c--- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-01 16:16]
"nwiz"="nwiz.exe" [2005-04-01 16:16 C:\WINDOWS\system32\nwiz.exe]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 17:53]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-04-01 16:16]
"MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [2005-06-21 15:28]
"LaunchApp"="Alaunch" []
"eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 09:03]
"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 06:00]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-21 15:39]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-07-17 16:07]
"NWEReboot"="" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-03-28 17:38 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-10 17:52]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-03-17 15:06:14]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-10 17:52:13]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-08-10 16:03:32]
Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe [2000-07-12 15:14:38]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OPTENET_FILTER"=2 (0x2)

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;C:\WINDOWS\system32\DRIVERS\nvcchflt.sys
R0 prohlp02;StarForce Protection Helper Driver v2;C:\WINDOWS\system32\drivers\prohlp02.sys
R0 prosync1;StarForce Protection Synchronization Driver v1;C:\WINDOWS\system32\drivers\prosync1.sys
R0 sfhlp01;StarForce Protection Helper Driver;C:\WINDOWS\system32\drivers\sfhlp01.sys
R1 AmdK8;Pilote de processeur AMD Athlon64;C:\WINDOWS\system32\DRIVERS\AmdK8.sys
R1 hidfltr;HID Filter Driver;C:\WINDOWS\system32\drivers\MWhid.sys
R1 prodrv06;StarForce Protection Environment Driver v6;C:\WINDOWS\system32\drivers\prodrv06.sys
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
R2 int15.sys;int15.sys;\??\C:\Program Files\Acer\eRecovery\int15.sys
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 L8042Kbd;Logitech SetPoint Keyboard Driver;C:\WINDOWS\system32\Drivers\L8042Kbd.sys
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;C:\WINDOWS\system32\Drivers\L8042mou.sys
R3 LMouKE;Logitech SetPoint Mouse Filter Driver;C:\WINDOWS\system32\Drivers\LMouKE.sys
R3 NTIDrvr;Upper Class Filter Driver;C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
R3 P0630VID;Creative WebCam Live!;C:\WINDOWS\system32\DRIVERS\P0630Vid.sys
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver;C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys
S3 SQTECH905C;DaulCamera;C:\WINDOWS\system32\Drivers\Capt905c.sys
S3 USB_RNDIS;Inventel Gateway;C:\WINDOWS\system32\DRIVERS\usb8023.sys
S4 OPTENET_FILTER;Securitoo Control Parental;C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{97ea610b-f05d-11db-a5b3-00016cdda2fa}]
AutoRun\command- J:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbd55612-fd4a-11db-a5ce-00016cdda2fa}]
AutoRun\command- J:\InstallTomTomHOME.exe

*Newly Created Service* - UPNPHOST

Contents of the 'Scheduled Tasks' folder
2007-08-11 20:58:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-11 23:31:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-11 23:32:32
C:\ComboFix-quarantined-files.txt ... 2007-08-11 23:32
C:\ComboFix2.txt ... 2007-08-11 20:42
C:\ComboFix3.txt ... 2007-08-11 13:05

--- E O F ---
12 Août 2007 00:47:20

Re

appcompat.txt est le rapport d'erreur, pas la cause du problème.
Télécharge ceci pour réparer internet explorer.
http://www.technicland.com/powerie6.php3


La plupart des fichiers sont encore visibles.

Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt....
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :p aste List of Files/Folders to be moved.

C:\WINDOWS\system32\ddblleg.exe
C:\WINDOWS\system32\ihjqcae.exe
C:\WINDOWS\system32\zhvelaawus.exe
C:\WINDOWS\system32\ziagqqrff.exe
C:\WINDOWS\system32\okqwvkypl.exe
C:\WINDOWS\system32\xzcobqzkf.exe
C:\WINDOWS\system32\nsauzllv.exe
C:\WINDOWS\system32\zlieddan.exe
C:\WINDOWS\system32\gusaqk.exe
C:\WINDOWS\system32\gkamwlmsi.exe
C:\Program Files\Zango
C:\Program Files\Fichiers communs\DriveCleaner
C:\Documents and Settings\johnny girot\Application Data\Zango


Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.


Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
12 Août 2007 01:05:09

re chercheur et merci je désespère!!!!!dans c:\OTMoveIt\
C:\WINDOWS\system32\ddblleg.exe moved successfully.
C:\WINDOWS\system32\ihjqcae.exe moved successfully.
C:\WINDOWS\system32\zhvelaawus.exe moved successfully.
C:\WINDOWS\system32\ziagqqrff.exe moved successfully.
C:\WINDOWS\system32\okqwvkypl.exe moved successfully.
C:\WINDOWS\system32\xzcobqzkf.exe moved successfully.
C:\WINDOWS\system32\nsauzllv.exe moved successfully.
C:\WINDOWS\system32\zlieddan.exe moved successfully.
C:\WINDOWS\system32\gusaqk.exe moved successfully.
C:\WINDOWS\system32\gkamwlmsi.exe moved successfully.
File/Folder C:\Program Files\Zango not found.
File/Folder C:\Program Files\Fichiers communs\DriveCleaner not found.
File/Folder C:\Documents and Settings\johnny girot\Application Data\Zango not found.

Created on 08/12/2007 01:01:22

je pense que c'est ca
pour internet c'est idem je lance le gestionnaire et pour le naviguateur message d'erreur.je lance ie(qui sans le gestionnaire orange ne fonctionne pas :pt1cable:  )qui fonctionne.pour le redémarrage c'est encore plus lent :pt1cable:  :pt1cable: 
12 Août 2007 01:24:46

Re

As tu utilisé PowerIE6 ?


Contre le lenteur.


Tu as deux antispywares (AVG et Spyware terminator)
Un seul est suffisant.
Supprime en un.


$$ Télécharge et installe EasyCleaner de Toni Helenius
http://personal.inet.fi/business/toniarts/ecleane.htm
Utilises les fonctions Inutiles et Registre. Supprimes ce qu'il trouve.
Ne pas toucher à la fonction doublons.


$$ Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner

Clique sur Options, Avancé et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Ne touche pas aux autres réglages.

Lance le nettoyage.


$$ Fais une défragmentation
http://www.coupdepoucepc.com/modules/news/article.php?s...
12 Août 2007 13:23:31

Re : powerIE6 m'a réparé ie mais sans le gestionnaire orange ca ne connecte pas,est ce qu'il faut que je supprime ie et le re télécharger?Pour le gestionnaire il se lance et dès que je veux une page weeb rebeulotte:appcompat.txt avec le numéro qui change. :pt1cable:  la page du bureau mets plus de temps a s'ouvrir.est ce que combofix a pu me supprimé un fichier qui me servais au demarrage?c'est depuis qu'il a été lancé que ca déconne encore plus....j'ai beau faire tous les scan possible il est introuvable!!!!et pourtant il est bien Là!!!!j'en ai marre...je sais plus quoi faire............
12 Août 2007 18:44:17

re:
a chaque lancement du weeb l'erreur est:
-AppName:woobrowser.exe AppVer:5.9.2.0 ModName:totoatlmod.dll ModVer:1.0.0.3 Offset:00005acd,si ca peut vous aidez a m'aidez :cry:  ....merci
12 Août 2007 21:47:18

ca rame de + en + je reposte un scan voir au dessus:
++++++++++++++++++++++++++++++++++++++++++++++
Logfile of HijackThis v1.99.1
Scan saved at 21:45:31, on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\johnny girot\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast2.com/index.php?rvs=hompag
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

12 Août 2007 22:53:40

Re


Hijackthis est propre.

J'ai vérifié le rapport de Combofix. Il n'y a pas de fichier en rapport avec le gestionnaire d'Orangge.

Réinstalle le avec le Cd.
13 Août 2007 00:16:16

bonsoir chercheur.Orange ne se répare pas donc je l'ai viré et réinstaller,enfin presque car au mileu il ya toujours un problème donc PLUS orange.J'avais téléchargé le dernier explorer installé et il fonctionne.pense tu que je peut réinstallé orange d'une autre manière!!!!le pc met du temps a s'allumé sinon ca va mieux niveau lenteur!!!merci :hello: 
13 Août 2007 00:32:05

Re

Pour le démarrage, essaie ceci
http://www.pcastuces.com/logitheque/bootvis.htm

Pour Orange, je sèche.
Désinstalle Orange.

Lance le nettoyagze avec CCleaner.

Utilise EasyCleaner de Toni Helenius
Utilises les fonctions Inutiles et Registre. Supprimes ce qu'il trouve.
Ne pas toucher à la fonction doublons.


Ensuite, réinstalle Orange.
13 Août 2007 03:00:22

bon j'ai fais tout ca et..orange ne marche plus.J'ai tout sauf la connection donc je les viré directement et j'ai une page orange dans ie.je ne comprend rien.j'ai eu une page bleu au démarrage de windows:p as eu le temps de lire ,passé trop vite mais le début ca a mis que ca a été arrété pour un problème.je crois que l'on ne peux rien faire d'autres.merci
13 Août 2007 10:24:03

Bonjour


Je ne comprend pas pourquoi ce dysfonctionnement.

A part ceci, est ce que tu as d'autres problèmes liés aux infections ?
13 Août 2007 12:30:31

bah non!!je me sert de ie avec une page orange :pt1cable:  .Ca marche pour l'instant.J'ai enlevé plusieurs applications ou fichiers qui ne servaient a rien,revue les fichiers au démarrage,défragmenter et retiré l'autre utilisateur(ma copine).ca a l'air d'aller un peu plus vite.De toutes facons si ca va pas je sais ou m'adresser :jap:  .vous étes un site sérieux(par rapport a d'autres) et correct.pour ma part je pense que j'en ai finis,après toutes les pages de pub et maintenant tout ca.merci de m'avoir aidé,je vous en suis très reconnaissant :D 
13 Août 2007 23:23:45

Bonjour


On fini le ménage.

Désinstalle Navilog.

Lance OTmoveIT.
  • Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargé).
    NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder a internet, Autorise le.
  • Une liste apparait dans la partie gauche d'OTmoveIT.
  • Un message apparait pour confirmer le nettoyage. Confirme

    Encore deux choses.

    Va sur ce lien pour mieux sécuriser ton PC
    http://www.infos-du-net.com/forum/267223-11-securiser-o...

    Edite ton premier message et ajoute Résolu à côté de ton titre.

    Pour le navigateur, tu peux essayer sur le forum Internet et Réseaux.
    14 Août 2007 13:10:08

    merci pour tout............... :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS