Bonjour, j'ai trop de soucis avec mon portable aspire 1640 VIRUS... je pense que je les ai supprimé mais je pense aussi avoir supprimé des fichiers que j'aurai dû garder ???!!! maintenant mon lecteur cd ne fonctionne plus et je suis totalement perdu ... car je suis loin de m'y connaître en cas de soucis MERCIS à tous ceux qui voudrais m'aider car mon PC m'aide dans mes recherches d'emploi et là je suis désespérée !!!!

Re , on enchaine , Télécharge SDFix et sauvegarde le sur ton Bureau. Redémarre en MSE → Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt. → Appuie sur Y pour commencer le processus de nettoyage. → Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. → Appuie sur une touche pour redémarrer le PC. → Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. → Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. → Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau. → Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. → Poste moi le rapport. a+

Virus, mon lecteur CD ne fonctionne plus

Réponse 21 / 68

MARIE83120 Messages postés 268 Statut Membre

Clean Navipromo version 3.4.8 commencé le 01/03/2008 à 12:36:29,92

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 25.02.2008 à 20h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : FAT32

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Executé en mode sans échec

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *

* Suppression dans "C:\Documents and Settings\sam\locals~1\applic~1" *

*** Suppression dossiers dans C:\WINDOWS ***

*** Suppression dossiers dans C:\Program Files ***

*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

*** Suppression dossiers dans "C:\Documents and Settings\sam\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\sam\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\sam\MENUD?~1\PROGRA~1" ***

*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***

...\WebMediaPlayer ...suppression...
...\WebMediaPlayer !!ERREUR SUPPRESSION!!

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\sam\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans C:\WINDOWS\system32 *

* Dans "C:\Documents and Settings\sam\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !

*** Nettoyage terminé le 01/03/2008 à 12:37:40,93 ***

Réponse 22 / 68

Utilisateur anonyme

Re , Bon tu as du faire 2 fois Navilog .. pas grave.

Télécharge smitfraudfix
Dézippe le ( clic droit -> éxtraire tout )
Exécute le en MSE, choisit l’option 1, il va générer un rapport
Colle le sur le post stp.

a+

MARIE83120 Messages postés 268 Statut Membre

Dézippe ---extraire tout j'ai pas compris
je ne suis pas une pro excuse moi si je te fais répéter
merci de ta patience.....

j'ai fais MODE SANS ECHEC option 1 ET voilà le rapport
c bon

SmitFraudFix v2.299

Rapport fait à 13:07:53,81, 01/03/2008
Executé à partir de C:\DOCUME~1\sam\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe
C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\ReparateurDeSysteme\SysRep.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Documents and Settings\sam\Mes documents\Piratrax\piratrax.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe
C:\PROGRA~1\WANADOO\WOOBRO~1\DownloadManager.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\fkxvkns.exe PRESENT !
C:\WINDOWS\privacy_danger PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\sam

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\sam\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\sam\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm"
"SubscribedURL"=""
"FriendlyName"="Privacy Protection"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
+--------------------------------------------------+
[!] Suspicious: DrvDrive.dll
SSODL: DrvDrive - {37215292-acaa-4735-8b45-c29d501a6c1d}

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{E2102D24-1EFA-44B5-A43E-10ABE85209B9}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E2102D24-1EFA-44B5-A43E-10ABE85209B9}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E2102D24-1EFA-44B5-A43E-10ABE85209B9}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Réponse 23 / 68

Utilisateur anonyme

Re , si , c'est bon =)

Redémarre en MSE ( ou si tu es encore en mode sans echec , reste-y )

Relance Smitfraudfix , choisi l'option 2

-------Redémarre normalement--------

→ Poste moi le rapport obtenu

A+

MARIE83120 Messages postés 268 Statut Membre

Je fais enettoyer le disque

Utilisateur anonyme > MARIE83120 Messages postés 268 Statut Membre

Oui accepte :)

MARIE83120 Messages postés 268 Statut Membre > Utilisateur anonyme

SmitFraudFix v2.299

Rapport fait à 13:27:36,32, 01/03/2008
Executé à partir de C:\Documents and Settings\sam\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{E2102D24-1EFA-44B5-A43E-10ABE85209B9}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E2102D24-1EFA-44B5-A43E-10ABE85209B9}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E2102D24-1EFA-44B5-A43E-10ABE85209B9}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Réponse 24 / 68

Utilisateur anonyme

Re ,

Poste un nouveau rapport Hijackthis en mode normal stp
a+

MARIE83120 Messages postés 268 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:34, on 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe
C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\ReparateurDeSysteme\SysRep.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Documents and Settings\sam\Mes documents\Piratrax\piratrax.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [cookw] "C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" -start
O4 - HKLM\..\Run: [giw] "C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" -start
O4 - HKLM\..\Run: [NI.GIANFR_0001_N93E2802] "C:\DOCUME~1\sam\LOCALS~1\Temp\startup673f3f15-0396-4809-9b1a-a90e9cee5b98.exe" -nag
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\Felix2.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ltiqducrf] c:\windows\system32\ltiqducrf.exe ltiqducrf
O4 - HKCU\..\Run: [AdwareRemover2007] C:\Program Files\AdwareRemover2007\AdwareRemover2007.exe
O4 - HKCU\..\Run: [reparateurdesysteme] C:\Program Files\ReparateurDeSysteme\SysRep.exe
O4 - HKCU\..\Run: [Piratrax] C:\Documents and Settings\sam\Mes documents\Piratrax\piratrax.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYFR
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/zuma/oberongamesloader.cab
O21 - SSODL: alofkmn - {3E312C6F-616F-473E-B1D2-541F9B2C1ADD} - C:\WINDOWS\alofkmn.dll (file missing)
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Réponse 25 / 68

Utilisateur anonyme

Re , ça sent bon =)

Reposte un rapport Hijackthis stp ;)
a+

MARIE83120 Messages postés 268 Statut Membre

MERCI TU ME REMONTES LE MORAL !!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:42, on 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe
C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\ReparateurDeSysteme\SysRep.exe
C:\Documents and Settings\sam\Mes documents\Piratrax\piratrax.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [cookw] "C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" -start
O4 - HKLM\..\Run: [giw] "C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" -start
O4 - HKLM\..\Run: [NI.GIANFR_0001_N93E2802] "C:\DOCUME~1\sam\LOCALS~1\Temp\startup673f3f15-0396-4809-9b1a-a90e9cee5b98.exe" -nag
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\Felix2.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ltiqducrf] c:\windows\system32\ltiqducrf.exe ltiqducrf
O4 - HKCU\..\Run: [reparateurdesysteme] C:\Program Files\ReparateurDeSysteme\SysRep.exe
O4 - HKCU\..\Run: [Piratrax] C:\Documents and Settings\sam\Mes documents\Piratrax\piratrax.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYFR
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/zuma/oberongamesloader.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Réponse 26 / 68

Utilisateur anonyme

Re ,
Ne retélécharge plus Sweetim ok ? =)

/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

1)Télécharge OTMoveIt2 ( de Old Timer )

2)Une fois téléchargé double-clique sur OTMoveIt2.exe pour le lancer.

Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

3)puis copie les lignes en gras qui se trouvent en dessous :

C:\Program Files\Macrogaming

et colle-les dans le cadre de gauche de OTMoveIt : "Paste Standard List Of Files/Folders to Move."
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )

/!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.

***********************

Voila poste moi le rapport , après on va envoyer le paté xD
a+

MARIE83120 Messages postés 268 Statut Membre

C:\Program Files\Macrogaming\SweetIMBarForIE\Cache moved successfully.
C:\Program Files\Macrogaming\SweetIMBarForIE moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf\users\sand-ro@hotmail.fr moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf\users\ro-sand@hotmail.fr moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf\users\lachuere@hotmail.fr moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf\users\samir-marieh@hotmail.fr moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf\users\samir-marie@hotmail.fr moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf\users moved successfully.
C:\Program Files\Macrogaming\SweetIM\conf moved successfully.
C:\Program Files\Macrogaming\SweetIM\update moved successfully.
C:\Program Files\Macrogaming\SweetIM\logs moved successfully.
C:\Program Files\Macrogaming\SweetIM\data\contentdb moved successfully.
C:\Program Files\Macrogaming\SweetIM\data moved successfully.
C:\Program Files\Macrogaming\SweetIM moved successfully.
C:\Program Files\Macrogaming moved successfully.

OTMoveIt2 v1.0.20 log created on 03012008_154658

Réponse 27 / 68

Utilisateur anonyme

Re , ok =)

/!\ Outils très puissant , ne pas reproduire la manip ci-dessous sur son pc sans y avoir été autorisé par une personne comptétente /!\

Désactive ta restauration système
Clic sur « Démarrer »
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu y coches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]

Télécharge ComboFix ici → http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Et enregistre le sur le bureau >>> /!\ IMPORTANT /!\

Regardes ici, si tu souhaites te familiariser avec son utilisation: https://www.google.fr/?gws_rd=ssl

AVANT d'utiliser ComboFix :
→ Déconnecte ton PC d'Internet et referme les fenêtres de tous les programmes en cours. /!\
→ Désactive provisoirement (et seulement le temps de l'utilisation de ComboFix), la protection en temps réel de ton Antivirus et de tes Antispywares et de TOUT tes logiciels de protection !!!, (activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil). /!\

Sur ton bureau double clic sur Combofix.exe.
Appuies sur la touche 1, pour que le programme commence à s'exécuter et suis les instructions à l'écran.

/!\ PENDANT TOUTE la durée (ça peut être assez long si le pc est très infecté) du scan de ComboFix, n'ouvres aucun programme, ne touche pas à ta souris et ne surfe pas sur le net /!\

Soit patient (même si tu penses que le PC est arrêté) ; les temps « d'arrêt apparent » sont parfois de plusieurs minutes (il y a ± 40 étapes d’analyse).

En cours de nettoyage il est possible, que tu reçoives un avertissement te disant que le pc va redémarrer, laisse le faire.

Après le redemarrage du pc, un rapport s'ouvrira dans le Bloc notes en fin d'analyse, copie et colle tout son contenu dans ton prochain message.

(Le fichier rapport Combofix.txt , est ensuite automatiquement sauvegardé dans C:\Combofix.txt)

Ensuite réactive ta restauration système
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu décoches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]

Bonne chance
A+

MARIE83120 Messages postés 268 Statut Membre

je n'arrive pas à retirer PIRATRAX et comment savoir si tous mes antivirus sont désactivés ??

Utilisateur anonyme > MARIE83120 Messages postés 268 Statut Membre

Fait ce que je te dis , et uniquement ça.
On verra plus tard pour Piratrax
> D'ailleurs tu n'as pas d'antivirus actif.
Continu
A+

