Se connecter / S'enregistrer
Votre question

virus aidez moi svp ( resolu)

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Août 2007 19:28:10

bonjour
voilà j'ai recuperer le pc d'une amie, je l'ai nettoyer et mis un antivirus a jour (avast) il m'a trouve plusieur cheval de troie
je met en quarantaine, je redemarre et la il e met
impossible d'acceder c:window system32 drvjog dll
et je n'arrive pas a recuperer l'erreur
merci de votre aide

Autres pages sur : virus aidez svp resolu

9 Août 2007 05:57:58

Logfile of HijackThis v1.99.1
Scan saved at 17:54:08, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
C:\Program Files\Antivirus\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Antivirus\Avast4\ashMaiSv.exe
C:\Program Files\Antivirus\Avast4\ashWebSv.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\mgrs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {08F0ADE3-B526-7A02-EEC7-E004E1008D34} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {6D55F78D-57E0-7A56-9975-02E12506D1B4} - C:\Program Files\Dflkssav\uwcqxchb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [udajyxcd] rundll32.exe "C:\Program Files\kterejer\spghipop.dll",Init
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Tsra] "C:\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe" -vt yazb
O4 - HKCU\..\Run: [Eluc] "C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft\n?lookup.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ceb5f685d1d242d88697022c9a8f7f75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ceb5f685d1d242d88697022c9a8f7f75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{5613722F-3174-4BC2-AA84-0481045FA9C9}: NameServer = 81.118.192.100,81.118.196.36
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: nnnmmjk - C:\WINDOWS\SYSTEM32\nnnmmjk.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winowl32 - C:\WINDOWS\SYSTEM32\winowl32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Contenus similaires
9 Août 2007 17:55:25

voila
Logfile of HijackThis v1.99.1
Scan saved at 17:54:08, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
C:\Program Files\Antivirus\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Antivirus\Avast4\ashMaiSv.exe
C:\Program Files\Antivirus\Avast4\ashWebSv.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\mgrs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {08F0ADE3-B526-7A02-EEC7-E004E1008D34} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {6D55F78D-57E0-7A56-9975-02E12506D1B4} - C:\Program Files\Dflkssav\uwcqxchb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [udajyxcd] rundll32.exe "C:\Program Files\kterejer\spghipop.dll",Init
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Tsra] "C:\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe" -vt yazb
O4 - HKCU\..\Run: [Eluc] "C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft\n?lookup.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ceb5f685d1d242d88697022c9a8f7f75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ceb5f685d1d242d88697022c9a8f7f75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{5613722F-3174-4BC2-AA84-0481045FA9C9}: NameServer = 81.118.192.100,81.118.196.36
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: nnnmmjk - C:\WINDOWS\SYSTEM32\nnnmmjk.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winowl32 - C:\WINDOWS\SYSTEM32\winowl32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
9 Août 2007 17:57:58

Re

$$ Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.e...


$$ Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.


$$ Double clique sur SDFix.exe et choisis Install
Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
Tape Y pour lancer le script.
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
Presse une touche pour redémarrer

Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche


$$ Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis et le contenu du fichier "Report.txt" qui se trouve dans SDFix.
9 Août 2007 18:36:00

sdfix:
SDFix: Version 1.97

Run by HP_Propri‚taire on 09/08/2007 at 18:09

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\Documents and Settings\HP_Propri‚taire\Local Settings\Temp\win16.tmp.exe - Deleted
C:\WINDOWS\Temp\win50.tmp.exe - Deleted
C:\WINDOWS\Temp\win54.tmp.exe - Deleted
C:\WINDOWS\Temp\winB.tmp.exe - Deleted
C:\WINDOWS\Temp\win50.tmp.exe - Deleted
C:\WINDOWS\Temp\win54.tmp.exe - Deleted
C:\WINDOWS\Temp\winB.tmp.exe - Deleted
C:\WINDOWS\avp.exe - Deleted
C:\WINDOWS\Downloaded Program Files\UWFX5V_0001_N56M1411NetInstaller.exe - Deleted
C:\WINDOWS\mgrs.exe - Deleted
C:\WINDOWS\wints.ini - Deleted



Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL France"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule Plus"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\DOCUME~1\\HP_PRO~1\\LOCALS~1\\Temp\\winE.tmp.exe"="C:\\DOCUME~1\\HP_PRO~1\\LOCALS~1\\Temp\\winE.tmp.exe:*:Enabled:winE.tmp"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\Program Files\Fichiers communs\Yazzle1162OinAdmin.exe
C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe
C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7e808a3c27f845e09ebb11aa4251afd5\BITB.tmp

Finished

combofix:
Scanning for infected files . . .

This typically doesn't take more than 10 minutes

Scan times for badly infected machines may easily double

ComboFix has changed your clock settings.

Do not change it back. It shall be restored later

C:\ComboFix\DirRoot
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un
tre processus.

"C:\Program Files\Fichiers communs\Yazzle1162OinAdmin.exe"
"C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe"
"C:\WINDOWS\system32\wapiicc32.exe"
"C:\WINDOWS\system32\nnnmmjk.dll"
"C:\WINDOWS\system32\winowl32.dll"
"C:\Program Files\HbTools\HbTools.log"
"C:\Program Files\HbTools\HbTools_1134993606.log"
"C:\Program Files\winantivirus pro 2006\diagnosis.dat"
"C:\Program Files\winantivirus pro 2006\history.db"
"C:\Program Files\winantivirus pro 2006\update.log"
"C:\Program Files\Fichiers communs\winantivirus pro 2006\WapCHK.dll"
"C:\Program Files\winantivirus pro 2006\diagnosis.dat"
"C:\Program Files\winantivirus pro 2006\history.db"
"C:\Program Files\winantivirus pro 2006\update.log"
"C:\DOCUME~1\HP_PRO~1\APPLIC~1.\SystemDoctor 2006 Free\Logs\update.log"
"C:\DOCUME~1\HP_PRO~1\MESDOC~1.\crosof~1\spoolsv.exe"
"C:\DOCUME~1\HP_PRO~1\MESDOC~1.\crosof~1\??crosoft\"
"C:\Program Files\instant access\DesktopIcons\NoCreditCard.lnk"
"C:\Program Files\instant access\Multi\20060729180721\dialerexe.ini"
"C:\Program Files\instant access\Multi\20060729180721\instant access.exe"
"C:\Program Files\instant access\Multi\20060729180721\Common\module.php"
"C:\Program Files\instant access\Multi\20060729180721\js\js_api_dialer.php"
"C:\Program Files\instant access\Multi\20060729180721\medias\dialer.ico"
"C:\Program Files\instant access\Multi\20060729180739\dialerexe.ini"
"C:\Program Files\instant access\Multi\20060729180739\instant access.exe"
"C:\Program Files\instant access\Multi\20060729180739\Common\module.php"
"C:\Program Files\instant access\Multi\20060729180739\js\js_api_dialer.php"
"C:\Program Files\instant access\Multi\20060729180739\medias\dialer.ico"
"C:\Program Files\outerinfo\Terms.rtf"
"C:\Program Files\WinAntiVirus Pro 2006\diagnosis.dat"
"C:\Program Files\WinAntiVirus Pro 2006\history.db"
"C:\Program Files\WinAntiVirus Pro 2006\update.log"
"C:\DOCUME~1\HP_PRO~1\APPLIC~1\SystemDoctor 2006 Free\Logs\update.log"
"C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\WapCHK.dll"
"C:\DOCUME~1\CLMENC~1\APPLIC~1\SystemDoctor 2006 Free\Logs\update.log"
"C:\DOCUME~1\CCILE~1\APPLIC~1\WinAntiVirus Pro 2006\PGE.dat"
"C:\DOCUME~1\HP_PRO~1\APPLIC~1\SystemDoctor 2006 Free\Logs\update.log"
"C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinAntiVirus Pro 2006\PGE.dat"
"C:\WINDOWS\system32\nvs2.inf"
"C:\WINDOWS\system32\stera.job"
"C:\WINDOWS\system32\stera.log"
"C:\WINDOWS\Casino.ico"
"C:\WINDOWS\Free Online Dating.ico"
"C:\WINDOWS\Spyware Remover.ico"
"C:\DOCUME~1\HP_PRO~1\Bureau.\Find Spyware Remover.lnk"
"C:\DOCUME~1\HP_PRO~1\Bureau.\Free Online Dating.lnk"
"C:\DOCUME~1\HP_PRO~1\Bureau.\Go to Casino.lnk"
"C:\Program Files\ucleaner_setup.exe"
"D:\Autorun.inf"
"C:\Program Files\HbTools"
"C:\Program Files\winantivirus pro 2006"
"C:\Program Files\Ultimate Cleaner"
"C:\Program Files\Fichiers communs\winantivirus pro 2006"
"C:\DOCUME~1\HP_PRO~1\APPLIC~1.\SystemDoctor 2006 Free"
"C:\DOCUME~1\HP_PRO~1\MESDOC~1.\crosof~1"
"C:\DOCUME~1\HP_PRO~1\MESDOC~1.\mcroso~1"
"C:\Program Files\instant access"
"C:\Program Files\outerinfo"
"C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006"
"C:\DOCUME~1\CLMENC~1\APPLIC~1\SystemDoctor 2006 Free"
"C:\DOCUME~1\CLMENC~1\APPLIC~1\WinAntiVirus Pro 2006"
"C:\DOCUME~1\CCILE~1\APPLIC~1\WinAntiVirus Pro 2006"
"C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinAntiVirus Pro 2006"
"C:\DOCUME~1\magaly\APPLIC~1\WinAntiVirus Pro 2006"


et pour finir

Logfile of HijackThis v1.99.1
Scan saved at 18:34, on 2007-08-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
C:\Program Files\Antivirus\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {08F0ADE3-B526-7A02-EEC7-E004E1008D34} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {6D55F78D-57E0-7A56-9975-02E12506D1B4} - C:\Program Files\Dflkssav\uwcqxchb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [udajyxcd] rundll32.exe "C:\Program Files\kterejer\spghipop.dll",Init
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Tsra] "C:\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe" -vt yazb
O4 - HKCU\..\Run: [Eluc] "C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft\n?lookup.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ceb5f685d1d242d88697022c9a8f7f75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ceb5f685d1d242d88697022c9a8f7f75
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{5613722F-3174-4BC2-AA84-0481045FA9C9}: NameServer = 81.118.192.100,81.118.196.36
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


9 Août 2007 18:38:38

Re


Ce n'est pas le bon rapport de Combofix, poste le.
9 Août 2007 18:42:13

desole je crois que j'ai pas attendue assez je le refait et je post
merci pour ton aide
c pas grave au moins le virus ?
9 Août 2007 18:52:24

le voila (je crois)

ComboFix 07-08-09.3 - "HP_Propri‚taire" 2007-08-09 18:41:10.2 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.38 [GMT 2:00]


((((((((((((((((((((((((( Files Created from 2007-07-09 to 2007-08-09 )))))))))))))))))))))))))))))))


2007-08-09 18:40 <REP> d-------- C:\WINDOWS\system32\iieldknh
2007-08-09 18:40 <REP> d-------- C:\Program Files\SecCenter
2007-08-09 18:22 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-09 18:09 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-09 17:41 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-09 17:32 <REP> d-------- C:\Program Files\Dflkssav
2007-08-09 17:31 <REP> d-------- C:\Program Files\kterejer
2007-08-08 15:13 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-08 15:13 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-08 15:13 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-08 15:13 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-08 15:13 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-08 15:13 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-08 15:13 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-08 15:13 <REP> d-------- C:\Program Files\Antivirus
2007-08-08 12:25 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2007-08-08 12:25 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-08-08 12:25 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-08-08 12:25 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-07-20 16:28 4,820 --a------ C:\WINDOWS\system32\tnlrikirb.dat
2007-07-20 16:28 335,872 --a------ C:\WINDOWS\system32\tnlrikirb.exe
2007-07-20 16:28 294 --a------ C:\WINDOWS\system32\tnlrikirb_navps.dat
2007-07-20 16:28 266,204 --a------ C:\WINDOWS\system32\tnlrikirb_nav.dat
2007-07-20 11:57 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2007-07-12 18:31 <REP> d-------- C:\Program Files\EA GAMES
2007-07-09 21:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-09 21:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-09 21:05 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-07-09 21:05 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-07-09 21:05 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-07-09 21:05 740,442 --a------ C:\WINDOWS\system32\DivX.dll
2007-07-09 21:05 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-07-09 21:05 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-07-09 21:05 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-07-09 21:05 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-07-09 21:05 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-07-09 21:05 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-07-09 21:05 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-07-09 21:05 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-07-09 21:05 124,472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-07-09 21:05 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-08 17:48 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\insideloud
2007-08-08 15:03 --------- d-------- C:\Program Files\Kaspersky Lab
2007-08-08 14:15 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
2007-08-08 14:11 --------- d-------- C:\Program Files\InterActual
2007-08-08 13:09 --------- d-------- C:\Program Files\Hewlett-Packard
2007-08-08 12:59 --------- d-------- C:\Program Files\eoRezo
2007-08-08 12:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
2007-07-20 12:25 --------- d-------- C:\Program Files\Google
2007-07-20 12:24 --------- d-------- C:\Program Files\DivX
2007-07-12 09:41 76136 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-07-12 09:41 469622 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-07-09 21:07 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-07-09 21:07 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-07-05 22:54 --------- d-------- C:\Program Files\Windows Live Toolbar
2007-06-24 16:37 --------- d-------- C:\Program Files\Canon
2007-06-23 21:19 --------- d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2007-06-23 20:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Canon
2007-05-16 17:13 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08F0ADE3-B526-7A02-EEC7-E004E1008D34}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D55F78D-57E0-7A56-9975-02E12506D1B4}]
2007-08-09 17:32 106496 --a------ C:\Program Files\Dflkssav\uwcqxchb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 21:23]
"EoEngine"="" []
"YeppStudioAgent"="C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe" [2005-09-12 15:21]
"LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 20:05]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 20:44]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 21:47 C:\WINDOWS\ALCXMNTR.EXE]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 18:51]
"avast!"="C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"udajyxcd"="C:\Program Files\kterejer\spghipop.dll" [2007-08-09 17:31]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]
"Tsra"="C:\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe" []
"Eluc"="C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft\n?lookup.exe" []

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32]
winowl32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
ALCXMNTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Curb Global Dvd Mode]
C:\Documents and Settings\All Users\Application Data\Bait exit curb global\htmreadme.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
"C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
"c:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\neufbox_reminder]
"C:\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe" -r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\showgram]
C:\DOCUME~1\HP_PRO~1\APPLIC~1\INSIDE~1\Cast slow.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
Rundll32.exe SiSPower.dll,ModeAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Stormer]
C:\Program Files\Spyware Stormer\SpywareStormer.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YeppStudioAgent]
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NPFMntor"=2 (0x2)

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 ids00026;ids00026;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
S3 ids00118;ids00118;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys
S3 ids0014f;ids0014f;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys
S3 ids0015d;ids0015d;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys
S3 ids00180;ids00180;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 viagfx;viagfx;C:\WINDOWS\system32\DRIVERS\vtmini.sys
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


Contents of the 'Scheduled Tasks' folder
2007-07-27 17:30:28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
2007-08-08 13:43:13 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
2007-08-09 16:04:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-09 18:49:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000521

scanning hidden files ...

**************************************************************************

Completion time: 2007-08-09 18:51:14
C:\ComboFix-quarantined-files.txt ... 2007-08-09 18:50

--- E O F ---
9 Août 2007 19:09:47

Bien, on continue.

Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {08F0ADE3-B526-7A02-EEC7-E004E1008D34} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: (no name) - {6D55F78D-57E0-7A56-9975-02E12506D1B4} - C:\Program Files\Dflkssav\uwcqxchb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [udajyxcd] rundll32.exe "C:\Program Files\kterejer\spghipop.dll",Init
O4 - HKCU\..\Run: [Tsra] "C:\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe" -vt yazb
O4 - HKCU\..\Run: [Eluc] "C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft\n?lookup.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt....
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :p aste List of Files/Folders to be moved.

C:\WINDOWS\system32\iieldknh
C:\WINDOWS\nircmd.exe
C:\Program Files\Dflkssav
C:\Program Files\kterejer
C:\WINDOWS\system32\tnlrikirb.dat
C:\WINDOWS\system32\tnlrikirb.exe
C:\WINDOWS\system32\tnlrikirb_navps.dat
C:\WINDOWS\system32\tnlrikirb_nav.dat
C:\Documents and Settings\HP_Propriétaire\Application Data\insideloud
C:\Documents and Settings\All Users\Application Data\Bait exit curb global
C:\Documents and Settings\HP_Propriétaire\Mes documents\CROSOF~1
C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft
C:\WINDOWS\system32\winowl32.dll
C:\Program Files\Spyware Stormer
C:\Program Files\insideloud
C:\Program Files\Adverts


Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.


Poste le rapport situé dans C:\_OTMoveIt\MovedFiles avec un nouveau Hijackthis.
9 Août 2007 19:30:05

alors:
C:\WINDOWS\system32\iieldknh moved successfully.
C:\WINDOWS\nircmd.exe moved successfully.
C:\Program Files\Dflkssav moved successfully.
C:\Program Files\kterejer moved successfully.
C:\WINDOWS\system32\tnlrikirb.dat moved successfully.
C:\WINDOWS\system32\tnlrikirb.exe moved successfully.
C:\WINDOWS\system32\tnlrikirb_navps.dat moved successfully.
C:\WINDOWS\system32\tnlrikirb_nav.dat moved successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\insideloud moved successfully.
C:\Documents and Settings\All Users\Application Data\Bait exit curb global moved successfully.
File/Folder C:\Documents and Settings\HP_Propriétaire\Mes documents\CROSOF~1 not found.
File/Folder C:\Documents and Settings\HP_Propriétaire\Mes documents\M?crosoft not found.
File/Folder C:\WINDOWS\system32\winowl32.dll not found.
C:\Program Files\Spyware Stormer\Settings moved successfully.
C:\Program Files\Spyware Stormer\Registry Backups moved successfully.
C:\Program Files\Spyware Stormer moved successfully.
C:\Program Files\insideloud moved successfully.
C:\Program Files\Adverts moved successfully.

Created on 08/09/2007 19:27:49

et voila
Logfile of HijackThis v1.99.1
Scan saved at 19:29:37, on 09/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
C:\Program Files\Antivirus\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Antivirus\Avast4\ashMaiSv.exe
C:\Program Files\Antivirus\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ceb5f685d1d242d88697022c9a8f7f75
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ceb5f685d1d242d88697022c9a8f7f75
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5613722F-3174-4BC2-AA84-0481045FA9C9}: NameServer = 81.118.192.100,81.118.196.36
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
9 Août 2007 19:34:19

Bien.

Relance Hijackthis et fixe cette ligne.

O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)


Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse.
Colle son rapport ici.
9 Août 2007 19:37:46

quand tu dis fixe ca veyt dire coche ?
deqsole j'avais pas vu fixed objet !! :) 
9 Août 2007 19:44:27

il me marque erreur 623 le systeme n'a pas trouve l'entre de l'annuaire telephonique
9 Août 2007 21:39:36

Incident Statut Analyse

Outil indésirable:application/spywarestormer No Désinfecté hkey_local_machine\software\microsoft\windows\currentversion\uninstall\Spyware Stormer
Adware:adware/wupd No Désinfecté Registre Windows
Adware:adware/favadd No Désinfecté Registre Windows
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@247realmedia[1].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@2o7[2].txt
Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@888[1].txt
Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@888[2].txt
Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@ad.yieldmanager[2].txt
Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@adopt.hbmediapro[2].txt
Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@ads.pointroll[2].txt
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@adtech[2].txt
Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@adultfriendfinder[1].txt
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@advertising[2].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@as-eu.falkag[1].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@as1.falkag[2].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@atdmt[2].txt
Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@belnk[1].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@bluestreak[2].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@bs.serving-sys[1].txt
Spyware:Cookie/Enhance No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@c.enhance[1].txt
Spyware:Cookie/Cassava No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@cassava[1].txt
Spyware:Cookie/Cgi-bin No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@cgi-bin[1].txt
Spyware:Cookie/Cgi-bin No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@cgi-bin[2].txt
Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@dist.belnk[2].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@doubleclick[1].txt
Spyware:Cookie/ErrorSafe No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@errorsafe[2].txt
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@fastclick[1].txt
Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@fe.lea.lycos[1].txt
Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@fl01.ct2.comclick[1].txt
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@media.fastclick[2].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@mediaplex[1].txt
Spyware:Cookie/OfferOptimizer No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@offeroptimizer[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@overture[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@perf.overture[1].txt
Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@serving-sys[2].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@stats1.reliablestats[1].txt
Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@statse.webtrendslive[1].txt
Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@systemdoctor[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@tradedoubler[2].txt
Spyware:Cookie/Valueclick No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@valueclick[2].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@weborama[2].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@winantivirus[1].txt
Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@winfixer[2].txt
Spyware:Cookie/ErrorSafe No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@www.errorsafe[1].txt
Spyware:Cookie/Golden Palace Online Casino No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@www.goldenpalace[1].txt
Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@www.systemdoctor[2].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@www.winantivirus[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@xiti[1].txt
Spyware:Cookie/Adserver No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@z1.adserver[1].txt
Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\clémence\Cookies\clémence@zedo[2].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@2o7[1].txt
Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@888[1].txt
Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@888[2].txt
Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@ad.yieldmanager[1].txt
Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@adultfriendfinder[2].txt
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@advertising[2].txt
Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@apmebf[2].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@as-eu.falkag[1].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@as-us.falkag[2].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@as1.falkag[2].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@atdmt[2].txt
Spyware:Cookie/Azjmp No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@azjmp[1].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@bluestreak[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@bs.serving-sys[2].txt
Spyware:Cookie/Casinotropez No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@casinotropez[1].txt
Spyware:Cookie/Cassava No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@cassava[1].txt
Spyware:Cookie/Clubdicecasino No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@clubdicecasino[2].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@doubleclick[1].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@drivecleaner[1].txt
Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@ehg-ads.hitbox[2].txt
Spyware:Cookie/ErrorSafe No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@errorsafe[2].txt
Spyware:Cookie/Linksynergy No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@linksynergy[1].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@mediaplex[1].txt
Spyware:Cookie/OfferOptimizer No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@offeroptimizer[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@overture[2].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@perf.overture[1].txt
Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@server.iad.liveperson[2].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@serving-sys[1].txt
Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@smartadserver[2].txt
Spyware:Cookie/onestat.com No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@stat.onestat[2].txt
Spyware:Cookie/Systemdoctor No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@systemdoctor[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@tradedoubler[2].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@weborama[1].txt
Spyware:Cookie/ErrorSafe No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@www.errorsafe[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@xiti[1].txt
Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Cécile\Cookies\cécile@zedo[1].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.smartadserver.com/]
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.com.com/]
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.adtech.de/]
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.weborama.fr/]
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.advertising.com/]
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\0n0a13y2.default\cookies.txt[.serving-sys.com/]
Outil indésirable:Application/NirCmd.A No Désinfecté C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe[nircmd.exe]
Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\HP_Propriétaire\Bureau\SDFix.exe[SDFix\apps\Process.exe]
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@2o7[2].txt
Spyware:Cookie/66.246.209 No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@66.246.209[2].txt
Spyware:Cookie/7search No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@7search[2].txt
Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@ads.pointroll[1].txt
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@adtech[2].txt
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@advertising[1].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@as-eu.falkag[2].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt[2].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bluestreak[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@bs.serving-sys[2].txt
Spyware:Cookie/Clickbank No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@clickbank[1].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@doubleclick[1].txt
Spyware:Cookie/Enhance No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@enhance[2].txt
Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@fe.lea.lycos[1].txt
Spyware:Cookie/GoClick No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@goclick[2].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@klik.klikadvertising[2].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@mediaplex[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@overture[2].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@serving-sys[3].txt
Spyware:Cookie/Smartadserver No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@smartadserver[2].txt
Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@statse.webtrendslive[1].txt
Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@toplist[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@tradedoubler[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[2].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@xiti[1].txt
Virus:Trj/Downloader.PTL Désinfecté C:\Documents and Settings\HP_Propriétaire\Mes documents\logiciel\crack.exe
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@2o7[2].txt
Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@888[1].txt
Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@888[2].txt
Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@ad.yieldmanager[1].txt
Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@adopt.hbmediapro[2].txt
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@adtech[2].txt
Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@adultfriendfinder[2].txt
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@advertising[1].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@as-eu.falkag[1].txt
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@atdmt[2].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@bluestreak[2].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@bs.serving-sys[1].txt
Spyware:Cookie/Cassava No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@cassava[1].txt
Spyware:Cookie/Clubdicecasino No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@clubdicecasino[1].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@doubleclick[1].txt
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@fastclick[2].txt
Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@fe.lea.lycos[1].txt
Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@fl01.ct2.comclick[2].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@mediaplex[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@perf.overture[1].txt
Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@revenue[1].txt
Spyware:Cookie/Rn11 No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@rn11[2].txt
Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@serving-sys[2].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@stats1.reliablestats[2].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@tradedoubler[1].txt
Spyware:Cookie/Valueclick No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@valueclick[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@weborama[2].txt
Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@winfixer[2].txt
Spyware:Cookie/Golden Palace Online Casino No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@www.goldenpalace[1].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@www.winantivirus[2].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@xiti[1].txt
Spyware:Cookie/Adserver No Désinfecté C:\Documents and Settings\magaly\Cookies\magaly@z1.adserver[1].txt
Adware:Adware/Lop No Désinfecté C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\newpass2[2].htm
Outil indésirable:Application/KillApp.B No Désinfecté C:\hp\bin\KillIt.exe
Outil indésirable:Application/Winantivirus2006 No Désinfecté C:\Program Files\Common Files\Companion Wizard\WapCHK.dll
Outil indésirable:Application/Winantivirus2006 No Désinfecté C:\Program Files\Common Files\Companion Wizard\WapCHK{CB4D88E2-F11F-4D38-ACDC-D3BD60733877}.dll
Virus:Trj/Downloader.PTL Désinfecté C:\Program Files\Mozilla Firefox\crack.exe
Adware:Adware/PurityScan No Désinfecté C:\QooBox\Quarantine\C\DOCUME~1\HP_PRO~1\MESDOC~1\CROSOF~1\spoolsv.exe.vir
Outil indésirable:Application/Winantivirus2006 No Désinfecté C:\QooBox\Quarantine\C\Program Files\Fichiers communs\WinAntiVirus Pro 2006\WapCHK.dll.vir
Adware:Adware/Yazzle No Désinfecté C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1162OinAdmin.exe.vir
Adware:Adware/Yazzle No Désinfecté C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe.vir
Dialer:D ialer.HXF No Désinfecté C:\QooBox\Quarantine\C\Program Files\Instant Access\Multi\20060729180721\instant access.exe.vir
Dialer:D ialer.HXF No Désinfecté C:\QooBox\Quarantine\C\Program Files\Instant Access\Multi\
9 Août 2007 21:58:11

Re

Est ce que tu as mis le rapport en entier ?


Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner

Clique sur Options, Avancé et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Ne touche pas aux autres réglages.

Lance le nettoyage.


Copie (Ctrl+C) le texte ci-dessous :

File::
C:\Program Files\Mozilla Firefox\crack.exe

Folder::
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ
C:\Program Files\Common Files\Companion Wizard

Registry::
[-hkey_local_machine\software\microsoft\windows\currentversion\uninstall\Spyware Stormer]


Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt



Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
9 Août 2007 22:34:17

[ComboFix 07-08-09.3 - "HP_Propri‚taire" 2007-08-09 22:16:15.3 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.67 [GMT 2:00]
Command switches used :: C:\Documents and Settings\HP_Propri‚taire\Bureau\CFScript.txt
* Created a new restore point

FILE::
C:\Program Files\Mozilla Firefox\crack.exe


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\-]AJFGFGJ-32A_}~GYR0,+[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\-E_4T-!4M~11OWN`KCG45}[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\,D}C~G[UX44U9743@C8P2O[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\[YT`N2X8LO5CU[A`N6H7HQ[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\]9}WX+H_@Y2IRNOO1U1HM~[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\_2169!-A3--JNRWMU7[W9[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\_8TO9C,3MT2FA88QVC@OVE[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\`HE,6KO6J{3!T3[A~0CRD1[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000005552_000000000000000254259[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000005552_000000000000000287520[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000005552_000000000000000305300[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000005552_000000000000000411944[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000007325_000000000000000290308[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000011399_000000000000000294498[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0000050574_000000000000000413329[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\040322_hell[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\060322_livebackstage_728_90[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\09DB0326AEE1BE657548566FD1D[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\0T5BY8B}G{2EWOH,4STXR7[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1033436654@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1044513363@Right2,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1097375011@Bottom,Right2,Right3[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\11[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\11[2].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\114856136.img.small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1203723[1]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1210125737@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1276275552@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1396927453@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1437236602@Right2,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1455448563@Bottom,Right2,Right3[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1510909981@Right2,Bottom[1]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\15197003_new[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1520503342@Right2,Bottom[1]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\15519622[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1606307110@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1637153840@Right2,Bottom[1]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1692532862@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1732498211@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1757645555@Top,Bottom[2]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\180x150[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\180x150_photobox_v2_fr_002[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\180x150_turquoise_fr[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1899694499[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1904524118@Right2,Bottom[1]
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1EAAD75662EDA1FAB83EB53F8D2FF6[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\1F3F7FE7FD74D70E2C05E436BAE54[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\2_4`-]~@LU46`,ZIBD1U04[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\20070428-mixxx[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\21939[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\234x60[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\234x60_prune_fr_new_m_h3_arrows[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\23728[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[10].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[11].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[12].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[13].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[14].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[15].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[16].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[17].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[18].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[19].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[2].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[3].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[4].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[5].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[6].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[7].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[8].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\285085190882[9].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\2B5539EB5DF2159954E6D265B7463[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\2M455N_08[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\2M455N_09[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\2M455N_14[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\2M455N_15[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\3081020m[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\312939479_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\32[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\329109458[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\354[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370090866_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370598145_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370608533_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370610565_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370630326_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370636136_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370662062_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370693556_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370713723_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370726212_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\370731365_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\379935509_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\379938281_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\386_fr_470x222_vidPlayer[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\393459195_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\3exit[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\3FF751DC91D5BD45B022D24A4653[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\409987533_comment_1[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\413602306_comment_1[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\414988558_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\416068496_small[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\4B2D7B26BA7F12535D275C5431F7[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\56A4CE159E50D61277EE9EDD49F8F1[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\57,@N1]3VU2X63P7TQ,C-{[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\5731[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\6687F5A0119C4FDCBF60E0C9878B65[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\728_90_msn(1)[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\728x90[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\728x90[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\728x90_ordi-p(2)[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\728x90_sismix_P4_01[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\83D9A25251F0BA6634CC1F4DC8C16[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\901A3712765133DA77C8AF12EF041[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\acceuil_1_1[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\acceuil_3_1[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\acceuil_3_2[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[2].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[3].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[4].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[5].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[6].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add[7].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\add_bas_2[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\aff_beta2_arrow_sm_orange_s[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\aide-soignante.20060406145301[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\amis[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\andrea.20061104212400[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\angelique1907.20060313012638[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\animated_loading[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\apero-team.20060731171220[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\arabic[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\as_mallogement_728x90[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\aur-e.20060403203858[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\aurel3401.20060416120844[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\auto_decouvrez_728x90[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\AZN.Girl.20060326003033[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\B1835029;sz=468x60;ord=[timestamp][1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\B7CAB39538537CB25A170ADCE5C52[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\back-page[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\baillement[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bal[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\BBDD2D5F3FE4050EEDECF4D98922A[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\berdi340.20060403195845[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Berny.20060114195621[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\beta[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bg_b[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bg_buttons[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bg_menu_0003[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bg_path[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bg_tetiere_0004[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\BHXVDHOOQ5ZEM-0J~TDFR[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\big_photoperso[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\big_ringtones[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\block-msg[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Bot[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bt_preview[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\btn_acces_visiteurs[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\btn_entrer[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bubu34670.20060319215000[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bubu34670.20060319215601[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bubu34670.20060319215622[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\bubu34670.20060324214956[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Bullet[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA07IXSF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA0BAH29.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA0JEX2T.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA0P2ROL.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA0XILAX.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA0Y6FG8.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA11FLH1.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA19V6KB.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA1EBBHW.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA1O2953.gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA1XL8A9.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2349AB.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2389Y7.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA23KP6N.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA27EVOL.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2FK30J.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2FW1MZ.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2HS16R.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2KAQ5P.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2RPXCI.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA2VW781.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA36T1HV.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA3G8BZ3.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA4HV183.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA4HYFKD.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA4LMNWT.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA4QZ954.swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA51LRG2.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA64Z5RA.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA698VOZ.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA6FK5MJ.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA6KQBMD.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA6NK1UF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA6R8TEF.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA6TENX3.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA6ZKPYF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA78UGBN.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA7GJRE7.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA80X2FJ.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8CWXS3.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8DU7G5.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8HFTNK.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8HRUDO.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8HYWP7.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8PD23M.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8PQRST.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8TCC7X.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8UKZR9.HTM
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8X6RS9.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA8XABWT.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA93MXTK.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA96JFBI.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CA9T37J3.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAA14FWB.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAA7SXYZ.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAAC801Z.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAAHOXCP.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAAJK121.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CABMBHWH.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CABO6856.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAC9INGP.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CACXQ3MA.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAE74HIV.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAE9AVAB.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAEBSD6N.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAED8X0L.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAEJKHEF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAETQROF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAFEDZH5.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAG52NKT.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAGSJGZD.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAGVYTHG.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAH0LCJA.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAHUKDMU.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAI23WO3.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAIFC9YN.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAIIKADP.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAIJST2Z.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAIRCBUU.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAIVWD6D.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAJL75Q4.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAJODLT4.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAJQ03NL.swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAJT15OL.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAK3ABQM.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAK5FLWC.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAKHADK1.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAKROR6N.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAKSONNF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAKXY3O1.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAL10JV1.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAL1IKWM.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\cale_transparente[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAM2685G.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAM78V3K.gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAM7SXQF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAM9ZPK0.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAML2UUH.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAMNS9QN.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAMSTV7I.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAMVUJ47.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Canard69.20060519194828[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CANRH111.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CANVCUTB.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAO5EFS3.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAO7E5EZ.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAOBS5QF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAOCBQX4.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAODUB4L.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAODY7SP.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAOMZF39.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAP5CHWQ.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAPCB3K6.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAPCDIC0.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAPHDOS2.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAPJ2SZA.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\capucinedunil.20060109205023[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQA4KYF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQFCLIZ.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQK84IF.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQL6PK1.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQRQ3U1.gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQU4MU6.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQV0ZGR.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQY346K.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAQZWPYF.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAR5PTO6.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Carpe.Diem.20060226224330[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAS5AZS9.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAS967KP.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CASH6ZCX.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CASHEB49.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CASM55RX.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CASNO1SD.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAST6VCX.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CASXQN0T.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CASXUNWT.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAT9JDZG.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAU1QAKG.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAU3QFYX.swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAU3SHKB.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAU3SL67.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAU7OXEN.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAUJOTS3.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAUODS7R.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAUR05G5.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAUY1149.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAUYBZDG.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAUZW967.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAV2KIPY.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAVEYX6L.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAVMT90O.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAW54NOD.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAW5MBCD.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAWCN0LM.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAWDEJ69.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAWNWRKR.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAWXEFOT.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAX1TNVN.bin
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAX4SBH5.swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAY743ZS.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAY7ADIL.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAYR4TA7.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAYZK5AZ.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAZIQH3F.php
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CAZV4B2T.htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CBC1675810861D3D82B74D1D5D8C99[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\certified2[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\chat[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\chercheur.20050317214104[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CHIFFRES_160_600_230306_25[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\choupi34110.20060402211049[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\ChUpAcHuP34.20060327175913[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\clown[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Cnikita.20060320103033[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\coccinelle[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\coiff34.20060115222549[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\colere[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\comm2[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\compteur[1].xml
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Crazysurfer.20051109225408[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\crossdomain[1].xml
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\crs_4625[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\crs_4626[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CtnWms1574991255[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CtnWms458757303_20060315[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CtnWms505485717[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\CtnWms786048165[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\currency_dollar[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\cybercop[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\cypher3098.20060225005406[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DAFTpave[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\data[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\databind[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DBU748H~WT34S2N[Z36SBW[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DDI.20050529174450[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DDI.20050713102014[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DDI.20051002211308[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DDI.20051204174624[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DDI.20060228141200[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DDI.20060406194434[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\dedicace[1].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\desktop.ini
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\diable[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\diabolo34.20050827140724[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\dino34.20060111221701[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\disconnect[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\divertissement_serie_728_90[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DjBenji34.20051026210952[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\DocumentDotWrite[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\drawer-background[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\edito[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\ejs_menu_dynfonct[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\env[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\espanOC34.20060311141751[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\ExtremT.20051106171647[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\F466FB8A731E6487DC5E873030C3[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fabius.20070131002421[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\FADOLII.20070420203829[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\faistourner[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\favicon[2].ico
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fd_1[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fd_brown[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fd_first[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fd_violet[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\FE3C4DD35A86D7D759FFDF62334B[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fenetre_top_2[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fille[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\firepay[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\flag2[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\flvplayer[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\folllasse30.20061223155132[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fond_acces_visiteurs[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fond_header[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fond_header1[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fond_soustitre[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fr[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\fr_WL[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\friends_header[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\full-list[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\g.star30.20060503233418[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\gai[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\garouille.20060606230045[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\gauthier034.20060610005132[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\getmsg[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\getverisignsealflash.ffadult[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\GHETTOVEN.20060502135414[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\gifstats[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\global[1].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\glow_b[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\google-pack[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\graphics[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\grenouille[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\grey[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\groumpf[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\GSD2,R_IFO3,MQZC0H,WXQ[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\GTL_SiteGeneric[1].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hat_violet-communaute[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\haut[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\head_g[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\head_right[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\headend_l[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\header[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hippie[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hotmail___1000000003[2].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hotmail___1021000204[2].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hp_generic[2].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hp_generic[3].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\hp_simple[2].css
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.embeer[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emclock[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.ememail[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emmale[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emmessag[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emphone[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emsmiled[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emthdown[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.emwink[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i.p.replyall.d[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_calendar[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_checkmail[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_contacts[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_delete[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_edit[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_expand[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_forward[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_lastpage[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_lastpage_disable[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_msnlogo[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_new_group[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_readingpane_bottom[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_readingpane_right[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_sent[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_today[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\i_trash[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\ico_erreurs[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\icon[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\idee[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\imgad[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\imgad[2].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\imgad[3].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\imgad[4].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\imgad[5].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\imgad[6].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[2].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[3].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[4].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[5].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[6].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\includenbcomment[7].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\index[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\index2[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\index2[2].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\indexint[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\indifferent[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\input-left[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\inquiet[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\invit_04[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\invit_07[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\invit_09[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\invit_19[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\javascript2[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\jerem34400.20050713135227[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\jessica.....34500.20060402172026[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Jesus[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\jewel[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Jim34690.20060402201241[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\jollyjumper.20060318133444[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\jp[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\JP{R37BCI85M!Q9[NA9H!F[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\julio-titia-forever.20060225111654[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\july34400.20060604191331[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\KABAL.20060227131750[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\KAMoOoKAM.20051223222959[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kekeboydu34.20060618230806[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kissou30.20060322181345[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060312145825[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060312150039[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060321171049[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060321171049[2].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060323173028[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060323173028[2].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\kmylle.20060328143627[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\L8CXN]YOR+1X2}]BEM56-M[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\la-fille-simpa.20060406202143[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\la-pince.20060301202014[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\labrador.20050821223741[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\labrune0210.20060403155343[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lamerci-00030131-0-0[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lamerci-000401340146-0-0[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\language_japanese[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lapoussanaise34.20060405184030[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\laulau28.20060326213126[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\left[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Leo-Sept.20060209180137[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\les.suportrices.20060407213521[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lifecam[1].png
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\LIL-JIMZ.20060322194700[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lili.20070419202510[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\linalove34.20060309193334[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\LivePerson[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Lmega_casting2[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\Lmega_tv2[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\loading_11.10.0000.0095[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lodie34400.20060402194053[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\login[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lolothebest69.skyblog[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lorens84.skyblog[1].htm
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lullaby.20050605202327[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lutin[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\lyze-347.20060326225843[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\M453N_03[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\M453N_04[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\M453N_10[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\M453N_15[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\M453N_21[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mag34280gm.20050713101859[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mag34280gm.20050830215950[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mag34280gm.20060302113218[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mag34280gm.20060302113218[2].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mag34280gm.20060403204122[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mag34280gm.20060403204229[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\malabar88.20070420204339[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\MANGA2_160_600_090806_backup[1].swf
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\manoumtp.20060430214309[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\marjojo34500.20060204135417[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\marquee-history[1].gif
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\matt34670.20060111182758[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\maxibanner[1].js
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\mec_de_beziers.20060613150811[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\MeMe...Si.20060403193955[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\MeMe...Si.20060403194159[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\MeMe...Si.20060403194955[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\MeMe...Si.20060403194955[2].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content.IE5\CDIJC9UJ\MeMe...Si.20060403195755[1].jpg
C:\Documents and Settings\magaly\Local Settings\Temporary Internet Files\Content
9 Août 2007 22:46:48

Il manque la fin du rapport.

Poste à partir de

((((((((((((((((((((((((( Files Created
9 Août 2007 22:49:26

(((((((((((((((((((((((( Files Created from 2007-07-09 to 2007-08-09 )))))))))))))))))))))))))))))))


2007-08-09 22:15 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-09 22:07 <REP> d-------- C:\Program Files\CCleaner
2007-08-09 19:57 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-09 18:40 <REP> d-------- C:\Program Files\SecCenter
2007-08-09 18:09 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-09 17:41 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-08 15:13 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-08 15:13 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-08 15:13 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-08 15:13 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-08 15:13 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-08 15:13 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-08 15:13 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-08 15:13 <REP> d-------- C:\Program Files\Antivirus
2007-08-08 12:25 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2007-08-08 12:25 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-08-08 12:25 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-08-08 12:25 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-07-20 11:57 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2007-07-12 18:31 <REP> d-------- C:\Program Files\EA GAMES
2007-07-09 21:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-09 21:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-09 21:05 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-07-09 21:05 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-07-09 21:05 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-07-09 21:05 740,442 --a------ C:\WINDOWS\system32\DivX.dll
2007-07-09 21:05 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-07-09 21:05 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-07-09 21:05 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-07-09 21:05 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-07-09 21:05 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-07-09 21:05 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-07-09 21:05 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-07-09 21:05 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-07-09 21:05 124,472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-07-09 21:05 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-09 22:21 --------- d-------- C:\Program Files\Common Files
2007-08-09 20:52 --------- d-------- C:\Program Files\Windows Live Toolbar
2007-08-09 20:52 --------- d-------- C:\Program Files\USB Disk Win98 Driver
2007-08-09 20:47 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-08-09 20:46 --------- d-------- C:\Program Files\iTunes
2007-08-09 20:41 --------- d-------- C:\Program Files\Google
2007-08-08 15:03 --------- d-------- C:\Program Files\Kaspersky Lab
2007-08-08 14:15 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
2007-08-08 14:11 --------- d-------- C:\Program Files\InterActual
2007-08-08 13:09 --------- d-------- C:\Program Files\Hewlett-Packard
2007-08-08 12:59 --------- d-------- C:\Program Files\eoRezo
2007-08-08 12:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
2007-07-20 12:24 --------- d-------- C:\Program Files\DivX
2007-07-12 09:41 76136 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-07-12 09:41 469622 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-07-09 21:07 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-07-09 21:07 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-06-24 16:37 --------- d-------- C:\Program Files\Canon
2007-06-23 21:19 --------- d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2007-06-23 20:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Canon
2007-05-16 17:13 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 21:23]
"EoEngine"="" []
"YeppStudioAgent"="C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe" [2005-09-12 15:21]
"LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 20:05]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 20:44]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 18:51]
"avast!"="C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe" [2007-07-28 00:03]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
ALCXMNTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Curb Global Dvd Mode]
C:\Documents and Settings\All Users\Application Data\Bait exit curb global\htmreadme.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
"C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
"c:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\neufbox_reminder]
"C:\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe" -r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\showgram]
C:\DOCUME~1\HP_PRO~1\APPLIC~1\INSIDE~1\Cast slow.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
Rundll32.exe SiSPower.dll,ModeAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Stormer]
C:\Program Files\Spyware Stormer\SpywareStormer.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YeppStudioAgent]
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NPFMntor"=2 (0x2)

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 ids00026;ids00026;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
S3 ids00118;ids00118;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys
S3 ids0014f;ids0014f;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys
S3 ids0015d;ids0015d;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys
S3 ids00180;ids00180;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 viagfx;viagfx;C:\WINDOWS\system32\DRIVERS\vtmini.sys
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


Contents of the 'Scheduled Tasks' folder
2007-07-27 17:30:28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
2007-08-09 17:43:13 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
2007-08-09 20:04:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-09 22:25:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000189

scanning hidden files ...

**************************************************************************

Completion time: 2007-08-09 22:29:08 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-09 22:28
C:\ComboFix2.txt ... 2007-08-09 18:51

9 Août 2007 23:04:46

bon je vais te laisser demain je me leve a 4 heure pour bosser
si tu es là demain apres midi on peut reprendre?
9 Août 2007 23:10:25

Re

Je poste maintenant, tu continuera tranquillement demain.


Copie (Ctrl+C) le texte ci-dessous :

Registry::
['HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Curb Global Dvd Mode]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\showgram]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Stormer]


Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt



Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.


As tu encore des dysfonctionnements ?
10 Août 2007 15:49:20

tiens voila le rapport:
ComboFix 07-08-09.3 - "HP_Propri‚taire" 2007-08-10 15:33:13.4 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.59 [GMT 2:00]
Command switches used :: C:\Documents and Settings\HP_Propri‚taire\Bureau\CFScript.txt
* Created a new restore point


((((((((((((((((((((((((( Files Created from 2007-07-10 to 2007-08-10 )))))))))))))))))))))))))))))))


2007-08-09 22:15 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-09 22:07 <REP> d-------- C:\Program Files\CCleaner
2007-08-09 19:57 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-09 18:40 <REP> d-------- C:\Program Files\SecCenter
2007-08-09 18:09 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-09 17:41 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-08 15:13 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-08 15:13 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-08 15:13 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-08 15:13 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-08 15:13 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-08 15:13 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-08 15:13 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-08 15:13 <REP> d-------- C:\Program Files\Antivirus
2007-08-08 12:25 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2007-08-08 12:25 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-08-08 12:25 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-08-08 12:25 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-07-20 11:57 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2007-07-12 18:31 <REP> d-------- C:\Program Files\EA GAMES


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-09 22:21 --------- d-------- C:\Program Files\Common Files
2007-08-09 20:52 --------- d-------- C:\Program Files\Windows Live Toolbar
2007-08-09 20:52 --------- d-------- C:\Program Files\USB Disk Win98 Driver
2007-08-09 20:47 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-08-09 20:46 --------- d-------- C:\Program Files\iTunes
2007-08-09 20:41 --------- d-------- C:\Program Files\Google
2007-08-08 15:03 --------- d-------- C:\Program Files\Kaspersky Lab
2007-08-08 14:15 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
2007-08-08 14:11 --------- d-------- C:\Program Files\InterActual
2007-08-08 13:09 --------- d-------- C:\Program Files\Hewlett-Packard
2007-08-08 12:59 --------- d-------- C:\Program Files\eoRezo
2007-08-08 12:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
2007-07-20 12:24 --------- d-------- C:\Program Files\DivX
2007-07-12 09:41 76136 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-07-12 09:41 469622 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-07-09 21:07 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-07-09 21:07 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-07-09 21:07 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-09 21:07 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-09 21:05 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-07-09 21:05 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-07-09 21:05 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-07-09 21:05 740442 --a------ C:\WINDOWS\system32\DivX.dll
2007-07-09 21:05 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-07-09 21:05 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-07-09 21:05 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-07-09 21:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-07-09 21:05 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-07-09 21:05 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-07-09 21:05 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-07-09 21:05 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-07-09 21:05 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-07-09 21:05 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-06-24 16:37 --------- d-------- C:\Program Files\Canon
2007-06-23 21:19 --------- d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2007-06-23 20:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Canon
2007-05-16 17:13 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 21:23]
"EoEngine"="" []
"YeppStudioAgent"="C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe" [2005-09-12 15:21]
"LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 20:05]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 20:44]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 18:51]
"avast!"="C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe" [2007-07-28 00:03]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
ALCXMNTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Curb Global Dvd Mode]
C:\Documents and Settings\All Users\Application Data\Bait exit curb global\htmreadme.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
"C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
"c:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\neufbox_reminder]
"C:\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe" -r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
Rundll32.exe SiSPower.dll,ModeAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YeppStudioAgent]
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NPFMntor"=2 (0x2)

