Infections boot et redirections multiples

Résolu/Fermé

freddecosse - 22 déc. 2008 à 14:51
Utilisateur anonyme - 3 janv. 2009 à 14:23

Bonjour,
J'aurais besoin d'un petit coup de main.
J'ai des redirections intempestives dans google vers bediddle, abcjump, uncoverthenet...
Plus chiant, j'ai des difficultes a booter, notamment au moment de l'ouverture de session windows.
Les anti-spywares Spybot et MBAM sont bloqués (ils ne se lancent pas).
Pareil pour Smitfraudfix.
J'ai du passer par le mode sans echec pour lancer SDFix
Voila le scan Sdfix:

[b]SDFix: Version 1.240 /b
Run by fred on 22/12/2008 at 14:30

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\fred\Bureau\SDFix

[b]Checking Services /b:

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

[b]Checking Files /b:

Trojan Files Found:

C:\DOCUME~1\fred\LOCALS~1\Temp\TMP18.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMP24.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMP2B.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMP2C.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMP2E.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMP38.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMP3A.tmp - Deleted
C:\DOCUME~1\fred\LOCALS~1\Temp\TMPC.tmp - Deleted
C:\WINDOWS\system32\TDSSlxwp.dll - Deleted
C:\WINDOWS\system32\TDSSorvd.dat - Deleted
C:\WINDOWS\system32\TDSSkkbi.log - Deleted

Could Not Remove C:\WINDOWS\system32\TDSSoiqn.dll
Could Not Remove C:\WINDOWS\system32\TDSShrsr.dll
Could Not Remove C:\WINDOWS\system32\TDSSrtqp.dll
Could Not Remove C:\WINDOWS\system32\TDSSxfum.dll

Removing Temp Files

[b]ADS Check /b:

[b]Final Check /b:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-22 14:39:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

disk error: C:\WINDOWS\system32\config\system, 0
scanning hidden registry entries ...

disk error: C:\WINDOWS\system32\config\software, 0
disk error: C:\Documents and Settings\fred\ntuser.dat, 0
scanning hidden files ...

disk error: C:\WINDOWS\

please note that you need administrator rights to perform deep scan

[b]Remaining Services /b:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files /b:

C:\WINDOWS\system32\TDSSoiqn.dll Found
C:\WINDOWS\system32\TDSShrsr.dll Found
C:\WINDOWS\system32\TDSSrtqp.dll Found
C:\WINDOWS\system32\TDSSxfum.dll Found

File Backups: - C:\DOCUME~1\fred\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Thu 14 Aug 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f4398a574c14d59bed50dd72df43939\BITB.tmp"
Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\fred\Application Data\U3\temp\Launchpad Removal.exe"
Wed 15 Aug 2007 2,739,369 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5c9426d7149b2dcd2ee8bb773badb22a\download\BIT22.tmp"

[b]Finished!/b

Quelqu'un peut-il me filer un coup de main a virer cette merde?
Merci d'avance.
fred

A voir également:

Infections boot et redirections multiples
Dual boot - Guide
Boot camp - Télécharger - Systèmes d'exploitation
Hiren's boot cd - Télécharger - Divers Utilitaires
Clé boot windows - Guide
Insert boot media in selected boot device and press a key ✓ - Forum Windows 10

172 réponses

Réponse 21 / 172

Utilisateur anonyme
23 déc. 2008 à 10:59

ok on va continuer telecharge hijackthis

Télécharge sur le bureau" outil de diagnostic et reparation"
ftp://ftp.commentcamarche.com/download/HJTInstall.exe

=Double-clic dessus afin de l'installer
=Clic Do a scan systeme and save the log files
=Coller le rapport dans ta prochaine réponse

si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Réponse 22 / 172

freddecosse
23 déc. 2008 à 11:00

J'ai recupere un lien de telechargement hijacktis sur une reponse CCM d'hier.
Ca donne:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:38, on 23/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3061001
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [isDeleteMe] "C:\WINDOWS\system32\cmd.exe" /c "C:\DOCUME~1\fred\LOCALS~1\Temp\isDel.bat"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O17 - HKLM\Software\..\Telephony: DomainName = mmsh.univ-aix.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Réponse 23 / 172

freddecosse
23 déc. 2008 à 11:02

Ca allait ce que j'avais fait ou je rescanne avec la version que tu m'as envoyé?
Je fais "fix checked"?

Réponse 24 / 172

Utilisateur anonyme
23 déc. 2008 à 11:06

ok je regarde ca , en attendant desactive puis desinstal spybot stp il ne sers pas a grand chose et gene la desinfection !

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 172

Utilisateur anonyme
23 déc. 2008 à 11:12

relance hijackthis do a scan systeme only , coche la case qui se trouve devant ces lignes puis clic sur fix chequed

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?

ensuite on va faire une analyse diagnostic avec genproc

télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau

dézippe le dossier, double-clique sur GenProc.bat [img]http://forum.telecharger.01net.com/forum/lies/jeanchretien1-3.gif/img et poste le contenu du rapport qui s'ouvre

Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html

Réponse 26 / 172

freddecosse
23 déc. 2008 à 11:41

Il m'a fait deux fois un plan chelou, du genre:
"chemin specifie introuvable"
et "il manque un ou plusieurs fichiers..."
voila le post

Initialisation GenProc 2.310 [23/12/2008] à [11:40:05,14]

