asteris

mon ordi a retrouvé une certaine jeunesse avec ton aide je crois que tout est rentré dans l'ordre je t'envois le rapport demandé Malwarebytes' Anti-Malware 1.12 Version de la base de données: 768 Type de recherche: Examen complet (C:\|) Eléments examinés: 148314 Temps écoulé: 55 minute(s), 59 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{b5cac49f-a118-40d8-87b8-4b7883bab681} (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{b0e61956-7218-44d4-b218-2ee4f6776c73} (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MySidesearchSearchAssistant (Adware.BHO) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\Trend Micro\HijackThis\backups\backup-20080329-090143-769.dll (Adware.PopCap) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1089\A0393562.exe (Rogue.Installer) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1089\A0393576.exe (Rogue.Installer) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1090\A0393592.exe (Rogue.Installer) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1090\A0393605.exe (Rogue.Installer) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1161\A0431349.dll (Trojan.FalkeAlert) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1161\A0431353.dll (Trojan.Zlob) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1161\A0431361.dll (Trojan.FalkeAlert) -> No action taken. C:\System Volume Information\_restore{CF165C60-058D-4A74-AE98-5E86FC0F913D}\RP1161\A0431367.dll (Trojan.Zlob) -> No action taken.

avec mes remerciements voici les résultats demandes SDFix: Version 1.183 Run by grandjean on 19/05/2008 at 16:50 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\GRANDJ~1\Bureau\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default HomePage Value Restoring Default Desktop Components Value Rebooting Checking Files : Trojan Files Found: C:\DOCUME~1\GRANDJ~1\LOCALS~1\Temp\privacy_danger\index.htm - Deleted C:\DOCUME~1\GRANDJ~1\LOCALS~1\Temp\privacy_danger\images\capt.gif - Deleted C:\DOCUME~1\GRANDJ~1\LOCALS~1\Temp\privacy_danger\images\danger.jpg - Deleted C:\DOCUME~1\GRANDJ~1\LOCALS~1\Temp\privacy_danger\images\down.gif - Deleted C:\DOCUME~1\GRANDJ~1\LOCALS~1\Temp\privacy_danger\images\spacer.gif - Deleted C:\WINDOWS\fvowketqfgq.dll - Deleted C:\WINDOWS\dwltqnmx.exe - Deleted C:\WINDOWS\fkdnrwsv.dll - Deleted C:\WINDOWS\mpfanvqg.dll - Deleted C:\WINDOWS\oadkxrts.exe - Deleted C:\WINDOWS\pvnsmfor.dll - Deleted C:\WINDOWS\rs.txt - Deleted C:\WINDOWS\sxfnewqb.dll - Deleted C:\WINDOWS\vbksrofa.dll - Deleted Folder C:\DOCUME~1\GRANDJ~1\LOCALS~1\Temp\privacy_danger - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-19 17:15:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:6c549072 "s1"=dword:4f7d9a93 "s2"=dword:771019ff scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID] "\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"="" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Java\\jre1.5.0_02\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_02\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\WINDOWS\\system32\\mcoinstall.exe"="C:\\WINDOWS\\system32\\mcoinstall.exe:*:Enabled:mcoinstall" "C:\\Program Files\\Anti-Leech\\ALIE_1.0.2.1\\alhlp.exe"="C:\\Program Files\\Anti-Leech\\ALIE_1.0.2.1\\alhlp.exe:*:Enabled:Anti-Leech plugin helper program" "C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "X:\\Program Files\\Red Storm Entertainment\\RavenShield\\SYSTEM\\Deploy.exe"="X:\\Program Files\\Red Storm Entertainment\\RavenShield\\SYSTEM\\Deploy.exe:*:Enabled:Deploy.exe" "C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger" "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\GRANDJ~1\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes : Tue 31 Jul 2007 182,441 A..H. --- "C:\Program Files\Google\BITA.tmp" Sun 9 Mar 2008 56 ..SHR --- "C:\WINDOWS\system32\34DC872BAE.sys" Sun 9 Mar 2008 1,682 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Sat 1 Oct 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 7 Feb 2006 299,008 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" Mon 25 Apr 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\uinstrsc.dll" Tue 2 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp" Sat 13 Nov 2004 37,376 A..H. --- "C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe" Mon 28 Apr 2008 11,776 A..H. --- "C:\Program Files\Quark\QuarkXPress 7.0\Required Components\.config.dll" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT2.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT5.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT9.tmp" Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT18.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT1.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT6.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT3.tmp" Tue 16 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\388e66e644283db0233c4a98f2fd08a0\BIT1.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT8.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT4.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT7.tmp" Sat 1 Oct 2005 4,348 ...H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak" Fri 15 Sep 2006 20 A..H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak" Tue 6 Dec 2005 400 ...H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak" Fri 15 Sep 2006 1,536 A..H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak" Fri 8 Dec 2006 1,656 A.SH. --- "C:\Documents and Settings\grandjean\Application Data\Roxio\Dragon\DiscInfoCache\HL-DT-ST_DVDRAM_GMA-4020B_A107_310_DICV018_DRGV20100B7.TMP" Finished! catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-19 17:15:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:6c549072 "s1"=dword:4f7d9a93 "s2"=dword:771019ff scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID] "\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"="" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0

bonjour à toutes et à tous Encore besoin e vous Mon pc depuis ce matin l'écran est blanc mes icones sont surlignés et antivir ne trouve que des saloperies Des icones ont disparu du bureau Je vous envoie le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:49:46, on 19/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\PROMT5\INTEGRAL\pinmenu.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: QXK Rhythm - {132F969E-2442-47BE-8CC8-955483AF951B} - C:\WINDOWS\fvowketqfgq.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: pvnsmfor - {CB07D6A9-7491-4A84-B8E8-E846CC689DDC} - C:\WINDOWS\pvnsmfor.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PROMT Integrator] "C:\Program Files\PROMT5\INTEGRAL\PinStart.exe" /autorun O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://baccara08.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O21 - SSODL: mpfanvqg - {1522FD97-4905-4819-995E-BA98DBF5A11A} - C:\WINDOWS\mpfanvqg.dll O21 - SSODL: vbksrofa - {4B0D882C-675D-43F8-9C53-99E4E3F07DBE} - C:\WINDOWS\vbksrofa.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 13888 bytes Merci

Pendant ce temps, je regardais tranquillement les gambettes de ma chienne qui dansait la tecktonik des plaques. Chemin faisant, les randonneurs surfaient sur la canopée, prenant au tragique la disparition de Rion chérie, et cherchaient activement des indices de son retour probable chez les Zébuloniens. Vraisemblablement partie en Andalousie, Miss Acacia, ses poils et cheveux lissés, ignorait son incroyable beauté corse, corsée et corsetée. En réalité, elle chantait afin d'éloigner le spectre cauchemardesque de Casper qui se pointait, délétère et plein de malice. Revenue une semaine en arrière, c'était avec plaisir qu'elle se prélassait nue, altière, sous le regard agacé du chef

Cela devenait lourd pour les non-voyants avec leur handicap tellement pénalisant. Être ou ne pas boire telle moi au couvent, c'est espérer l'impossible car bus, voiture, camion, poussent à la consommation ! En conclusion et pour finir, n'hésitons pas à remonter la bretelle du pantalon

bonjour à toutes et à tous Encore besoin de vous Une amie a quelques soucis. Elle est sous windows XP PRO Quand elle allume son pc tout se passe bien mais quand le bureau s'affiche il est impossible d'ouvrir un icone, que faire ? Merci à toutes et à tous pour vos conseils

j'ai tout supprimé E-mule Azureus Ares Les enfants sont pas très content mais tant pis ils ont qu'a s'acheter un ordinateur et ils pourront faire ce qui veulent avec. GRAND MERCI A TOUS POUR L'AIDE APPORTEE

