manu78

Bonjour, Depuis hier, en plus de ce message récurrent Spybot, j'ai des redémarrages intempestifs ! Cause à effet ?

Dsl, c'était pas le registre mais les applications que j'ai nettoyée et y'a pas de sauvegarde pour ça. J'ai restauré mon système mais ça le fait encore ....

Non mon XP est d'origine. Dernièrement j'ai passé CCleaner et fait un nettoyage du registre.

Ok merci, je poste ailleurs où on continue ici ?

Bonjour, Après une recherche sur le forum, je n'ai rien trouvé sur ça (un sujet oui mais sans réponse) alors voila, je soumets à votre sagacité ce petit pb. Spybot me demande toujours la même chose à chaque démarrage. Un coup d'oeil sur internet et j'apprends que le fichier concerné (dumprep) sert à l'etablissement d'un journal est n'est pas nocif. J'ai beau dire que j'autorise ou que je refuse la modif, c'est toujours la même chose, cette fenêtre apparaît à chaque fois. Merci de votre aide. Manu Windows XP+AVG+Spybot

Si, 18 ans depuis 2 mois Mais attention papa rode ! Bonne soirée ! Manu

OK je fixe cette ligne O23 et je leur fait les gros yeux pour le streaming ! Sinon qui t'as dit que c'était des jumelles Merci.

Edit : je pense que j'aurais du mettre ce post dans la rubrique "optimisation, sécurisation, prévention" et en voulant le supprimer pour le re-créer, je n'ai pas trouvé de bouton supprimer dans les options Bonjour et meilleurs voeux à tous ! Après mon ordi et celui de ma mère excellaments analysés et débuggés par charles ingals et ogu, je souhaite que quelqu'un jete un coup d'oeil sur le portable de mes filles, je leur fait confiance mais j'aimerai voir si elles n'ont pas chopé quelque chose au grès de leurs navigations d'adolescentes ! En plus c'est du vista que je connais pas du tout donc si il y a qque chose à faire, je suis preneur. Merci d'avance. PS : j'ai lancé un test AVG, CCleaner et un Spybot S&D avant le HJT que voici : Logfile of Trend Micro Hijac k Thi s v2.0.2 S can s aved at 10:47:26, on 05/01/2008 Platform: Window s Vi s ta (WinNT 6.00.1904) M S IE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running proce s s e s : C:\Window s \ s y s tem32\Dwm.exe C:\Window s \Explorer.EXE C:\Window s \ s y s tem32\ta s k eng.exe C:\Program File s \Window s Defender\M S A S Cui.exe C:\Window s \RtHDVCpl.exe C:\Program File s \ S ynaptic s \ S ynTP\ S ynTPEnh.exe C:\Window s \ S y s tem32\rundll32.exe C:\Acer\Empowering Technology\eData S ecurity\eD S loader.exe C:\Program File s \Launch Manager\LManager.exe C:\Program File s \Winamp\winampa.exe C:\Program File s \Gri s oft\AVG7\avgcc.exe C:\Program File s \Common File s \Real\Update_OB\real s ched.exe C:\Program File s \Window s S idebar\ s idebar.exe C:\Window s \ehome\ehtray.exe C:\Program File s \M S N Me s s enger\m s nm s gr.exe C:\Window s \ehome\ehm s a s .exe C:\Program File s \Veoh Networ k s \Veoh\VeohClient.exe C:\U s er s \jumelle s \AppData\Local\Temp\Rt k BtMnt.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWOR K . S UPERVI S OR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program File s \CCleaner\CCleaner.exe C:\Window s \ s y s tem32\ta s k eng.exe C:\Program File s \Mozilla Firefox\firefox.exe C:\Window s \ s y s tem32\ S earchFilterHo s t.exe C:\Program File s \Trend Micro\Hijac k Thi s \Hijac k Thi s .exe R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S earch Page = http://fr.rd.yahoo.com/cu s tomize/ycomp/def...://fr.yahoo.com R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://www.google.fr/ R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_ S earch_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S earch Page = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://fr.fr.acer.yahoo.com R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\ S earch, S earchA s s i s tant = R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\ S earch,Cu s tomize S earch = R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\ S earchURL,(Default) = http://fr.rd.yahoo.com/cu s tomize/ycomp/def...://fr.yahoo.com R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Toolbar,Lin k s FolderName = R3 - URL S earchHoo k : Yahoo! Toolbar avec bloqueur de fen ê tre s pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program File s \Yahoo!\Companion\In s tall s \cpn\yt.dll O1 - Ho s t s : ::1 localho s t O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program File s \Yahoo!\Companion\In s tall s \cpn\yt.dll O2 - BHO: AcroIEHlprObj Cla s s - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program File s \Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: S pybot- S &D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: S howBarObj Cla s s - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Window s \ s y s tem32\ActiveToolBand.dll O3 - Toolbar: Acer eData S ecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Window s \ s y s tem32\eD S toolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fen ê tre s pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program File s \Yahoo!\Companion\In s tall s \cpn\yt.dll O3 - Toolbar: Veoh Brow s er Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program File s \Veoh Networ k s \Veoh\Plugin s \reg\VeohToolbar.dll O4 - H K LM\..\Run: [Window s Defender] %ProgramFile s %\Window s Defender\M S A S Cui.exe -hide O4 - H K LM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - H K LM\..\Run: [ s ynTPEnh] C:\Program File s \ S ynaptic s \ S ynTP\ S ynTPEnh.exe O4 - H K LM\..\Run: [Nv S vc] RUNDLL32.EXE C:\Window s \ s y s tem32\nv s vc.dll,nv s vc S tart O4 - H K LM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Window s \ s y s tem32\NvCpl.dll,Nv S tartup O4 - H K LM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Window s \ s y s tem32\NvMcTray.dll,NvTa s k barInit O4 - H K LM\..\Run: [eData S ecurity Loader] C:\Acer\Empowering Technology\eData S ecurity\eD S loader.exe O4 - H K LM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - H K LM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - H K LM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - H K LM\..\Run: [WinampAgent] C:\Program File s \Winamp\winampa.exe O4 - H K LM\..\Run: [AVG7_CC] C:\PROGRA~1\Gri s oft\AVG7\avgcc.exe / S TARTUP O4 - H K LM\..\Run: [PinnacleDriverChec k ] C:\Window s \ s y s tem32\P S DrvChec k .exe -Chec k Reg O4 - H K CU\..\Run: [ s idebar] C:\Program File s \Window s S idebar\ s idebar.exe /autoRun O4 - H K CU\..\Run: [Window s WelcomeCenter] rundll32.exe oobefldr.dll, S howWelcomeCenter O4 - H K CU\..\Run: [ehTray.exe] C:\Window s \ehome\ehTray.exe O4 - H K CU\..\Run: [M s nM s gr] "C:\Program File s \M S N Me s s enger\M s nM s gr.Exe" /bac k ground O4 - H K CU\..\Run: [Veoh] "C:\Program File s \Veoh Networ k s \Veoh\VeohClient.exe" /VeohHide O4 - H K U S \ S -1-5-19\..\Run: [ s idebar] %ProgramFile s %\Window s S idebar\ S idebar.exe /detectMem (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-19\..\Run: [Window s WelcomeCenter] rundll32.exe oobefldr.dll, S howWelcomeCenter (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Gri s oft\AVG7\avgw.exe /RUNONCE (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-20\..\Run: [ s idebar] %ProgramFile s %\Window s S idebar\ S idebar.exe /detectMem (U s er ' S ERVICE R É S EAU') O4 - H K U S \ S -1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Gri s oft\AVG7\avgw.exe /RUNONCE (U s er ' S Y S TEM') O4 - H K U S \.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Gri s oft\AVG7\avgw.exe /RUNONCE (U s er 'Default u s er') O4 - Global S tartup: Empowering Technology Launcher.ln k = C:\Acer\Empowering Technology\eAPLauncher.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O9 - Extra 'Tool s ' menuitem: S pybot - S earch & De s troy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O13 - Gopher Prefix: O20 - AppInit_DLL s : eNetHoo k .dll O20 - Winlogon Notify: avgwlntf - C:\Window s \ S Y S TEM32\avgwlntf.dll O23 - S ervice: AVG7 Alert Manager S erver (Avg7Alrt) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVG7\avgam s vr.exe O23 - S ervice: AVG7 Update S ervice (Avg7Upd S vc) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVG7\avgup s vc.exe O23 - S ervice: AVG7 Re s ident S hield S ervice (AvgCore S vc) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVG7\avgr s s vc.exe O23 - S ervice: AVG E-mail S canner (AVGEM S ) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVG7\avgemc.exe O23 - S ervice: S ymantec Lic NetConnect s ervice (CLTNetCn S ervice) - Un k nown owner - c:\Program File s \Common File s \ S ymantec S hared\cc S vcH s t.exe (file mi s s ing) O23 - S ervice: eD S S ervice.exe (eData S ecurity S ervice) - HiTR S UT - C:\Acer\Empowering Technology\eData S ecurity\eD S S ervice.exe O23 - S ervice: eLoc k S ervice (eLoc k S ervice) - Acer Inc. - C:\Acer\Empowering Technology\eLoc k \ S ervice\eLoc k S erv.exe O23 - S ervice: eNet S ervice - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet S ervice.exe O23 - S ervice: eRecovery S ervice (eRecovery S ervice) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery S ervice.exe O23 - S ervice: e S etting s S ervice (e S etting s S ervice) - Un k nown owner - C:\Acer\Empowering Technology\e S etting s \ S ervice\capu s erv.exe O23 - S ervice: Light S cribe S ervice Direct Di s c Labeling S ervice (Light S cribe S ervice) - Hewlett-Pac k ard Company - c:\Program File s \Common File s \Light S cribe\L S S rvc.exe O23 - S ervice: Mobility S ervice - Un k nown owner - C:\Acer\Mobility Center\Mobility S ervice.exe O23 - S ervice: Cyberlin k RichVideo S ervice(CRV S ) (RichVideo) - Un k nown owner - C:\Program File s \CyberLin k \ S hared File s \RichVideo.exe O23 - S ervice: S B S D S ecurity Center S ervice ( S B S DW S C S ervice) - S afer Networ k ing Ltd. - C:\Program File s \ S pybot - S earch & De s troy\ S DWin S ec.exe O23 - S ervice: ePower S ervice (WMI S ervice) - acer - C:\Acer\Empowering Technology\ePower\ePower S vc.exe O23 - S ervice: XAudio S ervice - Conexant S y s tem s , Inc. - C:\Window s \ s y s tem32\DRIVER S \xaudio.exe -- End of file - 8093 byte s

Ok, peut être en fevrier si je reviens ! @+ Manu

Ok pour la restauration. Pour la sécurisation/optimisation, je n'ai que jusqu'à ce soir donc si tu as le temps sinon tant pis, merci quand même.

Voila dernier jour de vacances, j'ai ré-installé aujourd'hui la livebox (nouveau modèle) et d'après M. Orange, ça pouvait être la cause des plantages, à voir ! Petite leçon à ma mère avant de partir sur les adds-on et je pense que c'est bon comme ça. En tous cas, merci beaucoup et meilleurs voeux à toi et à tes proches. Manu

Ben quand il plante, je ne peux que l'arrêter sauvagement mais rassure toi, c'est avec le bouton du PC Sinon j'aimais bien AB pour ses fonctionnalités (programmation de la souris,...) mais bon, j'ai bien mis Firefox depuis. oups je croyais pourtant l'avoir désactivé ! j'ai refais la manip', ça devrait être bon maintenant. C'est fait, j'ai repasse cette version et j'ai tout enlevé. J'ai Firefox depuis 2 jours et ça fige aussi C'est fait et il n'a rien trouve no hidden items found ! Merci

Joyeux Noël à toi aussi. -OK j'ai fait ce qu'il faut pour Adware - Ok aussi pour les points de restauration, il n'y en a plus. Ok j'ai téléchargé Ewido et voila son scan. --------------------------------------------------------- AVG Anti- S pyware - Rapport d'analy s e --------------------------------------------------------- + Cr é é à : 12:20:08 24/12/2007 + R é s ultat de l'analy s e: C:\ S y s tem Volume Information\_re s tore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP753\A0317618.dll -> Adware.Power S earch : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@m s nportal.112.2o7[1].txt -> Trac k ingCoo k ie.2o7 : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@blue s trea k [1].txt -> Trac k ingCoo k ie.Blue s trea k : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@doubleclic k [1].txt -> Trac k ingCoo k ie.Doubleclic k : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s s l-hint s .netflame[2].txt -> Trac k ingCoo k ie.Netflame : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@b s . s erving- s y s [1].txt -> Trac k ingCoo k ie. S erving- s y s : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s erving- s y s [2].txt -> Trac k ingCoo k ie. S erving- s y s : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s tatcounter[2].txt -> Trac k ingCoo k ie. S tatcounter : Aucune action entrepri s e. Fin du rapport Rien à faire avec kaspersky. A la fin de l'analyse, il se passe plus rien et pas de rapport ! Voici à nouveau le Panda ! ;*********************************************************************************************************************************************************************************** ANALY S I S : 2007-12-25 15:21:02 PROTECTION S : 1 MALWARE: 14 S U S PECT S : 0 ;*********************************************************************************************************************************************************************************** PROTECTION S De s cription Ver s ion Active Updated ;=================================================================================================================================================================================== AVG 7.5.516 7.5.516 Ye s Ye s ;=================================================================================================================================================================================== MALWARE Id De s cription Type Active S everity Di s infectable Di s infected Location ;=================================================================================================================================================================================== 00139061 Coo k ie/Doubleclic k Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.doubleclic k .net/] 00139064 Coo k ie/Atla s DMT Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.atdmt.com/] 00145393 Coo k ie/Tradedoubler Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.tradedoubler.com/] 00145738 Coo k ie/Mediaplex Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.mediaplex.com/] 00167704 Coo k ie/Xiti Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.xiti.com/] 00168056 Coo k ie/YieldManager Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[ad.yieldmanager.com/] 00168056 Coo k ie/YieldManager Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[ad.yieldmanager.com/] 00168056 Coo k ie/YieldManager Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[ad.yieldmanager.com/] 00168056 Coo k ie/YieldManager Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[ad.yieldmanager.com/] 00168056 Coo k ie/YieldManager Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[ad.yieldmanager.com/] 00168056 Coo k ie/YieldManager Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[ad.yieldmanager.com/] 00168106 Coo k ie/Weborama Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.weborama.fr/] 00169190 Coo k ie/Adverti s ing Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.adverti s ing.com/] 00169190 Coo k ie/Adverti s ing Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.adverti s ing.com/] 00169190 Coo k ie/Adverti s ing Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.adverti s ing.com/] 00170554 Coo k ie/Overture Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.overture.com/] 00173520 Coo k ie/Blue s trea k Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.blue s trea k .com/] 00184846 Coo k ie/Adrevolver Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.adrevolver.com/] 00207936 Coo k ie/Adviva Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[.adviva.net/] 00273339 Coo k ie/ S martad s erver Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[. s martad s erver.com/] 00273339 Coo k ie/ S martad s erver Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[. s martad s erver.com/] 00273339 Coo k ie/ S martad s erver Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[. s martad s erver.com/] 00273339 Coo k ie/ S martad s erver Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Application Data\Mozilla\Firefox\Profile s \uxi6vypi.default\coo k ie s .txt[. s martad s erver.com/] 02654326 Adware/ K eenValue Adware No 0 Ye s No C:\RECYCLER\ S -1-5-21-1371562647-1684416898-3389642015-500\Dc1\bin\IncrediMail_In s tall.exe ;=================================================================================================================================================================================== S U S PECT S Location ;=================================================================================================================================================================================== ; =================================================================================================================================================================================== On a proposé à ma mère d'échanger sa vieille livebox contre une nouvelle. je ferai la connexion en manuel dès que j'aurai installé la nouvelle. Ca fige encore ! OK pour l'optimisation. Merci encore.

Fait ce matin en premier __________________________________________________ ewido anti- s pyware online s canner http://www.ewido.net __________________________________________________ Name: Trac k ingCoo k ie.2o7 Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@2o7[2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Adverti s ing Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@adverti s ing[1].txt Ri s k : Medium Name: Trac k ingCoo k ie.Adviva Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@adviva[2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Atdmt Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@atdmt[2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Blue s trea k Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@blue s trea k [1].txt Ri s k : Medium Name: Trac k ingCoo k ie. S erving- s y s Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@b s . s erving- s y s [1].txt Ri s k : Medium Name: Trac k ingCoo k ie.Doubleclic k Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@doubleclic k [1].txt Ri s k : Medium Name: Trac k ingCoo k ie.E s tat Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@e s tat[2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Fa s tclic k Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@fa s tclic k [1].txt Ri s k : Medium Name: Trac k ingCoo k ie.Webtrend s Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@m.webtrend s [2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Mediaplex Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@mediaplex[1].txt Ri s k : Medium Name: Trac k ingCoo k ie.2o7 Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@m s nportal.112.2o7[1].txt Ri s k : Medium Name: Trac k ingCoo k ie.Overture Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@overture[2].txt Ri s k : Medium Name: Trac k ingCoo k ie. S erving- s y s Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s erving- s y s [1].txt Ri s k : Medium Name: Trac k ingCoo k ie. S martad s erver Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s martad s erver[1].txt Ri s k : Medium Name: Trac k ingCoo k ie.Netflame Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s s l-hint s .netflame[2].txt Ri s k : Medium Name: Trac k ingCoo k ie. S tatcounter Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s tatcounter[2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Tradedoubler Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@tradedoubler[2].txt Ri s k : Medium Name: Trac k ingCoo k ie.Weborama Path: C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@weborama[1].txt Ri s k : Medium Name: Adware.2020 S earch Path: H K U\ S -1-5-21-1371562647-1684416898-3389642015-1008\ S oftware\Micro s oft\Internet Explorer\Toolbar\WebBrow s er\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} Ri s k : Medium Name: Adware.2020 S earch Path: H K U\ S -1-5-21-1371562647-1684416898-3389642015-1008\ S oftware\Micro s oft\Window s \CurrentVer s ion\Ext\ S tat s \{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} Ri s k : Medium Name: Adware.Power S earch Path: C:\Program File s \Trend Micro\Hijac k Thi s \bac k up s \bac k up-20071222-215854-913.dll Ri s k : Medium Oui, j'ai nettoyé Ok nettoyé le premier. pour les autres aucuns n'étaient présents. Ok mais il n'y avait pas grand chose. - Pour Emule, il ne restait qu'un répertoire sans rien dedans. Je l'ai viré. - pour la manip ave Google Updater Service,Hijackthis me dis après avoir appliqué toute la procédure : not found in the registry Ok c'est suprimé Panda ;*********************************************************************************************************************************************************************************** ANALY S I S : 2007-12-24 10:40:40 PROTECTION S : 1 MALWARE: 1 S U S PECT S : 0 ;*********************************************************************************************************************************************************************************** PROTECTION S De s cription Ver s ion Active Updated ;=================================================================================================================================================================================== AVG 