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 ids00026;ids00026;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
S3 ids00118;ids00118;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys
S3 ids0014f;ids0014f;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys
S3 ids0015d;ids0015d;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys
S3 ids00180;ids00180;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 viagfx;viagfx;C:\WINDOWS\system32\DRIVERS\vtmini.sys
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


Contents of the 'Scheduled Tasks' folder
2007-07-27 17:30:28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
2007-08-09 17:43:13 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
2007-08-09 21:04:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-10 15:40:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000557
"TracesSuccessful"=dword:00000027

scanning hidden files ...

**************************************************************************

Completion time: 2007-08-10 15:43:28
C:\ComboFix-quarantined-files.txt ... 2007-08-10 15:42
C:\ComboFix2.txt ... 2007-08-09 22:29
C:\ComboFix3.txt ... 2007-08-09 18:51
apparament tout va mieux
je fais un scan avec avast et je post
10 Août 2007 19:14:18

Bonjour

Encore quelques corrections.

Copie (Ctrl+C) le texte ci-dessous :

File::
C:\WINDOWS\nircmd.exe

Folder::
C:\Documents and Settings\All Users\Application Data\Bait exit curb global

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Curb Global Dvd Mode]


Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt



Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
10 Août 2007 20:16:29

c'est vrai bonjour
voila le rapport
ComboFix 07-08-09.3 - "HP_Propri‚taire" 2007-08-10 20:03:52.5 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.58 [GMT 2:00]
Command switches used :: C:\Documents and Settings\HP_Propri‚taire\Bureau\CFScript.txt
* Created a new restore point

FILE::
C:\WINDOWS\nircmd.exe


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\nircmd.exe


((((((((((((((((((((((((( Files Created from 2007-07-10 to 2007-08-10 )))))))))))))))))))))))))))))))


2007-08-09 22:07 <REP> d-------- C:\Program Files\CCleaner
2007-08-09 19:57 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-09 18:40 <REP> d-------- C:\Program Files\SecCenter
2007-08-09 18:09 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-09 17:41 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-08 15:13 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-08 15:13 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-08 15:13 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-08 15:13 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-08 15:13 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-08 15:13 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-08 15:13 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-08 15:13 <REP> d-------- C:\Program Files\Antivirus
2007-08-08 12:25 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2007-08-08 12:25 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-08-08 12:25 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-08-08 12:25 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-07-20 11:57 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2007-07-12 18:31 <REP> d-------- C:\Program Files\EA GAMES


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-10 18:32 --------- d-------- C:\Program Files\USB Disk Win98 Driver
2007-08-10 18:32 --------- d-------- C:\Program Files\TuneUp Utilities 2007
2007-08-10 18:32 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-08-10 18:32 --------- d-------- C:\Program Files\iTunes
2007-08-10 18:31 --------- d-------- C:\Program Files\Windows Live Toolbar
2007-08-10 18:31 --------- d-------- C:\Program Files\MSN Messenger
2007-08-10 18:31 --------- d-------- C:\Program Files\Google
2007-08-10 16:06 --------- d-------- C:\Program Files\Snapshot Viewer
2007-08-09 22:21 --------- d-------- C:\Program Files\Common Files
2007-08-08 15:03 --------- d-------- C:\Program Files\Kaspersky Lab
2007-08-08 14:15 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
2007-08-08 14:11 --------- d-------- C:\Program Files\InterActual
2007-08-08 13:09 --------- d-------- C:\Program Files\Hewlett-Packard
2007-08-08 12:59 --------- d-------- C:\Program Files\eoRezo
2007-08-08 12:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\EoRezo
2007-07-20 12:24 --------- d-------- C:\Program Files\DivX
2007-07-12 09:41 76136 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-07-12 09:41 469622 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-07-09 21:07 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-07-09 21:07 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-07-09 21:07 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-09 21:07 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-09 21:05 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-07-09 21:05 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-07-09 21:05 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-07-09 21:05 740442 --a------ C:\WINDOWS\system32\DivX.dll
2007-07-09 21:05 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-07-09 21:05 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-07-09 21:05 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-07-09 21:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-07-09 21:05 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-07-09 21:05 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-07-09 21:05 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-07-09 21:05 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-07-09 21:05 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-07-09 21:05 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-06-24 16:37 --------- d-------- C:\Program Files\Canon
2007-06-23 21:19 --------- d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2007-06-23 20:59 --------- d-------- C:\DOCUME~1\HP_PRO~1\APPLIC~1\Canon
2007-05-16 17:13 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 21:23]
"YeppStudioAgent"="C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe" [2005-09-12 15:21]
"LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 20:05]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 20:44]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 18:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 18:51]
"avast!"="C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe" [2007-07-28 00:03]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
ALCXMNTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
"C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
"c:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\neufbox_reminder]
"C:\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe" -r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
Rundll32.exe SiSPower.dll,ModeAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YeppStudioAgent]
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NPFMntor"=2 (0x2)

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 ids00026;ids00026;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys
S3 ids00118;ids00118;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys
S3 ids0014f;ids0014f;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys
S3 ids0015d;ids0015d;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys
S3 ids00180;ids00180;\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys
S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 viagfx;viagfx;C:\WINDOWS\system32\DRIVERS\vtmini.sys
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


Contents of the 'Scheduled Tasks' folder
2007-08-10 16:30:48 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
2007-08-10 17:43:11 C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-08-10 18:04:03 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-10 20:10:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000569

scanning hidden files ...

**************************************************************************

Completion time: 2007-08-10 20:12:15
C:\ComboFix-quarantined-files.txt ... 2007-08-10 20:11
C:\ComboFix2.txt ... 2007-08-10 15:43
C:\ComboFix3.txt ... 2007-08-09 22:29
10 Août 2007 21:35:59

c'est bon là, chercheur
j'ai fais un scan virus, resultat quelque virus mis en quarantaine, pas de problemùe au demarage
11 Août 2007 08:16:57

Merci beaucoup de ton aide chercheur, ke n'yserais pas arrive tous seul :bounce: 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS