Suis-je infectée?
Résolu
glaude1717
Messages postés
108
Date d'inscription
Statut
Membre
Dernière intervention
-
pimprenelle27 Messages postés 20857 Date d'inscription Statut Contributeur sécurité Dernière intervention -
pimprenelle27 Messages postés 20857 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
depuis quelque temps,mon ordinateur reçoit des pop pup d'internet explorer alors que je navigue sous firefox.j'ai configurer le bloqueur de fenêtres intempestives sous mozilla et sous internet explorer et c'est toujours pareil.de plus je reçois des messages d'erreur m' indiquant que le fichier iertutil.dll est manquant, introuvable au démarrage, endommagé dans la bibliothèque numérique.je l'ai donc réinstallé dans le système 32.et maintenant il me dit que l'ordinal 14 est introuvable dans la bibliothèque numérique.je ne sais plus quoi faire!de plus je ne suis pas très bonne en informatique et je n'y comprend pas grand chose.j'ai fait beaucoup de recherche et j'ai vu qu'il fallait faire une désinfection de mon ordi et d'abord lancer un hijackthis.pouvez-vous m'aider s'il vous plait?merci
depuis quelque temps,mon ordinateur reçoit des pop pup d'internet explorer alors que je navigue sous firefox.j'ai configurer le bloqueur de fenêtres intempestives sous mozilla et sous internet explorer et c'est toujours pareil.de plus je reçois des messages d'erreur m' indiquant que le fichier iertutil.dll est manquant, introuvable au démarrage, endommagé dans la bibliothèque numérique.je l'ai donc réinstallé dans le système 32.et maintenant il me dit que l'ordinal 14 est introuvable dans la bibliothèque numérique.je ne sais plus quoi faire!de plus je ne suis pas très bonne en informatique et je n'y comprend pas grand chose.j'ai fait beaucoup de recherche et j'ai vu qu'il fallait faire une désinfection de mon ordi et d'abord lancer un hijackthis.pouvez-vous m'aider s'il vous plait?merci
A voir également:
- Suis-je infectée?
- Comment savoir si une clé usb est infectée - Guide
- URL infectée malware - Forum Virus
- Clé registre infectée ✓ - Forum Virus
- Clé USB infectée - Forum Clé USB / Carte mémoire
- Carte sim infectée ✓ - Forum Mobile
66 réponses
Salut,
Fait ceci :
# Installe sur ton bureaux Hijackthis
# Aide toi de ceci pour me faire le rapport et l'envoyer
# Clique sur l'icone de Hijackthis sur ton bureaux
# Choisit l'option "Do a system scan and save a logfile"
# Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le meme dossier que hijackthis.exe. Faire édition / selectionner tout
# Copie le et envoie le dans ta prochaine reponse dans le Topic
>>> Pour installer Hijackthis clique ici <<<
[!] Pour les utilisateurs de Vista faudra desactiver l'UAC [!]
► Clic droit sur nom de l'outil, et sur exécuter en tant qu'administrateur
Fait ceci :
# Installe sur ton bureaux Hijackthis
# Aide toi de ceci pour me faire le rapport et l'envoyer
# Clique sur l'icone de Hijackthis sur ton bureaux
# Choisit l'option "Do a system scan and save a logfile"
# Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le meme dossier que hijackthis.exe. Faire édition / selectionner tout
# Copie le et envoie le dans ta prochaine reponse dans le Topic
>>> Pour installer Hijackthis clique ici <<<
[!] Pour les utilisateurs de Vista faudra desactiver l'UAC [!]
► Clic droit sur nom de l'outil, et sur exécuter en tant qu'administrateur
a colombo...
je te remercie de l'aide que tu m'apporte.voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:08:40, on 04/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Safe Great.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [vggoffn] "c:\documents and settings\marie-claude\local settings\application data\vggoffn.exe" vggoffn
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
je te remercie de l'aide que tu m'apporte.voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:08:40, on 04/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Safe Great.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [vggoffn] "c:\documents and settings\marie-claude\local settings\application data\vggoffn.exe" vggoffn
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
bonjour,
oui ça serait bien de savoir ou tu te fait désinfecter, ça pas bien de créer plusieurs topics pour un même problème.
oui ça serait bien de savoir ou tu te fait désinfecter, ça pas bien de créer plusieurs topics pour un même problème.
je suis aidé par colombo mais apparemment ce membre a été bloqué d'après pimprenelle qui vient de m'envoyer un message.voici un lien:https://forums.commentcamarche.net/forum/affich-14230054-suis-je-infectee#2009-09-07%2016%3A08%3A03.
je ne sais pas si cela va marcher(j'ai pas trop l'habitude des forums)
si ce membre est bloqué,que vais-je faire?peut-on avoir quelqu'un d'autre?
merci pour vos réponses
je ne sais pas si cela va marcher(j'ai pas trop l'habitude des forums)
si ce membre est bloqué,que vais-je faire?peut-on avoir quelqu'un d'autre?
merci pour vos réponses
pour info glaude 1717, colombo ne reviens pas de suite, Le profil de ce membre a été bloqué.
O4 - HKCU\..\Run: [vggoffn] "c:\documents and settings\marie-claude\local settings\application data\vggoffn.exe" vggoffn
tu as ceci comme infection, et une toolbar néfaste Ask
Veux tu qu'on t'aide ?
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Safe Great.exe
infection LOP
tu as ceci comme infection, et une toolbar néfaste Ask
Veux tu qu'on t'aide ?
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\Safe Great.exe
infection LOP
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Pas mal de petite infections glaude 1717, nathandre va bien s'occuper de toi.
Télécharge [http://il.mafioso.pagesperso-orange.fr/Navifix/Navilog1.exe Navilog1 (D' IL-MAFIOSO) sur ton bureau.
Désactive ton Anti-virus , Anti-spyware , pare-feu
Double-clique sur le raccourci Navilog1 présent sur le bureau.
Au menu principal, choisis L'option 1 et valide.
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Le bloc-notes va s'ouvrir, et poste le rapport
Note : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
Désactive ton Anti-virus , Anti-spyware , pare-feu
Double-clique sur le raccourci Navilog1 présent sur le bureau.
Au menu principal, choisis L'option 1 et valide.
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Le bloc-notes va s'ouvrir, et poste le rapport
Note : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
je ne sais que faire car colombo vient de me répondre.alors si son profil est bloqué comment peut-il me répondre.de plus nathandre vient a mon aide et leurs démarches sont différentes.a qui dois-je répondre?dois-je continuer avec colombo ou avec nathandre?
voici le rapport de navilog:Fix Navipromo version 4.0.2 commencé le 07/09/2009 17:50:05,54
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Not Activated)
Firewall : Bitdefender Firewall 8.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:34 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\WINDOWS\system32\nvs2.inf supprimé !
c:\docume~1\marie-~1\locals~1\applic~1\vggoffn.dat supprimé !
c:\docume~1\marie-~1\locals~1\applic~1\vggoffn_nav.dat supprimé !
c:\docume~1\marie-~1\locals~1\applic~1\vggoffn_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Marie-Claude\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
C:\WINDOWS\Tasks\A94E0CFD918584CD.job trouvé ! Infection Lop possible non traitée par cet outil !
C:\WINDOWS\Tasks\AAED273A9102A27E.job trouvé ! Infection Lop possible non traitée par cet outil !
*** Scan terminé 07/09/2009 18:16:34,28 ***
je ne pourrais revenir ce soir mais peut-être demain après midi.merci
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Not Activated)
Firewall : Bitdefender Firewall 8.0 (Not Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:34 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\WINDOWS\system32\nvs2.inf supprimé !
c:\docume~1\marie-~1\locals~1\applic~1\vggoffn.dat supprimé !
c:\docume~1\marie-~1\locals~1\applic~1\vggoffn_nav.dat supprimé !
c:\docume~1\marie-~1\locals~1\applic~1\vggoffn_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Marie-Claude\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
C:\WINDOWS\Tasks\A94E0CFD918584CD.job trouvé ! Infection Lop possible non traitée par cet outil !
C:\WINDOWS\Tasks\AAED273A9102A27E.job trouvé ! Infection Lop possible non traitée par cet outil !
*** Scan terminé 07/09/2009 18:16:34,28 ***
je ne pourrais revenir ce soir mais peut-être demain après midi.merci
bonjour Glaude1717,
Ton PC était infecté par l'ad-aware Navipromo/Magic Control/EDG ACCESS qui affiche des publicités intempestives.
Il s'installe via certains programmes, dont ceux-ci qu'il faut éviter à tout prix:
* Funky Emoticons
* go-astro
* Games Attack
* GoRecord
* HotTVPlayer / HotTVPlayer & Paris Hilton
* Live-Player
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* Officiale Emule (Version d'Emule modifiée)
* Original Solitaire
* SuperSexPlayer
* Speed Downloading
* Sudoplanet
* Webmediaplayer
Nous avons nettoyé cette infection avec Navilog
Tu as une autre infection, c'est l'infection LOP
Elles s'installent par ces programmes qu'il faut éviter à tout prix:
* Le sponsor de Messenger Plus!
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
Traitons cette infection
Télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Ton PC était infecté par l'ad-aware Navipromo/Magic Control/EDG ACCESS qui affiche des publicités intempestives.
Il s'installe via certains programmes, dont ceux-ci qu'il faut éviter à tout prix:
* Funky Emoticons
* go-astro
* Games Attack
* GoRecord
* HotTVPlayer / HotTVPlayer & Paris Hilton
* Live-Player
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* Officiale Emule (Version d'Emule modifiée)
* Original Solitaire
* SuperSexPlayer
* Speed Downloading
* Sudoplanet
* Webmediaplayer
Nous avons nettoyé cette infection avec Navilog
Tu as une autre infection, c'est l'infection LOP
Elles s'installent par ces programmes qu'il faut éviter à tout prix:
* Le sponsor de Messenger Plus!
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
Traitons cette infection
Télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
bonjour,
voici le rapport lop S&D/
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08/09/2009|16:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[08/06/2006|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[13/04/2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[06/11/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/01/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[23/07/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[27/01/2009|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[19/04/2009|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[02/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
[22/01/2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[23/05/2007|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[10/08/2008|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[04/09/2008|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/09/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
[17/08/2009|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[08/01/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[24/01/2009|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[12/08/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/06/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/01/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GESTAN
[26/02/2009|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[01/03/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[01/03/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[21/03/2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[08/01/2009|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/03/2008|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Laconic Software
[17/01/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[11/05/2009|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/05/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MXPLAY
[26/04/2009|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[29/10/2006|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[10/01/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/01/2009|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
[15/08/2009|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[08/06/2006|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[23/12/2007|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[07/02/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[18/12/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[24/11/2006|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/11/2006|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[14/04/2009|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindSolutions
[08/06/2006|12:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/12/2006|18:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02/02/2008|17:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\Adobe
[13/02/2009|20:16] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ahead
[15/08/2009|14:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\Apple Computer
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Arcsoft
[22/01/2009|20:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\BitDefender
[14/04/2009|15:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTrans
[14/04/2009|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTransPhoto
[07/02/2009|15:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\CyberLink
[21/02/2009|16:33] C:\DOCUME~1\MARIE-~1\APPLIC~1\dvdcss
[13/05/2008|18:04] C:\DOCUME~1\MARIE-~1\APPLIC~1\EoRezo
[11/02/2007|16:24] C:\DOCUME~1\MARIE-~1\APPLIC~1\Google
[15/08/2009|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Help
[04/11/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Hotbar_Icons
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Identities
[14/04/2009|17:09] C:\DOCUME~1\MARIE-~1\APPLIC~1\iLibs
[10/05/2008|10:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\ItsLabel
[11/01/2009|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Jasc Software Inc
[18/10/2006|13:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\Lavasoft
[16/01/2009|15:46] C:\DOCUME~1\MARIE-~1\APPLIC~1\Logitech
[21/11/2006|19:28] C:\DOCUME~1\MARIE-~1\APPLIC~1\Macromedia
[25/08/2009|16:12] C:\DOCUME~1\MARIE-~1\APPLIC~1\Microsoft
[29/08/2008|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Mozilla
[23/04/2009|15:20] C:\DOCUME~1\MARIE-~1\APPLIC~1\MPMAN
[14/06/2008|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\MXPLAY
[08/09/2009|16:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\OpenOffice.org2
[15/01/2009|16:37] C:\DOCUME~1\MARIE-~1\APPLIC~1\Real
[03/02/2009|15:47] C:\DOCUME~1\MARIE-~1\APPLIC~1\Shareaza
[29/03/2007|19:03] C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
[16/06/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Sun
[17/02/2008|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\Talkback
[18/02/2008|18:35] C:\DOCUME~1\MARIE-~1\APPLIC~1\Thunderbird
[09/02/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\TuneUp Software
[18/12/2007|17:18] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ulead Systems
[02/01/2009|16:32] C:\DOCUME~1\MARIE-~1\APPLIC~1\vlc
[24/05/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\Vso
[04/11/2007|18:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\WeatherDPA
[14/04/2009|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\WindSolutions
[29/08/2008|17:33] C:\DOCUME~1\nenette\APPLIC~1\Adobe
[21/04/2009|10:32] C:\DOCUME~1\nenette\APPLIC~1\Apple Computer
[23/01/2009|20:45] C:\DOCUME~1\nenette\APPLIC~1\BitDefender
[14/08/2009|11:34] C:\DOCUME~1\nenette\APPLIC~1\Free Byte
[06/09/2008|15:41] C:\DOCUME~1\nenette\APPLIC~1\Google
[11/08/2008|18:24] C:\DOCUME~1\nenette\APPLIC~1\Identities
[23/04/2009|20:10] C:\DOCUME~1\nenette\APPLIC~1\Jasc Software Inc
[21/01/2009|19:20] C:\DOCUME~1\nenette\APPLIC~1\Logitech
[11/08/2008|18:30] C:\DOCUME~1\nenette\APPLIC~1\Macromedia
[21/07/2009|16:43] C:\DOCUME~1\nenette\APPLIC~1\Microsoft
[29/08/2008|11:23] C:\DOCUME~1\nenette\APPLIC~1\Mozilla
[07/09/2009|19:33] C:\DOCUME~1\nenette\APPLIC~1\OpenOffice.org2
[21/08/2009|15:37] C:\DOCUME~1\nenette\APPLIC~1\Real
[19/02/2009|18:09] C:\DOCUME~1\nenette\APPLIC~1\Shareaza
[06/09/2008|12:36] C:\DOCUME~1\nenette\APPLIC~1\Sun
[19/02/2009|17:30] C:\DOCUME~1\nenette\APPLIC~1\vlc
[08/06/2006|12:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08/09/2009 16:34][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E846099C-168A-48AE-818E-11C086199B02}.job
[07/09/2009 21:00][--ah-----] C:\WINDOWS\tasks\AAED273A9102A27E.job
[07/09/2009 21:00][--ah-----] C:\WINDOWS\tasks\A94E0CFD918584CD.job
[04/09/2009 17:19][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[31/08/2009 13:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/09/2009 16:24][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A94E0CFD918584CD.job )=( c:\docume~1\nenette\applic~1\freeby~1\userelseowns.exe )
( AAED273A9102A27E.job )=( c:\docume~1\masse\applic~1\freeby~1\userelseowns.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2008|18:17] C:\Program Files\Adobe
[08/02/2009|18:41] C:\Program Files\Ahead
[27/01/2009|18:32] C:\Program Files\Apple Software Update
[18/02/2008|18:34] C:\Program Files\ArcSoft
[16/02/2009|20:30] C:\Program Files\AskTBar
[14/01/2009|15:07] C:\Program Files\Avanquest update
[22/01/2009|19:57] C:\Program Files\BitDefender
[01/10/2008|16:35] C:\Program Files\Burger Shop
[04/09/2008|18:55] C:\Program Files\Canon
[04/09/2008|18:48] C:\Program Files\CanonBJ
[25/08/2009|16:53] C:\Program Files\Circle Developeent
[08/01/2009|22:02] C:\Program Files\Corel
[02/01/2009|21:55] C:\Program Files\CueClub
[24/01/2009|17:50] C:\Program Files\CyberLink
[01/01/2009|18:33] C:\Program Files\DAMN NFO Viewer
[17/02/2008|17:58] C:\Program Files\DivX
[21/06/2007|19:43] C:\Program Files\DVD Shrink
[17/08/2009|17:11] C:\Program Files\DVDFab 5
[30/04/2009|15:01] C:\Program Files\eChanblard
[04/07/2009|09:05] C:\Program Files\Fichiers communs
[17/08/2009|09:35] C:\Program Files\Free Byte
[26/02/2009|16:49] C:\Program Files\Google
[13/08/2008|15:08] C:\Program Files\IncrediMail
[15/08/2009|14:26] C:\Program Files\InstallShield Installation Information
[11/12/2006|23:08] C:\Program Files\InstantTouch
[18/12/2007|17:13] C:\Program Files\Intel
[29/08/2009|18:12] C:\Program Files\Internet Explorer
[08/01/2009|21:52] C:\Program Files\Jasc Software Inc
[09/05/2007|14:48] C:\Program Files\Java
[10/07/2008|19:19] C:\Program Files\JoWooD
[17/01/2009|16:03] C:\Program Files\Logitech
[22/11/2006|14:20] C:\Program Files\Macrogaming
[26/01/2008|17:01] C:\Program Files\Magentic
[12/10/2008|14:12] C:\Program Files\Maxis
[31/08/2008|20:35] C:\Program Files\Messenger
[30/08/2009|16:25] C:\Program Files\Messenger Plus! Live
[15/08/2009|14:28] C:\Program Files\Micro Application
[25/08/2009|16:50] C:\Program Files\Microsoft
[09/05/2007|18:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/07/2007|17:18] C:\Program Files\microsoft frontpage
[17/06/2007|18:34] C:\Program Files\Microsoft Games
[23/05/2009|10:24] C:\Program Files\Microsoft Office
[25/08/2009|16:50] C:\Program Files\Microsoft Office Outlook Connector
[31/07/2009|16:57] C:\Program Files\Microsoft Silverlight
[25/08/2009|16:48] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2009|16:49] C:\Program Files\Microsoft Sync Framework
[08/07/2007|17:21] C:\Program Files\Microsoft Works
[08/07/2007|17:09] C:\Program Files\Microsoft Works Suite 2000
[13/05/2009|15:23] C:\Program Files\Microsoft.NET
[06/11/2008|22:25] C:\Program Files\Mots Croises Pro
[01/11/2008|18:34] C:\Program Files\Movie Maker
[08/09/2009|16:29] C:\Program Files\Mozilla Firefox
[10/08/2009|10:20] C:\Program Files\MSBuild
[28/03/2007|15:44] C:\Program Files\MSECache
[30/08/2008|16:38] C:\Program Files\msn
[08/06/2006|12:13] C:\Program Files\MSN Gaming Zone
[12/11/2008|08:58] C:\Program Files\MSXML 4.0
[22/01/2009|16:47] C:\Program Files\MultiMedia France Toolbar
[07/09/2009|18:16] C:\Program Files\Navilog1
[30/08/2008|16:26] C:\Program Files\NetMeeting
[29/10/2006|16:32] C:\Program Files\OLYMPUS
[08/06/2006|18:00] C:\Program Files\OpenOffice.org 2.0