*** Liste des composants GenProc ***

C:\Documents and Settings\fred\Bureau\Attestation FD.pdf
C:\Documents and Settings\fred\Bureau\ComboFix.exe
C:\Documents and Settings\fred\Bureau\Debug.txt
C:\Documents and Settings\fred\Bureau\Des mouvements libertaires mexicains trop m‚connus.doc
C:\Documents and Settings\fred\Bureau\Explorateur Windows.lnk
C:\Documents and Settings\fred\Bureau\GenProc
C:\Documents and Settings\fred\Bureau\GenProc.zip
C:\Documents and Settings\fred\Bureau\HijackThis.lnk
C:\Documents and Settings\fred\Bureau\HJTInstall.exe
C:\Documents and Settings\fred\Bureau\KIT2.doc
C:\Documents and Settings\fred\Bureau\Le_Beurre_et_l_Argent_du_Beurre_No1.pdf
C:\Documents and Settings\fred\Bureau\MS 116-Morice.pdf
C:\Documents and Settings\fred\Bureau\PERSO
C:\Documents and Settings\fred\Bureau\Presentation Ale.WMA
C:\Documents and Settings\fred\Bureau\projetjohanne-1.doc
C:\Documents and Settings\fred\Bureau\Raccourci vers THESE.lnk
C:\Documents and Settings\fred\Bureau\RSIT.exe
C:\Documents and Settings\fred\Bureau\SDFix
C:\Documents and Settings\fred\Bureau\SmitfraudFix
C:\Documents and Settings\fred\Bureau\SmitfraudFix.exe
C:\Documents and Settings\fred\Bureau\THESE VRAC
C:\Documents and Settings\fred\Bureau\UsbFix.lnk
C:\Documents and Settings\fred\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
C:\Documents and Settings\fred\Bureau\GenProc\GenProc
C:\Documents and Settings\fred\Bureau\GenProc\GenProc\GenProc.bat
C:\Documents and Settings\fred\Bureau\PERSO\albumsenrade.doc
C:\Documents and Settings\fred\Bureau\PERSO\Amisol.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Antonio Plaza.doc
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC
C:\Documents and Settings\fred\Bureau\PERSO\Attestation Annie.doc
C:\Documents and Settings\fred\Bureau\PERSO\BarthesGreve.pdf
C:\Documents and Settings\fred\Bureau\PERSO\CAF
C:\Documents and Settings\fred\Bureau\PERSO\Chaabi
C:\Documents and Settings\fred\Bureau\PERSO\cinesynd.doc
C:\Documents and Settings\fred\Bureau\PERSO\colonisation.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Config Internet
C:\Documents and Settings\fred\Bureau\PERSO\Contacts.doc
C:\Documents and Settings\fred\Bureau\PERSO\facepolicejustice-L'Altiplano.pdf
C:\Documents and Settings\fred\Bureau\PERSO\films
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP
C:\Documents and Settings\fred\Bureau\PERSO\IMPOTS
C:\Documents and Settings\fred\Bureau\PERSO\IntercambioIntegralConFairouz.doc
C:\Documents and Settings\fred\Bureau\PERSO\Iris-2007.doc
C:\Documents and Settings\fred\Bureau\PERSO\Kader-La_hagra.pdf
C:\Documents and Settings\fred\Bureau\PERSO\MAGON
C:\Documents and Settings\fred\Bureau\PERSO\Mali101
C:\Documents and Settings\fred\Bureau\PERSO\marseille.pps
C:\Documents and Settings\fred\Bureau\PERSO\missionsURMISs2.doc
C:\Documents and Settings\fred\Bureau\PERSO\Modele convention cession de donnees.doc
C:\Documents and Settings\fred\Bureau\PERSO\msncecile.doc
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem
C:\Documents and Settings\fred\Bureau\PERSO\salut Fred.doc
C:\Documents and Settings\fred\Bureau\PERSO\stencils
C:\Documents and Settings\fred\Bureau\PERSO\Th‚orie R‚volutionnaire
C:\Documents and Settings\fred\Bureau\PERSO\Tof
C:\Documents and Settings\fred\Bureau\PERSO\Vautier
C:\Documents and Settings\fred\Bureau\PERSO\zik
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\actu avril.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Actu30Juin.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\actuavril.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\ACTUMAI.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\ACTUMARS.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Aout2008.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Juillet.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Unidialog_4612238C_1194861957890.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Unidialog_4612238C_1194862100515.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Unidialog_4612238C_1222722148200.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Unidialog_4612238C_1225457737951.pdf
C:\Documents and Settings\fred\Bureau\PERSO\ASSEDIC\Unidialog_4612238C_1228083788151.pdf
C:\Documents and Settings\fred\Bureau\PERSO\CAF\declarationCAF040607.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Chaabi\Ya Rayah.doc
C:\Documents and Settings\fred\Bureau\PERSO\Chaabi\Yal Menfi.doc
C:\Documents and Settings\fred\Bureau\PERSO\Config Internet\ConfigInternet.doc
C:\Documents and Settings\fred\Bureau\PERSO\Config Internet\ip.txt
C:\Documents and Settings\fred\Bureau\PERSO\Config Internet\Wifi.txt
C:\Documents and Settings\fred\Bureau\PERSO\films\2004 - Profils paysans II le quotidien - Raymond Depardon.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Election
C:\Documents and Settings\fred\Bureau\PERSO\films\Jean Rouch Les MaÇ©tres Fous (La Secte Des Dieux Nouveaux, Les Haoutka) 1956 - 27Min50.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Takeshi Kitano - Hana-bi.-.FR.-.Divx.5.0.5.720x384.96kbs.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Woody Allen
C:\Documents and Settings\fred\Bureau\PERSO\films\Election\Election 1 VOSTFR DVDRIP XVID.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Election\Election 2 vost fr.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Woody Allen\Bananas - (Woody Allen 1971 - Sylvester Stallone, Danny DeVito)-FR-DVDrip-Divx5-by.Alexisandra - QB.AVI
C:\Documents and Settings\fred\Bureau\PERSO\films\Woody Allen\Meurtre Mysterieux A Manhattan - Woody Allen, Diane Keaton (1993) -Vost Fr.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Woody Allen\Woody Allen - Le SortilŠge Du Scorpion De Jade - Fr.avi
C:\Documents and Settings\fred\Bureau\PERSO\films\Woody Allen\Woody.Allen.-.Tout.Ce.Que.Vous.Avez.Toujours.Voulu.Savoir.Sur.Le.Sexe.(Divx.5.02.-.Vostf.-.By.Marcus).jlr.rs.ifrance.com.avi
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\A. Pr‚fecture.pdf
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Arrete10octobre2007.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\attestation d'entree sur territoire 1.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Chancellerie.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Communiqu‚CB-Market.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Contacts.txt
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\CQFD57Saute-FrontiŠresRelu.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Invitation 7 juin.pdf
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Moussa
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Propositions SOLIDAIRES.pdf
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\REGULARISATION DE TOUS LES SANS060608.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\SEKOU SYLLA.11.07.08.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\URIF-UD.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Moussa\FaxJulliard28.08.08.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Moussa\MOUSSA TOURE.11.07.08.doc
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0037.jpg
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0038.jpg
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0039.jpg
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0042.jpg
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0043.jpg
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0065.jpg
C:\Documents and Settings\fred\Bureau\PERSO\GreveSP\Pastapapa\b_SANSP_0066.jpg
C:\Documents and Settings\fred\Bureau\PERSO\IMPOTS\AR-1179849880734.pdf
C:\Documents and Settings\fred\Bureau\PERSO\IMPOTS\AR-1212095197750.pdf
C:\Documents and Settings\fred\Bureau\PERSO\MAGON\FloresMagon.pdf
C:\Documents and Settings\fred\Bureau\PERSO\MAGON\RelatosMagon.doc
C:\Documents and Settings\fred\Bureau\PERSO\MAGON\RicardoFloresMagon-Vidayobra.pdf
C:\Documents and Settings\fred\Bureau\PERSO\MAGON\Tierra y Libertad.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\101 corrig‚.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\102.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\avant_projet_101.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\CHAOUANE_Emma.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Maquette 101 NAFADJI.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Noms 101 maliens.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\r‚union 8 avril 08 denis.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\1.SissokoLambourou&MagassaDioncounda.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\10.CoulibalyDiarraTama.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\11.KonteWaly.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\12.DaboBoubou.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\13.SissokoNyombieMamadouTraoreSoroDiarraDioul‚DiarraMakan.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\14.SissokoSengoum‚&CamaraFodi‚.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\15.SissokoMamadou.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\16.DiarraFofanaBadia.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\2.AME.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\3.DembeleTraoreDiassigui.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\4.DiakiteMamadou&SissokoSekou.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\5.TounkaraAmoro.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\6.DiarraKont‚Yamadou.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\7.CoulibalyBamoussa&DiarraCheickOmar.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\8.MagassaKossa&MagassaTiecoura.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\9.Youcoul‚Fan‚.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\Notes 101 & plus\Liste des 101 Maliens en France.doc
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\IMG_6623.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\alpha-mali .jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\alpha.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\anes_fangoune.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\au_champs.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\chef.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\couscous.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\dabo.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\dabo_makan.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\denis_au_champs.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\diacounta.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\d‚part_champs.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\fete3.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\fred.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\fred_griot.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\fred_yo.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\gars.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\groupe.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\groupe_1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\ibrahim.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\lamine.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\mais.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\makan.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\mali 215.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\oiseau.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\portrait.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\segou1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\toure.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\Denis\yo.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Arbre1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Cheval2.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Fal‚ Sissoko.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Konte Yamadou.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Oscar ou Papa.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Peuls.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Sissoko Nyombie1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Traore Soro1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Mali101\TofMali\tof101\Youcoul‚ Fan‚1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\Pilote sagem.zip
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\adinst16.dll
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\adinst32.dll
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\adiras.ini
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\adiusb.ico
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\autorun.exe
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\AUTORUN.ICO
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\autorun.inf
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\CD F800 vB-3-3 251780422AD.md5
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\data1.cab
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\data1.hdr
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\data2.cab
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\dslgui.ini
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\f@st_800.inf
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\fast.bmp
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\ikernel.ex_
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\L1
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\layout.bin
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\Setup.exe
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\setup.ini
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\setup.inx
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\vB.3.3
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\L1\cmv
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\L1\cmv\CMV3p.txt
C:\Documents and Settings\fred\Bureau\PERSO\Pilote sagem\w3.02_std\L1\cmv\cmvep.txt
C:\Documents and Settings\fred\Bureau\PERSO\stencils\050508-MAI-68-1-c.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\374px-Magon_peque.svg.png
C:\Documents and Settings\fred\Bureau\PERSO\stencils\angela.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\bangbang.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Hendrix.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\la_lutte_continue.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\lichtenstein.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\mai68.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\medium_CRS_SS.gif
C:\Documents and Settings\fred\Bureau\PERSO\stencils\medium_lutte_continue.gif
C:\Documents and Settings\fred\Bureau\PERSO\stencils\medium_ortf.gif
C:\Documents and Settings\fred\Bureau\PERSO\stencils\organisera-agitera-aktivera.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Otros
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Pantherpower.png
C:\Documents and Settings\fred\Bureau\PERSO\stencils\paris68.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\workers3.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Otros\Akira.gif
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Otros\Jap.gif
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Otros\Misstic.jpg
C:\Documents and Settings\fred\Bureau\PERSO\stencils\Otros\Yz.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Th‚orie R‚volutionnaire\Mattick-OrgaEtSpont.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Th‚orie R‚volutionnaire\Memoires_d_un_confedere_en_Espagne.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Th‚orie R‚volutionnaire\pannekoek_ConseilsOuvriers.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Th‚orie R‚volutionnaire\Pannekoek_syndicalisme.pdf
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6351.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6355.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6394.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6406.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6413.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6485.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6499.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6506.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6525_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6526_4.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6576.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6583.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6584.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6594.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6596.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6607.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_6613.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9127.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9256.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9383.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9385.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9392.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9417.aJPG.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\IMG_9519.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Leo&Victor070508.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Tof\MyPicture.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Tof\surlapelouse2.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6267.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6268.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6272.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6274.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6276.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6278.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6281.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6286.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6290.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6292.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6295.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6296.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6297.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6298.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6299.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6300.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6301.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6302.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6303.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6304.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6305.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6306.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6307.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6308.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6309.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6311.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6314.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6315.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6316.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6318.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6319.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6320.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6321.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6322.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6323.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6324.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6325.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6326.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6327.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6328.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6330.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6331.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6332.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6334.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6337.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6339.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6340.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6342.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6342_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6346.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6347.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6348.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6349.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6350.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6350_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6350_3.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6351.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6351_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6352.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6353.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6354.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6355.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6355_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6356.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6357.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6359.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6361.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6362.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6363.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6365.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6366.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6367.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6373.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6375.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6376.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6377.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6378.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6379.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6380.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6381.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6382.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6383.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6384.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6386.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6388.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6391.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6391_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6392.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6394.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6395.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6396.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6397.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6398.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6399.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6400.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6401.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6403.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6404.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6404_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6405.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6406.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6407.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6410.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6411.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6412.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6413.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6413_2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6413_3.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6414.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6415.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6417.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\Cevennnes\IMG_6418.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Agua Azul.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\ComunidadesZapatistas.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Mazunte.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\MercadoOaxaca.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\MonteAlban.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\MonteAlban2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\MuralesDiegoRivera.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Palenque1.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Palenque2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Xochimilco1.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Xochimilco2.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Xochimilco3.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Xochimilco4.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Tof\tof mexique\Xochimilco5.JPG