- « Arrêtez cette mascarade, misérables vers de vase, vos prétentions, aussi basses soient-elles, agacent les politiciens qui sont blacboulés. Les autres Gremlins savent qu' il ne faut pas mettre la main au panier ! » Toutes ces raisons forcent Dylav à envisager le pire : une épilation totale ! Mais juste les fôtes d'ortografe, et en douceur ! Cette affreuse peluche remplie de bave se mit à braire inlassablement et dégobilla son goûter ! Bonjour la moquette, les chaussures et les soutifs pigeonnants... Mais fallait pas rougir ainsi. Je suis vraiment désolé : pas fait exprès ! Promis, je ne boirai plus autant d'eau, j'écumerai les rades et je me ferai défoncer la caisse en bois de rose et finirai par vomir dans la sauce Béchamel ! Soudain dégrisée, DKlâgOR cria : « Bordel ! Ma cuillère à pot est rouillée ! Vite ! Seul Dylav peut me dérouiller la zone érogène de mon halogène. Qui saura donc comment écrire “goûter” sans hésitation aucune ? » Et pourquoi donc ?

je te remercie de l'aide que tu m'a apporté pour solutionner tous mes problèmes. Je vais essayer d'être plus vigilant. Je te souhaite un bon dimanche et merci encore A plus+++++++

Non je n'ai plus de pub et l'ordi est hyper rapide. Je te donne le ernier rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:20:03, on 29/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Ares\Ares.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-0f02b1b388d3f802.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe -- End of file - 13345 bytes

voici le rapport Clean Navipromo version 3.5.1 commencé le 29/03/2008 à 18:58:47,64 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "grandjean" Actual User Account : "grandjean" Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans C:\WINDOWS\System32 * * Suppression dans "C:\Documents and Settings\grandjean\locals~1\applic~1" * * Suppression dans "C:\docume~1\Administrateur\locals~1\applic~1" * *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Suppression dossiers dans "C:\Documents and Settings\grandjean\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\grandjean\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\grandjean\menudm~1\progra~1" *** *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\grandjean\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans C:\WINDOWS\system32 * * Dans "C:\Documents and Settings\grandjean\locals~1\applic~1" * jnhpfzj.dat trouvé ! Copie jnhpfzj.dat réalisée avec succès ! jnhpfzj.dat supprimé ! jnhpfzj_nav.dat trouvé ! Copie jnhpfzj_nav.dat réalisée avec succès ! jnhpfzj_nav.dat supprimé ! jnhpfzj_navps.dat trouvé ! Copie jnhpfzj_navps.dat réalisée avec succès ! jnhpfzj_navps.dat supprimé ! jnhpfzj.exe trouvé ! Copie jnhpfzj.exe réalisée avec succès ! jnhpfzj.exe supprimé ! C:\WINDOWS\prefetch\jnhpfzj*.pf trouvé ! Copie C:\WINDOWS\prefetch\jnhpfzj*.pf réalisée avec succès ! C:\WINDOWS\prefetch\jnhpfzj*.pf supprimé ! * Dans "C:\docume~1\Administrateur\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 29/03/2008 à 19:03:49,60 *** A ++++

voici le rapport navilog Search Navipromo version 3.5.1 commencé le 29/03/2008 à 17:50:34,17 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "grandjean" Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Recherche dossiers dans "C:\Documents and Settings\grandjean\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\grandjean\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\grandjean\menudm~1\progra~1" *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Aucun Fichier trouvé *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\grandjean\locals~1\applic~1" * * Recherche dans "C:\docume~1\Administrateur\locals~1\applic~1" * gnc.exe absent, Recherche non effectuee dans "C:\docume~1\Administrateur\locals~1\applic~1" ! *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\grandjean\locals~1\applic~1" : jnhpfzj.dat trouvé ! jnhpfzj_nav.dat trouvé ! jnhpfzj_navps.dat trouvé ! * Dans "C:\docume~1\Administrateur\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 29/03/2008 à 18:06:29,71 ***

J'ai redémarré le pc et surprise il est plus rapide je sens que tes conseils ont fait de l'effet, mais j'ai des alertes de sécurité window Voici le dernier rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:26:45, on 29/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [jnhpfzj] c:\documents and settings\grandjean\local settings\application data\jnhpfzj.exe jnhpfzj O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-0f02b1b388d3f802.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe -- End of file - 13389 bytes

Voici un premier rapport DiagHelp version v1.4 - http://www.malekal.com excute le 29/03/2008 à 9:11:01,45 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->29/03/2008 09:10:55 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->29/03/2008 09:10:41 C:\WINDOWS\prefetch\EXPLORER.EXE-082F38A9.pf -->29/03/2008 09:09:19 C:\WINDOWS\prefetch\WINZIP32.EXE-335422C1.pf -->29/03/2008 09:09:10 C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->29/03/2008 09:06:58 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->29/03/2008 09:06:57 C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->29/03/2008 09:06:22 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->29/03/2008 09:06:11 C:\WINDOWS\prefetch\HIJACKTHIS.EXE-34A0FC79.pf -->29/03/2008 09:06:06 C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->29/03/2008 09:05:45 C:\WINDOWS\System32\drivers\pxhelp20.sys -->21/02/2008 03:05:38 C:\WINDOWS\System32\drivers\avipbb.sys -->03/02/2008 20:28:06 C:\WINDOWS\System32\drivers\pcouffin.sys -->26/12/2007 08:05:55 C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 10:51:35 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\drivers\TVICHW32.SYS -->04/11/2007 09:48:57 C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55 C:\WINDOWS\System32\wpa.dbl -->29/03/2008 09:05:19 C:\WINDOWS\System32\tmp.txt -->28/03/2008 12:27:52 C:\WINDOWS\System32\tmp.reg -->28/03/2008 12:27:52 C:\WINDOWS\System32\IEDFix.exe -->26/03/2008 08:50:46 C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->25/03/2008 18:15:54 C:\WINDOWS\System32\VACFix.exe -->22/03/2008 15:49:40 C:\WINDOWS\System32\nvs2.inf -->19/03/2008 09:29:38 C:\WINDOWS\System32\FNTCACHE.DAT -->13/03/2008 05:55:22 C:\WINDOWS\System32\perfh00C.dat -->09/03/2008 04:41:57 C:\WINDOWS\System32\PerfStringBackup.INI -->09/03/2008 04:41:56 C:\WINDOWS\System32\perfh009.dat -->09/03/2008 04:41:56 C:\WINDOWS\System32\perfc00C.dat -->09/03/2008 04:41:56 C:\WINDOWS\System32\perfc009.dat -->09/03/2008 04:41:56 C:\WINDOWS\System32\KGyGaAvL.sys -->09/03/2008 04:29:27 C:\WINDOWS\System32\34DC872BAE.sys -->09/03/2008 04:29:05 C:\WINDOWS\System32\MRT.exe -->05/03/2008 08:30:56 C:\WINDOWS\System32\javaws.exe -->22/02/2008 02:33:32 C:\WINDOWS\System32\javacpl.cpl -->22/02/2008 02:33:31 C:\WINDOWS\System32\javaw.exe -->22/02/2008 01:23:39 C:\WINDOWS\System32\java.exe -->22/02/2008 01:23:35 C:\WINDOWS\System32\dtu_fr.qm -->21/02/2008 03:11:34 C:\WINDOWS\System32\dsm_fr.qm -->21/02/2008 03:05:52 C:\WINDOWS\System32\divxsm.tlb -->21/02/2008 03:05:52 C:\WINDOWS\System32\DivXsm.exe -->21/02/2008 03:05:52 C:\WINDOWS\System32\qt-dx331.dll -->21/02/2008 03:05:44 C:\WINDOWS\WindowsUpdate.log -->29/03/2008 09:05:54 C:\WINDOWS\0.log -->29/03/2008 09:04:55 C:\WINDOWS\wiadebug.log -->29/03/2008 09:04:50 C:\WINDOWS\wiaservc.log -->29/03/2008 09:04:37 C:\WINDOWS\ACMonitor_X83.ini -->29/03/2008 09:04:11 C:\WINDOWS\bootstat.dat -->29/03/2008 09:04:01 C:\WINDOWS\SchedLgU.Txt -->29/03/2008 09:02:42 C:\WINDOWS\ntbtlog.txt -->28/03/2008 19:45:56 C:\WINDOWS\WgaNotify.log -->28/03/2008 12:26:54 C:\WINDOWS\setupapi.log -->28/03/2008 12:26:48 C:\WINDOWS\setupact.log -->28/03/2008 11:54:58 C:\WINDOWS\setuperr.log -->28/03/2008 11:50:59 C:\WINDOWS\NeroDigital.ini -->27/03/2008 16:15:54 C:\WINDOWS\tarot.cfg -->23/03/2008 07:58:53 C:\WINDOWS\winamp.ini -->21/03/2008 20:34:57 winlogon.exe Verified: Unsigned svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1952 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x13420000 0x1a000 11.00.5721.5145 C:\PROGRA~1\WINDOW~3\wmpband.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x10000000 0x29000 12.00.0000.0001 C:\Program Files\ScanSoft\OmniPageSE2.0\ophookSE2.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x01c30000 0x14000 2.07.0002.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll 0x02e40000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 0x01dd0000 0x29000 C:\Program Files\WinRAR\rarext.dll 0x022f0000 0x1b9000 2.00.0000.0008 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x01fc0000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 804 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x01220000 0xae000 1.05.0540.0000 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78FA-F7C4 Répertoire de C:\WINDOWS\system32 04/08/2004 01:54 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 86 696 267 776 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78FA-F7C4 Répertoire de C:\WINDOWS\Downloaded Program Files 29/03/2008 09:01 <REP> . 29/03/2008 09:01 <REP> .. 27/03/2008 11:39 <REP> CONFLICT.1 28/09/2005 09:32 65 desktop.ini 25/07/2002 16:13 24 576 dwusplay.dll 25/07/2002 16:13 196 608 dwusplay.exe 09/02/2005 16:54 1 271 erma.inf 16/02/2005 16:15 401 408 isusweb.dll 04/03/2005 03:52 752 jinstall-1_5_0_02.inf 29/05/2003 14:00 160 864 messengerstatsclient.dll 22/02/2007 23:41 304 544 MessengerStatsPAClient.dll 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 29/05/2003 14:00 84 064 minesweeper.dll 14/03/2005 12:39 227 MsnMessengerSetupDownloader.inf 17/03/2005 13:48 113 152 MsnMessengerSetupDownloader.ocx 20/06/2006 14:44 379 704 MsnPUpld.dll 19/06/2006 13:40 393 MsnPUpld.inf 15/06/2007 09:02 632 392 OberonGameHost.dll 15/06/2007 09:01 332 OberonGameHost_dbg.inf 29/06/2005 17:17 227 opuc.inf 20/06/2006 14:44 117 560 PURen-us.dll 31/05/2002 08:20 117 328 purfr-fr.dll 04/11/2007 09:48 23 600 tvichw32.sys 20 fichier(s) 2 560 229 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 27/03/2008 11:39 <REP> . 27/03/2008 11:39 <REP> .. 06/08/2007 12:10 68 992 PURfr-fr.dll 1 fichier(s) 68 992 octets Total des fichiers listés : 21 fichier(s) 2 629 221 octets 5 Rép(s) 86 696 259 584 octets libres Recherche de rootkit! (Merci S!Ri) infection possible Magic.Control : un scan F-Secure BlackLight est recommandé Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Java\\jre1.5.0_02\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_02\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\WINDOWS\\system32\\mcoinstall.exe"="C:\\WINDOWS\\system32\\mcoinstall.exe:*:Enabled:mcoinstall" "C:\\Program Files\\Anti-Leech\\ALIE_1.0.2.1\\alhlp.exe"="C:\\Program Files\\Anti-Leech\\ALIE_1.0.2.1\\alhlp.exe:*:Enabled:Anti-Leech plugin helper program" "C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "X:\\Program Files\\Red Storm Entertainment\\RavenShield\\SYSTEM\\Deploy.exe"="X:\\Program Files\\Red Storm Entertainment\\RavenShield\\SYSTEM\\Deploy.exe:*:Enabled:Deploy.exe" "C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger" "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-29 09:12:27 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:6c549072 "s1"=dword:4f7d9a93 "s2"=dword:771019ff scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID] "\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"="" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "jnhpfzj"="c:\documents and settings\grandjean\local settings\application data\jnhpfzj.exe jnhpfzj" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 224 - ACMonitor_X83.e 240 - RoxWatchTray9.e 280 - avgnt.exe 292 - ctfmon.exe 300 - msnmsgr.exe 308 - NMBgMonitor.exe 316 - wcescomm.exe 368 - jnhpfzj.exe 760 - CPSHelpRunner.e 780 - csrss.exe 804 - winlogon.exe 852 - services.exe 864 - lsass.exe 1020 - svchost.exe 1044 - NMIndexStoreSvr 1100 - svchost.exe 1192 - svchost.exe 1232 - svchost.exe 1496 - svchost.exe 1624 - spoolsv.exe 1672 - avguard.exe 1860 - aawservice.exe 1920 - sched.exe 1952 - explorer.exe 2036 - atiptaxx.exe 2060 - ADCDLicSvc.exe 2096 - mDNSResponder.e 2188 - CDAC11BA.EXE 2324 - GoogleUpdaterSe 2656 - svchost.exe 3040 - cmd.exe 3508 - alg.exe 3804 - IEXPLORE.EXE Total number of processes = 34 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806EC000 - \WINDOWS\system32\hal.dll F8A37000 - \WINDOWS\system32\KDCOM.DLL F8947000 - \WINDOWS\system32\BOOTVID.dll F8445000 - sptd.sys F8A39000 - \WINDOWS\System32\Drivers\WMILIB.SYS F842D000 - \WINDOWS\System32\Drivers\SPTD5181.SYS F83FE000 - ACPI.sys F83ED000 - pci.sys F8537000 - isapnp.sys F8547000 - ohci1394.sys F8557000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F8A3B000 - avgarkt.sys F8AFF000 - pciide.sys F87B7000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F8567000 - MountMgr.sys F83CE000 - ftdisk.sys F8A3D000 - dmload.sys F83A8000 - dmio.sys F87BF000 - PartMgr.sys F87C7000 - sfsync02.sys F8577000 - VolSnap.sys F8390000 - atapi.sys F837E000 - viaraid.sys F8366000 - \WINDOWS\System32\DRIVERS\SCSIPORT.SYS F8587000 - disk.sys F8597000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F8346000 - fltMgr.sys F8334000 - sr.sys F85A7000 - PxHelp20.sys F831D000 - KSecDD.sys F830A000 - WudfPf.sys F827D000 - Ntfs.sys F8250000 - NDIS.sys F87CF000 - sfhlp02.sys F823F000 - sfdrv01.sys F8224000 - Mup.sys F85B7000 - agp440.sys F85E7000 - \SystemRoot\System32\DRIVERS\nic1394.sys F8677000 - \SystemRoot\system32\DRIVERS\intelppm.sys F790E000 - \SystemRoot\System32\DRIVERS\ati2mtag.sys F78FA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F88A7000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F78D7000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F88AF000 - \SystemRoot\system32\DRIVERS\usbehci.sys F78B3000 - \SystemRoot\System32\DRIVERS\EL2K_XP.sys F8687000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F88B7000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F88BF000 - \SystemRoot\System32\DRIVERS\mouclass.sys F78A2000 - \SystemRoot\system32\DRIVERS\serial.sys F81E4000 - \SystemRoot\system32\DRIVERS\serenum.sys F88C7000 - \SystemRoot\system32\DRIVERS\fdc.sys F788E000 - \SystemRoot\System32\DRIVERS\parport.sys F8697000 - \SystemRoot\system32\DRIVERS\imapi.sys F86A7000 - \SystemRoot\System32\DRIVERS\cdrom.sys F86B7000 - \SystemRoot\System32\DRIVERS\redbook.sys F786B000 - \SystemRoot\System32\DRIVERS\ks.sys F77DD000 - \SystemRoot\system32\drivers\smwdm.sys F77B9000 - \SystemRoot\system32\drivers\portcls.sys F86C7000 - \SystemRoot\system32\drivers\drmk.sys F77A1000 - \SystemRoot\system32\drivers\aeaudio.sys F8BC5000 - \SystemRoot\System32\DRIVERS\audstub.sys F86D7000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F81D8000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F778A000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F86E7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F86F7000 - \SystemRoot\System32\DRIVERS\raspptp.sys F88CF000 - \SystemRoot\System32\DRIVERS\TDI.SYS F7779000 - \SystemRoot\System32\DRIVERS\psched.sys F8707000 - \SystemRoot\System32\DRIVERS\msgpc.sys F88D7000 - \SystemRoot\System32\DRIVERS\ptilink.sys F88DF000 - \SystemRoot\System32\DRIVERS\raspti.sys F7588000 - \SystemRoot\System32\DRIVERS\rdpdr.sys F8717000 - \SystemRoot\System32\DRIVERS\termdd.sys F8A77000 - \SystemRoot\System32\DRIVERS\swenum.sys F752F000 - \SystemRoot\System32\DRIVERS\update.sys F8727000 - \SystemRoot\System32\Drivers\NDProxy.SYS F8767000 - \SystemRoot\system32\DRIVERS\usbhub.sys F8A79000 - \SystemRoot\system32\DRIVERS\USBD.SYS F88E7000 - \SystemRoot\System32\DRIVERS\flpydisk.sys F8A7D000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F8B05000 - \SystemRoot\System32\Drivers\Null.SYS F8A7F000 - \SystemRoot\System32\Drivers\Beep.SYS F8B87000 - \SystemRoot\System32\DRIVERS\AvgArCln.sys F88F7000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS F88FF000 - \SystemRoot\System32\drivers\vga.sys F8A81000 - \SystemRoot\System32\Drivers\mnmdd.SYS F8A83000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F8907000 - \SystemRoot\System32\Drivers\Msfs.SYS F890F000 - \SystemRoot\System32\Drivers\Npfs.SYS F81F4000 - \SystemRoot\System32\DRIVERS\rasacd.sys EF48C000 - \SystemRoot\System32\DRIVERS\ipsec.sys EF434000 - \SystemRoot\System32\DRIVERS\tcpip.sys EF3E7000 - \SystemRoot\system32\DRIVERS\ipnat.sys F8787000 - \SystemRoot\System32\DRIVERS\wanarp.sys F8917000 - \SystemRoot\system32\DRIVERS\usbccgp.sys EF3BF000 - \SystemRoot\System32\DRIVERS\netbt.sys EF39D000 - \SystemRoot\System32\drivers\afd.sys F8797000 - \SystemRoot\System32\DRIVERS\netbios.sys F891F000 - \SystemRoot\System32\Drivers\StarOpen.SYS F8927000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys F892F000 - \SystemRoot\System32\Drivers\SCDEmu.SYS EF2D2000 - \SystemRoot\System32\DRIVERS\rdbss.sys EF23B000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F7A65000 - \SystemRoot\System32\Drivers\Fips.SYS F7A55000 - \SystemRoot\System32\DRIVERS\arp1394.sys F7751000 - \SystemRoot\System32\DRIVERS\usbscan.sys F8937000 - \SystemRoot\system32\DRIVERS\usbprint.sys F7A45000 - \SystemRoot\system32\DRIVERS\avipbb.sys F8A85000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys EF218000 - \SystemRoot\System32\Drivers\Fastfat.SYS F7A15000 - \SystemRoot\System32\Drivers\Cdfs.SYS EF200000 - \SystemRoot\System32\Drivers\dump_atapi.sys F8A8F000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys EF4D7000 - \SystemRoot\System32\drivers\Dxapi.sys F8837000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F8B6A000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA0B000 - \SystemRoot\System32\ati2cqag.dll BFA43000 - \SystemRoot\System32\ati3d1ag.dll BFFA0000 - \SystemRoot\System32\ATMFD.DLL EF0C4000 - \SystemRoot\System32\DRIVERS\ndisuio.sys EEE55000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys EEE18000 - \SystemRoot\system32\drivers\wdmaud.sys EF32D000 - \SystemRoot\system32\drivers\sysaudio.sys EE9AE000 - \SystemRoot\System32\DRIVERS\mrxdav.sys F8A8B000 - \SystemRoot\System32\Drivers\ParVdm.SYS EE79E000 - \??\C:\WINDOWS\System32\drivers\CdaC15BA.SYS EEA2A000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys EE574000 - \SystemRoot\System32\DRIVERS\srv.sys EE616000 - \SystemRoot\System32\DRIVERS\secdrv.sys F8827000 - \??\C:\Program Files\Player Metaboli\X4HSX32.Sys EE28B000 - \SystemRoot\System32\Drivers\HTTP.sys F8B28000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 136 Liste des programmes installes 123 Free Solitaire 4Musics MP3 to WAV Converter v1.5 Ad-Aware 2007 Ad-Aware SE Professional Adobe Acrobat 7.0.1 and Reader 7.0.1 Update Adobe Acrobat 7.0.2 and Reader 7.0.2 Update Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge 1.0 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Common File Installer Adobe Creative Suite 3 Web Premium Adobe Default Language CS3 Adobe Device Central CS3 Adobe Download Manager 2.0 (Supprimer uniquement) Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Flash Player 9 ActiveX Adobe Flash Player 9 ActiveX Adobe Flash Player 9 Plugin Adobe Fonts All Adobe Help Center 1.0 Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Photoshop CS3 Adobe Reader 7.0 - Français Adobe Setup Adobe Stock Photos 1.0 Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Advanced ZIP Password Recovery AHV content for Acrobat and Flash AIM Ajouter ou supprimer Adobe Creative Suite 3 Web Premium Anti-Leech Plugin for Internet Explorer Archiveur WinRAR ArcSoft PhotoStudio 5.5 Ares 2.0.9 Assistant de connexion Windows Live ATI Control Panel ATI Display Driver AutoUpdate AVG Anti-Rootkit Free Avira AntiVir PersonalEdition Classic AVS DVDMenu Editor 1.2.1.19 AVS Video Tools 5.6 Azureus BoontyBox 2.2 CamfrogWEB Advanced ActiveX Plugin (remove only) Canon MP Navigator 3.0 Canon MP180 Canon Utilities Easy-PhotoPrint CCleaner (remove only) Ciel Compta 14.0 Ciel eSauvegarde Compt'In 4.3 Correctif pour Lecteur Windows Media 11 (KB939683) Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Cryptext (Remove Only) DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player Drive Rescue 1.9 EasyRecovery DataRecovery Essai EasyRecovery DataRecovery Trial Enregistrement utilisateur de Canon MP180 EVEREST Ultimate Edition v4.00 Google Toolbar for Internet Explorer Handy Recovery 1.0 HijackThis 2.0.2 Hitman Blood Money Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB909394) Hotfix for Windows XP (KB926239) J2SE Runtime Environment 5.0 Update 6 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Language pack for Ad-Aware SE Lecteur Windows Media 11 LimeWire 4.12.11 Livebox Ludiclub.com Macromedia Shockwave Player Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft ActiveSync 4.