[13/08/2009|18:59] C:\Program Files\Outlook Express
[25/12/2007|18:43] C:\Program Files\Picasa2
[11/11/2008|18:04] C:\Program Files\PopCap Games
[27/01/2009|18:24] C:\Program Files\QuickTime
[08/01/2009|22:02] C:\Program Files\Real
[08/06/2006|13:01] C:\Program Files\Realtek AC97
[10/08/2009|10:20] C:\Program Files\Reference Assemblies
[08/06/2006|13:00] C:\Program Files\S3
[06/12/2008|21:09] C:\Program Files\ScreenMates
[12/07/2008|13:09] C:\Program Files\Seagrand
[03/02/2009|15:48] C:\Program Files\Shareaza
[13/01/2009|23:44] C:\Program Files\ShoppingReport
[08/06/2006|18:21] C:\Program Files\Spybot - Search & Destroy
[11/01/2009|17:33] C:\Program Files\SuperCopier2
[16/08/2009|10:29] C:\Program Files\Techcity
[24/08/2009|20:41] C:\Program Files\TuneUp Utilities 2008
[02/01/2009|18:15] C:\Program Files\UltraISO
[30/08/2008|16:57] C:\Program Files\Uninstall Information
[01/01/2009|19:11] C:\Program Files\VideoLAN
[11/04/2009|15:26] C:\Program Files\Virtools
[25/02/2009|16:36] C:\Program Files\vso
[25/02/2009|16:35] C:\Program Files\WinAVI VideoConverter
[25/08/2009|16:50] C:\Program Files\Windows Live
[07/12/2006|22:46] C:\Program Files\Windows Live Safety Center
[10/05/2009|14:48] C:\Program Files\Windows Live SkyDrive
[10/05/2009|14:52] C:\Program Files\Windows Live Toolbar
[18/12/2007|16:36] C:\Program Files\Windows Media Components
[18/02/2007|19:14] C:\Program Files\Windows Media Connect 2
[30/08/2008|16:25] C:\Program Files\Windows Media Player
[01/10/2008|18:31] C:\Program Files\Windows NT
[14/04/2009|16:51] C:\Program Files\WindSolutions
[01/01/2009|19:17] C:\Program Files\WinRAR
[08/06/2006|12:18] C:\Program Files\xerox
[10/07/2008|16:37] C:\Program Files\XP Codec Pack
[18/12/2007|17:08] C:\Program Files\XviD
[27/06/2007|14:53] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/11/2008|18:17] C:\Program Files\Fichiers communs\Adobe
[08/02/2009|18:37] C:\Program Files\Fichiers communs\Ahead
[21/04/2009|20:39] C:\Program Files\Fichiers communs\Apple
[24/04/2009|16:11] C:\Program Files\Fichiers communs\AVSMedia
[22/01/2009|19:57] C:\Program Files\Fichiers communs\BitDefender
[13/05/2009|15:24] C:\Program Files\Fichiers communs\DESIGNER
[27/01/2007|19:45] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[02/01/2009|18:15] C:\Program Files\Fichiers communs\EZB Systems
[18/12/2007|16:35] C:\Program Files\Fichiers communs\InstallShield
[08/01/2009|21:53] C:\Program Files\Fichiers communs\Jasc Software Inc
[09/05/2007|14:47] C:\Program Files\Fichiers communs\Java
[17/01/2009|16:04] C:\Program Files\Fichiers communs\Logitech
[20/05/2009|07:44] C:\Program Files\Fichiers communs\Microsoft Shared
[08/06/2006|12:15] C:\Program Files\Fichiers communs\MSSoap
[08/02/2009|18:39] C:\Program Files\Fichiers communs\Nero
[08/06/2006|14:02] C:\Program Files\Fichiers communs\ODBC
[08/01/2009|21:57] C:\Program Files\Fichiers communs\PC SOFT
[01/01/2009|18:44] C:\Program Files\Fichiers communs\Real
[08/06/2006|12:15] C:\Program Files\Fichiers communs\Services
[06/01/2009|18:24] C:\Program Files\Fichiers communs\Sony Shared
[08/06/2006|14:02] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2009|16:50] C:\Program Files\Fichiers communs\System
[18/12/2007|16:35] C:\Program Files\Fichiers communs\Ulead Systems
[10/05/2009|14:36] C:\Program Files\Fichiers communs\Windows Live
[01/01/2009|18:34] C:\Program Files\Fichiers communs\Wise Installation Wizard
[01/01/2009|18:44] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 47 Processes )
IEXPLORE.EXE ~ [PID:1792]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\cramdtyx.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\mlbmbipl.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\More curb glue.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\OozeMovePlusPop.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\user else owns.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\yxyapnox.exe
C:\Program Files\freeby~1
C:\Program Files\MultiMedia France Toolbar
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@www.adserver5[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@advertising[1].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@bigpoint[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@pacificpoker[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@partypoker[1].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@888[2].txt
C:\WINDOWS\Tasks\A94E0CFD918584CD.job
C:\WINDOWS\Tasks\AAED273A9102A27E.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Safe Great.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 16:40:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
C:\PROGRA~1\FICHIE~1\DriveCleaner 2006 Free
[F:3][D:6]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp
[F:136][D:0]-> C:\DOCUME~1\MARIE-~1\Cookies
[F:13859][D:37]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08/09/2009|16:44 - Option : [1]
--------------------\\ Fin du rapport a 16:44:09
je vais essayé d'enlever certains programmes (si nous les avons) que tu m'a indiqué pour éviter les pubs intempestives.merci.
voici le rapport lop S&D/
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08/09/2009|16:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[08/06/2006|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[13/04/2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[06/11/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/01/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[23/07/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[27/01/2009|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[19/04/2009|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[02/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
[22/01/2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[23/05/2007|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[10/08/2008|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[04/09/2008|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/09/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
[17/08/2009|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[08/01/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[24/01/2009|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[12/08/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/06/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/01/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GESTAN
[26/02/2009|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[01/03/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[01/03/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[21/03/2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[08/01/2009|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/03/2008|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Laconic Software
[17/01/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[11/05/2009|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/05/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MXPLAY
[26/04/2009|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[29/10/2006|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[10/01/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/01/2009|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
[15/08/2009|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[08/06/2006|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[23/12/2007|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[07/02/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[18/12/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[24/11/2006|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/11/2006|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[14/04/2009|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindSolutions
[08/06/2006|12:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/12/2006|18:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02/02/2008|17:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\Adobe
[13/02/2009|20:16] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ahead
[15/08/2009|14:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\Apple Computer
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Arcsoft
[22/01/2009|20:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\BitDefender
[14/04/2009|15:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTrans
[14/04/2009|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTransPhoto
[07/02/2009|15:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\CyberLink
[21/02/2009|16:33] C:\DOCUME~1\MARIE-~1\APPLIC~1\dvdcss
[13/05/2008|18:04] C:\DOCUME~1\MARIE-~1\APPLIC~1\EoRezo
[11/02/2007|16:24] C:\DOCUME~1\MARIE-~1\APPLIC~1\Google
[15/08/2009|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Help
[04/11/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Hotbar_Icons
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Identities
[14/04/2009|17:09] C:\DOCUME~1\MARIE-~1\APPLIC~1\iLibs
[10/05/2008|10:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\ItsLabel
[11/01/2009|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Jasc Software Inc
[18/10/2006|13:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\Lavasoft
[16/01/2009|15:46] C:\DOCUME~1\MARIE-~1\APPLIC~1\Logitech
[21/11/2006|19:28] C:\DOCUME~1\MARIE-~1\APPLIC~1\Macromedia
[25/08/2009|16:12] C:\DOCUME~1\MARIE-~1\APPLIC~1\Microsoft
[29/08/2008|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Mozilla
[23/04/2009|15:20] C:\DOCUME~1\MARIE-~1\APPLIC~1\MPMAN
[14/06/2008|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\MXPLAY
[08/09/2009|16:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\OpenOffice.org2
[15/01/2009|16:37] C:\DOCUME~1\MARIE-~1\APPLIC~1\Real
[03/02/2009|15:47] C:\DOCUME~1\MARIE-~1\APPLIC~1\Shareaza
[29/03/2007|19:03] C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
[16/06/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Sun
[17/02/2008|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\Talkback
[18/02/2008|18:35] C:\DOCUME~1\MARIE-~1\APPLIC~1\Thunderbird
[09/02/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\TuneUp Software
[18/12/2007|17:18] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ulead Systems
[02/01/2009|16:32] C:\DOCUME~1\MARIE-~1\APPLIC~1\vlc
[24/05/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\Vso
[04/11/2007|18:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\WeatherDPA
[14/04/2009|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\WindSolutions
[29/08/2008|17:33] C:\DOCUME~1\nenette\APPLIC~1\Adobe
[21/04/2009|10:32] C:\DOCUME~1\nenette\APPLIC~1\Apple Computer
[23/01/2009|20:45] C:\DOCUME~1\nenette\APPLIC~1\BitDefender
[14/08/2009|11:34] C:\DOCUME~1\nenette\APPLIC~1\Free Byte
[06/09/2008|15:41] C:\DOCUME~1\nenette\APPLIC~1\Google
[11/08/2008|18:24] C:\DOCUME~1\nenette\APPLIC~1\Identities
[23/04/2009|20:10] C:\DOCUME~1\nenette\APPLIC~1\Jasc Software Inc
[21/01/2009|19:20] C:\DOCUME~1\nenette\APPLIC~1\Logitech
[11/08/2008|18:30] C:\DOCUME~1\nenette\APPLIC~1\Macromedia
[21/07/2009|16:43] C:\DOCUME~1\nenette\APPLIC~1\Microsoft
[29/08/2008|11:23] C:\DOCUME~1\nenette\APPLIC~1\Mozilla
[07/09/2009|19:33] C:\DOCUME~1\nenette\APPLIC~1\OpenOffice.org2
[21/08/2009|15:37] C:\DOCUME~1\nenette\APPLIC~1\Real
[19/02/2009|18:09] C:\DOCUME~1\nenette\APPLIC~1\Shareaza
[06/09/2008|12:36] C:\DOCUME~1\nenette\APPLIC~1\Sun
[19/02/2009|17:30] C:\DOCUME~1\nenette\APPLIC~1\vlc
[08/06/2006|12:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08/09/2009 16:34][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E846099C-168A-48AE-818E-11C086199B02}.job
[07/09/2009 21:00][--ah-----] C:\WINDOWS\tasks\AAED273A9102A27E.job
[07/09/2009 21:00][--ah-----] C:\WINDOWS\tasks\A94E0CFD918584CD.job
[04/09/2009 17:19][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[31/08/2009 13:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/09/2009 16:24][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A94E0CFD918584CD.job )=( c:\docume~1\nenette\applic~1\freeby~1\userelseowns.exe )
( AAED273A9102A27E.job )=( c:\docume~1\masse\applic~1\freeby~1\userelseowns.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2008|18:17] C:\Program Files\Adobe
[08/02/2009|18:41] C:\Program Files\Ahead
[27/01/2009|18:32] C:\Program Files\Apple Software Update
[18/02/2008|18:34] C:\Program Files\ArcSoft
[16/02/2009|20:30] C:\Program Files\AskTBar
[14/01/2009|15:07] C:\Program Files\Avanquest update
[22/01/2009|19:57] C:\Program Files\BitDefender
[01/10/2008|16:35] C:\Program Files\Burger Shop
[04/09/2008|18:55] C:\Program Files\Canon
[04/09/2008|18:48] C:\Program Files\CanonBJ
[25/08/2009|16:53] C:\Program Files\Circle Developeent
[08/01/2009|22:02] C:\Program Files\Corel
[02/01/2009|21:55] C:\Program Files\CueClub
[24/01/2009|17:50] C:\Program Files\CyberLink
[01/01/2009|18:33] C:\Program Files\DAMN NFO Viewer
[17/02/2008|17:58] C:\Program Files\DivX
[21/06/2007|19:43] C:\Program Files\DVD Shrink
[17/08/2009|17:11] C:\Program Files\DVDFab 5
[30/04/2009|15:01] C:\Program Files\eChanblard
[04/07/2009|09:05] C:\Program Files\Fichiers communs
[17/08/2009|09:35] C:\Program Files\Free Byte
[26/02/2009|16:49] C:\Program Files\Google
[13/08/2008|15:08] C:\Program Files\IncrediMail
[15/08/2009|14:26] C:\Program Files\InstallShield Installation Information
[11/12/2006|23:08] C:\Program Files\InstantTouch
[18/12/2007|17:13] C:\Program Files\Intel
[29/08/2009|18:12] C:\Program Files\Internet Explorer
[08/01/2009|21:52] C:\Program Files\Jasc Software Inc
[09/05/2007|14:48] C:\Program Files\Java
[10/07/2008|19:19] C:\Program Files\JoWooD
[17/01/2009|16:03] C:\Program Files\Logitech
[22/11/2006|14:20] C:\Program Files\Macrogaming
[26/01/2008|17:01] C:\Program Files\Magentic
[12/10/2008|14:12] C:\Program Files\Maxis
[31/08/2008|20:35] C:\Program Files\Messenger
[30/08/2009|16:25] C:\Program Files\Messenger Plus! Live
[15/08/2009|14:28] C:\Program Files\Micro Application
[25/08/2009|16:50] C:\Program Files\Microsoft
[09/05/2007|18:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/07/2007|17:18] C:\Program Files\microsoft frontpage
[17/06/2007|18:34] C:\Program Files\Microsoft Games
[23/05/2009|10:24] C:\Program Files\Microsoft Office
[25/08/2009|16:50] C:\Program Files\Microsoft Office Outlook Connector
[31/07/2009|16:57] C:\Program Files\Microsoft Silverlight
[25/08/2009|16:48] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2009|16:49] C:\Program Files\Microsoft Sync Framework
[08/07/2007|17:21] C:\Program Files\Microsoft Works
[08/07/2007|17:09] C:\Program Files\Microsoft Works Suite 2000
[13/05/2009|15:23] C:\Program Files\Microsoft.NET
[06/11/2008|22:25] C:\Program Files\Mots Croises Pro
[01/11/2008|18:34] C:\Program Files\Movie Maker
[08/09/2009|16:29] C:\Program Files\Mozilla Firefox
[10/08/2009|10:20] C:\Program Files\MSBuild
[28/03/2007|15:44] C:\Program Files\MSECache
[30/08/2008|16:38] C:\Program Files\msn
[08/06/2006|12:13] C:\Program Files\MSN Gaming Zone
[12/11/2008|08:58] C:\Program Files\MSXML 4.0
[22/01/2009|16:47] C:\Program Files\MultiMedia France Toolbar
[07/09/2009|18:16] C:\Program Files\Navilog1
[30/08/2008|16:26] C:\Program Files\NetMeeting
[29/10/2006|16:32] C:\Program Files\OLYMPUS
[08/06/2006|18:00] C:\Program Files\OpenOffice.org 2.0
[13/08/2009|18:59] C:\Program Files\Outlook Express
[25/12/2007|18:43] C:\Program Files\Picasa2
[11/11/2008|18:04] C:\Program Files\PopCap Games
[27/01/2009|18:24] C:\Program Files\QuickTime
[08/01/2009|22:02] C:\Program Files\Real
[08/06/2006|13:01] C:\Program Files\Realtek AC97
[10/08/2009|10:20] C:\Program Files\Reference Assemblies
[08/06/2006|13:00] C:\Program Files\S3
[06/12/2008|21:09] C:\Program Files\ScreenMates
[12/07/2008|13:09] C:\Program Files\Seagrand
[03/02/2009|15:48] C:\Program Files\Shareaza
[13/01/2009|23:44] C:\Program Files\ShoppingReport
[08/06/2006|18:21] C:\Program Files\Spybot - Search & Destroy
[11/01/2009|17:33] C:\Program Files\SuperCopier2
[16/08/2009|10:29] C:\Program Files\Techcity
[24/08/2009|20:41] C:\Program Files\TuneUp Utilities 2008
[02/01/2009|18:15] C:\Program Files\UltraISO
[30/08/2008|16:57] C:\Program Files\Uninstall Information
[01/01/2009|19:11] C:\Program Files\VideoLAN
[11/04/2009|15:26] C:\Program Files\Virtools
[25/02/2009|16:36] C:\Program Files\vso
[25/02/2009|16:35] C:\Program Files\WinAVI VideoConverter
[25/08/2009|16:50] C:\Program Files\Windows Live
[07/12/2006|22:46] C:\Program Files\Windows Live Safety Center
[10/05/2009|14:48] C:\Program Files\Windows Live SkyDrive
[10/05/2009|14:52] C:\Program Files\Windows Live Toolbar
[18/12/2007|16:36] C:\Program Files\Windows Media Components
[18/02/2007|19:14] C:\Program Files\Windows Media Connect 2
[30/08/2008|16:25] C:\Program Files\Windows Media Player
[01/10/2008|18:31] C:\Program Files\Windows NT
[14/04/2009|16:51] C:\Program Files\WindSolutions
[01/01/2009|19:17] C:\Program Files\WinRAR
[08/06/2006|12:18] C:\Program Files\xerox
[10/07/2008|16:37] C:\Program Files\XP Codec Pack
[18/12/2007|17:08] C:\Program Files\XviD
[27/06/2007|14:53] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/11/2008|18:17] C:\Program Files\Fichiers communs\Adobe
[08/02/2009|18:37] C:\Program Files\Fichiers communs\Ahead
[21/04/2009|20:39] C:\Program Files\Fichiers communs\Apple
[24/04/2009|16:11] C:\Program Files\Fichiers communs\AVSMedia
[22/01/2009|19:57] C:\Program Files\Fichiers communs\BitDefender
[13/05/2009|15:24] C:\Program Files\Fichiers communs\DESIGNER
[27/01/2007|19:45] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[02/01/2009|18:15] C:\Program Files\Fichiers communs\EZB Systems
[18/12/2007|16:35] C:\Program Files\Fichiers communs\InstallShield
[08/01/2009|21:53] C:\Program Files\Fichiers communs\Jasc Software Inc
[09/05/2007|14:47] C:\Program Files\Fichiers communs\Java
[17/01/2009|16:04] C:\Program Files\Fichiers communs\Logitech
[20/05/2009|07:44] C:\Program Files\Fichiers communs\Microsoft Shared
[08/06/2006|12:15] C:\Program Files\Fichiers communs\MSSoap
[08/02/2009|18:39] C:\Program Files\Fichiers communs\Nero
[08/06/2006|14:02] C:\Program Files\Fichiers communs\ODBC
[08/01/2009|21:57] C:\Program Files\Fichiers communs\PC SOFT
[01/01/2009|18:44] C:\Program Files\Fichiers communs\Real
[08/06/2006|12:15] C:\Program Files\Fichiers communs\Services
[06/01/2009|18:24] C:\Program Files\Fichiers communs\Sony Shared
[08/06/2006|14:02] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2009|16:50] C:\Program Files\Fichiers communs\System
[18/12/2007|16:35] C:\Program Files\Fichiers communs\Ulead Systems
[10/05/2009|14:36] C:\Program Files\Fichiers communs\Windows Live
[01/01/2009|18:34] C:\Program Files\Fichiers communs\Wise Installation Wizard
[01/01/2009|18:44] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 47 Processes )
IEXPLORE.EXE ~ [PID:1792]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\cramdtyx.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\mlbmbipl.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\More curb glue.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\OozeMovePlusPop.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\user else owns.exe
C:\DOCUME~1\nenette\APPLIC~1\freeby~1\yxyapnox.exe
C:\Program Files\freeby~1
C:\Program Files\MultiMedia France Toolbar
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@www.adserver5[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@advertising[1].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@bigpoint[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@pacificpoker[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@partypoker[1].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@888[2].txt
C:\WINDOWS\Tasks\A94E0CFD918584CD.job
C:\WINDOWS\Tasks\AAED273A9102A27E.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Safe Great.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 16:40:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
C:\PROGRA~1\FICHIE~1\DriveCleaner 2006 Free
[F:3][D:6]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp
[F:136][D:0]-> C:\DOCUME~1\MARIE-~1\Cookies
[F:13859][D:37]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08/09/2009|16:44 - Option : [1]
--------------------\\ Fin du rapport a 16:44:09
je vais essayé d'enlever certains programmes (si nous les avons) que tu m'a indiqué pour éviter les pubs intempestives.merci.