C:\Documents and Settings\fred\Bureau\PERSO\Vautier\Sans titre-3.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Vautier\Vautier00.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Vautier\Vautier02.jpg
C:\Documents and Settings\fred\Bureau\PERSO\Vautier\Vautier05.jpg
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW
C:\Documents and Settings\fred\Bureau\PERSO\zik\Boban Markovic Orkestar - featuring Lajko Felix
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bonga - Angola 74
C:\Documents and Settings\fred\Bureau\PERSO\zik\Burning Spear - Rocking Time (1972)
C:\Documents and Settings\fred\Bureau\PERSO\zik\Camaron&Tomatito - Flamenco Vivo
C:\Documents and Settings\fred\Bureau\PERSO\zik\Carlos Gardel -20 tangos eternos
C:\Documents and Settings\fred\Bureau\PERSO\zik\Caro
C:\Documents and Settings\fred\Bureau\PERSO\zik\chinese man-i've got that tune.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Cypress Hill - Los Grandes xitos En Espa¤ol
C:\Documents and Settings\fred\Bureau\PERSO\zik\Dave Tarras - Master of Klezmer Music vol. 1 1929-1949
C:\Documents and Settings\fred\Bureau\PERSO\zik\Desmond Dekker & the Aces-Action [Beverley's Records]
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ella Fitzgerald & Oscar Peterson Trio - At the Opera House
C:\Documents and Settings\fred\Bureau\PERSO\zik\Esma Redzepova
C:\Documents and Settings\fred\Bureau\PERSO\zik\Fapy Lafertin & Tim Kliphouse - Fine & Dandy
C:\Documents and Settings\fred\Bureau\PERSO\zik\Franz Ferdinand - Franz Ferdinand
C:\Documents and Settings\fred\Bureau\PERSO\zik\Fred Buscaglione - I Successi Di
C:\Documents and Settings\fred\Bureau\PERSO\zik\fred2yoh
C:\Documents and Settings\fred\Bureau\PERSO\zik\Georges Brassens
C:\Documents and Settings\fred\Bureau\PERSO\zik\Goran Bregovic
C:\Documents and Settings\fred\Bureau\PERSO\zik\Guillermo Portabales - El Carretero
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ike & Tina Turner - Nutbush City Limits
C:\Documents and Settings\fred\Bureau\PERSO\zik\Istambul Oriental Ensemble - Caravanserai
C:\Documents and Settings\fred\Bureau\PERSO\zik\Jackson do Pandeiro
C:\Documents and Settings\fred\Bureau\PERSO\zik\Janis Joplin's Greatest Hits (1973)
C:\Documents and Settings\fred\Bureau\PERSO\zik\Jimi Hendrix - Blues
C:\Documents and Settings\fred\Bureau\PERSO\zik\Keb'mo'
C:\Documents and Settings\fred\Bureau\PERSO\zik\KRS-one - The Return of the Boom Bap
C:\Documents and Settings\fred\Bureau\PERSO\zik\Lautaraesca
C:\Documents and Settings\fred\Bureau\PERSO\zik\Luis Gonzaga -SÆo JoÆo na ro‡a
C:\Documents and Settings\fred\Bureau\PERSO\zik\MAP - Debout La D'Dans
C:\Documents and Settings\fred\Bureau\PERSO\zik\Margot Leverett - The Art of Klezmer Clarinet
C:\Documents and Settings\fred\Bureau\PERSO\zik\Maria Teresa Vera
C:\Documents and Settings\fred\Bureau\PERSO\zik\Me‹ Te‹ Sh“ - Xam Sa Bop
C:\Documents and Settings\fred\Bureau\PERSO\zik\Mohamed Rwicha
C:\Documents and Settings\fred\Bureau\PERSO\zik\Motiv‚s - Chants de lutte
C:\Documents and Settings\fred\Bureau\PERSO\zik\Nass El Ghiwane
C:\Documents and Settings\fred\Bureau\PERSO\zik\Nat King Cole Trio - After Midnight Sessions
C:\Documents and Settings\fred\Bureau\PERSO\zik\Nusrat Fateh Ali Khan - The Final Studio Recordings
C:\Documents and Settings\fred\Bureau\PERSO\zik\Omar Sosa - Sentir
C:\Documents and Settings\fred\Bureau\PERSO\zik\Orchestra Baobab - Pirate's choice
C:\Documents and Settings\fred\Bureau\PERSO\zik\Paco de Lucia & Al di Meola & John Mclaughlin- Guitar trio
C:\Documents and Settings\fred\Bureau\PERSO\zik\Renaud - Le p'tit bal du samedi soir
C:\Documents and Settings\fred\Bureau\PERSO\zik\Saban Bajramovic - King of Gypsy Music
C:\Documents and Settings\fred\Bureau\PERSO\zik\San Severino - Les S‚n‚galaises (collector version)
C:\Documents and Settings\fred\Bureau\PERSO\zik\Santana - Greatest Hits
C:\Documents and Settings\fred\Bureau\PERSO\zik\Sarah Vaughan & Clifford Brown - Sarah & Clifford
C:\Documents and Settings\fred\Bureau\PERSO\zik\Serge Gainsbourg
C:\Documents and Settings\fred\Bureau\PERSO\zik\Sly & the Family Stone - Fresh (1973)
C:\Documents and Settings\fred\Bureau\PERSO\zik\Socalled
C:\Documents and Settings\fred\Bureau\PERSO\zik\Stan Getz & Joao Gilberto feat. Antonio Carlos Jobim
C:\Documents and Settings\fred\Bureau\PERSO\zik\Swing BOF
C:\Documents and Settings\fred\Bureau\PERSO\zik\Taraf de Ha‹douks-Musique des Tziganes de Roumanie
C:\Documents and Settings\fred\Bureau\PERSO\zik\Tchan-Tchou Vidal
C:\Documents and Settings\fred\Bureau\PERSO\zik\The Beatles - 1
C:\Documents and Settings\fred\Bureau\PERSO\zik\The Clash - London Calling
C:\Documents and Settings\fred\Bureau\PERSO\zik\The Cure - Greatest Hits Acoustic
C:\Documents and Settings\fred\Bureau\PERSO\zik\The Police - Greatest hits (1992)
C:\Documents and Settings\fred\Bureau\PERSO\zik\The Who - The Very Best Of The Who
C:\Documents and Settings\fred\Bureau\PERSO\zik\Tiken Jah Fakoly
C:\Documents and Settings\fred\Bureau\PERSO\zik\Toot's & The Maytals - Best of 1968-1973
C:\Documents and Settings\fred\Bureau\PERSO\zik\Toumani Diabate - Kaira
C:\Documents and Settings\fred\Bureau\PERSO\zik\Trio Matamoros (Beso discreto)
C:\Documents and Settings\fred\Bureau\PERSO\zik\T¢to La Momposina y Sus Tambores - La Candela Viva
C:\Documents and Settings\fred\Bureau\PERSO\zik\vautmieux2catho.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Vieja Trova Santiaguera
C:\Documents and Settings\fred\Bureau\PERSO\zik\Zacamand£
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\1.La Gayola.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\10.Milonguero viejo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\11.Bandera baja - Ella se re¡a.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\12.Cuando me entr‚s a fallar.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\13.Pablo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\14.Quien m s quien menos.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\2.En un feca.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\3.A Orlando Go¤i.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\4.Fangal.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\5.Corrientes y Esmeralda.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\6.Milonga triste.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\7.Audacia.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\8.Te vas milonga.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\34 Pu¤aladas - Tangos Carcelarios (2002)\9.Pucherito de gallina.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\01 - gibraltar.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\02 - 12 septembre 2001.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\03 - soldat de plomb.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\04 - les autres.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\05 - la gravite.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\06 - saigne.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\07 - mourir a 30 ans.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\08 - le grand frere.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\09 - il se reve debout.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\10 - m'effacer.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\11 - rentrer chez moi.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\12 - celine.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\13 - je regarderai pour toi les etoiles.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\14 - l'alchimiste.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\15 - adam and eve ft Wallen (bonus track).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Abd al malik - Gibraltar\Abd al malik - gibraltar.jpg
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\00 - Ali Farka Toure+Toumani Diabate - In The Heart of the ~1.m3u
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\01 Debe.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\02 Kala.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\03 Mamadou Boutiquier.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\04 Monsieur Le Maire De Niafinke.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\05 Kaira.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\06 Simbo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\07 Ai Ga Bani.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\08 Soumbou Ya Ya.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\09 Naweye Toro.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\10 Kadi Kadi.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\11 Gomni.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\12 Hawa Dolo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Ali Farka Toure &Toumani Diabat‚ - In the Heart of the Moon (2005)\front cover.jpg
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\01 La Cumbia del Mole [Spanish Version].mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\01 Nuestro Juramento.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\01 Popurr¡-Eso-Cancionero-Como Un Lunar-Sabr Dios.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\01 Por los Caminos del Sur.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\01 Son Guerrerense.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\01 Veracruz.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\02 Cacionero.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\02 La Guanabana.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\02 PIEL CANELA.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\03 Arrepentida.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\04 Luz De Luna.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\05 Bola Suriana De La Muerte De Emiliano Zapata.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\07 Ranchu Gubi¤a.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\08 Fatalidad.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\08 Piensa En M¡.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\09 La Tortuga.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\11 Mi Abuelo.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\12 Historia De Un Amor.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\13 LUNA LUNERA.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\13 So¤ando Tu Regreso.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\16 Son De La Barricada.m4a
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\Son de la barricada.doc
C:\Documents and Settings\fred\Bureau\PERSO\zik\Al‚\texte_ale.doc