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Software Update for Web Folders (French) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB929969) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933566) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB937143) Mise à jour de sécurité pour Windows XP (KB937894) Mise à jour de sécurité pour Windows XP (KB938127) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB939653) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB941644) Mise à jour de sécurité pour Windows XP (KB942615) Mise à jour de sécurité pour Windows XP (KB943055) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB943485) Mise à jour de sécurité pour Windows XP (KB944533) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour de sécurité pour Windows XP (KB946026) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB936357) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mise à jour pour Windows XP (KB942840) Mise à jour pour Windows XP (KB946627) MP3 Player Utilities 4.00 MP3 Wave Maker 4.0 MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MySidesearch Search Assistant Dcads Navman SmartST Desktop 2006 SE Nero 7 Premium Norton WMI Update OmniPage SE Outil de mise à jour Google PC Inspector File Recovery PDF Settings Player Metaboli Pool Paradise PowerDVD PowerISO Proxomitron v4.5 QuarkXPress 7.0 QuickPar 0.9 QuickTime QuickTime Recuva (remove only) Reverso Pro 5 EFFE Roxio Easy Media Creator 9 Suite SafeCast Shared Components SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile Composite Device Software Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem ^^ SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio Samsung PC Studio 3 Samsung PC Studio 3 Samsung PC Studio 3 USB Driver Installer Samsung Samples Installer Search Assistant Dcads SecondLife (remove only) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Excel 2007 (KB946974) Security Update for Office 2007 (KB934062) Security Update for Office 2007 (KB947801) Security Update for Outlook 2007 (KB946983) Security Update for Publisher 2007 (KB936646) Security Update for the 2007 Microsoft Office System (KB936960) Security Update pour Microsoft .NET Framework 2.0 (KB928365) SIW 1.68 SP2 Connection Patcher Ston3D plugin 1.1.3.4 Sudoku-Fever Symantec Network Drivers Update UltraISO V7.22 Update for Office 2007 (KB932080) Update for Office 2007 (KB934391) Update for Office 2007 (KB934393) Update for Outlook 2007 Junk Email Filter (kb947945) Update for Word 2007 (KB934173) USB Flash Disk USB Mass Storage Toolbox USB Storage Driver Viewpoint Media Player WebFldrs XP WebTarot 1.20 Winamp (remove only) WinAVI Video Converter 8.0 Windows Defender Signatures Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Installer 3.1 (KB893803) Windows Live installer Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 WinISO 5.3 WinZip WinZip Self-Extractor Workshop DeskManager Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78FA-F7C4 Répertoire de C:\Program Files 28/03/2008 19:39 <REP> . 28/03/2008 19:39 <REP> .. 29/04/2005 09:26 <REP> 123 Free Solitaire 26/10/2007 18:44 <REP> Adobe 08/12/2006 13:47 <REP> Ahead 29/05/2006 13:37 <REP> AIM 16/04/2005 15:23 <REP> Alcohol Soft 05/09/2007 16:28 <REP> Alwil Software 30/07/2006 04:34 <REP> Anti-Leech 19/08/2006 10:59 <REP> Aprps 26/09/2006 10:02 <REP> ArcSoft 31/01/2008 18:05 <REP> Ares 05/08/2007 10:45 <REP> ATI Technologies 05/09/2005 01:05 <REP> Atomix.Virtual.DJ.v3.00.Cracked-iNFECTED 19/08/2006 14:12 <REP> AvantGo Connect 02/02/2008 20:25 <REP> Avira 17/01/2008 15:29 <REP> AVSMedia 08/08/2005 10:36 <REP> AZPR 05/09/2007 15:20 <REP> Azureus 06/09/2007 09:16 <REP> Bonjour 05/09/2007 15:20 <REP> Boonty 03/10/2006 08:18 <REP> BoontyGames 05/09/2007 15:20 <REP> Canon 13/03/2008 09:25 <REP> CCleaner 29/04/2005 14:23 <REP> CD VDJTimeCode 16/09/2006 13:04 <REP> CFWebAdvancedU 19/03/2008 16:52 <REP> Ciel 18/08/2006 11:38 <REP> Common Files 02/04/2005 15:18 <REP> ComPlus Applications 30/06/2007 07:04 <REP> CureROM 02/04/2005 17:34 <REP> CyberLink 02/04/2005 17:39 <REP> directx 21/03/2008 19:16 <REP> DivX 26/07/2007 08:30 <REP> Drive Rescue 03/10/2006 08:31 <REP> D-Tools 03/05/2005 19:08 <REP> Effects 28/03/2008 06:59 <REP> eMule 05/09/2007 15:20 <REP> eoRezo 26/12/2007 10:28 <REP> eToro 28/03/2008 15:26 <REP> Fichiers communs 28/03/2008 11:04 <REP> Google 29/03/2008 07:44 <REP> Grisoft 25/07/2007 11:10 <REP> Hot CPU Tester Pro 4 LE 29/04/2005 14:23 <REP> id3-tag for VirtualDJ v2.01 02/04/2005 16:01 <REP> Intel 13/02/2008 03:01 <REP> Internet Explorer 25/03/2008 18:15 <REP> Java 11/04/2006 08:07 <REP> Kaspersky Lab 26/07/2007 09:00 <REP> Lavalys 27/03/2008 16:20 <REP> Lavasoft 25/07/2007 11:30 <REP> lecteur windows media 11 17/09/2006 19:33 <REP> LexmarkX83 05/09/2007 16:23 <REP> LimeWire 18/01/2008 00:04 <REP> Live_TV 26/12/2007 09:16 <REP> Ludiclub 17/10/2006 13:42 <REP> Lyad Messenger 28/09/2005 09:46 <REP> Messenger 25/07/2007 11:10 <REP> MetaBench 15/12/2007 17:28 <REP> Microsoft ActiveSync 25/07/2007 11:01 <REP> Microsoft CAPICOM 2.1.0.2 02/04/2005 15:21 <REP> microsoft frontpage 16/08/2007 02:03 <REP> Microsoft Office 09/03/2008 04:20 <REP> Microsoft SQL Server 08/02/2007 10:56 <REP> Microsoft Visual Studio 08/02/2007 10:51 <REP> Microsoft Visual Studio 8 08/02/2007 10:57 <REP> Microsoft Works 08/02/2007 10:54 <REP> Microsoft.NET 28/09/2005 09:31 <REP> Movie Maker 03/07/2007 14:56 <REP> MP3 Player Utilities 4.00 10/09/2005 15:26 <REP> MP3 Wave Maker 17/02/2007 12:54 <REP> mp3facedale 08/02/2007 10:56 <REP> MSBuild 02/04/2005 15:18 <REP> MSN 02/04/2005 15:18 <REP> MSN Gaming Zone 31/01/2007 19:47 <REP> MSXML 4.0 08/12/2006 13:53 <REP> Nero 28/09/2005 09:31 <REP> NetMeeting 27/09/2005 07:46 <REP> OfficeUpdate11 26/07/2007 16:07 <REP> Ontrack 17/09/2006 01:40 <REP> orange 25/07/2007 11:00 <REP> Outlook Express 17/09/2006 12:10 <REP> Oxilog 26/07/2007 15:08 <REP> PC Inspector File Recovery 02/03/2007 23:08 <REP> Pense-bete 30/08/2007 07:35 <REP> Player Metaboli 03/10/2006 08:29 <REP> PowerISO 20/10/2005 08:39 <REP> PROMT5 27/03/2008 11:46 <REP> Proxomitron Naoko v4.5 05/08/2007 16:58 <REP> Quark 25/03/2008 18:34 <REP> QuickPar 21/04/2006 03:21 <REP> QuickTime 01/05/2005 17:13 <REP> Ratajik Software 13/09/2005 23:08 <REP> Real 25/07/2007 11:08 <REP> RecoverySoft 26/07/2007 08:26 <REP> Recuva 26/12/2007 08:17 <REP> Riva 11/12/2006 12:13 <REP> Roxio 27/02/2007 12:19 <REP> SAGEM 03/05/2005 19:08 <REP> Samples 03/10/2007 16:24 <REP> Samsung 27/03/2008 12:19 <REP> ScanSoft 06/03/2008 00:51 <REP> SecondLife 02/04/2005 15:20 <REP> Services en ligne 03/05/2005 19:08 <REP> Skins 26/07/2007 15:15 <REP> SoftLogica 30/12/2005 22:36 <REP> SP2 Connection Patcher 09/05/2006 02:34 <REP> StoneTrip 06/03/2008 12:11 <REP> Sudoku-Fever 21/11/2006 19:41 <REP> Taroteam 06/11/2007 11:42 <REP> Topala Software Solutions 27/03/2008 18:17 <REP> Trend Micro 02/04/2005 17:27 <REP> UltraISO 03/07/2007 14:55 <REP> USBDisk 17/02/2007 12:56 <REP> USBToolbox 27/03/2008 12:27 <REP> UseNeXT 09/03/2008 05:11 <REP> VideoLAN 29/05/2006 13:36 <REP> Viewpoint 03/10/2006 08:29 <REP> VirtualDJ 03/10/2006 08:28 <REP> Wanadoo Jeux 23/03/2008 07:37 <REP> Webtarot 16/05/2005 03:39 <REP> Winamp 26/12/2007 12:29 <REP> WinAVI Video Converter 09/03/2008 12:59 <REP> Windows Live 14/03/2008 07:43 <REP> Windows Live Toolbar 30/06/2005 19:17 <REP> Windows Media Components 02/10/2007 05:02 <REP> Windows Media Connect 2 02/10/2007 05:06 <REP> Windows Media Player 28/09/2005 09:29 <REP> Windows NT 02/10/2005 07:16 <REP> WinISO 05/09/2007 16:23 <REP> WinRAR 11/08/2006 07:31 <REP> WinZip 08/08/2005 06:01 <REP> WinZip Self-Extractor 16/10/2005 10:44 <REP> Workshop DeskManager 02/04/2005 15:21 <REP> xerox 28/03/2008 07:03 <REP> Yahoo Pool Aimer Trial Version 14/03/2008 07:35 <REP> Yahoo! 28/03/2008 07:04 <REP> YesMessenger 0 fichier(s) 0 octets 137 Rép(s) 86 684 872 704 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78FA-F7C4 Répertoire de C:\Program Files\fichiers communs 28/03/2008 15:26 <REP> . 28/03/2008 15:26 <REP> .. 26/10/2007 19:00 <REP> Adobe 30/09/2005 07:20 <REP> Adobe Systems Shared 23/08/2007 23:50 <REP> Ahead 15/10/2005 10:50 <REP> Autodata Limited Shared 17/01/2008 17:33 <REP> AVSMedia 14/03/2008 18:32 <REP> Ciel 08/02/2007 10:56 <REP> DESIGNER 19/08/2006 14:37 <REP> GIS 24/09/2005 17:45 <REP> InstallShield 03/04/2005 19:00 <REP> Java 30/06/2005 19:19 <REP> Logitech 06/09/2007 09:06 <REP> Macrovision Shared 12/02/2007 19:11 <REP> Mapserv 09/03/2008 12:58 <REP> Microsoft Shared 02/04/2005 15:19 <REP> MSSoap 27/10/2007 12:32 <REP> Oberon Media 02/04/2005 16:12 <REP> ODBC 04/04/2005 20:07 <REP> qllcltab 23/12/2007 09:35 <REP> Real 11/12/2006 12:11 <REP> Roxio Shared 13/03/2008 06:01 <REP> SAGE 27/03/2008 11:46 <REP> ScanSoft Shared 02/04/2005 15:19 <REP> Services 11/12/2006 12:12 <REP> Sonic Shared 02/04/2005 16:12 <REP> SpeechEngines 26/12/2007 08:17 <REP> SWF Studio 25/07/2007 11:00 <REP> System 27/03/2008 16:19 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 30 Rép(s) 86 684 876 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78FA-F7C4 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 08/02/2007 10:55 <REP> . 08/02/2007 10:55 <REP> .. 02/04/2005 17:13 <REP> 1033 08/02/2007 10:48 <REP> 1036 26/10/2006 19:49 970 528 MSONSEXT.DLL 26/10/2006 20:12 40 256 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 11/07/2003 01:25 80 448 PKMWS.DLL 5 fichier(s) 1 341 202 octets 4 Rép(s) 86 684 876 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 78FA-F7C4 Répertoire de C:\Program Files\common files 18/08/2006 11:38 <REP> . 18/08/2006 11:38 <REP> .. 18/08/2006 11:38 <REP> Microsoft Shared 0 fichier(s) 0 octets 3 Rép(s) 86 684 876 800 octets libres c:\Documents and Settings\All Users\Application Data\Exetender\Setup.exe c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chocolatier\fr-FR\chocolatier.exe c:\Documents and Settings\grandjean\Application Data\inst.exe c:\Documents and Settings\grandjean\Application Data\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe c:\Documents and Settings\grandjean\Application Data\Microsoft\Installer\{95D3658E-D526-4891-822D-B2A6C3DED9CE}\_0BB4443E44741FB805887C.exe c:\Documents and Settings\grandjean\Bureau\BTFix\BTFix.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\diff.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\find2.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\grep.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\gzip.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\md5sums.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\sigcheck.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\streams.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\grandjean\Bureau\DiagHelp\tar.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\ad-aware 2007 pro adaware + serial language + crack.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\aaw2007.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\Ad-Aware2007.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\Ad-Watch2007.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\HostFileEditor.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\lsupdatemanager.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\ProcessWatch.exe c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Pack de Lenguajes\pllangs.exe c:\Documents and Settings\grandjean\Local Settings\Temporary Internet Files\Content.IE5\0PZ3MH64\avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515[1].exe c:\Documents and Settings\grandjean\Mes documents\Microsoft .NET Framework 1.1.exe c:\Documents and Settings\grandjean\Mes documents\SetupYesMessenger.exe c:\Documents and Settings\grandjean\Mes documents\Avs Video Converter + 5.6 Keygen\avsvideotools.exe c:\Documents and Settings\grandjean\Mes documents\fredo\Second_Life_1-19-0-5_Setup.exe c:\Documents and Settings\grandjean\Mes documents\fredo\ToUcamWebUpdate13.exe c:\Documents and Settings\grandjean\Mes documents\fredo\yesmessenger.exe c:\Documents and Settings\grandjean\Mes documents\programmes\everestultimate400.exe c:\Documents and Settings\grandjean\Mes documents\programmes\keygen.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\start.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\Acroread\AdbeRdr80_fr_FR.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Setup.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Adobe\AcrobatReader_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Microsoft Redist\dotnetfx_2_0_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Microsoft Redist\Jet40SP8_9xNT.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Microsoft Redist\mdac_3525_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Microsoft Redist\Windows_Installer_Service_2.0_pour_Win95-98-Me.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Microsoft Redist\WindowsInstaller-KB893803-v2-x86.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\directdeclaration\Sage Redist\EdiTvaAx.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\FlashPlayer\Flash_Player_9.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\Install\Install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\Internet Explorer 6.0\IE6SETUP.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\Internet Explorer 6.0\IEAK6.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\Internet Explorer 6.0\IEAK6CD.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\Keygen\keygen.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\MM_VERSION_2005\_isdel.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\MM_VERSION_2005\INSTALL.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\MM_VERSION_2005\EditTvaAX\EdiTvaAx.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\MM_VERSION_2005\esauvegarde\install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\MM_VERSION_2005\esauvegarde\msjavx86_3802.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\MM_VERSION_2005\esauvegarde\Setup.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\ProfK\PROFCOMP.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\compta_comptes.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\compta_ecriture.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\compta_editions.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\compta_trucs.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\compta_Vue.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\drwk.exe c:\Documents and Settings\grandjean\Mes documents\programmes\ciel 2008\video\fwk.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Keygen.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\start.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Starter.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Acroread\AcroReader51_FRA.