MARIE83120 Messages postés 268 Statut Membre > Utilisateur anonyme

ComboFix 08-03-01.3 - sam 2008-03-01 16:31:53.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.567 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Website.url
C:\Documents and Settings\Invité\Application Data\ShoppingReport
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\persist.dbs
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\Invité\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
C:\Documents and Settings\sam\Application Data\DriveCleaner Free
C:\Documents and Settings\sam\Application Data\DriveCleaner Free\Logs\update.log
C:\Documents and Settings\sam\Application Data\FunWebProducts
C:\Documents and Settings\sam\Application Data\HbTools
C:\Documents and Settings\sam\Application Data\HbTools\eskin\[u]0[/u]10107na11_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\eskin\[u]0[/u]30105_animi11_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\eskin\100103kiss_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\eskin\120106na15_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte10_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte11_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte12_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte13_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte14_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30104_emte9_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]30203lib_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102angel_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102bigluf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102bigsmile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102birthday_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102cheers_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102flo_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102good_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102jump_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102king_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102lough_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102luf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102smile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102smiled_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102sor_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102thanx_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]33102uhu_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]40103ahh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]40103wow_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]40104_emi2_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]42102_1134_112_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]50103big_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]50103gig_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]50103hm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]50103nomail_emoti_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]50103norm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema15_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema16_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema17_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema18_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema24_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema25_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema26_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema30_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema33_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]60104_ema34_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]62802hippi_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]62802jumpie_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]80402argh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]80402oops_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]80402ouch_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]82502no_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\[u]0[/u]82502yes_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_boring1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_confused_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_fantastic_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_feel_better_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_gimme_break_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_heehee_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_hlopaet_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_ign_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_lol_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_no_comment_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_peace_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_smashing_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\block_sm.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\block_sm2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\block_smli.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\block_smli2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\blocked.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\blocked2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_add-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_back-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\delete.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\edit_clear_sound.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\edit_select.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\estatationery.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_checked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_close_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_edit_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_edit_send.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_flash_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_recently_used.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_remove_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_sand-clock2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_tell_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_tree_null.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_unchecked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\img_barlayout.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\img_barlayout2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\img_barlayout4.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\img_corner_left.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\img_local_logo.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\n.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\nav_b_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\nav_bb_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\nav_f_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\nav_ff_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\searchbtn.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\submit.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_bg.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_bga.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_bgia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_l.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_la.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_lia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_r.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_ra.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tab_ria.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tree_dots.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tree_minus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\1\tree_plus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte10_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte11_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte12_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte13_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte14_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30104_emte9_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]30203lib_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102angel_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102bigluf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102bigsmile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102birthday_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102cheers_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102flo_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102good_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102jump_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102king_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102lough_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102luf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102smile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102smiled_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102sor_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102thanx_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]33102uhu_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]40103ahh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]40103wow_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]40104_emi2_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]42102_1134_112_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]50103big_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]50103gig_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]50103hm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]50103nomail_emoti_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]50103norm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema15_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema16_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema17_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema18_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema24_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema25_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema26_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema30_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema33_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]60104_ema34_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]62802hippi_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]62802jumpie_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]80402argh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]80402oops_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]80402ouch_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]82502no_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\[u]0[/u]82502yes_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_boring1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_confused_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_crying_ugly_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_fantastic_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_feel_better_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_gimme_break_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_heehee_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_hlopaet_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_ign_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_lol_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_no_comment_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_peace_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_smashing_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\110103_talk2thehand_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\block_sm.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\block_sm2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\block_smli.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\block_smli2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\blocked.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\blocked2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_add-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_back-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_left_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_left_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_left_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_middle_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_middle_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_right_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_right_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\btn_right_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\delete.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\edit_clear_sound.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\edit_select.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\estatationery.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_checked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_close_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_close_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_edit_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_edit_send.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_flash_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_recently_used.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_remove_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_remove_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_sand-clock2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_tell_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_tell_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_tree_null.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_unchecked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\icon_unchecked_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\img_barlayout.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\img_barlayout2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\img_barlayout4.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\img_corner_left.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\img_local_logo.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\n.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\nav_b_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\nav_bb_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\nav_f_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\nav_ff_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\searchbtn.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\submit.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_bg.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_bga.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_bgia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_l.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_la.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_lia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_r.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_ra.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tab_ria.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tree_dots.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tree_minus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOI\static\2\tree_plus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte10_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte11_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte12_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte13_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte14_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30104_emte9_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]30203lib_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102angel_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102bigluf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102bigsmile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102birthday_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102cheers_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102flo_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102good_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102jump_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102king_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102lough_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102luf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102smile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102smiled_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102sor_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102thanx_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]33102uhu_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]40103ahh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]40103wow_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]40104_emi2_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]42102_1134_112_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]50103big_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]50103gig_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]50103hm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]50103nomail_emoti_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]50103norm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema15_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema16_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema17_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema18_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema24_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema25_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema26_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema30_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema33_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]60104_ema34_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]62802hippi_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]62802jumpie_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]80402argh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]80402oops_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]80402ouch_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]82502no_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\[u]0[/u]82502yes_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_boring1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_confused_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_crying_ugly_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_fantastic_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_feel_better_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_gimme_break_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_heehee_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_hlopaet_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_ign_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_lol_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_no_comment_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_peace_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_smashing_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\110103_talk2thehand_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\block_sm.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\block_sm2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\block_smli.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\block_smli2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\blocked.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\blocked2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_add-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_back-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\delete.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\edit_clear_sound.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\edit_select.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\estatationery.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_checked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_close_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_edit_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_edit_send.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_flash_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_recently_used.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_remove_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_sand-clock2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_tell_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_tree_null.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_unchecked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\img_barlayout.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\img_barlayout2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\img_barlayout4.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\img_corner_left.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\img_local_logo.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\n.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\nav_b_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\nav_bb_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\nav_f_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\nav_ff_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\searchbtn.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\submit.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_bg.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_bga.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_bgia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_l.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_la.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_lia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_r.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_ra.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tab_ria.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tree_dots.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tree_minus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\1\tree_plus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte10_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte11_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte12_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte13_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte14_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30104_emte9_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]30203lib_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102angel_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102bigluf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102bigsmile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102birthday_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102cheers_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102flo_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102good_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102jump_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102king_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102lough_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102luf_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102smile_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102smiled_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102sor_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102thanx_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]33102uhu_1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]40103ahh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]40103wow_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]40104_emi2_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]42102_1134_112_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]50103big_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]50103gig_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]50103hm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]50103nomail_emoti_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]50103norm_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema15_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema16_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema17_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema18_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema19_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema20_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema21_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema24_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema25_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema26_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema30_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema33_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]60104_ema34_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]62802hippi_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]62802jumpie_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]80402argh_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]80402oops_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]80402ouch_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]82502no_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\[u]0[/u]82502yes_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_boring1_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_confused_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_crying_ugly_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_fantastic_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_feel_better_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_gimme_break_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_heehee_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_hlopaet_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_ign_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_lol_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_no_comment_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_peace_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_smashing_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\110103_talk2thehand_prv.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\block_sm.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\block_sm2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\block_smli.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\block_smli2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\blocked.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\blocked2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_add-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_back-but.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_left_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_left_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_left_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_middle_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_middle_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_right_cut_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_right_enabled_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\btn_right_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\delete.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\edit_clear_sound.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\edit_select.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\estatationery.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_checked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_close_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_close_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_edit_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_edit_send.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_flash_preview.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_recently_used.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_remove_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_remove_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_sand-clock2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_tell_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_tell_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_tree_null.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_unchecked_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\icon_unchecked_pressed_1.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\img_barlayout.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\img_barlayout2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\img_barlayout4.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\img_corner_left.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\img_local_logo.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\n.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\nav_b_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\nav_bb_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\nav_f_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\nav_ff_2.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\searchbtn.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\submit.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_bg.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_bga.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_bgia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_l.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_la.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_lia.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_r.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_ra.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tab_ria.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tree_dots.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tree_minus.gif
C:\Documents and Settings\sam\Application Data\HbTools\v3.0\HostOL\static\2\tree_plus.gif
C:\Documents and Settings\sam\Application Data\ShoppingReport
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\persist.dbs
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\sam\Application Data\ShoppingReport\cs\res2\WhiteList.dbs
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL
C:\Program Files\FunWebProducts\Installr\Cache\files.ini
C:\Program Files\FunWebProducts\ScreenSaver\Images\[u]0[/u]039D8A7.urr
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]03B732D.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]03B755F.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]03B77FF.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04064CD
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]0407A0A
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]0408A76.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]0408F09.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04090EE.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]0409488.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04CD89B.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04CDCF0.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04CDFEE.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04CE240.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04CEF5F.bin
C:\Program Files\MyWebSearch\bar\Cache\[u]0[/u]04CF115
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
C:\Program Files\MyWebSearch\bar\History\search2

Réponse 28 / 68

Utilisateur anonyme

Rapport non complet.
Recommence
CTRL+A pour tout selectionner.

A+

MARIE83120 Messages postés 268 Statut Membre

ok

Utilisateur anonyme > MARIE83120 Messages postés 268 Statut Membre

Quand je dit recommence ,c'est a poster le rapport ne refais pas Combofix ;)

MARIE83120 Messages postés 268 Statut Membre > Utilisateur anonyme

ComboFix 08-03-01.3 - sam 2008-03-01 16:46:26.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))
.

2008-03-01 16:20 . 2008-03-01 16:20 <REP> d-------- C:\Documents and Settings\sam\EurekaLog
2008-03-01 16:19 . 2004-08-05 05:00 400,896 --a------ C:\CF1858.exe
2008-03-01 14:56 . 2008-03-01 14:56 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-01 13:48 . 2008-02-29 02:00 <REP> d-------- C:\SDFix
2008-03-01 13:07 . 2008-03-01 13:27 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-01 13:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-01 13:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-01 13:05 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-01 13:05 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-01 13:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-01 13:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-01 13:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-01 08:34 . 2008-03-01 08:34 <REP> d-------- C:\Program Files\Navilog1
2008-02-29 17:58 . 2008-02-29 17:58 <REP> d-------- C:\_OTMoveIt
2008-02-29 17:14 . 2008-02-29 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-02-29 15:23 . 2008-02-29 15:23 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-02-28 18:06 . 2008-02-28 18:06 <REP> d-------- C:\Documents and Settings\Invité\Application Data\PC Suite
2008-02-28 16:00 . 2008-02-29 15:18 329,792 --a------ C:\Documents and Settings\sam\scan.dat
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Program Files\Fichiers communs\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\sam\Application Data\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InternetAnonymizer
2008-02-28 15:10 . 2008-02-28 15:10 <REP> d-------- C:\Documents and Settings\sam\Application Data\reparateurdesysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\Fichiers communs\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> dr------- C:\Documents and Settings\All Users\Application Data\reparateurdesysteme
2008-02-28 15:04 . 2008-02-28 15:04 260,632 --a------ C:\Documents and Settings\sam\Application Data\setup_fr[1].exe
2008-02-28 11:17 . 2008-02-28 11:54 13,312 --a------ C:\WINDOWS\system32\drivers\kgpfr.cfg
2008-02-27 18:19 . 2008-02-27 18:19 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\WINDOWS\mui
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Pochette Express 2
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Hot-TV
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Horloge
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\AntivirusFirewall
2008-02-27 15:29 . 2008-02-27 15:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Program Files\Fichiers communs\iS3
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-02-27 13:35 . 2008-03-01 08:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-27 13:35 . 2008-02-27 13:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-18 14:48 . 2008-02-18 14:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-02-16 21:55 . 2008-02-16 21:55 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-11 09:40 . 2008-02-11 09:40 2,715,648 --a------ C:\WINDOWS\system32\OnlineScanner.ocx
2008-02-11 09:39 . 2008-02-11 09:39 253,952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 09:39 . 2008-02-11 09:39 237,568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-10 22:17 . 2003-12-12 16:06 1,693,696 --a------ C:\WINDOWS\system32\ltclr13n.dll
2008-02-10 22:17 . 2003-11-04 15:11 155,648 --a------ C:\WINDOWS\system32\lftif13n.dll
2008-02-10 22:17 . 2003-11-04 15:10 98,304 --a------ C:\WINDOWS\system32\lffax13n.dll
2008-02-08 13:53 . 2008-02-08 13:53 110,592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 08:48 . 2008-02-05 08:48 77,824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2008-02-04 20:06 . 2008-02-04 20:06 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-02-02 19:19 . 2008-02-02 19:19 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia Multimedia Player
2008-02-02 19:17 . 2008-02-02 19:17 <REP> d-------- C:\Documents and Settings\sam\Phone Browser
2008-02-02 19:12 . 2008-02-02 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\DIFX
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Documents and Settings\sam\Application Data\PC Suite
2008-02-02 19:04 . 2008-02-02 19:04 <REP> d-------- C:\Program Files\Nokia
2008-02-02 19:04 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-02 19:04 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-02 19:04 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-02 19:01 . 2008-02-02 19:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 12:29 230,432 ----a-w C:\PA7311.DAT
2008-02-16 20:55 8,704 --sha-w C:\Program Files\Thumbs.db
2008-02-13 20:57 9,598 ----a-w C:\Documents and Settings\sam\Application Data\wklnhst.dat
2008-01-28 15:46 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-01-28 14:05 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-27 13:22 --------- d-----w C:\Documents and Settings\sam\Application Data\gtk-2.0
2008-01-27 13:18 --------- d-----w C:\Documents and Settings\sam\Application Data\.purple
2008-01-27 13:17 --------- d-----w C:\Program Files\Fichiers communs\GTK
2008-01-26 16:16 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-26 16:16 --------- d-----w C:\Program Files\Windows Live
2008-01-26 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-08 17:04 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Program Files\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-07 17:49 --------- d-----w C:\Program Files\Fichiers communs\PAC7311
2008-01-07 15:57 --------- d-----w C:\Documents and Settings\sam\Application Data\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\ArcSoft
2008-01-07 14:58 --------- d-----w C:\Program Files\Trust
2008-01-05 19:21 1,675,903 ----a-w C:\Program Files\DSCN0097.JPG
2008-01-05 13:52 --------- d-----w C:\Program Files\DivX
2008-01-05 13:52 --------- d-----w C:\Documents and Settings\sam\Application Data\DivX
2008-01-05 13:36 --------- d-----w C:\Program Files\Picasa2
2007-12-19 22:53 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 09:38 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 01:07 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 01:07 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 01:07 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 01:07 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 01:07 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
2002-09-18 01:28 3,205,496 ------w C:\Program Files\F.msi
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"Felix"="C:\Program Files\ScreenMates\Felix2.exe" [ ]
"WOOKIT"="C:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 22:26 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]
"reparateurdesysteme"="C:\Program Files\ReparateurDeSysteme\SysRep.exe" [2007-11-19 17:04 1523712]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-12 17:26 155648]
"PAC7311_Monitor"="C:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"WOOWATCH"="C:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"webscan"="C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2007-12-20 03:20 771504]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"cookw"="C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" [2007-11-12 19:30 211456]
"giw"="C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" [2007-12-20 14:48 210432]
"epm-dm"="c:\acer\epm\epm-dm.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]

C:\Documents and Settings\sam\Menu D‚marrer\Programmes\D‚marrage\
Hotmail Popper.lnk - C:\Program Files\Hotmail Popper\hotpop.exe [2007-04-20 23:02:01 1777664]
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-17 19:28:46 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-20 22:25:57 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:29]
S3 PAC7311;Trust CP-2300 Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2007-03-14 10:57]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-11 23:08:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 16:47:16
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-01 16:47:48
ComboFix-quarantined-files.txt 2008-03-01 15:47:48
ComboFix2.txt 2008-03-01 15:38:42
.
2008-02-29 22:39:55 --- E O F ---

Réponse 29 / 68

Utilisateur anonyme

ArF tu as refais combofix ...

Je voudrais le 1er rapport en son intégralité s'il te plait =)

MARIE83120 Messages postés 268 Statut Membre

C'est bon tu as tout maintenant ?

Réponse 30 / 68

MARIE83120 Messages postés 268 Statut Membre

ok excuse moi j'avais pas compris quand je te dis que je suis NULLE ....

Utilisateur anonyme

Pas grave =)
Il me faut le 1er rapport histoire de voir ce qui a été supprimé.

Réponse 31 / 68

MARIE83120 Messages postés 268 Statut Membre

COMMENT JE FAIS.... HIJACK ????

Utilisateur anonyme

Non pas Hijackthis =/

La premiere fois que tu utilisé Combofix tu as eu un rapport , il été incomplet.

Il doit être enregistré ici : C:\Combofix.txt

Combien de fichier comme ça y a t'il dans C:\ ?

MARIE83120 Messages postés 268 Statut Membre > Utilisateur anonyme

C'EST CELUI LA ????

ComboFix 08-03-01.3 - sam 2008-03-01 16:46:26.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))
.

2008-03-01 16:20 . 2008-03-01 16:20 <REP> d-------- C:\Documents and Settings\sam\EurekaLog
2008-03-01 16:19 . 2004-08-05 05:00 400,896 --a------ C:\CF1858.exe
2008-03-01 14:56 . 2008-03-01 14:56 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-01 13:48 . 2008-02-29 02:00 <REP> d-------- C:\SDFix
2008-03-01 13:07 . 2008-03-01 13:27 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-01 13:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-01 13:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-01 13:05 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-01 13:05 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-01 13:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-01 13:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-01 13:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-01 08:34 . 2008-03-01 08:34 <REP> d-------- C:\Program Files\Navilog1
2008-02-29 17:58 . 2008-02-29 17:58 <REP> d-------- C:\_OTMoveIt
2008-02-29 17:14 . 2008-02-29 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-02-29 15:23 . 2008-02-29 15:23 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-02-28 18:06 . 2008-02-28 18:06 <REP> d-------- C:\Documents and Settings\Invité\Application Data\PC Suite
2008-02-28 16:00 . 2008-02-29 15:18 329,792 --a------ C:\Documents and Settings\sam\scan.dat
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Program Files\Fichiers communs\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\sam\Application Data\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InternetAnonymizer
2008-02-28 15:10 . 2008-02-28 15:10 <REP> d-------- C:\Documents and Settings\sam\Application Data\reparateurdesysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\Fichiers communs\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> dr------- C:\Documents and Settings\All Users\Application Data\reparateurdesysteme
2008-02-28 15:04 . 2008-02-28 15:04 260,632 --a------ C:\Documents and Settings\sam\Application Data\setup_fr[1].exe
2008-02-28 11:17 . 2008-02-28 11:54 13,312 --a------ C:\WINDOWS\system32\drivers\kgpfr.cfg
2008-02-27 18:19 . 2008-02-27 18:19 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\WINDOWS\mui
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Pochette Express 2
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Hot-TV
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Horloge
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\AntivirusFirewall
2008-02-27 15:29 . 2008-02-27 15:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Program Files\Fichiers communs\iS3
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-02-27 13:35 . 2008-03-01 08:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-27 13:35 . 2008-02-27 13:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-18 14:48 . 2008-02-18 14:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-02-16 21:55 . 2008-02-16 21:55 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-11 09:40 . 2008-02-11 09:40 2,715,648 --a------ C:\WINDOWS\system32\OnlineScanner.ocx
2008-02-11 09:39 . 2008-02-11 09:39 253,952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 09:39 . 2008-02-11 09:39 237,568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-10 22:17 . 2003-12-12 16:06 1,693,696 --a------ C:\WINDOWS\system32\ltclr13n.dll
2008-02-10 22:17 . 2003-11-04 15:11 155,648 --a------ C:\WINDOWS\system32\lftif13n.dll
2008-02-10 22:17 . 2003-11-04 15:10 98,304 --a------ C:\WINDOWS\system32\lffax13n.dll
2008-02-08 13:53 . 2008-02-08 13:53 110,592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 08:48 . 2008-02-05 08:48 77,824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2008-02-04 20:06 . 2008-02-04 20:06 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-02-02 19:19 . 2008-02-02 19:19 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia Multimedia Player
2008-02-02 19:17 . 2008-02-02 19:17 <REP> d-------- C:\Documents and Settings\sam\Phone Browser
2008-02-02 19:12 . 2008-02-02 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\DIFX
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Documents and Settings\sam\Application Data\PC Suite
2008-02-02 19:04 . 2008-02-02 19:04 <REP> d-------- C:\Program Files\Nokia
2008-02-02 19:04 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-02 19:04 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-02 19:04 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-02 19:01 . 2008-02-02 19:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 12:29 230,432 ----a-w C:\PA7311.DAT
2008-02-16 20:55 8,704 --sha-w C:\Program Files\Thumbs.db
2008-02-13 20:57 9,598 ----a-w C:\Documents and Settings\sam\Application Data\wklnhst.dat
2008-01-28 15:46 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-01-28 14:05 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-27 13:22 --------- d-----w C:\Documents and Settings\sam\Application Data\gtk-2.0
2008-01-27 13:18 --------- d-----w C:\Documents and Settings\sam\Application Data\.purple
2008-01-27 13:17 --------- d-----w C:\Program Files\Fichiers communs\GTK
2008-01-26 16:16 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-26 16:16 --------- d-----w C:\Program Files\Windows Live
2008-01-26 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-08 17:04 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Program Files\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-07 17:49 --------- d-----w C:\Program Files\Fichiers communs\PAC7311
2008-01-07 15:57 --------- d-----w C:\Documents and Settings\sam\Application Data\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\ArcSoft
2008-01-07 14:58 --------- d-----w C:\Program Files\Trust
2008-01-05 19:21 1,675,903 ----a-w C:\Program Files\DSCN0097.JPG
2008-01-05 13:52 --------- d-----w C:\Program Files\DivX
2008-01-05 13:52 --------- d-----w C:\Documents and Settings\sam\Application Data\DivX
2008-01-05 13:36 --------- d-----w C:\Program Files\Picasa2
2007-12-19 22:53 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 09:38 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 01:07 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 01:07 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 01:07 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 01:07 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 01:07 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
2002-09-18 01:28 3,205,496 ------w C:\Program Files\F.msi
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"Felix"="C:\Program Files\ScreenMates\Felix2.exe" [ ]
"WOOKIT"="C:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 22:26 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]
"reparateurdesysteme"="C:\Program Files\ReparateurDeSysteme\SysRep.exe" [2007-11-19 17:04 1523712]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-12 17:26 155648]
"PAC7311_Monitor"="C:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"WOOWATCH"="C:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"webscan"="C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2007-12-20 03:20 771504]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"cookw"="C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" [2007-11-12 19:30 211456]
"giw"="C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" [2007-12-20 14:48 210432]
"epm-dm"="c:\acer\epm\epm-dm.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]

C:\Documents and Settings\sam\Menu D‚marrer\Programmes\D‚marrage\
Hotmail Popper.lnk - C:\Program Files\Hotmail Popper\hotpop.exe [2007-04-20 23:02:01 1777664]
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-17 19:28:46 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-20 22:25:57 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:29]
S3 PAC7311;Trust CP-2300 Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2007-03-14 10:57]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-11 23:08:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 16:47:16
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-01 16:47:48
ComboFix-quarantined-files.txt 2008-03-01 15:47:48
ComboFix2.txt 2008-03-01 15:38:42
.
2008-02-29 22:39:55 --- E O F ---

Réponse 32 / 68

Utilisateur anonyme

Non.
A par lui que tu viens de poster , tu en as un autre ? =/

MARIE83120 Messages postés 268 Statut Membre

JE T'envoie ce que j'ai trouvé j'espére que c'est bon sinon je ne sais pas .....Je croise les doigts....

ComboFix 08-03-01.3 - sam 2008-03-01 16:46:26.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))
.

2008-03-01 16:20 . 2008-03-01 16:20 <REP> d-------- C:\Documents and Settings\sam\EurekaLog
2008-03-01 16:19 . 2004-08-05 05:00 400,896 --a------ C:\CF1858.exe
2008-03-01 14:56 . 2008-03-01 14:56 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-01 13:48 . 2008-02-29 02:00 <REP> d-------- C:\SDFix
2008-03-01 13:07 . 2008-03-01 13:27 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-01 13:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-01 13:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-01 13:05 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-01 13:05 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-01 13:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-01 13:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-01 13:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-01 08:34 . 2008-03-01 08:34 <REP> d-------- C:\Program Files\Navilog1
2008-02-29 17:58 . 2008-02-29 17:58 <REP> d-------- C:\_OTMoveIt
2008-02-29 17:14 . 2008-02-29 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-02-29 15:23 . 2008-02-29 15:23 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-02-28 18:06 . 2008-02-28 18:06 <REP> d-------- C:\Documents and Settings\Invité\Application Data\PC Suite
2008-02-28 16:00 . 2008-02-29 15:18 329,792 --a------ C:\Documents and Settings\sam\scan.dat
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Program Files\Fichiers communs\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\sam\Application Data\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InternetAnonymizer
2008-02-28 15:10 . 2008-02-28 15:10 <REP> d-------- C:\Documents and Settings\sam\Application Data\reparateurdesysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\Fichiers communs\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> dr------- C:\Documents and Settings\All Users\Application Data\reparateurdesysteme
2008-02-28 15:04 . 2008-02-28 15:04 260,632 --a------ C:\Documents and Settings\sam\Application Data\setup_fr[1].exe
2008-02-28 11:17 . 2008-02-28 11:54 13,312 --a------ C:\WINDOWS\system32\drivers\kgpfr.cfg
2008-02-27 18:19 . 2008-02-27 18:19 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\WINDOWS\mui
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Pochette Express 2
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Hot-TV
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Horloge
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\AntivirusFirewall
2008-02-27 15:29 . 2008-02-27 15:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Program Files\Fichiers communs\iS3
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-02-27 13:35 . 2008-03-01 08:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-27 13:35 . 2008-02-27 13:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-18 14:48 . 2008-02-18 14:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-02-16 21:55 . 2008-02-16 21:55 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-11 09:40 . 2008-02-11 09:40 2,715,648 --a------ C:\WINDOWS\system32\OnlineScanner.ocx
2008-02-11 09:39 . 2008-02-11 09:39 253,952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 09:39 . 2008-02-11 09:39 237,568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-10 22:17 . 2003-12-12 16:06 1,693,696 --a------ C:\WINDOWS\system32\ltclr13n.dll
2008-02-10 22:17 . 2003-11-04 15:11 155,648 --a------ C:\WINDOWS\system32\lftif13n.dll
2008-02-10 22:17 . 2003-11-04 15:10 98,304 --a------ C:\WINDOWS\system32\lffax13n.dll
2008-02-08 13:53 . 2008-02-08 13:53 110,592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 08:48 . 2008-02-05 08:48 77,824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2008-02-04 20:06 . 2008-02-04 20:06 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-02-02 19:19 . 2008-02-02 19:19 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia Multimedia Player
2008-02-02 19:17 . 2008-02-02 19:17 <REP> d-------- C:\Documents and Settings\sam\Phone Browser
2008-02-02 19:12 . 2008-02-02 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\DIFX
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Documents and Settings\sam\Application Data\PC Suite
2008-02-02 19:04 . 2008-02-02 19:04 <REP> d-------- C:\Program Files\Nokia
2008-02-02 19:04 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-02 19:04 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-02 19:04 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-02 19:01 . 2008-02-02 19:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 12:29 230,432 ----a-w C:\PA7311.DAT
2008-02-16 20:55 8,704 --sha-w C:\Program Files\Thumbs.db
2008-02-13 20:57 9,598 ----a-w C:\Documents and Settings\sam\Application Data\wklnhst.dat
2008-01-28 15:46 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-01-28 14:05 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-27 13:22 --------- d-----w C:\Documents and Settings\sam\Application Data\gtk-2.0
2008-01-27 13:18 --------- d-----w C:\Documents and Settings\sam\Application Data\.purple
2008-01-27 13:17 --------- d-----w C:\Program Files\Fichiers communs\GTK
2008-01-26 16:16 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-26 16:16 --------- d-----w C:\Program Files\Windows Live
2008-01-26 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-08 17:04 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Program Files\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-07 17:49 --------- d-----w C:\Program Files\Fichiers communs\PAC7311
2008-01-07 15:57 --------- d-----w C:\Documents and Settings\sam\Application Data\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\ArcSoft
2008-01-07 14:58 --------- d-----w C:\Program Files\Trust
2008-01-05 19:21 1,675,903 ----a-w C:\Program Files\DSCN0097.JPG
2008-01-05 13:52 --------- d-----w C:\Program Files\DivX
2008-01-05 13:52 --------- d-----w C:\Documents and Settings\sam\Application Data\DivX
2008-01-05 13:36 --------- d-----w C:\Program Files\Picasa2
2007-12-19 22:53 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 09:38 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 01:07 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 01:07 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 01:07 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 01:07 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 01:07 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
2002-09-18 01:28 3,205,496 ------w C:\Program Files\F.msi
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"Felix"="C:\Program Files\ScreenMates\Felix2.exe" [ ]
"WOOKIT"="C:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 22:26 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]
"reparateurdesysteme"="C:\Program Files\ReparateurDeSysteme\SysRep.exe" [2007-11-19 17:04 1523712]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-12 17:26 155648]
"PAC7311_Monitor"="C:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"WOOWATCH"="C:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"webscan"="C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2007-12-20 03:20 771504]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"cookw"="C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" [2007-11-12 19:30 211456]
"giw"="C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" [2007-12-20 14:48 210432]
"epm-dm"="c:\acer\epm\epm-dm.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]

C:\Documents and Settings\sam\Menu D‚marrer\Programmes\D‚marrage\
Hotmail Popper.lnk - C:\Program Files\Hotmail Popper\hotpop.exe [2007-04-20 23:02:01 1777664]
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-17 19:28:46 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-20 22:25:57 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:29]
S3 PAC7311;Trust CP-2300 Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2007-03-14 10:57]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-11 23:08:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 16:47:16
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-01 16:47:48
ComboFix-quarantined-files.txt 2008-03-01 15:47:48
ComboFix2.txt 2008-03-01 15:38:42
.
2008-02-29 22:39:55 --- E O F ---

ComboFix 08-03-01.3 - sam 2008-03-01 16:46:26.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))
.

2008-03-01 16:20 . 2008-03-01 16:20 <REP> d-------- C:\Documents and Settings\sam\EurekaLog
2008-03-01 16:19 . 2004-08-05 05:00 400,896 --a------ C:\CF1858.exe
2008-03-01 14:56 . 2008-03-01 14:56 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-01 13:48 . 2008-02-29 02:00 <REP> d-------- C:\SDFix
2008-03-01 13:07 . 2008-03-01 13:27 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-01 13:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-01 13:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-01 13:05 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-01 13:05 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-01 13:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-01 13:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-01 13:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-01 08:34 . 2008-03-01 08:34 <REP> d-------- C:\Program Files\Navilog1
2008-02-29 17:58 . 2008-02-29 17:58 <REP> d-------- C:\_OTMoveIt
2008-02-29 17:14 . 2008-02-29 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-02-29 15:23 . 2008-02-29 15:23 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-02-28 18:06 . 2008-02-28 18:06 <REP> d-------- C:\Documents and Settings\Invité\Application Data\PC Suite
2008-02-28 16:00 . 2008-02-29 15:18 329,792 --a------ C:\Documents and Settings\sam\scan.dat
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Program Files\Fichiers communs\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\sam\Application Data\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InternetAnonymizer
2008-02-28 15:10 . 2008-02-28 15:10 <REP> d-------- C:\Documents and Settings\sam\Application Data\reparateurdesysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\Fichiers communs\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> dr------- C:\Documents and Settings\All Users\Application Data\reparateurdesysteme
2008-02-28 15:04 . 2008-02-28 15:04 260,632 --a------ C:\Documents and Settings\sam\Application Data\setup_fr[1].exe
2008-02-28 11:17 . 2008-02-28 11:54 13,312 --a------ C:\WINDOWS\system32\drivers\kgpfr.cfg
2008-02-27 18:19 . 2008-02-27 18:19 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\WINDOWS\mui
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Pochette Express 2
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Hot-TV
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Horloge
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\AntivirusFirewall
2008-02-27 15:29 . 2008-02-27 15:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Program Files\Fichiers communs\iS3
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-02-27 13:35 . 2008-03-01 08:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-27 13:35 . 2008-02-27 13:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-18 14:48 . 2008-02-18 14:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-02-16 21:55 . 2008-02-16 21:55 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-11 09:40 . 2008-02-11 09:40 2,715,648 --a------ C:\WINDOWS\system32\OnlineScanner.ocx
2008-02-11 09:39 . 2008-02-11 09:39 253,952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 09:39 . 2008-02-11 09:39 237,568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-10 22:17 . 2003-12-12 16:06 1,693,696 --a------ C:\WINDOWS\system32\ltclr13n.dll
2008-02-10 22:17 . 2003-11-04 15:11 155,648 --a------ C:\WINDOWS\system32\lftif13n.dll
2008-02-10 22:17 . 2003-11-04 15:10 98,304 --a------ C:\WINDOWS\system32\lffax13n.dll
2008-02-08 13:53 . 2008-02-08 13:53 110,592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 08:48 . 2008-02-05 08:48 77,824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2008-02-04 20:06 . 2008-02-04 20:06 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-02-02 19:19 . 2008-02-02 19:19 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia Multimedia Player
2008-02-02 19:17 . 2008-02-02 19:17 <REP> d-------- C:\Documents and Settings\sam\Phone Browser
2008-02-02 19:12 . 2008-02-02 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\DIFX
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Documents and Settings\sam\Application Data\PC Suite
2008-02-02 19:04 . 2008-02-02 19:04 <REP> d-------- C:\Program Files\Nokia
2008-02-02 19:04 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-02 19:04 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-02 19:04 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-02 19:01 . 2008-02-02 19:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 12:29 230,432 ----a-w C:\PA7311.DAT
2008-02-16 20:55 8,704 --sha-w C:\Program Files\Thumbs.db
2008-02-13 20:57 9,598 ----a-w C:\Documents and Settings\sam\Application Data\wklnhst.dat
2008-01-28 15:46 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-01-28 14:05 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-27 13:22 --------- d-----w C:\Documents and Settings\sam\Application Data\gtk-2.0
2008-01-27 13:18 --------- d-----w C:\Documents and Settings\sam\Application Data\.purple
2008-01-27 13:17 --------- d-----w C:\Program Files\Fichiers communs\GTK
2008-01-26 16:16 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-26 16:16 --------- d-----w C:\Program Files\Windows Live
2008-01-26 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-08 17:04 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Program Files\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-07 17:49 --------- d-----w C:\Program Files\Fichiers communs\PAC7311
2008-01-07 15:57 --------- d-----w C:\Documents and Settings\sam\Application Data\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\ArcSoft
2008-01-07 14:58 --------- d-----w C:\Program Files\Trust
2008-01-05 19:21 1,675,903 ----a-w C:\Program Files\DSCN0097.JPG
2008-01-05 13:52 --------- d-----w C:\Program Files\DivX
2008-01-05 13:52 --------- d-----w C:\Documents and Settings\sam\Application Data\DivX
2008-01-05 13:36 --------- d-----w C:\Program Files\Picasa2
2007-12-19 22:53 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 09:38 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 01:07 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 01:07 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 01:07 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 01:07 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 01:07 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
2002-09-18 01:28 3,205,496 ------w C:\Program Files\F.msi
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"Felix"="C:\Program Files\ScreenMates\Felix2.exe" [ ]
"WOOKIT"="C:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 22:26 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]
"reparateurdesysteme"="C:\Program Files\ReparateurDeSysteme\SysRep.exe" [2007-11-19 17:04 1523712]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-12 17:26 155648]
"PAC7311_Monitor"="C:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"WOOWATCH"="C:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"webscan"="C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2007-12-20 03:20 771504]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"cookw"="C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" [2007-11-12 19:30 211456]
"giw"="C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" [2007-12-20 14:48 210432]
"epm-dm"="c:\acer\epm\epm-dm.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]

C:\Documents and Settings\sam\Menu D‚marrer\Programmes\D‚marrage\
Hotmail Popper.lnk - C:\Program Files\Hotmail Popper\hotpop.exe [2007-04-20 23:02:01 1777664]
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-17 19:28:46 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-20 22:25:57 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:29]
S3 PAC7311;Trust CP-2300 Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2007-03-14 10:57]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-11 23:08:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 16:47:16
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-01 16:47:48
ComboFix-quarantined-files.txt 2008-03-01 15:47:48
ComboFix2.txt 2008-03-01 15:38:42
.
2008-02-29 22:39:55 --- E O F ---
ComboFix 08-03-01.3 - sam 2008-03-01 16:46:26.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))
.

2008-03-01 16:20 . 2008-03-01 16:20 <REP> d-------- C:\Documents and Settings\sam\EurekaLog
2008-03-01 16:19 . 2004-08-05 05:00 400,896 --a------ C:\CF1858.exe
2008-03-01 14:56 . 2008-03-01 14:56 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-01 13:48 . 2008-02-29 02:00 <REP> d-------- C:\SDFix
2008-03-01 13:07 . 2008-03-01 13:27 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-01 13:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-01 13:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-01 13:05 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-01 13:05 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-01 13:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-01 13:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-01 13:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-01 08:34 . 2008-03-01 08:34 <REP> d-------- C:\Program Files\Navilog1
2008-02-29 17:58 . 2008-02-29 17:58 <REP> d-------- C:\_OTMoveIt
2008-02-29 17:14 . 2008-02-29 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-02-29 15:23 . 2008-02-29 15:23 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-02-28 18:06 . 2008-02-28 18:06 <REP> d-------- C:\Documents and Settings\Invité\Application Data\PC Suite
2008-02-28 16:00 . 2008-02-29 15:18 329,792 --a------ C:\Documents and Settings\sam\scan.dat
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Program Files\Fichiers communs\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\sam\Application Data\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InternetAnonymizer
2008-02-28 15:10 . 2008-02-28 15:10 <REP> d-------- C:\Documents and Settings\sam\Application Data\reparateurdesysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\Fichiers communs\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> dr------- C:\Documents and Settings\All Users\Application Data\reparateurdesysteme
2008-02-28 15:04 . 2008-02-28 15:04 260,632 --a------ C:\Documents and Settings\sam\Application Data\setup_fr[1].exe
2008-02-28 11:17 . 2008-02-28 11:54 13,312 --a------ C:\WINDOWS\system32\drivers\kgpfr.cfg
2008-02-27 18:19 . 2008-02-27 18:19 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\WINDOWS\mui
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Pochette Express 2
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Hot-TV
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Horloge
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\AntivirusFirewall
2008-02-27 15:29 . 2008-02-27 15:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Program Files\Fichiers communs\iS3
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-02-27 13:35 . 2008-03-01 08:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-27 13:35 . 2008-02-27 13:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-18 14:48 . 2008-02-18 14:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-02-16 21:55 . 2008-02-16 21:55 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-11 09:40 . 2008-02-11 09:40 2,715,648 --a------ C:\WINDOWS\system32\OnlineScanner.ocx
2008-02-11 09:39 . 2008-02-11 09:39 253,952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 09:39 . 2008-02-11 09:39 237,568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-10 22:17 . 2003-12-12 16:06 1,693,696 --a------ C:\WINDOWS\system32\ltclr13n.dll
2008-02-10 22:17 . 2003-11-04 15:11 155,648 --a------ C:\WINDOWS\system32\lftif13n.dll
2008-02-10 22:17 . 2003-11-04 15:10 98,304 --a------ C:\WINDOWS\system32\lffax13n.dll
2008-02-08 13:53 . 2008-02-08 13:53 110,592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 08:48 . 2008-02-05 08:48 77,824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2008-02-04 20:06 . 2008-02-04 20:06 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-02-02 19:19 . 2008-02-02 19:19 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia Multimedia Player
2008-02-02 19:17 . 2008-02-02 19:17 <REP> d-------- C:\Documents and Settings\sam\Phone Browser
2008-02-02 19:12 . 2008-02-02 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\DIFX
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Documents and Settings\sam\Application Data\PC Suite
2008-02-02 19:04 . 2008-02-02 19:04 <REP> d-------- C:\Program Files\Nokia
2008-02-02 19:04 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-02 19:04 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-02 19:04 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-02 19:01 . 2008-02-02 19:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 12:29 230,432 ----a-w C:\PA7311.DAT
2008-02-16 20:55 8,704 --sha-w C:\Program Files\Thumbs.db
2008-02-13 20:57 9,598 ----a-w C:\Documents and Settings\sam\Application Data\wklnhst.dat
2008-01-28 15:46 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-01-28 14:05 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-27 13:22 --------- d-----w C:\Documents and Settings\sam\Application Data\gtk-2.0
2008-01-27 13:18 --------- d-----w C:\Documents and Settings\sam\Application Data\.purple
2008-01-27 13:17 --------- d-----w C:\Program Files\Fichiers communs\GTK
2008-01-26 16:16 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-26 16:16 --------- d-----w C:\Program Files\Windows Live
2008-01-26 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-08 17:04 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Program Files\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-07 17:49 --------- d-----w C:\Program Files\Fichiers communs\PAC7311
2008-01-07 15:57 --------- d-----w C:\Documents and Settings\sam\Application Data\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\ArcSoft
2008-01-07 14:58 --------- d-----w C:\Program Files\Trust
2008-01-05 19:21 1,675,903 ----a-w C:\Program Files\DSCN0097.JPG
2008-01-05 13:52 --------- d-----w C:\Program Files\DivX
2008-01-05 13:52 --------- d-----w C:\Documents and Settings\sam\Application Data\DivX
2008-01-05 13:36 --------- d-----w C:\Program Files\Picasa2
2007-12-19 22:53 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 09:38 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 01:07 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 01:07 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 01:07 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 01:07 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 01:07 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
2002-09-18 01:28 3,205,496 ------w C:\Program Files\F.msi
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"Felix"="C:\Program Files\ScreenMates\Felix2.exe" [ ]
"WOOKIT"="C:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 22:26 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]
"reparateurdesysteme"="C:\Program Files\ReparateurDeSysteme\SysRep.exe" [2007-11-19 17:04 1523712]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-12 17:26 155648]
"PAC7311_Monitor"="C:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"WOOWATCH"="C:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"webscan"="C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2007-12-20 03:20 771504]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"cookw"="C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" [2007-11-12 19:30 211456]
"giw"="C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" [2007-12-20 14:48 210432]
"epm-dm"="c:\acer\epm\epm-dm.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]

C:\Documents and Settings\sam\Menu D‚marrer\Programmes\D‚marrage\
Hotmail Popper.lnk - C:\Program Files\Hotmail Popper\hotpop.exe [2007-04-20 23:02:01 1777664]
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-17 19:28:46 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-20 22:25:57 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 17:29]
S3 PAC7311;Trust CP-2300 Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2007-03-14 10:57]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-11 23:08:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 16:47:16
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-01 16:47:48
ComboFix-quarantined-files.txt 2008-03-01 15:47:48
ComboFix2.txt 2008-03-01 15:38:42
.
2008-02-29 22:39:55 --- E O F ---
ComboFix 08-03-01.3 - sam 2008-03-01 16:46:26.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\DOCUME~1\sam\Bureau\combofix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))))))))
.

2008-03-01 16:20 . 2008-03-01 16:20 <REP> d-------- C:\Documents and Settings\sam\EurekaLog
2008-03-01 16:19 . 2004-08-05 05:00 400,896 --a------ C:\CF1858.exe
2008-03-01 14:56 . 2008-03-01 14:56 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-01 13:48 . 2008-02-29 02:00 <REP> d-------- C:\SDFix
2008-03-01 13:07 . 2008-03-01 13:27 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-01 13:05 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-01 13:05 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-01 13:05 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-01 13:05 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-01 13:05 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-01 13:05 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-01 13:05 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-01 08:34 . 2008-03-01 08:34 <REP> d-------- C:\Program Files\Navilog1
2008-02-29 17:58 . 2008-02-29 17:58 <REP> d-------- C:\_OTMoveIt
2008-02-29 17:14 . 2008-02-29 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-02-29 15:23 . 2008-02-29 15:23 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-02-28 18:06 . 2008-02-28 18:06 <REP> d-------- C:\Documents and Settings\Invité\Application Data\PC Suite
2008-02-28 16:00 . 2008-02-29 15:18 329,792 --a------ C:\Documents and Settings\sam\scan.dat
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Program Files\Fichiers communs\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\sam\Application Data\InternetAnonymizer
2008-02-28 15:21 . 2008-02-28 15:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InternetAnonymizer
2008-02-28 15:10 . 2008-02-28 15:10 <REP> d-------- C:\Documents and Settings\sam\Application Data\reparateurdesysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> d-------- C:\Program Files\Fichiers communs\ReparateurDeSysteme
2008-02-28 15:05 . 2008-02-28 15:05 <REP> dr------- C:\Documents and Settings\All Users\Application Data\reparateurdesysteme
2008-02-28 15:04 . 2008-02-28 15:04 260,632 --a------ C:\Documents and Settings\sam\Application Data\setup_fr[1].exe
2008-02-28 11:17 . 2008-02-28 11:54 13,312 --a------ C:\WINDOWS\system32\drivers\kgpfr.cfg
2008-02-27 18:19 . 2008-02-27 18:19 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\WINDOWS\mui
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Pochette Express 2
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Hot-TV
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\Horloge
2008-02-27 17:38 . 2008-02-27 17:38 <REP> d-------- C:\Program Files\AntivirusFirewall
2008-02-27 15:29 . 2008-02-27 15:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Program Files\Fichiers communs\iS3
2008-02-27 15:27 . 2008-02-27 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-02-27 13:35 . 2008-03-01 08:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-27 13:35 . 2008-02-27 13:35 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-18 14:48 . 2008-02-18 14:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-02-16 21:55 . 2008-02-16 21:55 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-02-11 09:40 . 2008-02-11 09:40 2,715,648 --a------ C:\WINDOWS\system32\OnlineScanner.ocx
2008-02-11 09:39 . 2008-02-11 09:39 253,952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 09:39 . 2008-02-11 09:39 237,568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-10 22:17 . 2003-12-12 16:06 1,693,696 --a------ C:\WINDOWS\system32\ltclr13n.dll
2008-02-10 22:17 . 2003-11-04 15:11 155,648 --a------ C:\WINDOWS\system32\lftif13n.dll
2008-02-10 22:17 . 2003-11-04 15:10 98,304 --a------ C:\WINDOWS\system32\lffax13n.dll
2008-02-08 13:53 . 2008-02-08 13:53 110,592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 08:48 . 2008-02-05 08:48 77,824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2008-02-04 20:06 . 2008-02-04 20:06 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-02-02 19:19 . 2008-02-02 19:19 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia Multimedia Player
2008-02-02 19:17 . 2008-02-02 19:17 <REP> d-------- C:\Documents and Settings\sam\Phone Browser
2008-02-02 19:12 . 2008-02-02 19:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Program Files\DIFX
2008-02-02 19:09 . 2008-02-02 19:09 <REP> d-------- C:\Documents and Settings\sam\Application Data\Nokia
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-02-02 19:05 . 2008-02-02 19:05 <REP> d-------- C:\Documents and Settings\sam\Application Data\PC Suite
2008-02-02 19:04 . 2008-02-02 19:04 <REP> d-------- C:\Program Files\Nokia
2008-02-02 19:04 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-02-02 19:04 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-02-02 19:04 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-02-02 19:04 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-02 19:01 . 2008-02-02 19:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 12:29 230,432 ----a-w C:\PA7311.DAT
2008-02-16 20:55 8,704 --sha-w C:\Program Files\Thumbs.db
2008-02-13 20:57 9,598 ----a-w C:\Documents and Settings\sam\Application Data\wklnhst.dat
2008-01-28 15:46 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-01-28 14:05 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-27 13:22 --------- d-----w C:\Documents and Settings\sam\Application Data\gtk-2.0
2008-01-27 13:18 --------- d-----w C:\Documents and Settings\sam\Application Data\.purple
2008-01-27 13:17 --------- d-----w C:\Program Files\Fichiers communs\GTK
2008-01-26 16:16 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-26 16:16 --------- d-----w C:\Program Files\Windows Live
2008-01-26 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-01-08 17:04 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Program Files\Ulead Systems
2008-01-08 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-01-07 17:49 --------- d-----w C:\Program Files\Fichiers communs\PAC7311
2008-01-07 15:57 --------- d-----w C:\Documents and Settings\sam\Application Data\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
2008-01-07 15:55 --------- d-----w C:\Program Files\ArcSoft
2008-01-07 14:58 --------- d-----w C:\Program Files\Trust
2008-01-05 19:21 1,675,903 ----a-w C:\Program Files\DSCN0097.JPG
2008-01-05 13:52 --------- d-----w C:\Program Files\DivX
2008-01-05 13:52 --------- d-----w C:\Documents and Settings\sam\Application Data\DivX
2008-01-05 13:36 --------- d-----w C:\Program Files\Picasa2
2007-12-19 22:53 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-08 09:38 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-07 01:07 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-12-07 01:07 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-12-07 01:07 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-12-07 01:07 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-12-07 01:07 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
2002-09-18 01:28 3,205,496 ------w C:\Program Files\F.msi
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ]
"Felix"="C:\Program Files\ScreenMates\Felix2.exe" [ ]
"WOOKIT"="C:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 22:26 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]
"reparateurdesysteme"="C:\Program Files\ReparateurDeSysteme\SysRep.exe" [2007-11-19 17:04 1523712]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-12 17:26 155648]
"PAC7311_Monitor"="C:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"WOOWATCH"="C:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
"webscan"="C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" [2007-12-20 03:20 771504]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"cookw"="C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" [2007-11-12 19:30 211456]
"giw"="C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" [2007-12-20 14:48 210432]
"epm-dm"="c:\acer\epm\epm-dm.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-11-22 11:53 319488]

C:\Documents and Settings\sam\Menu D‚marrer\Programmes\D‚marrage\
Hotmail Popper.lnk - C:\Program Files\Hotmail Popper\hotpop.exe [2007-04-20 23:02:01 1777664]
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-17 19:28:46 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-20 22:25:57 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sess

MARIE83120 Messages postés 268 Statut Membre

tu as tout reçu ?

Réponse 33 / 68

Utilisateur anonyme

Re , non bon pas grave je vais travailler un peu a l'aveuglette.

Ouvre le Bloc-Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)

Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note )

Folder::
C:\Documents and Settings\sam\Application Data\reparateurdesysteme
C:\Program Files\Acceleration Software

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
"reparateurdesysteme"=-
"webscan"=-

Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

A+

MARIE83120 Messages postés 268 Statut Membre

je ne comprends comment je dois faire :

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Utilisateur anonyme > MARIE83120 Messages postés 268 Statut Membre

Ben c'est simple.

Tu clique gauche sur CFScript tu le maintiens , et tu déplace ta souris sur Combofix.exe ( la croix rouge ) et la tu relaches le clique gauche et tu continus la procédure.

a+

MARIE83120 Messages postés 268 Statut Membre > Utilisateur anonyme

ComboFix 08-03-01.3 - sam 2008-03-01 17:51:06.4 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.580 [GMT 1:00]
Endroit: C:\Documents and Settings\sam\Bureau\combofix.exe
Command switches used :: C:\Documents and Settings\sam\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\sam\Application Data\reparateurdesysteme
C:\Documents and Settings\sam\Application Data\reparateurdesysteme\Logs\update.log
C:\Program Files\Acceleration Software
C:\Program Files\Acceleration Software\Anti-Virus\aliaslist.xml
C:\Program Files\Acceleration Software\Anti-Virus\buynow.gif
C:\Program Files\Acceleration Software\Anti-Virus\clean.html
C:\Program Files\Acceleration Software\Anti-Virus\clnlist.dat
C:\Program Files\Acceleration Software\Anti-Virus\clnrchk.dat
C:\Program Files\Acceleration Software\Anti-Virus\clnrfail.html
C:\Program Files\Acceleration Software\Anti-Virus\clnrpending.html
C:\Program Files\Acceleration Software\Anti-Virus\clnrrestart.html
C:\Program Files\Acceleration Software\Anti-Virus\clnrretry.html
C:\Program Files\Acceleration Software\Anti-Virus\clnrsuccess.html
C:\Program Files\Acceleration Software\Anti-Virus\cookies1.cnr
C:\Program Files\Acceleration Software\Anti-Virus\cookies2.cnr
C:\Program Files\Acceleration Software\Anti-Virus\cookies3.cnr
C:\Program Files\Acceleration Software\Anti-Virus\cookies4.cnr
C:\Program Files\Acceleration Software\Anti-Virus\cure_rslt01.gif
C:\Program Files\Acceleration Software\Anti-Virus\defscan_setup2.exe
C:\Program Files\Acceleration Software\Anti-Virus\defscan_setup2.exe.chk
C:\Program Files\Acceleration Software\Anti-Virus\drw4339j.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339k.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339l.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339m.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339n.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339o.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339p.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339q.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339r.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339s.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw4339t.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44400.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44401.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44402.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44403.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44404.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44405.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44406.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44407.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44408.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44409.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44410.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44411.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44412.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44413.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44414.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44415.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44416.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44417.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44418.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44419.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44420.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44421.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44422.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44423.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44424.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44425.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44426.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44427.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drw44428.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drweb32.dll
C:\Program Files\Acceleration Software\Anti-Virus\drwebase.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drwnasty.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drwrisky.vdb
C:\Program Files\Acceleration Software\Anti-Virus\drwtoday.vdb
C:\Program Files\Acceleration Software\Anti-Virus\dsshell.dll
C:\Program Files\Acceleration Software\Anti-Virus\dsshell0.dll
C:\Program Files\Acceleration Software\Anti-Virus\dwn44401.vdb
C:\Program Files\Acceleration Software\Anti-Virus\dwn44402.vdb
C:\Program Files\Acceleration Software\Anti-Virus\dwntoday.vdb
C:\Program Files\Acceleration Software\Anti-Virus\dwrtoday.vdb
C:\Program Files\Acceleration Software\Anti-Virus\eac_mindef.dll
C:\Program Files\Acceleration Software\Anti-Virus\eanth_alert.exe
C:\Program Files\Acceleration Software\Anti-Virus\firststrike.cnr
C:\Program Files\Acceleration Software\Anti-Virus\fscan.dat
C:\Program Files\Acceleration Software\Anti-Virus\header_center.bmp
C:\Program Files\Acceleration Software\Anti-Virus\header_jnw.gif
C:\Program Files\Acceleration Software\Anti-Virus\header_topleft.bmp
C:\Program Files\Acceleration Software\Anti-Virus\header_topright.bmp
C:\Program Files\Acceleration Software\Anti-Virus\lspfix.exe
C:\Program Files\Acceleration Software\Anti-Virus\lspfix.txt
C:\Program Files\Acceleration Software\Anti-Virus\onlineclnr.html
C:\Program Files\Acceleration Software\Anti-Virus\regsvr32.exe
C:\Program Files\Acceleration Software\Anti-Virus\requestclnr.html
C:\Program Files\Acceleration Software\Anti-Virus\resources\css\theme.css
C:\Program Files\Acceleration Software\Anti-Virus\resources\html\stops_threatscanner.htm
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\collapse.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\expand.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\off_blue.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\on_blue.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\on_darkyellow.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\prodbtn_down.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\prodbtn_over.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\prodbtn_up.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\scanner.bmp
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_boxhead_lft.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_boxhead_rt.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_boxhead_space.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_headers_ss_expand.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_headers_ss_results.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_headers_ss_ts.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icon_ea_help_16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icon_ss_scan-results_16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icon_ss_scanner_16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icon_ss_scanner_32.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icons_ss_moreinfo_wht16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icons_ss_off_wht16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icons_ss_on_wht16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\ss_icons_ss_sett_wht16.gif
C:\Program Files\Acceleration Software\Anti-Virus\resources\images\Thumbs.db
C:\Program Files\Acceleration Software\Anti-Virus\resources\js\panel.js
C:\Program Files\Acceleration Software\Anti-Virus\resources\js\scripts.js
C:\Program Files\Acceleration Software\Anti-Virus\resources\xml\results.xml
C:\Program Files\Acceleration Software\Anti-Virus\resources\xml\scanner.xml
C:\Program Files\Acceleration Software\Anti-Virus\results.css
C:\Program Files\Acceleration Software\Anti-Virus\results.js
C:\Program Files\Acceleration Software\Anti-Virus\runclnr.html
C:\Program Files\Acceleration Software\Anti-Virus\scancore.dll
C:\Program Files\Acceleration Software\Anti-Virus\scancoredll.dll
C:\Program Files\Acceleration Software\Anti-Virus\scanlog.log
C:\Program Files\Acceleration Software\Anti-Virus\scanner_plugin.dll
C:\Program Files\Acceleration Software\Anti-Virus\scanner_plugin0.dll
C:\Program Files\Acceleration Software\Anti-Virus\scanrs_meg.dll
C:\Program Files\Acceleration Software\Anti-Virus\scanrs_vlz.dll
C:\Program Files\Acceleration Software\Anti-Virus\shexclude.dat
C:\Program Files\Acceleration Software\Anti-Virus\siexclude.dat
C:\Program Files\Acceleration Software\Anti-Virus\spy_180_Solutions_n-CASE.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_180_Solutions_Seekmo.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_180_Solutions_Zango.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_2Spy!.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_3DSTATE_Web-Entrance.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_7search_7FaSSt.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_A_Value_Systems_MoM.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Aby_Software_AB_System_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Acceso_Group_S_L__123Mania.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Activity-Tracker_com.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Activity-Tracker_com_.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Addictive_Technologies_ATPartners.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdGhost_StartSurfing.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdIntelligence_2nd-Thought.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdRoar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdRotator_Enhanced_Browser_Overlay.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdRotator_Icons.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdSpyre_MidADdle.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Adssite_Browser_Optimizer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdvanceCleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AdwareRemover.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AE_Covert_Operation_Monitor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Alexa_Internet_Alexa_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Alpine_Snow_Desktop_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Alpine_Snow_Save_Keys.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Alset_HelpExpress.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AntiSpyCheck.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AntispyStorm.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Antispyware_Soldier.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Antispywarebox_com.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AntiSpywareShield.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AntiSpyZone.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AntiVermin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AntiVirGear.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Antivirus_Golden.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Appswebservice_com_Search_Assistant.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Apropos_Media_AutoUpdate.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Apropos_Media_Client.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Apropos_Media_Context_Plus.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Apropos_Media_PeopleOnPage.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Ardamax_Keylogger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_AtHoc_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Aureate.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Avenue_Media_Internet-Optimizer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Awola.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_BiRose_A.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Bulknet_A1A.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Bulknet_Hide.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_ErrorHandler.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Generic_1570.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Generic_EHB.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_IRC_HackBot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_IRC_SdBot_1272832.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_IRC_Sdbot_795.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Sdbot_777.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Sdbot_Terminals.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Uragan.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BackDoor_Yamu.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BadBoyKilla_Hack99_Keylogger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Bar888.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BC_Computing_Win-Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Best-Search_us_MegaSearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BHO.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Bitlogic_Desktop_Detective_2000.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Blue_Tide_Software_Surf_Sidekick.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Bobworkz_Hellz_Little_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Bonut_com_Hpdll.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Bonzi_com_BonziBUDDY.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BookedSpace.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BookmarkExpress.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BroadcastPC_2_0.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BrowserAid_ABCSearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BrowserAid_BrowserPal.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BrowserAid_CashToolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_BrowserAid_LetsSearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_CashSurfer_CashBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_CashSurfers_DonationTree_Shopper.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_DashBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_Date_Manager.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_eWallet.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_Precision_Time.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_Trickler.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_Weatherscope.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Claria_Web_Secure_Alert.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Clear_Search_Address_Bar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ClickSpring_PurityScan.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ClickTheButton.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ClickTillUWin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Coding_Workshop_Codename_Alvin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Comet_Systems_Comet_Cursor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_CommonName.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Comodo_TrustToolBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Conducent_TimeSink.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ContraVirusPro.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_CPM_Media_FreeScratchAndWin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Crystalys_Media_Limited_Crystalys_Media_Internet_Assistant.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Cydoor_Technologies_Cydoor_Desktop_Media.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Dawn_of_Time_Inc_Search-Exe_com.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Deal_Helper_Time_Sync.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Deal_Helper_Web_Driver.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Deep_Software_Activity_Logger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Deep_Software_Activity_Monitor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DelFin_Project_DelFin_Media_Viewer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DelFin_Project_Display_Utility.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DelFin_Project_SavingsHound.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DerBiz_com_DBAccess.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Deskbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Dialer_Carped.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DioCleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Diplodock_Keyboard_Guardian.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Diplodock_System_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Direct_Revenue_Best_Offers_Networks.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DollarRevenue.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DrAntispy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_DriveCleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_E_Spy_Software_007_Spy_Software.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_E2give_Plug-in.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Easy_Spyware_Cleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Ebates_Moe_Money_Maker.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_eCommerce_Dialer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Effective-i_UCmore.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Elite_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_enBrowser.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Enconfidence_My_Daily_Horoscope.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_EnhanceMySearch_Helper101.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_EQAdvice.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ErrorSafe.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ETD_Security_Scanner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_EverAd.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_eXact_Advertising_Bargain_Buddy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_eXact_Advertising_eXact_Searchbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_EzCyberSearch_ez_SearchBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_eZula_TopText_iLookup.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_eZula_Web_Offer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Fake_DNS_Codec.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_File_Secure.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_FindWhateverNow_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Fkware_Sysmon_System_Monitor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Flyswat_Websearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Freeprod_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_FullContext_Pshope.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_GigaTech_SuperBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Global_Patrol_Etherscout.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Global_Patrol_Webscout.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_GoCyberSearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_GoHip_FreeVideo.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Harmony_Hollow_FavSearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Hotbar_Outlook_Tools.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Huy-search_info.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Iccee_com_CMAPP_Websearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_IE_Defender.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_IGetNet_IGN_Keyword.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_IMIServer_IE_Plugin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Index_SE_Msn_dll.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Inet-Traffic_Inet_Delivery.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Innovagest2000_S_L__AlfaCleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Insider.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Integrated_Search_Technologies_ISTBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Integrated_Search_Technologies_Power_Scan.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Integrated_Search_Technologies_SideFind.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Integrated_Search_Technologies_YourSiteBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Integrated_Ventures_The_Communicator.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Intercort_Systems_DownloadWare.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Intermix_Media_Wotch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Internet_Safety_Software_IamBigBrother.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Invisible_Keylogger_Stealth_Key_Logger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Ipwindows.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ISearch_Desktop_Search.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_iWon_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_K8L_info.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Kalptaru_Infotech_Windows_SR_2_0.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Keramitsu_LLC_SpywareStrike.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Kill_and_Clean.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_KillSpy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_KMiNT21_Software_Personal_Desktop_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_LastBit_Software_Absolute_Key_Logger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Lycos_Sidesearch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MakeMeSearch_Search_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MalwareAlarm.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MalwareBurn.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MalwareWiped.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Manila_Industries_Quicklinks.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Marsfind_com_Httper.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Maui_Media_LLC_Adcom.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Maxifiles_DNS.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Maxifiles_InetGet.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MBKWbar_IEToolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MDSA_Sentinel.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Media-Motor_Joystick_Networks.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MediaInject_Micore.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MicroSmarts_Enterprise_ShowBehind.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Mikko_Technology_Screen_Logger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Mindset_Interactive_IPInsight.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Mindset_Interactive_NetPal.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Mirar_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Miscrosofq101_Desktop_Hijacker.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Mraskalot_com_Forethought.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Mworld_Holdings_LTD_Zipclix.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MX-Target_Twain_Tech.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_My_Way_SearchBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_My_Way_Speedbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_MYVOD_Inc_Weird_On_The_Web.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Natasoft_IntraSpy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Need2Find_Bar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Nelroy_LTD_The_Spy_Guard.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_NetHunter_Group_ProBot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_NetSonic_Web3000.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Netster_Smart_Browse_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_New_Media_Properties_SearchSquire.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Newads1_com_Tspd.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_NicTech_Networks_Look2Me.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_NJStar_Asian_Explorer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_NTSecurity_KLogger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Numb-Soft_com_Software.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_OnFlow.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Outer_Info_Networks_Media_Tickets.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Oversee_SearchAndBrowse.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PanelPartners_OpinionBar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Pave_Blue_Consumer_Alert_System.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PC_Spy_123_XPC_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PC_Weasel.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PCPrivacyTool.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Pearl_Software_Cyber_Snoop_Desktop.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Permission_Media_FriendGreetings.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PestCapture.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PestTrap.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Positive_Commerce_LTD_BraveSentry.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_PrivacyProtector.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Ramdud.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Rebate_Nation.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_RedV_EasyInstall.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_RelevantKnowledge.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Rightonadz_Browser_Optimizer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SafeNet_Corp_Internet_Activity_Monitor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SafeStrip.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Search-Control_com_Search_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Search_Enhancer_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Search_For_It.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Search_It_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SearchEx_Hotlink.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Searching4U_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Secure_Computer_Spyware_Cleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SecureServicePack.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Security_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SeekSeek_Slmss.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Segobit_Software_Actions_Monitor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Shelron_Group_Active_Shopper.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Shop_At_Home_Select_SAH_Agent.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ShopNav.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SideStep_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Simplenter_com_Universal_IE_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Sirsearch_PowerSearch_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SM_Lab_Spy_Keylogger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SmartPops_Network_Essentials.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SmartPops_Recommended_Hotfix.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpyArsenal_com_Home_Keylogger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpyCrush.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpyDawn.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpyLocked.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpyMarshal.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpyShredder.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Spytech_Software_and_Design_SpyAgent.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Spytech_Software_and_Design_SpyAnywhere.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Spyware-Secure.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Spyware_Labs_Ad_Destroyer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Spyware_Labs_Virtual_Bouncer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpywareHeal.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SpywareQuake.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SS_Development_SpySheriff_Desktop_Hijacker.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SS_Development_SpyTrooper.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Starware_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_StopingSpy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Stratex_International_UnSpyPC.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SunShine_Ltd_SpyAxe.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SunShine_Ltd_SpyFalcon.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SureShot_Surfing_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SureShot_Windows_Spy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SurfAccuracy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_SysProtect.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_System_Doctor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_System_Soap_Pro.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_TagASaurus.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_TargetSaver.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Tenebril_Keycorder.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ThunderDownloads_KeenValue.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Tibs_Systems_Premium_Rate_Internet_Dialer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Toolbar888.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Top_Moxie_Coupons_and_Offers.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Top_Moxie_MyPoints_PointAlert.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Top_Rebates_Web_Rebates.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_TopSites_us.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Total_Velocity_Memory_Meter.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Total_Velocity_TV_Media.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trade_News_Adultlinks.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_TrafficAdvance_net_Dialer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan-Spy_HTML_Smitfraud_c.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_BackDoor_Finog.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_BackDoor_Vibdo.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Chod.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_11356.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_11357.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_11358.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_12166.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_14523.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Downloader_17817.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_19797.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_19825.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_2674.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_29746.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_344.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_4798.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_5401.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_6186.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_6296.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_9064.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_AARZ.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Agent_BLZBub_4.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Agent_HARM.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Arf.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Ashfib_b.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Ashfip.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_ConHook_AI.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Duocore.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_FakeBoot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Goldun_Behav_010.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Hippygone_Generic_130.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Navi_A.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Small_57_A.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Small_ebr.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Small_ekr.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Small_Eye.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_Small_Eye_b.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_DownLoader_VB_Arf.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Durvil.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Durvil_b.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_EmailSpy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_GoogleFake.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Kill_FD.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Mespam.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Muldrop_5450.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_MulDrop_70565.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_MulDrop_Agent_RM.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_NetAx_afd.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_NtRootKit_209.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PalkOn.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Peed.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Proxy_1154.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Proxy_811.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Proxy_JBP.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Agent_HARM.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Bludit.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_ExplorerHijack.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Frethog.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Gamania.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Gamejack.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_IceHack.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Micro.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_PopTang.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Poptcap.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Poptit.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Tanspy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Tanspy_AZ.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Tanspy_FL.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Wsgame_A.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Wsgame_B.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_PWS_Wsgame_C.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_QHost.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Starter_81.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_Startpage_38400.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_SystemPoser.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Trojan_WowStealer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Tropical_Software_Winvestigator.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_TrueActive_Software_Monitor.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_TSM-Soft_SpyCapture.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Ultimate_Cleaner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Ultimate_Defender.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_UPC.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_UpdSys_Windows_VisFx_Components.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Upnet_Search_Relevancy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_UrlBlaze_Client.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_UrlBlaze_Turbo_Download.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_VAAP_Salus.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_VCClient.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Virtumondo_NewtonKnows.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Virus-Burst.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_VirusHeat.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_VirusProtectPro.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_VirusRay.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Vista_Interactive_InstaFinder.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Vista_Interactive_RXToolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Walnut_Ventures_2020search_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Walnut_Ventures_SearchBasket.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_wdwctrl.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Web_Buying.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Web_Nexus_Network.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_webHancer_Corp_webHancer_Customer_Companion.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WebInstall_Dialer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Webroot_WinGuardian.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WebSearch_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WebSearch_Wintools.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_West_Frontier_Holdings_Bho_dll.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_West_Frontier_Holdings_BigTrafficNetwork_com.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_West_Frontier_Holdings_PShow.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_Browser_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_ClockSync.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_Desktop_Search.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_PriceBandit_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_Save_Now.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_SideFinder.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WhenU_Weathercast.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_Fontra_c.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Buzz_Warezov.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Limar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Limar_Bean.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Perf.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Perf_based.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Perf_based_R.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Perf_R.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLM_Stration_Agent.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLW_Autoruner.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Win32_HLLW_MyBot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WinAble.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WinAntiSpyware.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WinAntiVirus_Pro.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Wind_Updates_Media_Gateway.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Wind_Updates_Windows_ControlAd.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Windows_AFA_Internet_Enhancement.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Windows_Overlay_Components.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WinMsg_Desktop_Hijacker.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WinPop.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WinSoftware_Ltd_WinFixer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Winstall_Desktop_Changer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Wintouch.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Wishbone_Media_Wishbone_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Wonderland_Wonderplus_Dialer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_WPC_Productions_Limited_PartyPoker.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Wurld_Media_Buyers_Port.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_XCP_DRM_RootKit.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Xelerate_SpyPC.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_XP_Antivirus.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ZapSpot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_Zeno_Tecnico_Zeno_Browser_Enhancer.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ZestyFind_Iconz.cnr
C:\Program Files\Acceleration Software\Anti-Virus\spy_ZSearch_Toolbar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\sr_lp_arrow.gif
C:\Program Files\Acceleration Software\Anti-Virus\sr_lp_caution_sm.gif
C:\Program Files\Acceleration Software\Anti-Virus\sr_lp_curebtn.gif
C:\Program Files\Acceleration Software\Anti-Virus\sr_lp_head_01.gif
C:\Program Files\Acceleration Software\Anti-Virus\sr_lp_head_space.gif
C:\Program Files\Acceleration Software\Anti-Virus\sscomm_header_logo.gif
C:\Program Files\Acceleration Software\Anti-Virus\sscomm_spacer.gif
C:\Program Files\Acceleration Software\Anti-Virus\sscomm_title_results.gif
C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll
C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.mof
C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll
C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.mof
C:\Program Files\Acceleration Software\Anti-Virus\sstsmon0.dll
C:\Program Files\Acceleration Software\Anti-Virus\ssupload.dll
C:\Program Files\Acceleration Software\Anti-Virus\ssupload_setup_update.exe
C:\Program Files\Acceleration Software\Anti-Virus\stops_dlg_header_tl.gif
C:\Program Files\Acceleration Software\Anti-Virus\stops_dlg_header_tm.gif
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Acceleration Software\Anti-Virus\syssnap_update.exe
C:\Program Files\Acceleration Software\Anti-Virus\vclnr.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vclnr.dll
C:\Program Files\Acceleration Software\Anti-Virus\vclnr.dll.chk
C:\Program Files\Acceleration Software\Anti-Virus\vclnr_setup_update.exe
C:\Program Files\Acceleration Software\Anti-Virus\vclnr_setup_update.exe.chk
C:\Program Files\Acceleration Software\Anti-Virus\VclnrLog.Xml
C:\Program Files\Acceleration Software\Anti-Virus\vclnrun.exe
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Beast.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Brat.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Bulknet.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Bulknet_45.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Dosia.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_EggDrop_1619.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Generic_1273.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Generic_1451.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Generic_267.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Generic_603.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Generic_82.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_GSpot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_HackDef_84.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_HangUp_65535.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_IRC_Sdbot_151.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_IRC_Sdbot_496.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_IRC_Sdbot_707.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_IRC_Sdbot_753.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_IRC_Sdbot_755.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_IRC_Sdbot_775.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Iterator.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Jink.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_LaLa_136.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Lanfilt.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Latinus.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Matrix.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Mosu.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Muska.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Netag.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_NetBus.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_NetDevil.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Nota.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Oscar.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Pandu.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Pest.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Plain.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Psychward.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Ptakks.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Ptsnoop.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_RA.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Ruller.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Servu.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Snid.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Sparta.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Theef.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Wow.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Xanadu.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Xot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BackDoor_Y3krat.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_BAT_Generic_38.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Cry_30577.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_DDoS_Slack.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Dialer_Online.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Dialer_Riprova.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Dialer_Silent.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_esBot.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Exploit_ByteVerify.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Exploit_DialogArg.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Exploit_MhtRedir.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_IRC_Generic_86.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_IRC_Mimic.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_IRC_Winhelp.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Modification_of_BackDoor_Generic_1373.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Modification_of_Renegade_1176.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Modification_of_Trojan_DownLoader_6144.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_AppActXComp.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Backreg.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_BagzProxy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Bispy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Briss.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Checkin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_ClassLoader.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1206.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1207.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1209.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1210.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1237.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1360.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1432.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_1475.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_2085.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_2485.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_3162.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_42.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_686.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Click_870.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Cool.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Copier.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_CopySelf.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DelWin.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Dicamex.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_1035.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_10355.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_10919.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_11051.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_11354.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_11355.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_11408.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_11645.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_12196.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_12446.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_12692.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_1348.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_14625.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_17040.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_17128.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_18510.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_2211.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_24772.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_2489.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_257.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_25873.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_26504.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_28163.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_2905.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_2991.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_316.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_324.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_3308.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_372.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_378.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_383.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_386.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_3918.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_399.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_413.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_4412.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_4412_r.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_4703.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_5289.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_5590.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_6909.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_6988.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_7376.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_8053.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_885.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_9179.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_9540.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_970.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_9866.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_9899.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_9908.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_DownLoader_based.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Durvil.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Ehu.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_EmailSpy.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Fakealert_196.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Fakealert_290.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Fakealert_291.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Greetings.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Guide.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Hidden_16384.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Hoster.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Iebk.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_IEstart.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_IframeExec.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Inject_209.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Keyhost.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_KeyLogger.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Lamdez.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Landa.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_LastAd.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_LowZones_174.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_Manifest.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_3290.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_3338.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_4091.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_4091_R.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_4181.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_510.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_5450.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_MulDrop_6.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_NetSphere.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_NoCheat_235.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_NoClose.cnr
C:\Program Files\Acceleration Software\Anti-Virus\vir_Trojan_NtRootKit_142.cnr
0

Réponse 34 / 68

Utilisateur anonyme

Re , reposte un rapport Hijackthis stp.

A+

0

MARIE83120 Messages postés 268 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:41:23, on 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe
C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\program files\orange\player orange\Orange Player.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\explorer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [cookw] "C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" -start
O4 - HKLM\..\Run: [giw] "C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" -start
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\Felix2.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYFR
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/zuma/oberongamesloader.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

0

Réponse 35 / 68

Utilisateur anonyme

Re ,

Relance hijackthis , Choisis ' Do a system scan ' Et fixe ces lignes : ( coche la case à leurs gauches > ' fixchecked ')

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYFR
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/zuma/oberongamesloader.cab

******************************
Télécharger OAD (Outil d'Aide au Diagnostic) < http://sosvirus.changelog.fr/OAD.exe >
→ Enregistre-le sur ton bureau
→ Lancer 'OAD.exe' en faisant un double clique sur le fichier
→ Saisir la valeur recherchée -> ' stopsignav.exe ' ( fait un copier/coller )
→ Type de recherche : sélectionner l'option 6 puis valide [entrée]
→ OAD va maintenant rechercher le fichier.
→ Laisse-le travailler jusqu'à ce qu'il en ait terminé.
→ Suivant la taille des disques durs, cette recherche peut prendre plusieurs minutes.

------------- Patienter. --------------

→ Le rapport de recherche s'affichera automatiquement dès qu'il en aura terminé.
→ Faire un copier/coller de ce rapport dans ton prochain post.

Note: Certains Antivirus peuvent émettre une alerte lors du téléchargement / utilisation > ignore

A+

0

MARIE83120 Messages postés 268 Statut Membre

01/03/2008 ---- 19:16:37,73

----------------------------------
§§§§§§ [stopsignav.exe] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete

********************
[Registre]
********************

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46D570D9-71C8-44E5-A76C-AADFE94442CA}]
"LocalizedString"="@C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe,-100"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46D570D9-71C8-44E5-A76C-AADFE94442CA}\Elevation]
"IconReference"="@C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46D570D9-71C8-44E5-A76C-AADFE94442CA}\LocalServer32]
@="C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F63C5B10-B709-4DF5-BA27-B90102AD313B}]
"LocalizedString"="@C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe,-100"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F63C5B10-B709-4DF5-BA27-B90102AD313B}\Elevation]
"IconReference"="@C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F63C5B10-B709-4DF5-BA27-B90102AD313B}\LocalServer32]
@="C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E072AB7-3CDA-4536-8AFD-56B0FE6846B4}\1.0\0\win32]
@="C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"webscan"="\"C:\\Program Files\\Acceleration Software\\Anti-Virus\\stopsignav.exe\" -k"

*******************
[Fichier]
*******************

c:\QooBox\Quarantine\C\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe.vir

*********************
[Même date]
*********************

[17/05/2007 ] --- REP ---> C:\Program Files\eAcceleration
[17/05/2007 ] --- REP ---> C:\Program Files\Sony

Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------

0

Réponse 36 / 68

Utilisateur anonyme

Re ,

Crée un nouveau document texte : clic droit de souris sur le bureau, "Nouveau"> "Document Texte". Ouvre-le et copie-colle dedans de ce qui est en citation en gras ci-dessous, (copie tout d'un trait) : ( y compris Regedit4, et la ligne vide en dessous )

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46D570D9-71C8-44E5-A76C-AADFE94442CA}]
"LocalizedString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46D570D9-71C8-44E5-A76C-AADFE94442CA}\Elevation]
"IconReference"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46D570D9-71C8-44E5-A76C-AADFE94442CA}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F63C5B10-B709-4DF5-BA27-B90102AD313B}]
"LocalizedString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F63C5B10-B709-4DF5-BA27-B90102AD313B}\Elevation]
"IconReference"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F63C5B10-B709-4DF5-BA27-B90102AD313B}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E072AB7-3CDA-4536-8AFD-56B0FE6846B4}\1.0\0\win32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"webscan"=-

Puis "fichier" -> "enregistrer sous" :
dans : sur le bureau
Nom du fichier : reglop.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

Cela doit ressembler à ça

Redémarre en MSE

Double clique sur reglop.reg

→ tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

******************

Fait ça et reposte un rapport Hijackthis , on va installer un Anti-virus et un pare-feu.
A+

0

MARIE83120 Messages postés 268 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:50, on 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe
C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\WANADOO\GestionnaireInternet.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\PROGRA~1\WANADOO\Toaster.exe
C:\PROGRA~1\WANADOO\Inactivity.exe
C:\PROGRA~1\WANADOO\PollingModule.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [cookw] "C:\PROGRA~1\FICHIE~1\REPARA~1\cookw.exe" -start
O4 - HKLM\..\Run: [giw] "C:\PROGRA~1\FICHIE~1\INTERN~1\giw.exe" -start
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\Felix2.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {2D37B9E8-C14C-482C-B1CF-939C5440E179} (VTToolkit Control) - http://videomessages.orange.fr/VTToolkit.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

0

MARIE83120 Messages postés 268 Statut Membre

alors çà dit quoi ?

0

Réponse 37 / 68

Utilisateur anonyme

Je te prépare la suite ;)

0

Réponse 38 / 68

Utilisateur anonyme

Re ,

Démarrer > executer > ' services.msc ' ,

- Clic droit sur le service cité - LiveUpdate - Symantec Corporation
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »

Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html

Désactive aussi ce service :

Planificateur LiveUpdate automatique - Symantec Corporation

**************************************

1)Va dans ' poste de travail ' > ' Outil ' > ' Options des dossiers ' > Onglet ' Affichage '

2)Active le bouton ' Afficher les fichiers et dossiers cachés '
3)Décoche ' Masquer les fichiers protégés du systeme d'exploitation ( recommandé ) '
4)Décoche ' Masquer les extensions dont le type est connu '

5)Va sur ce site --> https://www.virustotal.com/gui/

Clique sur ' parcourir '

Cherche ce fichier :

C:\CF1858.exe

Clique sur ' send '

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

-> Poste le moi stp.

*************

Puis va sur ce site : http://virusscan.jotti.org/de/

Et fait analyser le même fichier -> poste le rapport.

*****
Voila 2 rapports à me poster ;)
A+

0

MARIE83120 Messages postés 268 Statut Membre

Démarrer > executer > ' services.msc '
Démarrer OK
Exécuter OK
' services.msc ' ????
SVP Je comprends pas ou je le trouve, si je dois l'écrire ...
DESOLEE ENCORE UNE FOIS de ne pas comprendre

0

Utilisateur anonyme > MARIE83120 Messages postés 268 Statut Membre

tu l'écris ;)

0

MARIE83120 Messages postés 268 Statut Membre

j'espére que les 2 rapports sont entiers !!!!!

Fichier cmd.exe reçu le 2008.02.26 23:25:10 (CET)
Situation actuelle: terminé

Résultat: 0/32 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.26 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 400896 bytes
MD5: dc1742629c03a1ad3f1e4165742958f6
SHA1: c4ff539a8c698ffb298bdf8b9baab7a39a7ed940
PEiD: -

----------------------------------------------------------------------------------------------------------------------------------------------------

Datei: CF1858.exe
Auslastung: 0% 100%

Status: OK (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.)
Entdeckte Packprogramme: -
Bit9 rapportiert: No threat detected (more info)

A-Squared Keine Viren gefunden
AntiVir Keine Viren gefunden
ArcaVir Keine Viren gefunden
Avast Keine Viren gefunden
AVG Antivirus Keine Viren gefunden
BitDefender Keine Viren gefunden
ClamAV Keine Viren gefunden
CPsecure Keine Viren gefunden
Dr.Web Keine Viren gefunden
F-Prot Antivirus Keine Viren gefunden
F-Secure Anti-Virus Keine Viren gefunden
Fortinet Keine Viren gefunden
Ikarus Keine Viren gefunden
Kaspersky Anti-Virus Keine Viren gefunden
NOD32 Keine Viren gefunden
Norman Virus Control Keine Viren gefunden
Panda Antivirus Keine Viren gefunden
Rising Antivirus Keine Viren gefunden
Sophos Antivirus Keine Viren gefunden
VirusBuster Keine Viren gefunden
VBA32 Keine Viren gefunden

0

Réponse 39 / 68

MARIE83120 Messages postés 268 Statut Membre

Démarrer > executer > ' services.msc ' ,

- Clic droit sur le service cité - LiveUpdate - Symantec Corporation .......OK
- propriétés ..........................OK
- et dans "type de démarrage" et mets le sur « désactivé ». ..................OK
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté ».............OK

Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
???
c'est un site que je dois ouvrir aprés les actions faites avant

0

Réponse 40 / 68

Utilisateur anonyme

...
Non ce lien te montre comment faire si tu ne comprend pas.

Continu stp

0

MARIE83120 Messages postés 268 Statut Membre

VOILA LE RAPPORT ....

Fichier cmd.exe reçu le 2008.02.26 23:25:10 (CET)
Situation actuelle: terminé

Résultat: 0/32 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.27.0 2008.02.26 -
AntiVir 7.6.0.67 2008.02.26 -
Authentium 4.93.8 2008.02.26 -
Avast 4.7.1098.0 2008.02.26 -
AVG 7.5.0.516 2008.02.26 -
BitDefender 7.2 2008.02.26 -
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.26 -
DrWeb 4.44.0.09170 2008.02.26 -
eSafe 7.0.15.0 2008.02.26 -
eTrust-Vet 31.3.5564 2008.02.26 -
Ewido 4.0 2008.02.26 -
FileAdvisor 1 2008.02.26 -
Fortinet 3.14.0.0 2008.02.26 -
F-Prot 4.4.2.54 2008.02.26 -
F-Secure 6.70.13260.0 2008.02.26 -
Ikarus T3.1.1.20 2008.02.26 -
Kaspersky 7.0.0.125 2008.02.26 -
McAfee 5238 2008.02.26 -
Microsoft 1.3204 2008.02.26 -
NOD32v2 2903 2008.02.26 -
Norman 5.80.02 2008.02.26 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.26 -
Rising 20.33.12.00 2008.02.26 -
Sophos 4.27.0 2008.02.26 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.26 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.26 -
VirusBuster 4.3.26:9 2008.02.26 -
Webwasher-Gateway 6.6.2 2008.02.26 -
Information additionnelle
File size: 400896 bytes
MD5: dc1742629c03a1ad3f1e4165742958f6
SHA1: c4ff539a8c698ffb298bdf8b9baab7a39a7ed940
PEiD: -

ATTENTION

0

Répondre Posez votre question

Votre réponse

Discussions similaires

pas de lecteur CD sur la voiture

coco -
coco -

2 réponses

Port USB - lecteur de CD en rajout sur Véhicule non pourvu:

strebj -
MarcodeFrepil95 -

9 réponses

comment lire des cd dans nouvelles voitures sans lecteur cd ?

moi63 -
letotof -

1 réponse

Softonic,est-ce un virus ?

techmel1 -
techmel1 -

6 réponses

plus de lecture CD mais affichage de NO DISC

MAFA2627 -
kaumune -

7 réponses

Virus, mon lecteur CD ne fonctionne plus

68 réponses

Votre réponse

Discussions similaires

Newsletters