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\01 - Esclavo triste.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\02 - La gente del Bronx.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\03 - Jagey.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\04 - Meta y Guaguanc¢.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\05 - Mulence.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\06 - Pa que gocen.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\07 - Esas no.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\08 - Como se goza en el barrio.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\09 - Yo soy chambelon.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\10 - Arpegio por Arsenio.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\11 - Oiga mi guaguanc¢n.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\12 - Se va la comparsa.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\13 - Swing y son.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\14 - Maye santa.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\15 - Oye mi cantar.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\16 - Ahora Carpetillo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\Delantera.JPG
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\Interior.JPG
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Arsenio.Rodriguez-Como.se.goza.en.el.barrio\Trasera.JPG
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\01 Serende.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\02 Seven Seven.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\03 Rumba en Swing.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\04 Porque Tu Sufres.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\05 Comelelo To'.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\06 Paso en Tampa.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\07 Tumba Palo Cucuye.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\08 Apurrunenme Mujeres.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\09 Tintorera Ya Llego'.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\10 Yo no Engano a las Nenas.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\11 Tocoloro.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\12 Monte Adentro.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\13 Cumaye-Semilla de Cana Brava So Caballo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\14 Los Guapos en Yatera-La Yuce de Catalina-El Reloj de Pas~1.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\15 No Vuelvo a Moron-Las Tres Marias-Apurrunenme Mujeres.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Arsenio Rodriguez\Chano Pozo y Arsenio Rodriguez - Legendary Sessions\16 Que Cana-Mi China Me Boto'-Cangrejo Fue a Estudia'.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\01. baayo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\02. mariama.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\03. joulowo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\04. diahowo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\05. baaba.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\06. bouyel.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\07. yero mama.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\08. agouyadji.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\09. dogata.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Baaba Maal - Baayo\10. samba.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\01 Fidjo de Ninguem.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\02 Sampadjuda.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\03 Talves.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\04 Terezinha.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\05 Nossa Senhora di Fatima.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\06 Sina de Cabo Verde.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\07 Prigosinha.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\08 Anildo Morais.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\09 Lua Nha Testemunha.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bana - Nha Terra\10 Aviadora.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\.DS_Store
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\bebo & cigala - l grimas negras - back.jpg
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\bebo & cigala - l grimas negras - front.jpg
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[01] Inolvidable.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[02] Veinte a¤os.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[03] L grimas negras.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[04] Nieblas del riachuelo.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[05] Coraz¢n loco.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[06] Se me olvid¢ que te olvid‚.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[07] Vete de m¡.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[08] La bien pag .mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[09] Eu sei que vou te amar.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bebo Vald‚s & Dieguito el Cigala - L grimas Negras\[10] Bonus track - BSO Soldados de Salamina - Suspiros de E~1.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\01 - Piste 01.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\02 - Piste 02.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\03 - Piste 03.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\04 - Piste 04.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\05 - Piste 05.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\06 - Piste 06.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\07 - Piste 07.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\08 - Piste 08.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\09 - Piste 09.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\10 - Piste 10.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\11 - Piste 11.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\12 - Piste 12.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\13 - Piste 13.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\14 - Piste 14.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\Bistanclaque - Longtemps nous nous sommes couch‚s tard\15 - Piste 15.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\000-bob_marley_and_the_wailers-soul_revolutionaries-t~1.jpg
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\000-bob_marley_and_the_wailers-soul_revolutionaries-~1.m3u
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\000-bob_marley_and_the_wailers-soul_revolutionaries~1.sfv
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\000-bob_marley_and_the_wailers-soul_revolutiona~1.nfo
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\101-bob_marley_and_the_wailers-soul_shakedown_party.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\102-bob_marley_and_the_wailers-stop_the_train.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\103-bob_marley_and_the_wailers-caution.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\104-bob_marley_and_the_wailers-soul_captives.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\105-bob_marley_and_the_wailers-go_tell_it_on_the_mountain.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\106-bob_marley_and_the_wailers-cant_you_see.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\107-bob_marley_and_the_wailers-soon_come.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\108-bob_marley_and_the_wailers-cheer_up.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\109-bob_marley_and_the_wailers-back_out.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\110-bob_marley_and_the_wailers-do_it_twice.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\201-bob_marley_and_the_wailers-soul_rebel.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\202-bob_marley_and_the_wailers-try_me.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\203-bob_marley_and_the_wailers-its_alright.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\204-bob_marley_and_the_wailers-no_sympathy.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\205-bob_marley_and_the_wailers-my_cup.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\206-bob_marley_and_the_wailers-rebels_hop.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\207-bob_marley_and_the_wailers-corner_stone.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\208-bob_marley_and_the_wailers-400_years.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\209-bob_marley_and_the_wailers-no_water.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\210-bob_marley_and_the_wailers-reaction.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\211-bob_marley_and_the_wailers-my_sympathy.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\301-bob_marley_and_the_wailers-keep_on_moving.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\302-bob_marley_and_the_wailers-dont_rock_my_boat.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\303-bob_marley_and_the_wailers-put_it_on.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\304-bob_marley_and_the_wailers-fussing_and_fighting.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\305-bob_marley_and_the_wailers-duppy_conqueror.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\306-bob_marley_and_the_wailers-memphis.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\307-bob_marley_and_the_wailers-riding_high.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\308-bob_marley_and_the_wailers-kaya.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\309-bob_marley_and_the_wailers-african_herbsman.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\310-bob_marley_and_the_wailers-stand_alone.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\311-bob_marley_and_the_wailers-sun_is_shining.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\312-bob_marley_and_the_wailers-brain_washing.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\401-bob_marley_and_the_wailers-keep_on_moving_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\402-bob_marley_and_the_wailers-dont_rock_my_boat_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\403-bob_marley_and_the_wailers-put_it_on_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\404-bob_marley_and_the_wailers-fussing_and_fighting_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\405-bob_marley_and_the_wailers-duppy_conqueror_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\406-bob_marley_and_the_wailers-memphis_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\407-bob_marley_and_the_wailers-riding_high_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\408-bob_marley_and_the_wailers-kaya_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\409-bob_marley_and_the_wailers-african_herbsman_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\410-bob_marley_and_the_wailers-stand_alone_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\411-bob_marley_and_the_wailers-sun_is_shining_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\BMW - Soul Revolutionnaries (70-71)\412-bob_marley_and_the_wailers-brain_washing_(version).mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 01 - 400 Years.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 02 - African Herbsman.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 03 - All in One.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 04 - Soul Rebel.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 05 - Lively Up Yourself.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 06 - Mellow Moods.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 07 - Rebel's Hop.mp3
C:\Documents and Settings\fred\Bureau\PERSO\zik\BMW\Wailers - African Herbsman\Bob Marley - African Herbsman - 08 - Sta