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\directdeclaration\setup.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\directdeclaration\Acrobat\ar405fre.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\directdeclaration\Microsoft Redist\dotnetfx_1_1_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\directdeclaration\Microsoft Redist\Jet40SP8_9xNT.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\directdeclaration\Microsoft Redist\mdac_3525_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\ecommerce\setup.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\ecommerce\Microsoft Redist\dotnetfx_2_0_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\ecommerce\Microsoft Redist\Jet40SP8_9xNT.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\ecommerce\Microsoft Redist\mdac_3525_fr.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\WCPTA\Install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\WGC\Install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\WIMMO\Install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Install\WPAYE\Install.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Internet Explorer 6.0\IE6SETUP.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Internet Explorer 6.0\IEAK6.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\Internet Explorer 6.0\IEAK6CD.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\profg\PROFGEST.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\profk\PROFCOMP.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\compta_comptes.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\compta_ecriture.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\compta_editions.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\compta_trucs.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\compta_vue.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\drwg.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\drwk.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\drwp.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\fwg.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\fwk.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\fwp.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\gestion_editions.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\gestion_finances.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\gestion_piece.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\gestion_trucs.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\gestion_vue.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\paye_bulletin.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\paye_editions.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\paye_finance.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\paye_trucs.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Ciel Solution 2007+activation crack\Ciel Solution 2007\video\paye_vue.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\aaw2007.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\Ad-Aware2007.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\Ad-Watch2007.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\HostFileEditor.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\lsupdatemanager.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\ProcessWatch.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Pack de Lenguajes\pllangs.exe c:\Documents and Settings\grandjean\Mes documents\programmes\media player 11\Lecteur Windows Media 11 Fr (Cracker Pour Fonctionné Avec Un Windows Piraté.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Nouveau Code De La Route Micro Application 2006 By ATF\AUTORUN.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Nouveau Code De La Route Micro Application 2006 By ATF\NAVIGMA.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\Nouveau Code De La Route Micro Application 2006 By ATF\setup\flashplayer6_winax.exe c:\Documents and Settings\grandjean\Mes documents\programmes\Nouveau Code De La Route Micro Application 2006 By ATF\setup\setup.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\catchme.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\cliptext.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\download.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\ERUNT.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\FixPath.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\grep.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\isadmin.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\LS.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\MD5File.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\Process.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\procs.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\psservice.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\RestartIt!.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\sc.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\sed.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\SF.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\shutdown.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\swreg.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\swsc.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\unzip.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\vfind.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\WINMSG.EXE c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\zip.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\Replace\regedit.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\Replace\W2K.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SDFix\apps\Replace\XP.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\dumphive.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\exit.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\HostsChk.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\IEDFix.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\Process.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\Reboot.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\restart.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\swreg.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\swsc.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\swxcacls.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\UIFix.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\unzip.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\VACFix.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\VCCLSID.exe c:\Documents and Settings\grandjean\Mes documents\programmes\SmitfraudFix\WS2Fix.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.04.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.05.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.26.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.34.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.38.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.53.exe c:\Documents and Settings\grandjean\Mes documents\UseNeXT\UseNeXTSetup_4.61.exe c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0401\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0401\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0401\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0404\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0404\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0404\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0405\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0405\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0405\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0406\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0406\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0406\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0407\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0407\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0407\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0408\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0408\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0408\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0409\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0409\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0409\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040b\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040b\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040b\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040c\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040c\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040c\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040e\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040e\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\040e\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0410\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0410\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0410\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0411\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0411\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0411\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0412\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0412\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0412\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0413\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0413\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0413\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0414\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0414\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0414\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0415\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0415\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0415\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0419\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0419\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0419\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041D\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041D\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041D\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041E\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041E\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041E\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041F\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041F\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\041F\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0804\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0804\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0804\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0816\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0816\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0816\CNMur82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0c0a\CNMlr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0c0a\CNMsr82.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP180 Printer\LanguageModules\0c0a\CNMur82.dll c:\Documents and Settings\All Users\Application Data\Ciel\Données Communes\pdf.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{6A8D5B04-2174-4027-A390-8E0A9D2107D3}\mpengine.dll c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\BunnyBounce\bunnybounce.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\BunnyBounce\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\BunnyBounce\fr-FR\bunnybounce.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\BunnyBounce\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\chainz2.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\core.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\file.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\gfx2d.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\gfx2d_dd7.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\imglib.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\jpeg.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\logger.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\msvcr71.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\snd3d.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\snd3d_fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chainz2\fr-FR\ui2.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chuzzle\fr-FR\Chuzzle.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\delicious2\fr-FR\Delicious2.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\delicious2\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\deliciouswinteredition\fr-FR\deliciouswinteredition.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\deliciouswinteredition\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\heavyweapon\fr-FR\HeavyWeapon.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\core.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\file.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\gfx2d.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\gfx2d_dd7.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\imglib.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\jpeg.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\logger.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\luxor.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\msvcr71.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\snd3d.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\snd3d_fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\luxor\fr-FR\ui2.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MumboJumboExtension\MumboJumboExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PlayfirstExtension\PlayfirstExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PopcapExtension\PopcapExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\grandjean\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVK3}\xmlparse.dll c:\Documents and Settings\grandjean\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LJ35-231UUOKHKVVO}\xmlparse.dll c:\Documents and Settings\grandjean\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll c:\Documents and Settings\grandjean\Application Data\Identities\{000HQ7FF-AD7A-3FG4-9VJM-21SJ3RB1CVVS}\xmlparse.dll c:\Documents and Settings\grandjean\Application Data\Identities\{000HQ7FF-AD7A-3FG4-HE44-22Q2HFA54VV4}\xmlparse.dll c:\Documents and Settings\grandjean\Application Data\Identities\{000HQ7FF-AD7A-3FG5-F0KD-22FOQAMAQVVV}\xmlparse.dll c:\Documents and Settings\grandjean\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\grandjean\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\grandjean\Local Settings\Application Data\Ares\My Shared Folder\Lavasoft Ad-Aware 2007 Professional Edition v7.0.1.4 + Pack de Lenguajes + Crack [www.newpct.com]\Crack\armaccess.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_GRANDJEA-9LGOLT.tar.gz a l'adresse http://upload.malekal.com un second catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-29 09:12:27 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:6c549072 "s1"=dword:4f7d9a93 "s2"=dword:771019ff scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID] "\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"="" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "jnhpfzj"="c:\documents and settings\grandjean\local settings\application data\jnhpfzj.exe jnhpfzj" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0

Malgré tous ces nettoyages j'ai toujours des pubs intempestives qui arrivent sans cesse. Avant ggogle toolbar me bloquait les popups, il ne le fait plus, comme antivir j'ai l'impression que tout passe au travers des protections. Même ma page internet par défaut change, je ne sais plus quoi faire ?

j'ai nettoyé voici le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:53:24, on 28/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Pense-Bête 79f.lnk = C:\Program Files\Pense-bete\pb79f.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe O4 - Global Startup: Weatherscope.lnk = C:\Program Files\Weatherscope\Weatherscope.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/13bf05852a7451...RdxIE601_fr.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-0f02b1b388d3f802.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file://C:\Documents and Settings\grandjean\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe -- End of file - 13855 bytes

voici le premier rapport nettoyer, je n'ai pas encore fait le mode sans échec BTFix 1.091 (par bibi26) - 28/03/2008 19:38:50 - Analyse Lancé depuis C:\Documents and Settings\grandjean\Bureau\BTFix\BTFix.exe ---> Fichiers/Dossiers trouvés - C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe - C:\WINDOWS\system32\dcads_sidebar_uninstall.exe - C:\WINDOWS\system32\superiorads-uninst.exe - C:\WINDOWS\system32\WhoisCL.exe - C:\WINDOWS\system32\dcads_sidebar.dll - C:\WINDOWS\system32\mysidesearch_sidebar.dll - C:\Program Files\Dcads Games Collection\ ---> Analyse terminée le 28/03/2008 19:38:51

J'y suis quand même arrivé voici les rapports SDFix: Version 1.163 Run by grandjean on 28/03/2008 at 16:05 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\GRANDJ~1\Bureau\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default HomePage Value Restoring Default Desktop Components Value Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-28 16:14:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:6c549072 "s1"=dword:4f7d9a93 "s2"=dword:771019ff scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID] "\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"="" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 7 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Java\\jre1.5.0_02\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_02\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\WINDOWS\\system32\\mcoinstall.exe"="C:\\WINDOWS\\system32\\mcoinstall.exe:*:Enabled:mcoinstall" "C:\\Program Files\\Anti-Leech\\ALIE_1.0.2.1\\alhlp.exe"="C:\\Program Files\\Anti-Leech\\ALIE_1.0.2.1\\alhlp.exe:*:Enabled:Anti-Leech plugin helper program" "C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary" "X:\\Program Files\\Red Storm Entertainment\\RavenShield\\SYSTEM\\Deploy.exe"="X:\\Program Files\\Red Storm Entertainment\\RavenShield\\SYSTEM\\Deploy.exe:*:Enabled:Deploy.exe" "C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger" "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\GRANDJ~1\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes : Tue 31 Jul 2007 182,441 A..H. --- "C:\Program Files\Google\BITA.tmp" Sun 9 Mar 2008 56 ..SHR --- "C:\WINDOWS\system32\34DC872BAE.sys" Sun 9 Mar 2008 1,682 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Sat 1 Oct 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 7 Feb 2006 299,008 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" Mon 25 Apr 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\uinstrsc.dll" Tue 2 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp" Sat 13 Nov 2004 37,376 A..H. --- "C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT2.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT5.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT9.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT1.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT6.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT3.tmp" Tue 16 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\388e66e644283db0233c4a98f2fd08a0\BIT1.tmp" Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT52.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT8.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT4.tmp" Wed 12 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT7.tmp" Sat 1 Oct 2005 4,348 ...H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak" Fri 15 Sep 2006 20 A..H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak" Tue 6 Dec 2005 400 ...H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak" Fri 15 Sep 2006 1,536 A..H. --- "C:\Documents and Settings\grandjean\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak" Fri 8 Dec 2006 1,656 A.SH. --- "C:\Documents and Settings\grandjean\Application Data\Roxio\Dragon\DiscInfoCache\HL-DT-ST_DVDRAM_GMA-4020B_A107_310_DICV018_DRGV20100B7.TMP" Finished! catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-28 16:14:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s0"=dword:6c549072 "s1"=dword:4f7d9a93 "s2"=dword:771019ff scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID] "\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"="" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 7 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:32:51, on 28/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: MySidesearch Search Assistant - {C17E102B-BD29-4e92-B699-1A21D2CB8E6C} - C:\WINDOWS\system32\mysidesearch_sidebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Pense-Bête 79f.lnk = C:\Program Files\Pense-bete\pb79f.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe O4 - Global Startup: Weatherscope.lnk = C:\Program Files\Weatherscope\Weatherscope.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/13bf05852a7451...RdxIE601_fr.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-0f02b1b388d3f802.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file://C:\Documents and Settings\grandjean\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe -- End of file - 13955 bytes

voilà ce qui s'affiche en mode sans échec quand je jance sdfix C:/PROGRAM 1/symantec/S32EVNT1.DLL.L'initialisation de la DLL d'un pilote de périphérique a échoué. Choisissez fermer pour mettre fin à l'application

j'ai fait comme tu m'as dit mais le logiciel sdfix quand je le mets en rioute dans le mode sans echec il trouve une erreur dll et arrête ?????????????????????????????????? Que dois-je faire

VOICI MON NOUVEAU RAPPORT Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:56:02, on 27/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\YesMessenger\YesMessenger.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: MySidesearch Search Assistant - {C17E102B-BD29-4e92-B699-1A21D2CB8E6C} - C:\WINDOWS\system32\mysidesearch_sidebar.dll O3 - Toolbar: qvdntlmw - {66D17C3E-C589-4E86-B772-B03D50846900} - C:\WINDOWS\qvdntlmw.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Pense-Bête 79f.lnk = C:\Program Files\Pense-bete\pb79f.exe O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/13bf05852a7451...RdxIE601_fr.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-0f02b1b388d3f802.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file://C:\Documents and Settings\grandjean\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O21 - SSODL: vbgtorfd - {F6E5F682-B5D9-4EB7-9A02-6FF7183BDE58} - C:\WINDOWS\vbgtorfd.dll O21 - SSODL: dwnrpofk - {FEE3885D-2FEA-42FA-8FF0-86B0C0C5AB1C} - C:\WINDOWS\dwnrpofk.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe -- End of file - 14266 bytes

il est vrai que mes enfants et petits enfants télécharges des jeux et tchache sur msm meetic etc.. J'ai écouté ton conseil voici mon rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:17:30, on 27/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Boonty\BoontyBox\BoontyBox.exe C:\Program Files\YesMessenger\YesMessenger.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: MySidesearch Search Assistant - {C17E102B-BD29-4e92-B699-1A21D2CB8E6C} - C:\WINDOWS\system32\mysidesearch_sidebar.dll O3 - Toolbar: Pop-Up Stopper Anti-Spyware Toolbar - {E4CAA75E-9B5F-45EB-8E4E-8B743B44F171} - C:\Program Files\Panicware\Pop-Up Stopper Anti-Spyware\PWITB.DLL (file missing) O3 - Toolbar: qvdntlmw - {66D17C3E-C589-4E86-B772-B03D50846900} - C:\WINDOWS\qvdntlmw.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [Lyad] C:\Program Files\Lyad Messenger\lyad_messenger.exe autostart O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_2 -reboot 1 O4 - HKCU\..\Run: [Odebit Multimedia V2] C:\Program Files\Odebit Multimédia\V2\Odebit.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: BoontyBox 01net.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe O4 - Startup: Pense-Bête 79f.lnk = C:\Program Files\Pense-bete\pb79f.exe O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe O4 - Global Startup: Weatherscope.lnk = C:\Program Files\Weatherscope\Weatherscope.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU) O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://baccara08.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/13bf05852a7451...RdxIE601_fr.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jeuxvideo.wanadoo.fr/components/Metaboli.ocx O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-0f02b1b388d3f802.spaces.live.co...ad/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file://C:\Documents and Settings\grandjean\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O21 - SSODL: Version3 - {CBA6A836-3425-4383-BD48-8722F4046990} - direct3dx.dll (file missing) O21 - SSODL: vbgtorfd - {F6E5F682-B5D9-4EB7-9A02-6FF7183BDE58} - C:\WINDOWS\vbgtorfd.dll O21 - SSODL: dwnrpofk - {FEE3885D-2FEA-42FA-8FF0-86B0C0C5AB1C} - C:\WINDOWS\dwnrpofk.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing) O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing) O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe -- End of file - 16003 bytes

bonjour à toutes et à tous J'ai besoin de bons conseils. depuis ce matin mon ordi affiche le bureau sur fond blanc et tous les icones sont surlignés bleu. Des messages apparaissent sur l'écran me disant que mon ordi est infecté et des logiciels antispyware se mettent en route tout seuls. J'ai des messages de windows security alert me disant que je suis infecté. Depuis 3 ans que j'ai l'ordi c'est la première fois que cela m'arrive. J'ai antivir et j'ai scanné mon disque dur, il a eznlevé quelques saloperies. J'ai mis en marche ad-awware où lui aussi m'a trouvé quelques fichiers à virer. Ca marche 2 heures et après cela recommence. J'attends vos conseils......Mercià toutes et à tous

bjr a toutes et à tous j'utilise quark pour faire mes maquettes mais j'ai un petit problème, quand je veux choisir un caractère, j'ai la liste mais je ne visualise pas le caractère comme cela se fait sur word N'existe-il pas un petit logiciel ou une extension pour remédier à ce problème ? Merci

- « Attention, voici venu le temps des rires et des (mé)chants. » - « Hips, trop de piment dans le sirop de cannabis et de menthe à l'eau. Il faudrait ajouter des glaçons ! » - « Et une olive... », ajouta le VC ! Et ils burent à la santé du papayou lélé qui voulait fuir la jungle hostile dans laquelle il avait failli perdre son âme révoltée, sa blondeur virginale et ses illusions d'idéaliste écologiste Hulotien Vraiment Convaincu. - « Ainsi, pensa soudain Olive, après moultes rasades de café, moulu je suis, très courbatu je resterai ! » Succomba son neurone. Arriva sa folie. Et le pied... poil au nez ! - « Ben dis donc, feu Carlos "papayou" et sa barbapapa n'auront jamais vu la petite, toute petite, microscopique mouche noire. » - « Et Patte-de-lapin-à-poil-rose ? » demanda Casto Junior à la gentille policière qui lui mit la main aux fesses. - « Le problème n'est toujours pas résolu...Chez toi ou ailleurs, tu devras continuer à chanter et seras dépourvu de toute ressource pendant un an.