voici,voici:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08/09/2009|16:59 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\cramdtyx.exe
Echec ! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\mlbmbipl.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\More curb glue.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\OozeMovePlusPop.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\user else owns.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\yxyapnox.exe
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@www.adserver5[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@advertising[1].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@partypoker[1].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@888[2].txt
Supprime! - C:\WINDOWS\Tasks\A94E0CFD918584CD.job
Supprime! - C:\WINDOWS\Tasks\AAED273A9102A27E.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Echec ! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1
Supprime! - C:\Program Files\freeby~1
Supprime! - C:\Program Files\MultiMedia France Toolbar
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[08/06/2006|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[13/04/2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[06/11/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/01/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[23/07/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[27/01/2009|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[19/04/2009|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[02/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
[22/01/2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[23/05/2007|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[10/08/2008|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[04/09/2008|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/09/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
[08/01/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[24/01/2009|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[12/08/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/06/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/01/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GESTAN
[26/02/2009|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[01/03/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[01/03/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[21/03/2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[08/01/2009|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/03/2008|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Laconic Software
[17/01/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[11/05/2009|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/05/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MXPLAY
[26/04/2009|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[29/10/2006|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[10/01/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/01/2009|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
[15/08/2009|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[08/06/2006|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[23/12/2007|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[07/02/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[18/12/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[24/11/2006|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/11/2006|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[14/04/2009|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindSolutions
[08/06/2006|12:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/12/2006|18:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02/02/2008|17:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\Adobe
[13/02/2009|20:16] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ahead
[15/08/2009|14:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\Apple Computer
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Arcsoft
[22/01/2009|20:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\BitDefender
[14/04/2009|15:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTrans
[14/04/2009|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTransPhoto
[07/02/2009|15:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\CyberLink
[21/02/2009|16:33] C:\DOCUME~1\MARIE-~1\APPLIC~1\dvdcss
[13/05/2008|18:04] C:\DOCUME~1\MARIE-~1\APPLIC~1\EoRezo
[11/02/2007|16:24] C:\DOCUME~1\MARIE-~1\APPLIC~1\Google
[15/08/2009|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Help
[04/11/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Hotbar_Icons
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Identities
[14/04/2009|17:09] C:\DOCUME~1\MARIE-~1\APPLIC~1\iLibs
[10/05/2008|10:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\ItsLabel
[11/01/2009|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Jasc Software Inc
[18/10/2006|13:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\Lavasoft
[16/01/2009|15:46] C:\DOCUME~1\MARIE-~1\APPLIC~1\Logitech
[21/11/2006|19:28] C:\DOCUME~1\MARIE-~1\APPLIC~1\Macromedia
[25/08/2009|16:12] C:\DOCUME~1\MARIE-~1\APPLIC~1\Microsoft
[29/08/2008|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Mozilla
[23/04/2009|15:20] C:\DOCUME~1\MARIE-~1\APPLIC~1\MPMAN
[14/06/2008|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\MXPLAY
[08/09/2009|16:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\OpenOffice.org2
[15/01/2009|16:37] C:\DOCUME~1\MARIE-~1\APPLIC~1\Real
[03/02/2009|15:47] C:\DOCUME~1\MARIE-~1\APPLIC~1\Shareaza
[29/03/2007|19:03] C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
[16/06/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Sun
[17/02/2008|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\Talkback
[18/02/2008|18:35] C:\DOCUME~1\MARIE-~1\APPLIC~1\Thunderbird
[09/02/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\TuneUp Software
[18/12/2007|17:18] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ulead Systems
[02/01/2009|16:32] C:\DOCUME~1\MARIE-~1\APPLIC~1\vlc
[24/05/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\Vso
[04/11/2007|18:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\WeatherDPA
[14/04/2009|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\WindSolutions
[29/08/2008|17:33] C:\DOCUME~1\nenette\APPLIC~1\Adobe
[21/04/2009|10:32] C:\DOCUME~1\nenette\APPLIC~1\Apple Computer
[23/01/2009|20:45] C:\DOCUME~1\nenette\APPLIC~1\BitDefender
[06/09/2008|15:41] C:\DOCUME~1\nenette\APPLIC~1\Google
[11/08/2008|18:24] C:\DOCUME~1\nenette\APPLIC~1\Identities
[23/04/2009|20:10] C:\DOCUME~1\nenette\APPLIC~1\Jasc Software Inc
[21/01/2009|19:20] C:\DOCUME~1\nenette\APPLIC~1\Logitech
[11/08/2008|18:30] C:\DOCUME~1\nenette\APPLIC~1\Macromedia
[21/07/2009|16:43] C:\DOCUME~1\nenette\APPLIC~1\Microsoft
[29/08/2008|11:23] C:\DOCUME~1\nenette\APPLIC~1\Mozilla
[07/09/2009|19:33] C:\DOCUME~1\nenette\APPLIC~1\OpenOffice.org2
[21/08/2009|15:37] C:\DOCUME~1\nenette\APPLIC~1\Real
[19/02/2009|18:09] C:\DOCUME~1\nenette\APPLIC~1\Shareaza
[06/09/2008|12:36] C:\DOCUME~1\nenette\APPLIC~1\Sun
[19/02/2009|17:30] C:\DOCUME~1\nenette\APPLIC~1\vlc
[08/06/2006|12:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08/09/2009 16:59][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E846099C-168A-48AE-818E-11C086199B02}.job
[04/09/2009 17:19][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[31/08/2009 13:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/09/2009 16:24][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2008|18:17] C:\Program Files\Adobe
[08/02/2009|18:41] C:\Program Files\Ahead
[27/01/2009|18:32] C:\Program Files\Apple Software Update
[18/02/2008|18:34] C:\Program Files\ArcSoft
[16/02/2009|20:30] C:\Program Files\AskTBar
[14/01/2009|15:07] C:\Program Files\Avanquest update
[22/01/2009|19:57] C:\Program Files\BitDefender
[01/10/2008|16:35] C:\Program Files\Burger Shop
[04/09/2008|18:55] C:\Program Files\Canon
[04/09/2008|18:48] C:\Program Files\CanonBJ
[25/08/2009|16:53] C:\Program Files\Circle Developeent
[08/01/2009|22:02] C:\Program Files\Corel
[02/01/2009|21:55] C:\Program Files\CueClub
[24/01/2009|17:50] C:\Program Files\CyberLink
[01/01/2009|18:33] C:\Program Files\DAMN NFO Viewer
[17/02/2008|17:58] C:\Program Files\DivX
[21/06/2007|19:43] C:\Program Files\DVD Shrink
[17/08/2009|17:11] C:\Program Files\DVDFab 5
[30/04/2009|15:01] C:\Program Files\eChanblard
[04/07/2009|09:05] C:\Program Files\Fichiers communs
[26/02/2009|16:49] C:\Program Files\Google
[13/08/2008|15:08] C:\Program Files\IncrediMail
[15/08/2009|14:26] C:\Program Files\InstallShield Installation Information
[11/12/2006|23:08] C:\Program Files\InstantTouch
[18/12/2007|17:13] C:\Program Files\Intel
[29/08/2009|18:12] C:\Program Files\Internet Explorer
[08/01/2009|21:52] C:\Program Files\Jasc Software Inc
[09/05/2007|14:48] C:\Program Files\Java
[10/07/2008|19:19] C:\Program Files\JoWooD
[17/01/2009|16:03] C:\Program Files\Logitech
[22/11/2006|14:20] C:\Program Files\Macrogaming
[26/01/2008|17:01] C:\Program Files\Magentic
[12/10/2008|14:12] C:\Program Files\Maxis
[31/08/2008|20:35] C:\Program Files\Messenger
[30/08/2009|16:25] C:\Program Files\Messenger Plus! Live
[15/08/2009|14:28] C:\Program Files\Micro Application
[25/08/2009|16:50] C:\Program Files\Microsoft
[09/05/2007|18:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/07/2007|17:18] C:\Program Files\microsoft frontpage
[17/06/2007|18:34] C:\Program Files\Microsoft Games
[23/05/2009|10:24] C:\Program Files\Microsoft Office
[25/08/2009|16:50] C:\Program Files\Microsoft Office Outlook Connector
[31/07/2009|16:57] C:\Program Files\Microsoft Silverlight
[25/08/2009|16:48] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2009|16:49] C:\Program Files\Microsoft Sync Framework
[08/07/2007|17:21] C:\Program Files\Microsoft Works
[08/07/2007|17:09] C:\Program Files\Microsoft Works Suite 2000
[13/05/2009|15:23] C:\Program Files\Microsoft.NET
[06/11/2008|22:25] C:\Program Files\Mots Croises Pro
[01/11/2008|18:34] C:\Program Files\Movie Maker
[08/09/2009|16:29] C:\Program Files\Mozilla Firefox
[10/08/2009|10:20] C:\Program Files\MSBuild
[28/03/2007|15:44] C:\Program Files\MSECache
[30/08/2008|16:38] C:\Program Files\msn
[08/06/2006|12:13] C:\Program Files\MSN Gaming Zone
[12/11/2008|08:58] C:\Program Files\MSXML 4.0
[07/09/2009|18:16] C:\Program Files\Navilog1
[30/08/2008|16:26] C:\Program Files\NetMeeting
[29/10/2006|16:32] C:\Program Files\OLYMPUS
[08/06/2006|18:00] C:\Program Files\OpenOffice.org 2.0
[13/08/2009|18:59] C:\Program Files\Outlook Express
[25/12/2007|18:43] C:\Program Files\Picasa2
[11/11/2008|18:04] C:\Program Files\PopCap Games
[27/01/2009|18:24] C:\Program Files\QuickTime
[08/01/2009|22:02] C:\Program Files\Real
[08/06/2006|13:01] C:\Program Files\Realtek AC97
[10/08/2009|10:20] C:\Program Files\Reference Assemblies
[08/06/2006|13:00] C:\Program Files\S3
[06/12/2008|21:09] C:\Program Files\ScreenMates
[12/07/2008|13:09] C:\Program Files\Seagrand
[03/02/2009|15:48] C:\Program Files\Shareaza
[13/01/2009|23:44] C:\Program Files\ShoppingReport
[08/06/2006|18:21] C:\Program Files\Spybot - Search & Destroy
[11/01/2009|17:33] C:\Program Files\SuperCopier2
[16/08/2009|10:29] C:\Program Files\Techcity
[24/08/2009|20:41] C:\Program Files\TuneUp Utilities 2008
[02/01/2009|18:15] C:\Program Files\UltraISO
[30/08/2008|16:57] C:\Program Files\Uninstall Information
[01/01/2009|19:11] C:\Program Files\VideoLAN
[11/04/2009|15:26] C:\Program Files\Virtools
[25/02/2009|16:36] C:\Program Files\vso
[25/02/2009|16:35] C:\Program Files\WinAVI VideoConverter
[25/08/2009|16:50] C:\Program Files\Windows Live
[07/12/2006|22:46] C:\Program Files\Windows Live Safety Center
[10/05/2009|14:48] C:\Program Files\Windows Live SkyDrive
[10/05/2009|14:52] C:\Program Files\Windows Live Toolbar
[18/12/2007|16:36] C:\Program Files\Windows Media Components
[18/02/2007|19:14] C:\Program Files\Windows Media Connect 2
[30/08/2008|16:25] C:\Program Files\Windows Media Player
[01/10/2008|18:31] C:\Program Files\Windows NT
[14/04/2009|16:51] C:\Program Files\WindSolutions
[01/01/2009|19:17] C:\Program Files\WinRAR
[08/06/2006|12:18] C:\Program Files\xerox
[10/07/2008|16:37] C:\Program Files\XP Codec Pack
[18/12/2007|17:08] C:\Program Files\XviD
[27/06/2007|14:53] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/11/2008|18:17] C:\Program Files\Fichiers communs\Adobe
[08/02/2009|18:37] C:\Program Files\Fichiers communs\Ahead
[21/04/2009|20:39] C:\Program Files\Fichiers communs\Apple
[24/04/2009|16:11] C:\Program Files\Fichiers communs\AVSMedia
[22/01/2009|19:57] C:\Program Files\Fichiers communs\BitDefender
[13/05/2009|15:24] C:\Program Files\Fichiers communs\DESIGNER
[27/01/2007|19:45] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[02/01/2009|18:15] C:\Program Files\Fichiers communs\EZB Systems
[18/12/2007|16:35] C:\Program Files\Fichiers communs\InstallShield
[08/01/2009|21:53] C:\Program Files\Fichiers communs\Jasc Software Inc
[09/05/2007|14:47] C:\Program Files\Fichiers communs\Java
[17/01/2009|16:04] C:\Program Files\Fichiers communs\Logitech
[20/05/2009|07:44] C:\Program Files\Fichiers communs\Microsoft Shared
[08/06/2006|12:15] C:\Program Files\Fichiers communs\MSSoap
[08/02/2009|18:39] C:\Program Files\Fichiers communs\Nero
[08/06/2006|14:02] C:\Program Files\Fichiers communs\ODBC
[08/01/2009|21:57] C:\Program Files\Fichiers communs\PC SOFT
[01/01/2009|18:44] C:\Program Files\Fichiers communs\Real
[08/06/2006|12:15] C:\Program Files\Fichiers communs\Services
[06/01/2009|18:24] C:\Program Files\Fichiers communs\Sony Shared
[08/06/2006|14:02] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2009|16:50] C:\Program Files\Fichiers communs\System
[18/12/2007|16:35] C:\Program Files\Fichiers communs\Ulead Systems
[10/05/2009|14:36] C:\Program Files\Fichiers communs\Windows Live
[01/01/2009|18:34] C:\Program Files\Fichiers communs\Wise Installation Wizard
[01/01/2009|18:44] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 46 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 17:03:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
C:\PROGRA~1\FICHIE~1\DriveCleaner 2006 Free
[F:3][D:6]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp
[F:129][D:0]-> C:\DOCUME~1\MARIE-~1\Cookies
[F:13889][D:37]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08/09/2009|16:44 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/09/2009|17:05 - Option : [2]
--------------------\\ Fin du rapport a 17:05:44
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08/09/2009|16:59 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\New Wait.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Safe Great.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\cramdtyx.exe
Echec ! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\mlbmbipl.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\More curb glue.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\OozeMovePlusPop.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\user else owns.exe
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1\yxyapnox.exe
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@www.adserver5[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@advertising[1].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@partypoker[1].txt
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@888[2].txt
Supprime! - C:\WINDOWS\Tasks\A94E0CFD918584CD.job
Supprime! - C:\WINDOWS\Tasks\AAED273A9102A27E.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Echec ! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1
Supprime! - C:\Program Files\freeby~1
Supprime! - C:\Program Files\MultiMedia France Toolbar
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE
Supprime! - C:\DOCUME~1\nenette\APPLIC~1\freeby~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[08/06/2006|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[13/04/2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[06/11/2008|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/01/2009|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[23/07/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[27/01/2009|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[19/04/2009|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[02/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
[22/01/2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[23/05/2007|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[10/08/2008|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[04/09/2008|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/09/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
[08/01/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[24/01/2009|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[12/08/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[21/06/2007|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/01/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GESTAN
[26/02/2009|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/11/2007|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[01/03/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[01/03/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[21/03/2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[08/01/2009|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/03/2008|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Laconic Software
[17/01/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[11/05/2009|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/05/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MXPLAY
[26/04/2009|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[29/10/2006|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[10/01/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/01/2009|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
[15/08/2009|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[08/06/2006|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/01/2009|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[23/12/2007|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[07/02/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[18/12/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[24/11/2006|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/11/2006|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[14/04/2009|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindSolutions
[08/06/2006|12:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/12/2006|18:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02/02/2008|17:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\Adobe
[13/02/2009|20:16] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ahead
[15/08/2009|14:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\Apple Computer
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Arcsoft
[22/01/2009|20:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\BitDefender
[14/04/2009|15:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTrans
[14/04/2009|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\CopyTransPhoto
[07/02/2009|15:52] C:\DOCUME~1\MARIE-~1\APPLIC~1\CyberLink
[21/02/2009|16:33] C:\DOCUME~1\MARIE-~1\APPLIC~1\dvdcss
[13/05/2008|18:04] C:\DOCUME~1\MARIE-~1\APPLIC~1\EoRezo
[11/02/2007|16:24] C:\DOCUME~1\MARIE-~1\APPLIC~1\Google
[15/08/2009|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Help
[04/11/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Hotbar_Icons
[18/02/2008|18:34] C:\DOCUME~1\MARIE-~1\APPLIC~1\Identities
[14/04/2009|17:09] C:\DOCUME~1\MARIE-~1\APPLIC~1\iLibs
[10/05/2008|10:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\ItsLabel
[11/01/2009|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Jasc Software Inc
[18/10/2006|13:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\Lavasoft
[16/01/2009|15:46] C:\DOCUME~1\MARIE-~1\APPLIC~1\Logitech
[21/11/2006|19:28] C:\DOCUME~1\MARIE-~1\APPLIC~1\Macromedia
[25/08/2009|16:12] C:\DOCUME~1\MARIE-~1\APPLIC~1\Microsoft
[29/08/2008|17:44] C:\DOCUME~1\MARIE-~1\APPLIC~1\Mozilla
[23/04/2009|15:20] C:\DOCUME~1\MARIE-~1\APPLIC~1\MPMAN
[14/06/2008|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\MXPLAY
[08/09/2009|16:25] C:\DOCUME~1\MARIE-~1\APPLIC~1\OpenOffice.org2
[15/01/2009|16:37] C:\DOCUME~1\MARIE-~1\APPLIC~1\Real
[03/02/2009|15:47] C:\DOCUME~1\MARIE-~1\APPLIC~1\Shareaza
[29/03/2007|19:03] C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
[16/06/2007|15:17] C:\DOCUME~1\MARIE-~1\APPLIC~1\Sun
[17/02/2008|17:01] C:\DOCUME~1\MARIE-~1\APPLIC~1\Talkback
[18/02/2008|18:35] C:\DOCUME~1\MARIE-~1\APPLIC~1\Thunderbird
[09/02/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\TuneUp Software
[18/12/2007|17:18] C:\DOCUME~1\MARIE-~1\APPLIC~1\Ulead Systems
[02/01/2009|16:32] C:\DOCUME~1\MARIE-~1\APPLIC~1\vlc
[24/05/2009|16:14] C:\DOCUME~1\MARIE-~1\APPLIC~1\Vso
[04/11/2007|18:26] C:\DOCUME~1\MARIE-~1\APPLIC~1\WeatherDPA
[14/04/2009|17:10] C:\DOCUME~1\MARIE-~1\APPLIC~1\WindSolutions
[29/08/2008|17:33] C:\DOCUME~1\nenette\APPLIC~1\Adobe
[21/04/2009|10:32] C:\DOCUME~1\nenette\APPLIC~1\Apple Computer
[23/01/2009|20:45] C:\DOCUME~1\nenette\APPLIC~1\BitDefender
[06/09/2008|15:41] C:\DOCUME~1\nenette\APPLIC~1\Google
[11/08/2008|18:24] C:\DOCUME~1\nenette\APPLIC~1\Identities
[23/04/2009|20:10] C:\DOCUME~1\nenette\APPLIC~1\Jasc Software Inc
[21/01/2009|19:20] C:\DOCUME~1\nenette\APPLIC~1\Logitech
[11/08/2008|18:30] C:\DOCUME~1\nenette\APPLIC~1\Macromedia
[21/07/2009|16:43] C:\DOCUME~1\nenette\APPLIC~1\Microsoft
[29/08/2008|11:23] C:\DOCUME~1\nenette\APPLIC~1\Mozilla
[07/09/2009|19:33] C:\DOCUME~1\nenette\APPLIC~1\OpenOffice.org2
[21/08/2009|15:37] C:\DOCUME~1\nenette\APPLIC~1\Real
[19/02/2009|18:09] C:\DOCUME~1\nenette\APPLIC~1\Shareaza
[06/09/2008|12:36] C:\DOCUME~1\nenette\APPLIC~1\Sun
[19/02/2009|17:30] C:\DOCUME~1\nenette\APPLIC~1\vlc
[08/06/2006|12:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08/09/2009 16:59][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E846099C-168A-48AE-818E-11C086199B02}.job
[04/09/2009 17:19][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[31/08/2009 13:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/09/2009 16:24][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[06/11/2008|18:17] C:\Program Files\Adobe
[08/02/2009|18:41] C:\Program Files\Ahead
[27/01/2009|18:32] C:\Program Files\Apple Software Update
[18/02/2008|18:34] C:\Program Files\ArcSoft
[16/02/2009|20:30] C:\Program Files\AskTBar
[14/01/2009|15:07] C:\Program Files\Avanquest update
[22/01/2009|19:57] C:\Program Files\BitDefender
[01/10/2008|16:35] C:\Program Files\Burger Shop
[04/09/2008|18:55] C:\Program Files\Canon
[04/09/2008|18:48] C:\Program Files\CanonBJ
[25/08/2009|16:53] C:\Program Files\Circle Developeent
[08/01/2009|22:02] C:\Program Files\Corel
[02/01/2009|21:55] C:\Program Files\CueClub
[24/01/2009|17:50] C:\Program Files\CyberLink
[01/01/2009|18:33] C:\Program Files\DAMN NFO Viewer
[17/02/2008|17:58] C:\Program Files\DivX
[21/06/2007|19:43] C:\Program Files\DVD Shrink
[17/08/2009|17:11] C:\Program Files\DVDFab 5
[30/04/2009|15:01] C:\Program Files\eChanblard
[04/07/2009|09:05] C:\Program Files\Fichiers communs
[26/02/2009|16:49] C:\Program Files\Google
[13/08/2008|15:08] C:\Program Files\IncrediMail
[15/08/2009|14:26] C:\Program Files\InstallShield Installation Information
[11/12/2006|23:08] C:\Program Files\InstantTouch
[18/12/2007|17:13] C:\Program Files\Intel
[29/08/2009|18:12] C:\Program Files\Internet Explorer
[08/01/2009|21:52] C:\Program Files\Jasc Software Inc
[09/05/2007|14:48] C:\Program Files\Java
[10/07/2008|19:19] C:\Program Files\JoWooD
[17/01/2009|16:03] C:\Program Files\Logitech
[22/11/2006|14:20] C:\Program Files\Macrogaming
[26/01/2008|17:01] C:\Program Files\Magentic
[12/10/2008|14:12] C:\Program Files\Maxis
[31/08/2008|20:35] C:\Program Files\Messenger
[30/08/2009|16:25] C:\Program Files\Messenger Plus! Live
[15/08/2009|14:28] C:\Program Files\Micro Application
[25/08/2009|16:50] C:\Program Files\Microsoft
[09/05/2007|18:05] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/07/2007|17:18] C:\Program Files\microsoft frontpage
[17/06/2007|18:34] C:\Program Files\Microsoft Games
[23/05/2009|10:24] C:\Program Files\Microsoft Office
[25/08/2009|16:50] C:\Program Files\Microsoft Office Outlook Connector
[31/07/2009|16:57] C:\Program Files\Microsoft Silverlight
[25/08/2009|16:48] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2009|16:49] C:\Program Files\Microsoft Sync Framework
[08/07/2007|17:21] C:\Program Files\Microsoft Works
[08/07/2007|17:09] C:\Program Files\Microsoft Works Suite 2000
[13/05/2009|15:23] C:\Program Files\Microsoft.NET
[06/11/2008|22:25] C:\Program Files\Mots Croises Pro
[01/11/2008|18:34] C:\Program Files\Movie Maker
[08/09/2009|16:29] C:\Program Files\Mozilla Firefox
[10/08/2009|10:20] C:\Program Files\MSBuild
[28/03/2007|15:44] C:\Program Files\MSECache
[30/08/2008|16:38] C:\Program Files\msn
[08/06/2006|12:13] C:\Program Files\MSN Gaming Zone
[12/11/2008|08:58] C:\Program Files\MSXML 4.0
[07/09/2009|18:16] C:\Program Files\Navilog1
[30/08/2008|16:26] C:\Program Files\NetMeeting
[29/10/2006|16:32] C:\Program Files\OLYMPUS
[08/06/2006|18:00] C:\Program Files\OpenOffice.org 2.0
[13/08/2009|18:59] C:\Program Files\Outlook Express
[25/12/2007|18:43] C:\Program Files\Picasa2
[11/11/2008|18:04] C:\Program Files\PopCap Games
[27/01/2009|18:24] C:\Program Files\QuickTime
[08/01/2009|22:02] C:\Program Files\Real
[08/06/2006|13:01] C:\Program Files\Realtek AC97
[10/08/2009|10:20] C:\Program Files\Reference Assemblies
[08/06/2006|13:00] C:\Program Files\S3
[06/12/2008|21:09] C:\Program Files\ScreenMates
[12/07/2008|13:09] C:\Program Files\Seagrand
[03/02/2009|15:48] C:\Program Files\Shareaza
[13/01/2009|23:44] C:\Program Files\ShoppingReport
[08/06/2006|18:21] C:\Program Files\Spybot - Search & Destroy
[11/01/2009|17:33] C:\Program Files\SuperCopier2
[16/08/2009|10:29] C:\Program Files\Techcity
[24/08/2009|20:41] C:\Program Files\TuneUp Utilities 2008
[02/01/2009|18:15] C:\Program Files\UltraISO
[30/08/2008|16:57] C:\Program Files\Uninstall Information
[01/01/2009|19:11] C:\Program Files\VideoLAN
[11/04/2009|15:26] C:\Program Files\Virtools
[25/02/2009|16:36] C:\Program Files\vso
[25/02/2009|16:35] C:\Program Files\WinAVI VideoConverter
[25/08/2009|16:50] C:\Program Files\Windows Live
[07/12/2006|22:46] C:\Program Files\Windows Live Safety Center
[10/05/2009|14:48] C:\Program Files\Windows Live SkyDrive
[10/05/2009|14:52] C:\Program Files\Windows Live Toolbar
[18/12/2007|16:36] C:\Program Files\Windows Media Components
[18/02/2007|19:14] C:\Program Files\Windows Media Connect 2
[30/08/2008|16:25] C:\Program Files\Windows Media Player
[01/10/2008|18:31] C:\Program Files\Windows NT
[14/04/2009|16:51] C:\Program Files\WindSolutions
[01/01/2009|19:17] C:\Program Files\WinRAR
[08/06/2006|12:18] C:\Program Files\xerox
[10/07/2008|16:37] C:\Program Files\XP Codec Pack
[18/12/2007|17:08] C:\Program Files\XviD
[27/06/2007|14:53] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/11/2008|18:17] C:\Program Files\Fichiers communs\Adobe
[08/02/2009|18:37] C:\Program Files\Fichiers communs\Ahead
[21/04/2009|20:39] C:\Program Files\Fichiers communs\Apple
[24/04/2009|16:11] C:\Program Files\Fichiers communs\AVSMedia
[22/01/2009|19:57] C:\Program Files\Fichiers communs\BitDefender
[13/05/2009|15:24] C:\Program Files\Fichiers communs\DESIGNER
[27/01/2007|19:45] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[02/01/2009|18:15] C:\Program Files\Fichiers communs\EZB Systems
[18/12/2007|16:35] C:\Program Files\Fichiers communs\InstallShield
[08/01/2009|21:53] C:\Program Files\Fichiers communs\Jasc Software Inc
[09/05/2007|14:47] C:\Program Files\Fichiers communs\Java
[17/01/2009|16:04] C:\Program Files\Fichiers communs\Logitech
[20/05/2009|07:44] C:\Program Files\Fichiers communs\Microsoft Shared
[08/06/2006|12:15] C:\Program Files\Fichiers communs\MSSoap
[08/02/2009|18:39] C:\Program Files\Fichiers communs\Nero
[08/06/2006|14:02] C:\Program Files\Fichiers communs\ODBC
[08/01/2009|21:57] C:\Program Files\Fichiers communs\PC SOFT
[01/01/2009|18:44] C:\Program Files\Fichiers communs\Real
[08/06/2006|12:15] C:\Program Files\Fichiers communs\Services
[06/01/2009|18:24] C:\Program Files\Fichiers communs\Sony Shared
[08/06/2006|14:02] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2009|16:50] C:\Program Files\Fichiers communs\System
[18/12/2007|16:35] C:\Program Files\Fichiers communs\Ulead Systems
[10/05/2009|14:36] C:\Program Files\Fichiers communs\Windows Live
[01/01/2009|18:34] C:\Program Files\Fichiers communs\Wise Installation Wizard
[01/01/2009|18:44] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 46 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 17:03:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\MARIE-~1\APPLIC~1\Starware322
C:\PROGRA~1\FICHIE~1\DriveCleaner 2006 Free
[F:3][D:6]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp
[F:129][D:0]-> C:\DOCUME~1\MARIE-~1\Cookies
[F:13889][D:37]-> C:\DOCUME~1\MARIE-~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08/09/2009|16:44 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/09/2009|17:05 - Option : [2]
--------------------\\ Fin du rapport a 17:05:44
et voici le rapport hithjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:08:55, on 08/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:08:55, on 08/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Télécharge AD Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
Désactive l'anti-virus
Déconnecte toi et ferme toutes les applications en cours
Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
Au menu principal choisi l'option L
Poste le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
Désactive l'anti-virus
Déconnecte toi et ferme toutes les applications en cours
Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
Au menu principal choisi l'option L
Poste le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall
non suis pas partie mais très long le scan dont voici le rapport:
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_U | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 07/09/2009 à 8:30 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 17:25:21, 08/09/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: MASSE-F128E4B08 | Utilisateur actuel: Marie-Claude
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCU\Software\EoRezo
HKCU\Software\ItsLabel
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\SWEETIE
HKLM\Software\Classes\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}
HKLM\Software\Classes\CLSID\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Classes\coresrv.coreservices
HKLM\Software\Classes\coresrv.coreservices.1
HKLM\Software\Classes\coresrv.lfgax
HKLM\Software\Classes\coresrv.lfgax.1
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\hbmain.commband
HKLM\Software\Classes\hbmain.commband.1
HKLM\Software\Classes\hbr.hbmain
HKLM\Software\Classes\hbr.hbmain.1
HKLM\Software\Classes\hostie.bho
HKLM\Software\Classes\hostol.mailanim
HKLM\Software\Classes\hostol.mailanim.1
HKLM\Software\Classes\hostol.webmailsend
HKLM\Software\Classes\hostol.webmailsend.1
HKLM\Software\Classes\HotbarAX.UserProfiles
HKLM\Software\Classes\HotbarAX.UserProfiles.1
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\srv.coreservices
HKLM\Software\Classes\srv.coreservices.1
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SWEETIE.SWEETIE
HKLM\Software\Classes\SWEETIE.SWEETIE.1
HKLM\Software\Classes\ToolBand.SWEETIE
HKLM\Software\Classes\ToolBand.SWEETIE.1
HKLM\Software\Classes\toolbar.htmlmenuui
HKLM\Software\Classes\toolbar.htmlmenuui.1
HKLM\Software\Classes\toolbar.toolbarctl
HKLM\Software\Classes\toolbar.toolbarctl.1
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\EoRezo
HKLM\Software\ItsLabel
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\ShoppingReport
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{07AA283A-43D7-4CBE-A064-32A21112D94D}
HKLM\Software\Classes\CLSID\{68354AD6-AC7E-4fe3-A19B-8F8E70AB4252}
HKLM\Software\Classes\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}
HKLM\Software\Classes\CLSID\{D10C4DB6-CB02-40f4-88EE-C0B64C02ADFC}
HKLM\Software\Classes\CLSID\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\CLSID\{FE063DBB-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\TypeLib\{08755390-F46D-4D09-968C-3430166B3189}
HKLM\Software\Classes\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}
HKLM\Software\Classes\TypeLib\{0923208C-E259-4ED5-A778-CB607DA350AD}
HKLM\Software\Classes\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}
HKLM\Software\Classes\TypeLib\{B0F1F251-79BD-4AC5-BDB6-383379E50CB3}
HKLM\Software\Classes\TypeLib\{C23FA5A4-1FEA-419F-8B14-F7465DF062BC}
HKLM\Software\Classes\TypeLib\{CCC6E232-AA4C-4813-A019-9C14B27776B6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\db
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoClock.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoClockval.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoClockVal_2AAB2F6.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\EoWeather.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\67_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\67_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\69_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\69_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\70_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\70_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\78_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\78_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\82_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\82_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\83_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\83_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\84_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\84_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\85_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\85_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\89_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\89_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\back.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_1.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_1days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_2days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_7days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\backPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\band.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\band_small.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\close.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\closePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\earth.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\fonds_écran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\help.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\minimise.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\next.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\option.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\small_background.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\about.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\back.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\close.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_écran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\help.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\next.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\option.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\towns.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Marie-Claude\Application Data\ItsLabel
C:\Documents and Settings\Marie-Claude\Application Data\ItsLabel\ItsTV
C:\Documents and Settings\Marie-Claude\Application Data\ItsLabel\ItsTV\itsTV.xml
C:\Documents and Settings\Marie-Claude\Application Data\WeatherDPA
C:\Documents and Settings\Marie-Claude\Application Data\WeatherDPA\Weather
C:\Documents and Settings\Marie-Claude\Application Data\WeatherDPA\Weather\log.txt
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\bar\Cache
C:\Program Files\AskTBar\bar\Cache\000B265E.bin
C:\Program Files\AskTBar\bar\Cache\000B2EBB.bin
C:\Program Files\AskTBar\bar\Cache\000B318A.bin
C:\Program Files\AskTBar\bar\Cache\02225AA3.bin
C:\Program Files\AskTBar\bar\Cache\023D2334
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\glaude.17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\glaude.17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\glaude.17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\massjero@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\massjero@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\massjero@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptite.elina@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\ptite.elina@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptite.elina@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptitlyonnaisdu17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\ptitlyonnaisdu17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptitlyonnaisdu17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\streissy@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\streissy@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\streissy@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tennis_17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\tennis_17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tennis_17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100BD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100BE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100C1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100C6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100DA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100F9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100FA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010101.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010104.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010105.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010106.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010107.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010108.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010109.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001010C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001010E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010119.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001011F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010122.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010123.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010814.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010816.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010818.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010819.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001083F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010841.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010843.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010844.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010845.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010846.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010848.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010850.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010852.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010853.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010854.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010856.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010857.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010861.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010862.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010863.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010865.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010868.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001086C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001086E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010870.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010871.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010879.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001087A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010882.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010883.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010887.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010889.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010890.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010891.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010892.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010893.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010895.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010897.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010898.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108B4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108BE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108E0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010904.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001091C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002005C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020069.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020072.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020073.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020076.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020078.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020079.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020082.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002008A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020092.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020096.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002009A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002009E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200AC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200B8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200BF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200ED.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020109.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002010C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020114.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020117.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020118.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020119.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002011B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020125.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002012C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002012E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020132.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020134.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020138.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020139.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002013D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002013F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020142.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020145.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002014E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002014F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020158.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020159.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002015B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002015C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020167.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020171.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002017B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002018E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201D8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201F6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020201.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020239.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030003.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030009.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003000D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003000F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030011.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030013.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030017.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030019.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003001B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003001D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003001F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030023.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030025.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030029.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030031.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003003B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030042.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030043.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030047.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003004C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030057.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030061.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030068.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000300A1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000300A2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000300B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040014.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040015.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040017.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004001D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004001E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004001F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040021.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040022.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040028.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040035.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040036.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040039.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040042.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040045.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040046.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040050.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040051.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040059.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040060.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040064.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040065.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040067.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040068.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040069.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004006F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040072.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040076.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040078.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040079.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040081.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040083.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040084.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004008F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040090.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040097.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004009B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004009F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400BC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400DB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006001F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060026.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006002D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006003F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060042.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060052.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060064.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060081.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060087.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060096.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006009A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600AF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600DA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060137.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000601B4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0008001A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0008001B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00080027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\010108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01030046.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01030047.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\logs
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnProt.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\resources
C:\Program Files\Macrogaming\SweetIM\resources\gdiplus.dll
C:\Program Files\Macrogaming\SweetIM\resources\ImageOle.dll
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIM\update
C:\Program Files\Macrogaming\SweetIM\update\lastversioninfo.xml
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\eec75c2bc0eb13d9bc317ee99170020c.xml
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Bin
C:\Program Files\ShoppingReport\Bin\2.0.24
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.2 *
.
Nom du profil: tis8kcs1.default (Marie-Claude)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Live Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Google");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.ustart.org/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.2");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: Window Title
Search Page: hxxp://www.google.com
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
49076 Octet(s) - C:\Ad-Report-CLEAN.log
.
2 Fichier(s) - C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
17 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
33 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 17:53:18 | 08/09/2009
.
============== E.O.F ==============
.
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_U | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 07/09/2009 à 8:30 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 17:25:21, 08/09/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: MASSE-F128E4B08 | Utilisateur actuel: Marie-Claude
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCU\Software\EoRezo
HKCU\Software\ItsLabel
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\SWEETIE
HKLM\Software\Classes\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}
HKLM\Software\Classes\CLSID\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
HKLM\Software\Classes\CLSID\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Classes\coresrv.coreservices
HKLM\Software\Classes\coresrv.coreservices.1
HKLM\Software\Classes\coresrv.lfgax
HKLM\Software\Classes\coresrv.lfgax.1
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\hbmain.commband
HKLM\Software\Classes\hbmain.commband.1
HKLM\Software\Classes\hbr.hbmain
HKLM\Software\Classes\hbr.hbmain.1
HKLM\Software\Classes\hostie.bho
HKLM\Software\Classes\hostol.mailanim
HKLM\Software\Classes\hostol.mailanim.1
HKLM\Software\Classes\hostol.webmailsend
HKLM\Software\Classes\hostol.webmailsend.1
HKLM\Software\Classes\HotbarAX.UserProfiles
HKLM\Software\Classes\HotbarAX.UserProfiles.1
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\srv.coreservices
HKLM\Software\Classes\srv.coreservices.1
HKLM\Software\Classes\SWEETIE.IEToolbar
HKLM\Software\Classes\SWEETIE.IEToolbar.1
HKLM\Software\Classes\SWEETIE.SWEETIE
HKLM\Software\Classes\SWEETIE.SWEETIE.1
HKLM\Software\Classes\ToolBand.SWEETIE
HKLM\Software\Classes\ToolBand.SWEETIE.1
HKLM\Software\Classes\toolbar.htmlmenuui
HKLM\Software\Classes\toolbar.htmlmenuui.1
HKLM\Software\Classes\toolbar.toolbarctl
HKLM\Software\Classes\toolbar.toolbarctl.1
HKLM\Software\Classes\TypeLib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\EoRezo
HKLM\Software\ItsLabel
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\ShoppingReport
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{07AA283A-43D7-4CBE-A064-32A21112D94D}
HKLM\Software\Classes\CLSID\{68354AD6-AC7E-4fe3-A19B-8F8E70AB4252}
HKLM\Software\Classes\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}
HKLM\Software\Classes\CLSID\{D10C4DB6-CB02-40f4-88EE-C0B64C02ADFC}
HKLM\Software\Classes\CLSID\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\CLSID\{FE063DBB-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\TypeLib\{08755390-F46D-4D09-968C-3430166B3189}
HKLM\Software\Classes\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}
HKLM\Software\Classes\TypeLib\{0923208C-E259-4ED5-A778-CB607DA350AD}
HKLM\Software\Classes\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}
HKLM\Software\Classes\TypeLib\{B0F1F251-79BD-4AC5-BDB6-383379E50CB3}
HKLM\Software\Classes\TypeLib\{C23FA5A4-1FEA-419F-8B14-F7465DF062BC}
HKLM\Software\Classes\TypeLib\{CCC6E232-AA4C-4813-A019-9C14B27776B6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\db
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoClock.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoClockval.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoClockVal_2AAB2F6.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\EoWeather.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\67_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\67_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\69_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\69_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\70_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\70_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\78_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\78_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\82_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\82_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\83_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\83_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\84_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\84_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\85_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\85_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\89_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\89_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\back.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_1.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_1days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_2days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\background_7days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\backPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\band.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\band_small.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\close.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\closePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\earth.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\fonds_écran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\help.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\minimise.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\next.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\option.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\small_background.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\about.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\back.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\close.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_écran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\help.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\next.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\option.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\towns.cfg
C:\Documents and Settings\Marie-Claude\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Marie-Claude\Application Data\ItsLabel
C:\Documents and Settings\Marie-Claude\Application Data\ItsLabel\ItsTV
C:\Documents and Settings\Marie-Claude\Application Data\ItsLabel\ItsTV\itsTV.xml
C:\Documents and Settings\Marie-Claude\Application Data\WeatherDPA
C:\Documents and Settings\Marie-Claude\Application Data\WeatherDPA\Weather
C:\Documents and Settings\Marie-Claude\Application Data\WeatherDPA\Weather\log.txt
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\bar\Cache
C:\Program Files\AskTBar\bar\Cache\000B265E.bin
C:\Program Files\AskTBar\bar\Cache\000B2EBB.bin
C:\Program Files\AskTBar\bar\Cache\000B318A.bin
C:\Program Files\AskTBar\bar\Cache\02225AA3.bin
C:\Program Files\AskTBar\bar\Cache\023D2334
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\cam-mas@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\glaude.17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\glaude.17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\glaude.17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\marienette2426@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\massjero@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\massjero@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\massjero@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\philippemarieclaude@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptite.elina@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\ptite.elina@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptite.elina@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptitlyonnaisdu17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\ptitlyonnaisdu17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ptitlyonnaisdu17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\simoncollins@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\streissy@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\streissy@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\streissy@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tennis_17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\tennis_17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tennis_17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\ti-tim-17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_Emoticons.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\tim-17@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr\content_update_notification.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\xmika.a17x@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100BD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100BE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100C1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100C6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100DA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100F9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100FA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010101.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010104.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010105.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010106.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010107.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010108.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010109.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001010C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001010E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010119.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001011F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010122.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010123.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010814.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010816.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010818.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010819.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001083F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010841.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010843.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010844.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010845.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010846.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010848.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001084F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010850.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010852.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010853.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010854.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010856.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010857.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010861.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010862.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010863.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010865.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010868.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001086C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001086E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010870.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010871.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010879.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001087A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010882.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010883.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010887.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010889.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010890.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010891.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010892.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010893.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010895.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010897.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010898.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108B4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108BE.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108E0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010904.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001091C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002005C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020069.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020072.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020073.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020076.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020078.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020079.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020082.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002008A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020092.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020096.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002009A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002009E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200AC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200B8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200BF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000200ED.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020109.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002010C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020114.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020117.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020118.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020119.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002011B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020125.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002012C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002012E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020132.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020134.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020138.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020139.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002013D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002013F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020142.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020145.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002014E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002014F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020158.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020159.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002015B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002015C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020167.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020171.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002017B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002018E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201D8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201F6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020201.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020239.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030003.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030009.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003000D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003000F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030011.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030013.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030017.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030019.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003001B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003001D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003001F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030023.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030025.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030029.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030031.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003003B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030042.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030043.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030047.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003004C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030057.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030061.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030068.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000300A1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000300A2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000300B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040014.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040015.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040017.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004001D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004001E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004001F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040021.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040022.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040028.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040035.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040036.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040039.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040042.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040045.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040046.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004004E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040050.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040051.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040059.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040060.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040064.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040065.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040067.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040068.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040069.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004006F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040072.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040076.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040078.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040079.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040081.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040083.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040084.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004008F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040090.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040097.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004009B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004009F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400A3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400BC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400DB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006001F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060026.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006002D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006003F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060042.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060052.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060064.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006006E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060071.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060074.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006007F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060081.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060087.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060096.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0006009A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600AF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600B5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600BB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600DA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060137.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000601B4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0008001A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0008001B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00080027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\010108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01030046.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01030047.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\logs
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnProt.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\resources
C:\Program Files\Macrogaming\SweetIM\resources\gdiplus.dll
C:\Program Files\Macrogaming\SweetIM\resources\ImageOle.dll
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIM\update
C:\Program Files\Macrogaming\SweetIM\update\lastversioninfo.xml
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\eec75c2bc0eb13d9bc317ee99170020c.xml
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Bin
C:\Program Files\ShoppingReport\Bin\2.0.24
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.2 *
.
Nom du profil: tis8kcs1.default (Marie-Claude)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Live Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Google");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.ustart.org/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.2");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: Window Title
Search Page: hxxp://www.google.com
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
49076 Octet(s) - C:\Ad-Report-CLEAN.log
.
2 Fichier(s) - C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
17 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
33 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 17:53:18 | 08/09/2009
.
============== E.O.F ==============
.
EH bien, ton PC était bourré de cochonneries, AD Remover a bien bossé
évite tous ces programmes
Shopping Repport
Eorézo et Eoengine
Hot bar
SweetiM, et Swetie
Les toolbars, c'est pas obligatoire
Je vais te donner ceci en passant, c'est à lire
https://forum.malekal.com/viewtopic.php?f=45&t=6173
refait moi un Hijackthis
évite tous ces programmes
Shopping Repport
Eorézo et Eoengine
Hot bar
SweetiM, et Swetie
Les toolbars, c'est pas obligatoire
Je vais te donner ceci en passant, c'est à lire
https://forum.malekal.com/viewtopic.php?f=45&t=6173
refait moi un Hijackthis
bonjour,tu m'as demandé un hijackthis hier,pourtant il me semblait en avoir envoyé un,c'est pas grave,je t'envoie un autre rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:39, on 09/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Window Title
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:39, on 09/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Window Title
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Bonjour glaude 1717,
Pour information comme nathandre n'est pas encore là :
Définition d'un rogue
Un rogue est un faux logiciel de protection qui prétend que votre ordi est infecté, (fausses) preuves à l'appui.
L'erreur à ne jamais faire, c'est de l'acheter en pensant que vous serez bien protégé car
vous serez surpris en voyant la somme qui vous sera déduit sur votre carte de crédit.
Cela peut aller jusqu'à plusieurs centaines d'euros.
Il peut s'attraper en cliquant sur des publicités qui circulent sur certains sites et aussi
si vous téléchargez des fichiers avec des logiciels P2P.
Pour information comme nathandre n'est pas encore là :
Définition d'un rogue
Un rogue est un faux logiciel de protection qui prétend que votre ordi est infecté, (fausses) preuves à l'appui.
L'erreur à ne jamais faire, c'est de l'acheter en pensant que vous serez bien protégé car
vous serez surpris en voyant la somme qui vous sera déduit sur votre carte de crédit.
Cela peut aller jusqu'à plusieurs centaines d'euros.
Il peut s'attraper en cliquant sur des publicités qui circulent sur certains sites et aussi
si vous téléchargez des fichiers avec des logiciels P2P.
Bonjour
j'ai eu des problèmes de bugs sur CCM
Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller
j'ai eu des problèmes de bugs sur CCM
Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller
voici le rapport:
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2772
Windows 5.1.2600 Service Pack 3
10/09/2009 18:40:36
mbam-log-2009-09-10 (18-40-36).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 261584
Temps écoulé: 2 hour(s), 11 minute(s), 24 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 28
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ca356d79-679b-4b4c-8e49-5af97014f4c1} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25f97eb4-1c02-45ba-ba0c-e67aace64d4a} (Adware.ToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware322 (Adware.Starware) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{25f97eb4-1c02-45ba-ba0c-e67aace64d4a} (Adware.ToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{25f97eb4-1c02-45ba-ba0c-e67aace64d4a} (Adware.ToolBar) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Screensavers (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\WeatherLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\WeatherLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Screensavers\ScreensaversOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Screensavers\ScreensaversOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
je reviendrais demain après-midi .
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2772
Windows 5.1.2600 Service Pack 3
10/09/2009 18:40:36
mbam-log-2009-09-10 (18-40-36).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 261584
Temps écoulé: 2 hour(s), 11 minute(s), 24 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 28
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ca356d79-679b-4b4c-8e49-5af97014f4c1} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25f97eb4-1c02-45ba-ba0c-e67aace64d4a} (Adware.ToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware322 (Adware.Starware) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{25f97eb4-1c02-45ba-ba0c-e67aace64d4a} (Adware.ToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{25f97eb4-1c02-45ba-ba0c-e67aace64d4a} (Adware.ToolBar) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Screensavers (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\WeatherLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Layouts\WeatherLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Screensavers\ScreensaversOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Screensavers\ScreensaversOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marie-Claude\Application Data\Starware322\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
je reviendrais demain après-midi .
voici le log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marie-Claude at 2009-09-11 14:33:02
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (53%) free of 70 GB
Total RAM: 1214 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:11, on 11/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\Marie-Claude.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Window Title
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marie-Claude at 2009-09-11 14:33:02
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (53%) free of 70 GB
Total RAM: 1214 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:11, on 11/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\Marie-Claude.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Window Title
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
tu as encore une infection par supports amovibles, c'est un ver Rjump qui a créé une copie dans un répertoire du système
Télécharge UsbFix (de Chiquitine29) sur ton Bureau : http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
- Lance l'installation avec les paramètres par défaut.
- Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
- Double-clique sur le raccourci UsbFix sur ton Bureau puis choisis l'option 1 ( Recherche ).
- Laisse l'outil travailler.
- Poste le rapport UsbFix.txt qui va apparaître.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque ( C:\UsbFix.txt ).
Note 2 : "Process.exe", une composante de l'outil, est détecté par certains antivirus. Dans ce cas désactive ton Antivirus le temps du scan.
Télécharge UsbFix (de Chiquitine29) sur ton Bureau : http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
- Lance l'installation avec les paramètres par défaut.
- Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
- Double-clique sur le raccourci UsbFix sur ton Bureau puis choisis l'option 1 ( Recherche ).
- Laisse l'outil travailler.
- Poste le rapport UsbFix.txt qui va apparaître.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque ( C:\UsbFix.txt ).
Note 2 : "Process.exe", une composante de l'outil, est détecté par certains antivirus. Dans ce cas désactive ton Antivirus le temps du scan.
et voici le rapport info.txt:
info.txt logfile of random's system information tool 1.06 2009-09-11 14:33:17
======Uninstall list======
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DVIA player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.6 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x40c -uninst
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
BitDefender Internet Security 2008-->MsiExec.exe /I{72D13706-D84C-40D4-AD80-A3F2A0684E01}
Canon iP3500 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series /L0x000c
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Complément Microsoft Word de Works Suite-->MsiExec.exe /I{0BE4B058-700D-11D3-B999-00C04F328D26}
ConvertXtoDVD 2.0.17-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CueClub-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\CueClub\setup.exe"
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Multi Setup-->C:\Program Files\DVDFab 5\Uninstall.exe
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Enregistrement utilisateur de Canon iP3500 series-->C:\Program Files\Canon\IJEREG\iP3500 series\UNINST.EXE
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Indeo® software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Intel\Indeo\Uninst.isu" -c"C:\Program Files\Intel\Indeo\SavedSystemFiles\indounin.dll"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Lanceur du programme d'installation de Microsoft Works 2000 -->C:\Program Files\Microsoft Works Suite 2000\Setup\Launcher.exe E:\
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x40c
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
Macrogaming SweetIM 1.2a-->MsiExec.exe /X{5827C8C9-A3C6-4E7C-AA70-F6AFAB52F981}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - Etiquettes CD-DVD 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAAE00DB-412E-467E-B784-F9205ECCD58D}\SETUP.EXE" -l0x40c
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works 2000-->MsiExec.exe /I{8EB0AE92-5BAC-11D3-AF2F-00C04F443448}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Motorola Phone Tools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x40c -removeonly
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A}
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OLYMPUS CAMEDIA Master 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.1
OpenOffice.org 2.0-->MsiExec.exe /I{518E7702-18C9-4CF7-9BC2-EEEA9E252763}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Patch_PSP_9_VF-->C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Uninstal.exe
Petit Larousse 2006-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1444B13F-B744-4624-9695-D9E6471817B1}\Setup.exe" -l0x40c
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixia 3.3b-->"C:\Program Files\Seagrand\Pixia\unins000.exe"
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Super Casse-briques 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E63A075-4252-48C4-AFEB-3E13C8424426}\SETUP.EXE" -l0x40c
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
UltraISO Premium V9.0-->"C:\Program Files\UltraISO\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinAVI VideoConverter-->"C:\Program Files\WinAVI VideoConverter\unins000.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
======Security center information======
AV: Bitdefender Antivirus
FW: Bitdefender Firewall
======System event log======
Computer Name: MASSE-F128E4B08
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 1225
Source Name: EventLog
Time Written: 20090826101505.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.
Record Number: 1224
Source Name: EventLog
Time Written: 20090825220754.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments ""
pour démarrer le serveur :
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Record Number: 1223
Source Name: DCOM
Time Written: 20090825200223.000000+120
Event Type: erreur
User: MASSE-F128E4B08\MASSE
Computer Name: MASSE-F128E4B08
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.
Record Number: 1222
Source Name: Service Control Manager
Time Written: 20090825190726.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.
Record Number: 1221
Source Name: Service Control Manager
Time Written: 20090825190626.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: MASSE-F128E4B08
Event Code: 302
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.
Record Number: 2377
Source Name: ESENT
Time Written: 20090505184634.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr.log.
Record Number: 2376
Source Name: ESENT
Time Written: 20090505184630.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr001C2.log.
Record Number: 2375
Source Name: ESENT
Time Written: 20090505184629.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr001C1.log.
Record Number: 2374
Source Name: ESENT
Time Written: 20090505184629.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr001C0.log.
Record Number: 2373
Source Name: ESENT
Time Written: 20090505184628.000000+120
Event Type: Informations
User:
=====Security event log=====
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Magentic
Chemin d'accès : C:\Program Files\Magentic\bin\MgImp.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176030
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Magentic
Chemin d'accès : C:\Program Files\Magentic\bin\MgApp.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176029
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Magentic
Chemin d'accès : C:\Program Files\Magentic\bin\Magentic.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176028
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : CmCenter Module
Chemin d'accès : C:\Program Files\InstantTouch\bin\CmCenterV2.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176027
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : IncrediMail
Chemin d'accès : C:\Program Files\IncrediMail\bin\IncMail.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176026
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\MPEG;C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\DVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0401
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-09-11 14:33:17
======Uninstall list======
-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DVIA player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.6 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x40c -uninst
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
BitDefender Internet Security 2008-->MsiExec.exe /I{72D13706-D84C-40D4-AD80-A3F2A0684E01}
Canon iP3500 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series /L0x000c
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Complément Microsoft Word de Works Suite-->MsiExec.exe /I{0BE4B058-700D-11D3-B999-00C04F328D26}
ConvertXtoDVD 2.0.17-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
CueClub-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\CueClub\setup.exe"
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab Multi Setup-->C:\Program Files\DVDFab 5\Uninstall.exe
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Enregistrement utilisateur de Canon iP3500 series-->C:\Program Files\Canon\IJEREG\iP3500 series\UNINST.EXE
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Indeo® software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Intel\Indeo\Uninst.isu" -c"C:\Program Files\Intel\Indeo\SavedSystemFiles\indounin.dll"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Lanceur du programme d'installation de Microsoft Works 2000 -->C:\Program Files\Microsoft Works Suite 2000\Setup\Launcher.exe E:\
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x40c
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
Macrogaming SweetIM 1.2a-->MsiExec.exe /X{5827C8C9-A3C6-4E7C-AA70-F6AFAB52F981}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - Etiquettes CD-DVD 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAAE00DB-412E-467E-B784-F9205ECCD58D}\SETUP.EXE" -l0x40c
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works 2000-->MsiExec.exe /I{8EB0AE92-5BAC-11D3-AF2F-00C04F443448}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Motorola Phone Tools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x40c -removeonly
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A}
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OLYMPUS CAMEDIA Master 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.1
OpenOffice.org 2.0-->MsiExec.exe /I{518E7702-18C9-4CF7-9BC2-EEEA9E252763}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Patch_PSP_9_VF-->C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Uninstal.exe
Petit Larousse 2006-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1444B13F-B744-4624-9695-D9E6471817B1}\Setup.exe" -l0x40c
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixia 3.3b-->"C:\Program Files\Seagrand\Pixia\unins000.exe"
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareaza 2.4.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Super Casse-briques 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E63A075-4252-48C4-AFEB-3E13C8424426}\SETUP.EXE" -l0x40c
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
UltraISO Premium V9.0-->"C:\Program Files\UltraISO\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinAVI VideoConverter-->"C:\Program Files\WinAVI VideoConverter\unins000.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
======Security center information======
AV: Bitdefender Antivirus
FW: Bitdefender Firewall
======System event log======
Computer Name: MASSE-F128E4B08
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 1225
Source Name: EventLog
Time Written: 20090826101505.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.
Record Number: 1224
Source Name: EventLog
Time Written: 20090825220754.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments ""
pour démarrer le serveur :
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Record Number: 1223
Source Name: DCOM
Time Written: 20090825200223.000000+120
Event Type: erreur
User: MASSE-F128E4B08\MASSE
Computer Name: MASSE-F128E4B08
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.
Record Number: 1222
Source Name: Service Control Manager
Time Written: 20090825190726.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.
Record Number: 1221
Source Name: Service Control Manager
Time Written: 20090825190626.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: MASSE-F128E4B08
Event Code: 302
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.
Record Number: 2377
Source Name: ESENT
Time Written: 20090505184634.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr.log.
Record Number: 2376
Source Name: ESENT
Time Written: 20090505184630.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr001C2.log.
Record Number: 2375
Source Name: ESENT
Time Written: 20090505184629.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr001C1.log.
Record Number: 2374
Source Name: ESENT
Time Written: 20090505184629.000000+120
Event Type: Informations
User:
Computer Name: MASSE-F128E4B08
Event Code: 301
Message: MsnMsgr (3348) \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\titus\Local Settings\Application Data\Microsoft\Messenger\tim-17@hotmail.fr\SharingMetadata\Working\database_E060_3F40_603F_1CAA\fsr001C0.log.
Record Number: 2373
Source Name: ESENT
Time Written: 20090505184628.000000+120
Event Type: Informations
User:
=====Security event log=====
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Magentic
Chemin d'accès : C:\Program Files\Magentic\bin\MgImp.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176030
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Magentic
Chemin d'accès : C:\Program Files\Magentic\bin\MgApp.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176029
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Magentic
Chemin d'accès : C:\Program Files\Magentic\bin\Magentic.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176028
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : CmCenter Module
Chemin d'accès : C:\Program Files\InstantTouch\bin\CmCenterV2.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176027
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: MASSE-F128E4B08
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : IncrediMail
Chemin d'accès : C:\Program Files\IncrediMail\bin\IncMail.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 176026
Source Name: Security
Time Written: 20090901142615.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\MPEG;C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\DVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0401
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
-----------------EOF-----------------
voici:
############################## | UsbFix V6.030 |
User : Marie-Claude (Administrateurs) # MASSE-F128E4B08
Update on 11/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:00:16 | 11/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ (!) Disabled | Updated ]
FW : Bitdefender Firewall[ Enabled ]8.0
C:\ -> Disque fixe local # 68,36 Go (36,49 Go free) # NTFS
D:\ -> Disque fixe local # 6,16 Go (6,12 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 972,67 Mo (889,56 Mo free) [MASSÉ] # FAT
H:\ -> Disque amovible # 3,78 Go (907,09 Mo free) [MARQUISE] # FAT32
I:\ -> Disque amovible # 3,82 Go (3,2 Go free) # FAT
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
Présent ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{334058c6-c3e5-11db-b977-00161749c91e}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
HKCU\..\..\Explorer\MountPoints2\{7d704e80-665f-11db-b7f7-00161749c91e}
Shell\Auto\command =F:\bittorrent.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e
################## | ! Fin du rapport # UsbFix V6.030 ! |
############################## | UsbFix V6.030 |
User : Marie-Claude (Administrateurs) # MASSE-F128E4B08
Update on 11/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:00:16 | 11/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ (!) Disabled | Updated ]
FW : Bitdefender Firewall[ Enabled ]8.0
C:\ -> Disque fixe local # 68,36 Go (36,49 Go free) # NTFS
D:\ -> Disque fixe local # 6,16 Go (6,12 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 972,67 Mo (889,56 Mo free) [MASSÉ] # FAT
H:\ -> Disque amovible # 3,78 Go (907,09 Mo free) [MARQUISE] # FAT32
I:\ -> Disque amovible # 3,82 Go (3,2 Go free) # FAT
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
Présent ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{334058c6-c3e5-11db-b977-00161749c91e}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
HKCU\..\..\Explorer\MountPoints2\{7d704e80-665f-11db-b7f7-00161749c91e}
Shell\Auto\command =F:\bittorrent.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e
################## | ! Fin du rapport # UsbFix V6.030 ! |
il va falloir que je parte chercher le fils de mon amie à l'école et que je m'occupe de lui après jusqu'à l'arrivée de sa maman.alors je vais devoir en restée là pour aujourd'hui. je reviendrais demain au alentour de 17heures.si je peux...
Salut
continuons
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau
# choisis l'option 2 ( Suppression )
# Ton bureau disparaitra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
continuons
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau
# choisis l'option 2 ( Suppression )
# Ton bureau disparaitra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
bonjour nathandre,
voici le rapport:
############################## | UsbFix V6.030 |
User : Marie-Claude (Administrateurs) # MASSE-F128E4B08
Update on 11/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:13:25 | 12/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ]
FW : Bitdefender Firewall[ Enabled ]8.0
C:\ -> Disque fixe local # 68,36 Go (36,45 Go free) # NTFS
D:\ -> Disque fixe local # 6,16 Go (6,12 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 972,67 Mo (889,56 Mo free) [MASSÉ] # FAT
H:\ -> Disque amovible # 3,78 Go (907,09 Mo free) [MARQUISE] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
Supprimé ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{334058c6-c3e5-11db-b977-00161749c91e}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{7d704e80-665f-11db-b7f7-00161749c91e}\Shell\Auto\Command
################## | Listing des fichiers présent |
[08/09/2009 17:53|--a--c---|49393] C:\Ad-Report-CLEAN.log
[08/06/2006 12:18|--a--c---|0] C:\AUTOEXEC.BAT
[04/04/2007 13:54|--a--c---|338375] C:\bdoe.log
[20/04/2009 14:04|---hsc---|216] C:\boot.ini
[05/08/2004 14:00|-rahsc---|4952] C:\Bootfont.bin
[07/09/2009 18:16|--a--c---|1697] C:\cleannavi.txt
[08/06/2006 12:18|--a--c---|0] C:\CONFIG.SYS
[12/07/2008 18:45|--a--c---|0] C:\DBS.TXT
[14/03/2009 13:54|--a--c---|236] C:\DelAll.bat
[08/06/2006 12:18|-rahsc---|0] C:\IO.SYS
[08/09/2009 17:05|--a--c---|17775] C:\lopR.txt
[08/06/2006 12:18|-rahsc---|0] C:\MSDOS.SYS
[17/05/2005 18:27|--a--c---|300032] C:\npwwg.dll
[05/08/2004 14:00|-rahs----|47564] C:\NTDETECT.COM
[30/08/2008 16:20|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[27/06/2007 14:20|--a--c---|3200] C:\playout.txt
[30/12/2008 13:16|--ah-c---|268] C:\sqmdata00.sqm
[31/12/2008 23:43|--ah-c---|268] C:\sqmdata01.sqm
[07/01/2009 21:39|--ah-c---|268] C:\sqmdata02.sqm
[17/01/2009 12:35|--ah-c---|232] C:\sqmdata03.sqm
[15/02/2009 15:08|--ah-c---|268] C:\sqmdata04.sqm
[16/02/2009 16:53|--ah-c---|268] C:\sqmdata05.sqm
[19/03/2009 23:09|--ah-c---|232] C:\sqmdata06.sqm
[05/04/2009 17:18|--ah-c---|232] C:\sqmdata07.sqm
[05/04/2009 19:46|--ah-c---|232] C:\sqmdata08.sqm
[21/04/2009 20:40|--ah-c---|232] C:\sqmdata09.sqm
[21/04/2009 22:48|--ah-c---|232] C:\sqmdata10.sqm
[22/04/2009 16:31|--ah-c---|232] C:\sqmdata11.sqm
[23/04/2009 16:51|--ah-c---|232] C:\sqmdata12.sqm
[24/04/2009 15:35|--ah-c---|232] C:\sqmdata13.sqm
[24/04/2009 16:57|--ah-c---|232] C:\sqmdata14.sqm
[26/04/2009 18:32|--ah-c---|232] C:\sqmdata15.sqm
[27/04/2009 16:06|--ah-c---|232] C:\sqmdata16.sqm
[29/04/2009 14:29|--ah-c---|232] C:\sqmdata17.sqm
[30/04/2009 16:07|--ah-c---|232] C:\sqmdata18.sqm
[27/12/2008 11:12|--ah-c---|268] C:\sqmdata19.sqm
[30/12/2008 13:16|--ah-c---|244] C:\sqmnoopt00.sqm
[31/12/2008 23:43|--ah-c---|244] C:\sqmnoopt01.sqm
[07/01/2009 21:39|--ah-c---|244] C:\sqmnoopt02.sqm
[17/01/2009 12:35|--ah-c---|244] C:\sqmnoopt03.sqm
[15/02/2009 15:08|--ah-c---|244] C:\sqmnoopt04.sqm
[16/02/2009 16:53|--ah-c---|172] C:\sqmnoopt05.sqm
[19/03/2009 23:09|--ah-c---|244] C:\sqmnoopt06.sqm
[05/04/2009 17:18|--ah-c---|244] C:\sqmnoopt07.sqm
[05/04/2009 19:46|--ah-c---|244] C:\sqmnoopt08.sqm
[21/04/2009 20:40|--ah-c---|244] C:\sqmnoopt09.sqm
[21/04/2009 22:48|--ah-c---|244] C:\sqmnoopt10.sqm
[22/04/2009 16:31|--ah-c---|244] C:\sqmnoopt11.sqm
[23/04/2009 16:51|--ah-c---|244] C:\sqmnoopt12.sqm
[24/04/2009 15:35|--ah-c---|244] C:\sqmnoopt13.sqm
[24/04/2009 16:57|--ah-c---|244] C:\sqmnoopt14.sqm
[26/04/2009 18:32|--ah-c---|244] C:\sqmnoopt15.sqm
[27/04/2009 16:06|--ah-c---|244] C:\sqmnoopt16.sqm
[29/04/2009 14:29|--ah-c---|244] C:\sqmnoopt17.sqm
[30/04/2009 16:07|--ah-c---|244] C:\sqmnoopt18.sqm
[27/12/2008 11:12|--ah-c---|244] C:\sqmnoopt19.sqm
[06/09/2009 15:30|--a--c---|5225] C:\TB.txt
[12/09/2009 15:21|--a--c---|5617] C:\UsbFix.txt
[11/05/2008 16:27|--a------|20480] G:\CV PHILIPPE.doc
[19/03/2007 15:58|--a------|981673] G:\winrar300fr.exe
[11/06/2008 13:23|--a------|26624] G:\Curriculum vitae.doc
[23/09/2008 18:12|--a------|28981233] G:\bricopack-vista-inspirat-ultimate-2-crystalxp.net-fr-130.zip
[01/04/2007 16:10|--a------|118] H:\ ! !!! Crack Microsoft Office 2007 Multilanguage !!!.zip
[15/04/2008 11:09|--a------|10595350] H:\Incredimail.Xe.Premium.v5.70.3505.FR.Incl-Crack.rar
[09/04/2008 02:45|--a------|10669952] H:\IncrediMailSetup_fr.exe
[05/05/2007 13:55|--a------|1953480] H:\PPVIEWER.EXE
[19/03/2007 14:58|--a------|981673] H:\winrar300fr.exe
[30/10/2007 16:01|--a------|632836] H:\antipub.exe
[02/03/2007 21:32|--a------|269312] H:\DAMN_NFO_Viewer_v2-10-0032-RC3.exe
[27/06/2008 18:19|--a------|15016261] H:\DVDFab_Platinum.rar
[13/06/2007 06:53|--a------|186285820] H:\Nero.7.Premium.v7.9.6.0.FR.Incl-Keygen.rar
[02/07/2007 15:45|--a------|14001680] H:\RealPlayer10-5GOLD_fr.exe
[21/04/2008 20:43|--a------|3361263] H:\Ultra.ISO.Premium.Edition.v9.0.0.Build.2336.rar
[21/02/2007 11:47|--a------|9453630] H:\vlc-0.8.6a-win32.exe
################## | ! Fin du rapport # UsbFix V6.030 ! |
voici le rapport:
############################## | UsbFix V6.030 |
User : Marie-Claude (Administrateurs) # MASSE-F128E4B08
Update on 11/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:13:25 | 12/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ]
FW : Bitdefender Firewall[ Enabled ]8.0
C:\ -> Disque fixe local # 68,36 Go (36,45 Go free) # NTFS
D:\ -> Disque fixe local # 6,16 Go (6,12 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 972,67 Mo (889,56 Mo free) [MASSÉ] # FAT
H:\ -> Disque amovible # 3,78 Go (907,09 Mo free) [MARQUISE] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
Supprimé ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{334058c6-c3e5-11db-b977-00161749c91e}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{7d704e80-665f-11db-b7f7-00161749c91e}\Shell\Auto\Command
################## | Listing des fichiers présent |
[08/09/2009 17:53|--a--c---|49393] C:\Ad-Report-CLEAN.log
[08/06/2006 12:18|--a--c---|0] C:\AUTOEXEC.BAT
[04/04/2007 13:54|--a--c---|338375] C:\bdoe.log
[20/04/2009 14:04|---hsc---|216] C:\boot.ini
[05/08/2004 14:00|-rahsc---|4952] C:\Bootfont.bin
[07/09/2009 18:16|--a--c---|1697] C:\cleannavi.txt
[08/06/2006 12:18|--a--c---|0] C:\CONFIG.SYS
[12/07/2008 18:45|--a--c---|0] C:\DBS.TXT
[14/03/2009 13:54|--a--c---|236] C:\DelAll.bat
[08/06/2006 12:18|-rahsc---|0] C:\IO.SYS
[08/09/2009 17:05|--a--c---|17775] C:\lopR.txt
[08/06/2006 12:18|-rahsc---|0] C:\MSDOS.SYS
[17/05/2005 18:27|--a--c---|300032] C:\npwwg.dll
[05/08/2004 14:00|-rahs----|47564] C:\NTDETECT.COM
[30/08/2008 16:20|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[27/06/2007 14:20|--a--c---|3200] C:\playout.txt
[30/12/2008 13:16|--ah-c---|268] C:\sqmdata00.sqm
[31/12/2008 23:43|--ah-c---|268] C:\sqmdata01.sqm
[07/01/2009 21:39|--ah-c---|268] C:\sqmdata02.sqm
[17/01/2009 12:35|--ah-c---|232] C:\sqmdata03.sqm
[15/02/2009 15:08|--ah-c---|268] C:\sqmdata04.sqm
[16/02/2009 16:53|--ah-c---|268] C:\sqmdata05.sqm
[19/03/2009 23:09|--ah-c---|232] C:\sqmdata06.sqm
[05/04/2009 17:18|--ah-c---|232] C:\sqmdata07.sqm
[05/04/2009 19:46|--ah-c---|232] C:\sqmdata08.sqm
[21/04/2009 20:40|--ah-c---|232] C:\sqmdata09.sqm
[21/04/2009 22:48|--ah-c---|232] C:\sqmdata10.sqm
[22/04/2009 16:31|--ah-c---|232] C:\sqmdata11.sqm
[23/04/2009 16:51|--ah-c---|232] C:\sqmdata12.sqm
[24/04/2009 15:35|--ah-c---|232] C:\sqmdata13.sqm
[24/04/2009 16:57|--ah-c---|232] C:\sqmdata14.sqm
[26/04/2009 18:32|--ah-c---|232] C:\sqmdata15.sqm
[27/04/2009 16:06|--ah-c---|232] C:\sqmdata16.sqm
[29/04/2009 14:29|--ah-c---|232] C:\sqmdata17.sqm
[30/04/2009 16:07|--ah-c---|232] C:\sqmdata18.sqm
[27/12/2008 11:12|--ah-c---|268] C:\sqmdata19.sqm
[30/12/2008 13:16|--ah-c---|244] C:\sqmnoopt00.sqm
[31/12/2008 23:43|--ah-c---|244] C:\sqmnoopt01.sqm
[07/01/2009 21:39|--ah-c---|244] C:\sqmnoopt02.sqm
[17/01/2009 12:35|--ah-c---|244] C:\sqmnoopt03.sqm
[15/02/2009 15:08|--ah-c---|244] C:\sqmnoopt04.sqm
[16/02/2009 16:53|--ah-c---|172] C:\sqmnoopt05.sqm
[19/03/2009 23:09|--ah-c---|244] C:\sqmnoopt06.sqm
[05/04/2009 17:18|--ah-c---|244] C:\sqmnoopt07.sqm
[05/04/2009 19:46|--ah-c---|244] C:\sqmnoopt08.sqm
[21/04/2009 20:40|--ah-c---|244] C:\sqmnoopt09.sqm
[21/04/2009 22:48|--ah-c---|244] C:\sqmnoopt10.sqm
[22/04/2009 16:31|--ah-c---|244] C:\sqmnoopt11.sqm
[23/04/2009 16:51|--ah-c---|244] C:\sqmnoopt12.sqm
[24/04/2009 15:35|--ah-c---|244] C:\sqmnoopt13.sqm
[24/04/2009 16:57|--ah-c---|244] C:\sqmnoopt14.sqm
[26/04/2009 18:32|--ah-c---|244] C:\sqmnoopt15.sqm
[27/04/2009 16:06|--ah-c---|244] C:\sqmnoopt16.sqm
[29/04/2009 14:29|--ah-c---|244] C:\sqmnoopt17.sqm
[30/04/2009 16:07|--ah-c---|244] C:\sqmnoopt18.sqm
[27/12/2008 11:12|--ah-c---|244] C:\sqmnoopt19.sqm
[06/09/2009 15:30|--a--c---|5225] C:\TB.txt
[12/09/2009 15:21|--a--c---|5617] C:\UsbFix.txt
[11/05/2008 16:27|--a------|20480] G:\CV PHILIPPE.doc
[19/03/2007 15:58|--a------|981673] G:\winrar300fr.exe
[11/06/2008 13:23|--a------|26624] G:\Curriculum vitae.doc
[23/09/2008 18:12|--a------|28981233] G:\bricopack-vista-inspirat-ultimate-2-crystalxp.net-fr-130.zip
[01/04/2007 16:10|--a------|118] H:\ ! !!! Crack Microsoft Office 2007 Multilanguage !!!.zip
[15/04/2008 11:09|--a------|10595350] H:\Incredimail.Xe.Premium.v5.70.3505.FR.Incl-Crack.rar
[09/04/2008 02:45|--a------|10669952] H:\IncrediMailSetup_fr.exe
[05/05/2007 13:55|--a------|1953480] H:\PPVIEWER.EXE
[19/03/2007 14:58|--a------|981673] H:\winrar300fr.exe
[30/10/2007 16:01|--a------|632836] H:\antipub.exe
[02/03/2007 21:32|--a------|269312] H:\DAMN_NFO_Viewer_v2-10-0032-RC3.exe
[27/06/2008 18:19|--a------|15016261] H:\DVDFab_Platinum.rar
[13/06/2007 06:53|--a------|186285820] H:\Nero.7.Premium.v7.9.6.0.FR.Incl-Keygen.rar
[02/07/2007 15:45|--a------|14001680] H:\RealPlayer10-5GOLD_fr.exe
[21/04/2008 20:43|--a------|3361263] H:\Ultra.ISO.Premium.Edition.v9.0.0.Build.2336.rar
[21/02/2007 11:47|--a------|9453630] H:\vlc-0.8.6a-win32.exe
################## | ! Fin du rapport # UsbFix V6.030 ! |
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau .
# Choisis l'option 3 ( Vaccination )
# Laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Ton PC était bourré d'infections de toutes sortes
# Double clic sur le raccourci UsbFix présent sur ton bureau .
# Choisis l'option 3 ( Vaccination )
# Laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Ton PC était bourré d'infections de toutes sortes
et voici ce rapport:
############################## | UsbFix V6.030 |
User : Marie-Claude (Administrateurs) # MASSE-F128E4B08
Update on 11/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:34:16 | 12/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ]
FW : Bitdefender Firewall[ Enabled ]8.0
C:\ -> Disque fixe local # 68,36 Go (36,53 Go free) # NTFS
D:\ -> Disque fixe local # 6,16 Go (6,12 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 972,67 Mo (889,56 Mo free) [MASSÉ] # FAT
H:\ -> Disque amovible # 3,78 Go (907,09 Mo free) [MARQUISE] # FAT32
I:\ -> Disque fixe local # 3,82 Go (3,2 Go free) # FAT
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | ! Fin du rapport # UsbFix V6.030 ! |
############################## | UsbFix V6.030 |
User : Marie-Claude (Administrateurs) # MASSE-F128E4B08
Update on 11/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:34:16 | 12/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ]
FW : Bitdefender Firewall[ Enabled ]8.0
C:\ -> Disque fixe local # 68,36 Go (36,53 Go free) # NTFS
D:\ -> Disque fixe local # 6,16 Go (6,12 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 972,67 Mo (889,56 Mo free) [MASSÉ] # FAT
H:\ -> Disque amovible # 3,78 Go (907,09 Mo free) [MARQUISE] # FAT32
I:\ -> Disque fixe local # 3,82 Go (3,2 Go free) # FAT
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | ! Fin du rapport # UsbFix V6.030 ! |
et voici :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marie-Claude at 2009-09-12 15:48:02
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (53%) free of 70 GB
Total RAM: 1214 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:48:08, on 12/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\RSIT.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\Marie-Claude.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marie-Claude at 2009-09-12 15:48:02
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (53%) free of 70 GB
Total RAM: 1214 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:48:08, on 12/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\RSIT.exe
C:\Documents and Settings\Marie-Claude\Bureau\Téléchargements\Marie-Claude.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3ffcfe35779f4a0398a15db42ba0dcff
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3ffcfe35779f4a0398a15db42ba0dcff
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {46058878-5352-4550-8CD0-839BE09FAD8E} (PowerFootball1.PowerFootballLoader1) - http://powerfootball.coupedumonde2006.m6.fr/applet/PowerFootballLoader.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
O24 - Desktop Component 1: (no name) - http://www.carinedesign.com/horloge_ronde/horl_chat/h01.html
O24 - Desktop Component 10: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/5.htm
O24 - Desktop Component 11: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/16.htm
O24 - Desktop Component 12: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/3.htm
O24 - Desktop Component 13: (no name) - http://www.compteur.cc/clock/v2/clock.php?s=130&h=1&i=8&b=0x330099&lar=175.75&hau=175.75
O24 - Desktop Component 14: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 15: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 16: (no name) - http://josyacreations.free.fr/horlogeindien1.html
O24 - Desktop Component 17: horloges pour votre site - https://www.118712.fr/sortir.html
O24 - Desktop Component 18: Créations Armony, Horloge animee Halloween045 - http://ww12.chezarmony.ch
O24 - Desktop Component 19: (no name) - http://blinkhorloge.free.fr/horloge_semaine_9.htm
O24 - Desktop Component 2: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Divers_FF/12.htm
O24 - Desktop Component 20: (no name) - http://free-zg.t-com.hr/Pija/Cuteclocks/CC4en.htm
O24 - Desktop Component 21: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Born/A10.htm
O24 - Desktop Component 22: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F8.htm
O24 - Desktop Component 23: (no name) - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F10.htm
O24 - Desktop Component 24: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 25: (no name) - http://www6.pijadesigns.com/?tdfs=1&kw=design
O24 - Desktop Component 26: (no name) - http://free-zg.t-com.hr/Pija/PC/ET.htm
O24 - Desktop Component 27: (no name) - http://free-zg.t-com.hr/Pija/PC/PC2.htm
O24 - Desktop Component 28: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F4.htm
O24 - Desktop Component 29: Pija's calendar - http://pijadesigns.no.sapo.pt//CALENDARS/Fantasy/F6.htm
O24 - Desktop Component 3: Horloges gratuites d'Animabelle - http://animabelle.free.fr/horloges/Firefox/Animaux/2.htm
O24 - Desktop Component 30: Créations Armony, Horloge animée betty boop 019 - http://ww7.chezarmony.ch
O24 - Desktop Component 31: Pija's calendar - http://free-zg.t-com.hr/Pija/Cuteclocks/CCB23en.htm
O24 - Desktop Component 32: (no name) - http://animabelle.free.fr/horloges/divers/gd_modele/2.htm
O24 - Desktop Component 33: (no name) - https://www.clocklink.com//clocks/yoshidasauce001-black.swf?TimeZone=France_Paris&"%20%20width="140"%20height="52"%20wmode="transparent"%20type="application/x-shockwave-flash"
O24 - Desktop Component 4: Free Pages Personnelles: Erreur 404 - Document non trouvé - http://animabelle.free.fr/horloges/Firefox/Animaux/10.htm
O24 - Desktop Component 5: (no name) - http://animabelle.free.fr/horloges/Firefox/Animaux/18.htm
O24 - Desktop Component 6: (no name) - http://animabelle.free.fr/horloges/Firefox/Divers_FF/2.htm
O24 - Desktop Component 7: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/8.htm
O24 - Desktop Component 8: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/9.htm
O24 - Desktop Component 9: (no name) - http://animabelle.free.fr/horloges/Firefox/FF_St_Valentin/12.htm
Télécharge List&Kill'em (par Gen-Hackman) et enregistre l'exécutable sur ton bureau.
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe
! Désactive ton antivirus le temps de la manip ainsi que ton Pare-feu si présent !
! Déconnecte toi ferme toutes tes applications en cours !
* Double-clic sur l'icône présente sur le bureau pour le lancer (sous vista : clic droit > "exécuter en tant qu'administrateur").
* Choisis la langue souhaitée et valide par "entrée".
* Au second menu choisis l'option 1 : Mode Recherche
* Laisse travailler l'outil.
* Une fois le scan Terminé ,un rapport s'ouvre .
Ensuite héberger le rapport :
* Rends toi à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
* Clique sur parcourir, puis sur créer le lien cjoint
* Une fois le lien crée, clique droit dessus et copier l'adresse du lien pour venir le coller dans ta réponse
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe
! Désactive ton antivirus le temps de la manip ainsi que ton Pare-feu si présent !
! Déconnecte toi ferme toutes tes applications en cours !
* Double-clic sur l'icône présente sur le bureau pour le lancer (sous vista : clic droit > "exécuter en tant qu'administrateur").
* Choisis la langue souhaitée et valide par "entrée".
* Au second menu choisis l'option 1 : Mode Recherche
* Laisse travailler l'outil.
* Une fois le scan Terminé ,un rapport s'ouvre .
Ensuite héberger le rapport :
* Rends toi à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
* Clique sur parcourir, puis sur créer le lien cjoint
* Une fois le lien crée, clique droit dessus et copier l'adresse du lien pour venir le coller dans ta réponse
je ne peux pas ouvrir la page que tu m'a indiqué car mon antivirus a bloqué un virus :"DeepScan:generic.Zlob.1EA25..."et l'accés au ficier est refusé.
ben alors là ,y en a pour 2 heures au moins de scan,cela va être long et après je fais quoi?
voici le rapport de mon antivirus:
Fichier journal de BitDefender
Produit : BitDefender Internet Security 2008
Version : BitDefender UIScanner V.11
Date du journal : 18:46:39 12/09/2009
Chemin du journal : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1252773999_1_02.xml
Analyse des chemins :Chemin0000: C:\
Chemin0001: D:\
Options d’analyse :Analyse contre les virus : Oui
Détecter les adwares : Oui
Analyse contre les spywares : Oui
Analyse des applications : Oui
Détecter les numéroteurs : Oui
Analyse contre les Rootkits : Oui
Options de sélection de cible :Analyse les clés du registre : Oui
Analyse des cookies : Oui
Analyser le secteur de boot : Oui
Analyse des processus mémoire : Oui
Analyser les archives : Oui
Analyser les fichiers enpaquetés : Oui
Analyser les emails : Oui
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées :
Extensions exclues :
Traitement cibleAction par défaut pour les objets infectés : Désinfecter
Action par défaut pour les objets suspects : Aucun
Action par défaut pour les objets camouflés : Aucun
Résumé de l'analyseNombre de signatures de virus : 4139154
Plugins archives : 45
Plug-ins messagerie : 6
Plugins d'analyse : 13
Plugins archives : 45
Plug-ins système : 5
Plug-ins décompression : 7
Résumé de l'analyse généraleEléments analysés : 381260
Eléments infectés : 7
Eléments suspects : 0
Eléments résolus : 7
Virus individuels trouvés : 6
Répertoires analysés : 15861
Secteur de boot analysés : 3
Archives analysés : 11778
Erreurs I/O : 2
Temps d'analyse : 00:02:15:55
Fichiers par seconde : 46
Résumé des processus analysésAnalysé(s) : 35
Infecté(s) : 0
Résumé des clés de registre analyséesAnalysé(s) : 1138
Infecté(s) : 0
Résumé des cookies analysésAnalysé(s) : 137
Infecté(s) : 5
Problèmes non résolus :Nom de l'objet Nom de la menace Etat final
Problèmes résolusNom de l'objet Nom de la menace Etat final
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@msnportal.112.2o7[1].txt Cookie.2o7 Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@atdmt[1].txt Cookie.ATDMT Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@bs.serving-sys[2].txt Cookie.BS.Serving-Sys Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@lascad.solution.weborama[2].txt Cookie.Weborama Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@zedo[2].txt Cookie.Zedo Effacé
C:\Documents and Settings\MASSE\Application Data\Free Byte\mmnazjeb.exe Trojan.Generic.2306487 Effacé
C:\System Volume Information\_restore{4F46F069-7316-4189-BCC6-14E3F55D52EC}\RP9\A0001458.exe Trojan.Generic.2306487 Effacé
Objets non scannés :Nom de l'objet Raison Etat final
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]14.06348 Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]anal12.avi/anal12.avi.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]anal12.avi/anal12.avi.ico Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars1.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar1.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar10.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar10.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar11.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar11.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar12.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar12.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar13.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar13.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar14.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar14.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar15.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar15.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar16.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar16.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar17.zip=]bin/10.0.368.0/CoreSrv.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar17.zip=]bin/10.0.368.0/HostIE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar17.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar18.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar19.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar2.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar2.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar20.zip=]bin/10.0.368.0/HostOE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar20.zip=]bin/10.0.368.0/InstIE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar20.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar21.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar22.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar23.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar23.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar3.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar3.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar4.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar4.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar5.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar5.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/business_promo.htm Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/business_promo.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/cursors.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/cursors.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_1000.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_1000.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_2000.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_2000.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_3000.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_3000.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bar.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bar.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bbar1.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bbar1.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_logos.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_logos.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_other.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_other.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_weather.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_weather.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/hotbar_promo.htm Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/hotbar_promo.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_games_icon.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_games_icon.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_video.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_video.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/keywords.idx Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/keywords.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/layout.cdf Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/layout.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/linkpathlegal.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/linkpathlegal.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/more.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/more.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/progress.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/progress.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/sales_buttons.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/sales_buttons.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/samplegroups2.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/samplegroups2.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/s_icons_buttons.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/s_icons_buttons.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/t2_bg.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/t2_bg.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/tsd_bg.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/tsd_bg.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/weathericon.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/weathericon.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar7.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar8.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar8.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar9.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar9.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotsearchBar.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotsearchBar1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare1.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare2.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare2.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare3.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare3.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare4.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare4.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusOverride.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusOverride.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/arrow.ico Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Cml.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/copyright.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/CoreSrv.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/firefox/extensions/components/npclntax.xpt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/firefox/extensions/install.rdf Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/firefox/extensions/plugins/npclntax_HotbarSA.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HostIE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HostOL.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HotbarSA.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HotbarSAAX.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HotbarUnInstaller.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/link.ico Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Srv.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Toolbar.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Wallpaper.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Weather.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/WeSkin.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp0o.a30=]Setup1.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp0o.a30=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\MASSE\Mes documents\prog\Nouveau PROG(3)\Patch_PSP9vf.rar=]ENREGISTREMENT.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\MASSE\Mes documents\prog\Nouveau PROG(3)\Patch_PSP9vf.rar=]Patch_PSP_9F.exe Protégé par mot de passe Aucune action possible
il faut que je parte,je reviendrais demain.bonne soirée
Fichier journal de BitDefender
Produit : BitDefender Internet Security 2008
Version : BitDefender UIScanner V.11
Date du journal : 18:46:39 12/09/2009
Chemin du journal : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1252773999_1_02.xml
Analyse des chemins :Chemin0000: C:\
Chemin0001: D:\
Options d’analyse :Analyse contre les virus : Oui
Détecter les adwares : Oui
Analyse contre les spywares : Oui
Analyse des applications : Oui
Détecter les numéroteurs : Oui
Analyse contre les Rootkits : Oui
Options de sélection de cible :Analyse les clés du registre : Oui
Analyse des cookies : Oui
Analyser le secteur de boot : Oui
Analyse des processus mémoire : Oui
Analyser les archives : Oui
Analyser les fichiers enpaquetés : Oui
Analyser les emails : Oui
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées :
Extensions exclues :
Traitement cibleAction par défaut pour les objets infectés : Désinfecter
Action par défaut pour les objets suspects : Aucun
Action par défaut pour les objets camouflés : Aucun
Résumé de l'analyseNombre de signatures de virus : 4139154
Plugins archives : 45
Plug-ins messagerie : 6
Plugins d'analyse : 13
Plugins archives : 45
Plug-ins système : 5
Plug-ins décompression : 7
Résumé de l'analyse généraleEléments analysés : 381260
Eléments infectés : 7
Eléments suspects : 0
Eléments résolus : 7
Virus individuels trouvés : 6
Répertoires analysés : 15861
Secteur de boot analysés : 3
Archives analysés : 11778
Erreurs I/O : 2
Temps d'analyse : 00:02:15:55
Fichiers par seconde : 46
Résumé des processus analysésAnalysé(s) : 35
Infecté(s) : 0
Résumé des clés de registre analyséesAnalysé(s) : 1138
Infecté(s) : 0
Résumé des cookies analysésAnalysé(s) : 137
Infecté(s) : 5
Problèmes non résolus :Nom de l'objet Nom de la menace Etat final
Problèmes résolusNom de l'objet Nom de la menace Etat final
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@msnportal.112.2o7[1].txt Cookie.2o7 Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@atdmt[1].txt Cookie.ATDMT Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@bs.serving-sys[2].txt Cookie.BS.Serving-Sys Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@lascad.solution.weborama[2].txt Cookie.Weborama Effacé
[System]=]C:\Documents and Settings\Marie-Claude\Cookies\marie-claude@zedo[2].txt Cookie.Zedo Effacé
C:\Documents and Settings\MASSE\Application Data\Free Byte\mmnazjeb.exe Trojan.Generic.2306487 Effacé
C:\System Volume Information\_restore{4F46F069-7316-4189-BCC6-14E3F55D52EC}\RP9\A0001458.exe Trojan.Generic.2306487 Effacé
Objets non scannés :Nom de l'objet Raison Etat final
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]14.06348 Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]anal12.avi/anal12.avi.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]anal12.avi/anal12.avi.ico Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars1.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CarpeDiemVars1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar1.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar10.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar10.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar11.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar11.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar12.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar12.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar13.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar13.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar14.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar14.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar15.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar15.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar16.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar16.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar17.zip=]bin/10.0.368.0/CoreSrv.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar17.zip=]bin/10.0.368.0/HostIE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar17.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar18.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar19.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar2.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar2.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar20.zip=]bin/10.0.368.0/HostOE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar20.zip=]bin/10.0.368.0/InstIE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar20.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar21.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar22.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar23.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar23.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar3.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar3.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar4.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar4.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar5.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar5.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/business_promo.htm Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/business_promo.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/cursors.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/cursors.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_1000.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_1000.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_2000.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_2000.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_3000.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_3000.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bar.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bar.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bbar1.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_bbar1.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_logos.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_logos.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_other.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_buttons_other.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_weather.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/d_icons_weather.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/hotbar_promo.htm Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/hotbar_promo.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_games_icon.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_games_icon.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_video.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/ie_video.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/keywords.idx Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/keywords.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/layout.cdf Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/layout.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/linkpathlegal.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/linkpathlegal.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/more.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/more.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/progress.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/progress.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/sales_buttons.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/sales_buttons.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/samplegroups2.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/samplegroups2.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/s_icons_buttons.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/s_icons_buttons.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/t2_bg.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/t2_bg.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/tsd_bg.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/tsd_bg.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/weathericon.res Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]v3.0/Hotbar/static/DownLoad/weathericon.xip Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar6.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar7.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar8.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar8.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar9.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hotbar9.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotsearchBar.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\HotsearchBar1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare1.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare1.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare2.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare2.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare3.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare3.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare4.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\StarWare4.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusOverride.zip=]sbRecovery.reg Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusOverride.zip=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/arrow.ico Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Cml.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/copyright.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/CoreSrv.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/firefox/extensions/components/npclntax.xpt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/firefox/extensions/install.rdf Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/firefox/extensions/plugins/npclntax_HotbarSA.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HostIE.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HostOL.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HotbarSA.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HotbarSAAX.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/HotbarUnInstaller.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/link.ico Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Srv.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Toolbar.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Wallpaper.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/Weather.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp00.k30=]bin/10.0.368.0/WeSkin.dll Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp0o.a30=]Setup1.exe Protégé par mot de passe Aucune action possible
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZipTmp0o.a30=]sbRecovery.ini Protégé par mot de passe Aucune action possible
C:\Documents and Settings\MASSE\Mes documents\prog\Nouveau PROG(3)\Patch_PSP9vf.rar=]ENREGISTREMENT.txt Protégé par mot de passe Aucune action possible
C:\Documents and Settings\MASSE\Mes documents\prog\Nouveau PROG(3)\Patch_PSP9vf.rar=]Patch_PSP_9F.exe Protégé par mot de passe Aucune action possible
il faut que je parte,je reviendrais demain.bonne soirée
bonjour
Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
!! Déconnecte toi et ferme toute tes applications en cours le temps de la manipe !! désactive ton antivirus.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis valide avec la touche "Entrée".
* Choisis l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
!! Déconnecte toi et ferme toute tes applications en cours le temps de la manipe !! désactive ton antivirus.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis valide avec la touche "Entrée".
* Choisis l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
voici le rapport :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Not Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 13/09/2009|15:04 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSA.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAAbout.mht
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAEULA.mht
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@mysearch[2].txt
-----------\\ Extensions
(Marie-Claude) - {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => forecastfox
(Marie-Claude) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Marie-Claude) - {57407AE0-868F-11DC-AD21-49A755D89593} => foxkeh
(Marie-Claude) - {dd30bf68-268a-4815-ad48-8740b774c764} => redcats_green
(Marie-Claude) - {ff356687-aa08-463d-a46c-11c451824939} => redcats_blue
(nenette) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/09/2009|15:30 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 13/09/2009|15:07 - Option : [1]
-----------\\ Fin du rapport a 15:07:11,06
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Not Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 13/09/2009|15:04 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSA.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAAbout.mht
C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAEULA.mht
C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@mysearch[2].txt
-----------\\ Extensions
(Marie-Claude) - {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => forecastfox
(Marie-Claude) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Marie-Claude) - {57407AE0-868F-11DC-AD21-49A755D89593} => foxkeh
(Marie-Claude) - {dd30bf68-268a-4815-ad48-8740b774c764} => redcats_green
(Marie-Claude) - {ff356687-aa08-463d-a46c-11c451824939} => redcats_blue
(nenette) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/09/2009|15:30 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 13/09/2009|15:07 - Option : [1]
-----------\\ Fin du rapport a 15:07:11,06
voici:
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 13/09/2009|15:16 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSA.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAAbout.mht
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAEULA.mht
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@mysearch[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Marie-Claude) - {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => forecastfox
(Marie-Claude) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Marie-Claude) - {57407AE0-868F-11DC-AD21-49A755D89593} => foxkeh
(Marie-Claude) - {dd30bf68-268a-4815-ad48-8740b774c764} => redcats_green
(Marie-Claude) - {ff356687-aa08-463d-a46c-11c451824939} => redcats_blue
(nenette) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/09/2009|15:30 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 13/09/2009|15:07 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 13/09/2009|15:18 - Option : [2]
-----------\\ Fin du rapport a 15:18:28,40
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.53GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Marie-Claude ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:6 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 13/09/2009|15:16 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSA.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAAbout.mht
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA\HotbarSAEULA.mht
Supprime! - C:\DOCUME~1\MARIE-~1\Cookies\marie-claude@mysearch[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Marie-Claude) - {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => forecastfox
(Marie-Claude) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Marie-Claude) - {57407AE0-868F-11DC-AD21-49A755D89593} => foxkeh
(Marie-Claude) - {dd30bf68-268a-4815-ad48-8740b774c764} => redcats_green
(Marie-Claude) - {ff356687-aa08-463d-a46c-11c451824939} => redcats_blue
(nenette) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 06/09/2009|15:30 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 13/09/2009|15:07 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 13/09/2009|15:18 - Option : [2]
-----------\\ Fin du rapport a 15:18:28,40
Reessaye ceci
https://forums.commentcamarche.net/forum/affich-14230054-suis-je-infectee#60
on peut dire que ton PC était un nid à infections
fait attention quand tu surfes, ou quand tu télécharges quelque chose, il faut le faire que sur des sites fiables et reconnus. Pas de téléchargement de cracks, pas de téléchargement par les logiciels P2P (Emule, Limewire)
Hot Bar que tu avais dans le PC installe des infections, il faut éviter de le télécharger, puis suis tous les conseils qu'on t'a donné pendant toute la désinfection pour éviter de réinfecter le PC
https://forums.commentcamarche.net/forum/affich-14230054-suis-je-infectee#60
on peut dire que ton PC était un nid à infections
fait attention quand tu surfes, ou quand tu télécharges quelque chose, il faut le faire que sur des sites fiables et reconnus. Pas de téléchargement de cracks, pas de téléchargement par les logiciels P2P (Emule, Limewire)
Hot Bar que tu avais dans le PC installe des infections, il faut éviter de le télécharger, puis suis tous les conseils qu'on t'a donné pendant toute la désinfection pour éviter de réinfecter le PC
je n'ai plus de fenêtre intempestive mais par contre la session de mon mari(on a 4 session et j'avais oublié de le signaler),en a plein qui s'ouvre même quand mozilla est fermé.faut_il refaire toute les manipulations que j'ai effectué dans chaque sessions?
je viens de recevoir un message de pimprenelle me disant qu'il fallait que je désactive mon antivirus pour télécharger ton lien.faut-il le faire?
je viens de recevoir un message de pimprenelle me disant qu'il fallait que je désactive mon antivirus pour télécharger ton lien.faut-il le faire?
Bonjour à vous 2 il faudrait peut être désactiver l'antivirus le temps de faire le fix de genhackman. bidefender doit prendre le fix pour un virus alors que ce n'est pas la cas
désactive ton anti-virus
! Déconnecte toi ferme toutes tes applications en cours !
▶ Double-clic sur l'icône présente sur le bureau pour le lancer (sous vista : clic droit > "Exécuter en tant qu'administrateur").
▶ Choisis la langue souhaitée et valide par "entrée".
▶ Choisis cette fois ci l'option 2 : Mode Destruction
▶ Laisse travailler l'outil.
▶ Une fois Terminé , poste le contenu du 2éme rapport qui s'ouvre dans ta prochaine réponse.
Note: le Rapport sur trouve en outre a cet emplacement: C:\Kill'em.txt
! Déconnecte toi ferme toutes tes applications en cours !
▶ Double-clic sur l'icône présente sur le bureau pour le lancer (sous vista : clic droit > "Exécuter en tant qu'administrateur").
▶ Choisis la langue souhaitée et valide par "entrée".
▶ Choisis cette fois ci l'option 2 : Mode Destruction
▶ Laisse travailler l'outil.
▶ Une fois Terminé , poste le contenu du 2éme rapport qui s'ouvre dans ta prochaine réponse.
Note: le Rapport sur trouve en outre a cet emplacement: C:\Kill'em.txt
voici ce rapport:
Infections :
==========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\WINDOWS\system32\drivers\ch7xxnt5.dll"
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKCR\ImageOle.GifAnimator
HKCR\ImageOle.GifAnimator.1
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :
Layout.ini
NTOSBOOT-B00DFAAD.pf
REG.EXE-0D2A95F7.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Infections :
==========
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\WINDOWS\system32\drivers\ch7xxnt5.dll"
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKCR\ImageOle.GifAnimator
HKCR\ImageOle.GifAnimator.1
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :
Layout.ini
NTOSBOOT-B00DFAAD.pf
REG.EXE-0D2A95F7.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