Réponse 27 / 172

freddecosse
23 déc. 2008 à 11:44

Au fait, j'ai degage Spy Bot Search & Destroy & Resident.
J'ai redemarre
La impossible d'acceder a Internet
J'ai fait rebooter la freebox
C'est revenu
Je sais pas s'il y a un lien...

Réponse 28 / 172

Utilisateur anonyme
23 déc. 2008 à 11:46

ce n'est pas le bon rapport , desactive ton parefeu pour executer correctement l'outil et regarde ici l'aide pour genproc en images

http://www.alt-shift-return.org/Info/GenProc-HowTo.html

Réponse 29 / 172

freddecosse
23 déc. 2008 à 11:53

Cette fois c'est bon.
Post:

Rapport GenProc 2.310 [1] - 23/12/2008 - Windows XP

Dans CCleaner, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

# Etape 1/ Télécharge :

- SmitfraudFix http://siri.urz.free.fr/Fix/SmitfraudFix.exe (S!Ri)
Double-clique sur le fichier "smitfraudfix.exe" et choisis l'option 1 ; il va lister tous les éléments nuisibles dans un rapport : poste le maintenant.

- MSNFix http://sosvirus.changelog.fr/MSNFix.zip (!aur3n7) et décompresse-le sur le Bureau.

Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; pour retrouver le rapport, clique sur le raccourci "GenProc" sur ton bureau. Choisis ta session courante *** fred ***

# Etape 2/

Double-clique sur le fichier "SmitfraudFix.exe" et choisis l'option 2, réponds oui à tout et laisse-le procéder. Sauvegarde le rapport sur ton bureau.

# Etape 3/

Lance le fichier MSNFix.bat qui se trouve dans le dossier MSNfix, sur le bureau.
- Exécute l'option R.
- Si l'infection est détectée, exécute l'option N.
- Sauvegarde ce rapport sur ton bureau.

# Etape 4/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 5/

Redémarre normalement et poste, dans la même réponse :

- Le rapport SmitfraudFix que tu as sauvegardé sur ton bureau ;
- Le contenu du rapport MSNfix situé sur le Bureau ;
- Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;

Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

____________________________________________________________________________________________________________

Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com

Réponse 30 / 172

Utilisateur anonyme
23 déc. 2008 à 11:55

ok suis la procedure poste 29

http://www.commentcamarche.net/forum/affich 10036988 infections boot et redirections multiples?page=2#29

Réponse 31 / 172

freddecosse
23 déc. 2008 à 12:08

Je redemarre en mode sans echec
voila le post
a tout'

SmitFraudFix v2.387

Rapport fait à 12:02:41,84, 23/12/2008
Executé à partir de C:\Documents and Settings\fred\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\IZArc\IZArc.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

C:\autorun.inf PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\fred

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\fred\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\fred\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\fred\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

Description: Broadcom 440x 10/100 Integrated Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{2D13BE9E-5AB3-4554-B03D-A810DC61CDB8}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4EFE06EC-19DA-4C25-90B9-FFB6D97BF245}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6BE5413A-B28A-480F-A88F-38264672205C}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{2D13BE9E-5AB3-4554-B03D-A810DC61CDB8}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4EFE06EC-19DA-4C25-90B9-FFB6D97BF245}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6BE5413A-B28A-480F-A88F-38264672205C}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Réponse 32 / 172

freddecosse
23 déc. 2008 à 12:44

Bon, ben j'ai un peu galere avec MSNfix qui m'a fait des plans bizarres: "infection detectee", "verification de l'espace disc suffisant" et surtout pas de rapport (enfin je ne l'ai pas vu en creer et je ne le trouve pas!)
En fait j'ai du redemarre apres MSN fix parce qu'il me le conseillait
mais j'ai redemarre en mode sans echec
la j'ai fait un nettoyage ccleaner comme tu m'as dit
apres j'ai redemarre normal et la, msnfix s'est relance
du coup j'ai refait un nettoyage ccleaner
rebooté et hijackthis
donc voila, je te mets ce que j'ai:

Post smitfraudix
SmitFraudFix v2.387

Rapport fait à 12:15:37,42, 23/12/2008
Executé à partir de C:\Documents and Settings\fred\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

Problème suppression C:\autorun.inf

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{2D13BE9E-5AB3-4554-B03D-A810DC61CDB8}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4EFE06EC-19DA-4C25-90B9-FFB6D97BF245}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6BE5413A-B28A-480F-A88F-38264672205C}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{2D13BE9E-5AB3-4554-B03D-A810DC61CDB8}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4EFE06EC-19DA-4C25-90B9-FFB6D97BF245}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6BE5413A-B28A-480F-A88F-38264672205C}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Post catchme généré
read file error: C:\DOCUME~1\fred\LOCALS~1\Temp\winlogon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\fred\LOCALS~1\Temp\services.exe, Le fichier spécifié est introuvable.
read file error: C:\WINDOWS\system32\cftmon.exe, Le fichier spécifié est introuvable.

PostCcleaner1
NETTOYAGE COMPLET - (3,636 secs)
------------------------------------------------------------------------------------------
7,48MB supprimés.
------------------------------------------------------------------------------------------

Détails des fichiers effacés
------------------------------------------------------------------------------------------
Fichiers Temporaires d'Internet Explorer (fichiers 9) 17,49KB
C:\Documents and Settings\fred\Cookies\fred@ad.yieldmanager[1].txt 483 bytes
C:\Documents and Settings\fred\Cookies\fred@yahoo[1].txt 82 bytes
Marqué pour l'effacement: C:\Documents and Settings\fred\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Marqué pour l'effacement: C:\Documents and Settings\fred\Cookies\index.dat
Poubelle vidée (3 fichiers) 0,39MB
C:\WINDOWS\system32\wbem\Logs\FrameWork.log 512 bytes
C:\WINDOWS\system32\wbem\Logs\wbemcore.log 5,71KB
C:\WINDOWS\system32\wbem\Logs\wbemess.log 4,55KB
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 872 bytes
C:\WINDOWS\0.log 0 bytes
C:\WINDOWS\setupact.log 60 bytes
C:\WINDOWS\setuperr.log 0 bytes
C:\WINDOWS\Sti_Trace.log 0 bytes
C:\WINDOWS\wiadebug.log 216 bytes
C:\WINDOWS\wiaservc.log 50 bytes
C:\WINDOWS\WindowsUpdate.log 1,90MB
C:\WINDOWS\ntbtlog.txt 0,32MB
C:\WINDOWS\Debug\Netlogon.log 0 bytes
C:\WINDOWS\Debug\UserMode\userenv.log 2,02KB
C:\WINDOWS\SchedLgU.Txt 31,80KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\0658D2D6d01 0,82MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\11EB6F2Ed01 19,95KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\27FB1AB7d01 0,76MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\28AB1C68d01 30,68KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\2C60D595d01 34,86KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\362A4162d01 0,11MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\36DF508Cd01 24,30KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\491635D7d01 0,10MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\5F7AA752d01 0,30MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\5FB27DF6d01 16,71KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\6471F621d01 43,51KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\710A93D3d01 25,65KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\8597EC20d01 30,81KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\89C340E1d01 19,00KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\8CC30B34d01 45,70KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\9A4C1290d01 46,17KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A0CC5323d01 18,09KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A2370995d01 18,10KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A2DB7333d01 17,99KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A4DF6C9Fd01 18,04KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A5090C60d01 18,25KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A6521C02d01 18,09KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\A9161E3Fd01 18,11KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\AEC56E74d01 18,17KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\C16F3B73d01 18,15KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\C8A37206d01 23,24KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\D46B8499d01 1,64MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\D4962E53d01 28,23KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\ED76CF7Ed01 34,95KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\_CACHE_001_ 0,11MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\_CACHE_002_ 91,12KB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\_CACHE_003_ 0,28MB
C:\Documents and Settings\fred\Local Settings\Application Data\Mozilla\Firefox\profiles\ghebpxsv.default\cache\_CACHE_MAP_ 8,27KB
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\#SharedObjects\QENZLSWS\fr.mg41.mail.yahoo.com\cookies.sol 67 bytes
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\#SharedObjects\QENZLSWS\localhost\core.sol 53 bytes
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#fr.mg41.mail.yahoo.com\settings.sol 92 bytes
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol 75 bytes
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 454 bytes
------------------------------------------------------------------------------------------

Post Ccleaner2
NETTOYAGE COMPLET - (0,839 secs)
------------------------------------------------------------------------------------------
3,56KB supprimés.
------------------------------------------------------------------------------------------

Détails des fichiers effacés
------------------------------------------------------------------------------------------
Fichiers Temporaires d'Internet Explorer (fichiers 4) 382 bytes
Cookie:fred@yahoo.com/(&H100001) 82 bytes
C:\WINDOWS\system32\wbem\Logs\wbemess.log 2,57KB
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\#SharedObjects\RAB4HMTG\localhost\core.sol 53 bytes
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#local\settings.sol 75 bytes
C:\Documents and Settings\fred\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 428 bytes
------------------------------------------------------------------------------------------

PostHiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:44, on 23/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3061001
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O17 - HKLM\Software\..\Telephony: DomainName = mmsh.univ-aix.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Réponse 33 / 172

freddecosse
23 déc. 2008 à 13:40

Il faut que je file 2 ou 3 heures
je me connecte des que je rentre
j'espere que ca s'arrange...
a tout'
et merci encore

Réponse 34 / 172

Utilisateur anonyme
23 déc. 2008 à 13:49

ok fait moi signe des que tu es dispo

Réponse 35 / 172

freddecosse
23 déc. 2008 à 17:15

je suis dispo.
et toi?

Réponse 36 / 172

Utilisateur anonyme
23 déc. 2008 à 17:23

je suis en train de bosser sur ton rapport je termine et t'envoie la suite , d'ici peu (-_-)

Réponse 37 / 172

freddecosse
23 déc. 2008 à 17:29

Super, merci beaucoup
Ne te prends pas la tête avec les délais vu qu'il va falloir que j'aille dans ma famille a 18h...
On peut faire comme hier si t'es OK c'est-a-dire que tu me laisses des instructions, que je fasse ce qu'il faut quand je peux (la, c'est les fêtes, la famille, donc c'est pas gagné...!) et que je te fasse un retour après.
C'est pas génial, mais bon...

Réponse 38 / 172

Utilisateur anonyme
23 déc. 2008 à 17:31

ne t'inquiete pas , tu le fait des que tu peu , il n' y a aucuns soucis je t'envoie la manip d'ici peu .

Réponse 39 / 172

Utilisateur anonyme
23 déc. 2008 à 17:34

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt

Copie le texte en gras : ci-dessous :

Driver::
Inmhipcmcscp

Files::
c:\windows\system32\husosaza.dll
c:\windows\system32\ridogeku.dll
c:\windows\system32\jedevihi.dll
c:\windows\system32\livugafo.dll
c:\windows\system32\sigubahi.dll
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\azasosuh.ini
c:\windows\system32\OrUAHKG2.exe
c:\windows\system32\86FKUKnf.exe
c:\windows\system32\sigubahi.dll.vir
c:\windows\system32\husosaza.dll
c:\windows\system32\royubide.dll
c:\windows\system32\silahije.dll
c:\windows\system32\mozehete.dll
c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
c:\windows\system32\jedevihi.dll
c:\windows\system32\ridogeku.dll
c:\windows\Downloaded Program Files\SETUP.INF

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3a6dad3-6f45-4200-9263-e95e142fa0f2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rivufelegi"=-
"0854be61"=-

fait Glisser maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

Réponse 40 / 172

freddecosse
23 déc. 2008 à 18:01

Voila j'espere que j'ai bien fait la manip
en fait quand je posais le fichier txt sur l'icone HiJackThis -chez moi une tete de tigre et pas une croix!?- ca faisait demarrer directement le scan HJT et j'ai pas eu le choix entre 1 et 2...
le PC n'a pas redemarrer
Je fais" Fix checked " ou pas?
Apres je bouge...

voila les posts:

Combofix:

ComboFix 08-12-21.04 - fred 2008-12-23 17:45:14.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1014.328 [GMT 1:00]
Lancé depuis: c:\documents and settings\fred\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\fred\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-23 au 2008-12-23 ))))))))))))))))))))))))))))))))))))
.

2008-12-23 12:02 . 2008-12-23 12:15 0 --a------ c:\windows\system32\tmp.MSNFix
2008-12-22 18:58 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe
2008-12-22 18:14 . 2008-12-23 12:15 <REP> d-------- C:\autorun.MSNFix
2008-12-22 17:53 . 2008-12-22 18:14 <REP> d-------- c:\program files\UsbFix
2008-12-22 17:35 . 2008-12-22 17:35 <REP> d-------- C:\c05d7a76e69b146e31
2008-12-22 17:25 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-22 17:24 . 2008-09-04 18:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-12-22 17:24 . 2008-10-15 17:35 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-12-22 17:11 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2008-12-22 17:11 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2008-12-22 17:01 . 2008-12-22 17:01 <REP> d-------- C:\VundoFix Backups
2008-12-22 16:44 . 2008-12-22 16:44 <REP> d-------- C:\rsit
2008-12-22 16:44 . 2008-12-23 10:58 <REP> d-------- c:\program files\trend micro
2008-12-22 15:09 . 2008-12-22 15:09 <REP> d-------- c:\program files\Sunbelt Software
2008-12-22 15:09 . 2008-10-31 07:09 270,888 -ra------ c:\windows\system32\drivers\SbFw.sys
2008-12-22 15:09 . 2008-06-21 04:54 65,576 --a------ c:\windows\system32\drivers\SbFwIm.sys
2008-12-22 14:56 . 2008-12-22 14:56 <REP> d-------- c:\documents and settings\fred\Application Data\Malwarebytes
2008-12-22 14:29 . 2008-12-22 14:29 579,584 --a------ c:\windows\system32\dllcache\user32.dll
2008-12-22 14:23 . 2008-12-22 14:24 <REP> d-------- c:\windows\ERUNT
2008-12-21 10:28 . 2008-12-21 10:28 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-21 10:28 . 2008-12-21 10:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-21 10:28 . 2008-12-03 19:54 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-21 10:28 . 2008-12-03 19:54 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-20 15:28 . 2008-12-20 15:28 <REP> d-------- c:\program files\AxBx
2008-12-20 15:22 . 2008-12-20 15:22 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard
2008-12-20 15:22 . 2008-12-20 15:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-10 00:16 . 2008-12-10 00:16 249,856 --------- c:\windows\Setup1.exe
2008-12-10 00:16 . 2008-12-10 00:16 73,216 --a------ c:\windows\ST6UNST.EXE
2008-12-10 00:07 . 2008-12-10 09:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Symantec
2008-12-10 00:05 . 2008-12-10 11:36 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared
2008-12-10 00:02 . 2008-12-10 00:14 <REP> d-------- c:\documents and settings\fred\Application Data\Symantec
2008-12-09 23:37 . 2008-12-09 23:37 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-12-09 23:24 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui
2008-12-05 11:49 . 2008-12-05 11:48 410,984 --a------ c:\windows\system32\deploytk.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-23 10:16 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-23 10:15 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-21 16:15 --------- d-----w c:\documents and settings\fred\Application Data\Skype
2008-12-21 16:14 --------- d-----w c:\documents and settings\fred\Application Data\skypePM
2008-12-20 14:24 --------- d-----w c:\program files\Lavasoft
2008-12-20 14:24 --------- d-----w c:\documents and settings\fred\Application Data\Lavasoft
2008-12-15 12:41 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-12-13 06:37 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-05 10:52 --------- d-----w c:\program files\Java
2008-11-07 15:45 2,174,976 ------w c:\windows\system32\dllcache\WMVCore.dll
2008-11-04 00:06 --------- d-----w c:\documents and settings\fred\Application Data\U3
2008-11-02 09:46 --------- d-----w c:\program files\MSN Messenger
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:12 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:12 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:07 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-03 10:03 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2007-12-07 16:16 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-08-14 09:53 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008081420080815\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-12-22_16.11.48.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-26 08:11:45 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 08:11:45 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 08:11:45 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 08:11:45 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 08:11:45 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:39:40 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 08:11:45 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 08:11:45 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 08:11:46 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 08:11:46 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:12:27 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 08:11:48 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 08:11:48 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 08:11:49 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 08:11:49 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 08:11:49 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-26 08:11:52 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 08:11:52 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 08:11:52 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 08:11:52 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 08:11:52 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 08:11:52 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 08:11:53 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 08:11:53 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 08:11:54 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-08-27 09:11:52 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:47 394,976 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2008-12-22 16:36:14 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-10-18 10:05:46 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-12-22 17:25:07 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-10-18 10:05:46 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-12-22 17:25:07 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-10-18 10:05:46 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-12-22 17:25:07 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-10-18 10:05:45 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-12-22 17:25:07 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-10-18 10:05:46 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-12-22 17:25:07 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-10-18 10:05:46 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-12-22 17:25:07 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-10-18 10:05:46 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-12-22 17:25:08 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-10-18 10:05:46 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-12-22 17:25:08 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-10-18 10:05:46 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-12-22 17:25:07 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-10-18 10:05:45 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-12-22 17:25:07 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-10-18 10:05:46 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-12-22 17:25:08 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-10-18 10:05:45 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-12-22 17:25:07 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-10-18 10:05:45 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-12-22 17:25:07 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-10-18 10:06:12 38,240 ----a-r c:\windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-12-22 17:26:44 38,240 ----a-r c:\windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
- 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:18:31 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-08-26 08:11:45 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:18:31 124,928 ------w c:\windows\system32\dllcache\advpack.dll
- 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-08-26 08:11:45 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:18:32 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-08-26 08:11:45 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:18:32 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 08:11:45 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:18:32 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-26 08:11:46 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:18:32 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 08:11:46 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:18:32 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:12:27 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:18:35 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 08:11:48 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:18:35 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 08:11:48 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:18:35 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 02:34:09 103,936 ------w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-10 02:11:20 103,936 ------w c:\windows\system32\dllcache\logagent.exe
- 2008-08-26 08:11:49 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:18:37 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 08:11:49 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:18:37 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 02:33:34 1,306,624 ------w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:15:15 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
- 2008-08-26 08:11:52 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:18:41 102,912 ------w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-08-26 08:11:52 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:18:41 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 08:11:53 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:18:42 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 08:11:54 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
- 2008-04-14 02:33:48 1,053,184 ------w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-06-10 05:11:46 1,053,696 ------w c:\windows\system32\dllcache\WMNetmgr.dll
- 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-08-26 08:11:45 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:39:40 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:12:20 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 08:11:45 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:18:32 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 08:11:45 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:18:32 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 08:11:46 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:18:32 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 08:11:46 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:18:32 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:12:27 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:18:35 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 08:11:48 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:18:35 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 08:11:48 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:18:35 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2008-04-14 02:34:09 103,936 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-10 02:11:20 103,936 ----a-w c:\windows\system32\logagent.exe
- 2008-10-07 10:19:42 16,721,856 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-09 14:24:38 17,593,280 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 08:11:49 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:18:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 08:11:49 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:18:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 09:11:52 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:37:56 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-04-14 02:33:34 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:16:10 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2008-04-14 02:33:34 1,306,624 ------w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:15:15 1,307,648 ------w c:\windows\system32\msxml6.dll
- 2008-04-14 02:33:34 337,408 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:35:43 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2008-08-26 08:11:52 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:18:41 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-10-26 18:45:52 53,770 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-22 15:15:43 53,436 ----a-w c:\windows\system32\perfc009.dat
- 2008-10-26 18:45:52 64,922 ----a-w c:\windows\system32\perfc00C.dat
+ 2008-12-22 15:15:43 64,484 ----a-w c:\windows\system32\perfc00C.dat
- 2008-10-26 18:45:52 382,026 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-22 15:15:43 381,692 ----a-w c:\windows\system32\perfh009.dat
- 2008-10-26 18:45:52 447,222 ----a-w c:\windows\system32\perfh00C.dat
+ 2008-12-22 15:15:43 446,566 ----a-w c:\windows\system32\perfh00C.dat
- 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2006-01-09 08:36:06 40,960 ----a-w c:\windows\system32\swsc.exe
- 2008-07-11 12:42:28 62,976 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-08-26 08:11:52 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:18:41 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 08:11:53 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:18:42 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 08:11:54 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\wininet.dll
- 2008-04-14 02:33:48 1,053,184 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-10 05:11:46 1,053,696 ----a-w c:\windows\system32\WMNetmgr.dll
- 2008-04-14 02:34:39 2,109,440 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-11-07 15:45:32 2,174,976 ----a-w c:\windows\system32\WMVCore.dll
+ 2008-12-23 16:10:15 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_6c4.dat
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 4662776]
"ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2006-12-15 590728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2005-10-07 176128]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-03-06 90182]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2003-02-26 139347]
"bacstray"="c:\program files\Broadcom\BACS\BacsTray.exe" [2005-07-13 118784]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Analyseur de connectivit‚ de client de pare-feu.LNK - c:\program files\Microsoft Firewall Client\ISATRAY.EXE [2006-10-19 52496]
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-07-10 962661]
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 53248]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 241664]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-10-30 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Startup\[u]0/u\[u]0/u]
"Script"=correspondantsLAMES.bat

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-12-22 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 SbPF.Launcher;SbPF.Launcher;"c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe" [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4;"c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe" [2008-10-31 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2008-12-22 65576]
S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\DRIVERS\adiusbae.sys []
S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\DRIVERS\fbxusb.sys [2002-12-11 18848]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE:
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Microsoft Firewall Client\wspwsp.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\fred\Application Data\Mozilla\Firefox\Profiles\ghebpxsv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-23 17:51:40
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-12-23 17:54:55
ComboFix-quarantined-files.txt 2008-12-23 16:54:48
ComboFix2.txt 2008-12-22 15:13:35

Avant-CF: 43 600 166 912 octets libres
Après-CF: 43,583,635,456 octets libres

398 --- E O F --- 2008-12-22 17:26:47

HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:57:30, on 23/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3061001
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O17 - HKLM\Software\..\Telephony: DomainName = mmsh.univ-aix.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mmsh.univ-aix.fr
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Discussions similaires

Security boot fail lors du démarrage

"Reboot and Select proper Boot Device"

Boot failure detected

Aide Please select boot device