7.5.516 7.5.516 Ye s Ye s ;=================================================================================================================================================================================== MALWARE Id De s cription Type Active S everity Di s infectable Di s infected Location ;=================================================================================================================================================================================== 00096188 s pyware/ s earchcentrix S pyware No 1 Ye s No h k ey_current_u s er\ s oftware\dynamic toolbar ;=================================================================================================================================================================================== S U S PECT S Location ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== AVG Antispyware que j'ai nettoyé après le rapport --------------------------------------------------------- AVG Anti- S pyware - Rapport d'analy s e --------------------------------------------------------- + Cr é é à : 12:20:08 24/12/2007 + R é s ultat de l'analy s e: C:\ S y s tem Volume Information\_re s tore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP753\A0317618.dll -> Adware.Power S earch : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@m s nportal.112.2o7[1].txt -> Trac k ingCoo k ie.2o7 : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@blue s trea k [1].txt -> Trac k ingCoo k ie.Blue s trea k : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@doubleclic k [1].txt -> Trac k ingCoo k ie.Doubleclic k : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s s l-hint s .netflame[2].txt -> Trac k ingCoo k ie.Netflame : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@b s . s erving- s y s [1].txt -> Trac k ingCoo k ie. S erving- s y s : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s erving- s y s [2].txt -> Trac k ingCoo k ie. S erving- s y s : Aucune action entrepri s e. C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s tatcounter[2].txt -> Trac k ingCoo k ie. S tatcounter : Aucune action entrepri s e. Fin du rapport Spyboté à l'instant. Hijacktisé aussi Logfile of Trend Micro Hijac k Thi s v2.0.2 S can s aved at 12:52:05, on 24/12/2007 Platform: Window s XP S P2 (WinNT 5.01.2600) M S IE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running proce s s e s : C:\WINDOW S \ S y s tem32\ s m s s .exe C:\WINDOW S \ s y s tem32\winlogon.exe C:\WINDOW S \ s y s tem32\ s ervice s .exe C:\WINDOW S \ s y s tem32\l s a s s .exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\WINDOW S \ S y s tem32\ s vcho s t.exe C:\Program File s \Ahead\InCD\InCD s rv.exe C:\WINDOW S \Explorer.EXE C:\WINDOW S \ s y s tem32\ s pool s v.exe C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgam s vr.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgup s vc.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgemc.exe c:\APP S \Powercinema\ K ernel\TV\CLCap S vc.exe c:\APP S \Powercinema\ K ernel\TV\CL S ched.exe C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S erver.exe c:\APP S \HID S ERVICE\HID S ERVICE.exe C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S ervice.exe C:\Program File s \Fichier s commun s \Micro s oft S hared\V S 7Debug\mdm.exe C:\WINDOW S \ s y s tem32\HPZipm12.exe C:\WINDOW S \ s y s tem32\ s l s erv.exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\WINDOW S \ S OUNDMAN.EXE C:\WINDOW S \ALCWZRD.EXE C:\ATI Technologie s \ATI Control Panel\atiptaxx.exe C:\App s \Powercinema\PCM S ervice.exe C:\app s \ABoard\ABoard.exe C:\PROGRA~1\ME S S AG~1\ S tartMe s s ager.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgcc.exe C:\app s \ABoard\AO S D.exe C:\PROGRA~1\Wanadoo\Ta s k BarIcon.exe C:\Program File s \Ahead\InCD\InCD.exe C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\avga s .exe C:\Program File s \Java\jre1.6.0_03\bin\ju s ched.exe C:\WINDOW S \ s y s tem32\ctfmon.exe C:\PROGRA~1\Wanadoo\Ge s tionnaireInternet.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program File s \ S pybot - S earch & De s troy\TeaTimer.exe C:\PROGRA~1\Wanadoo\Toa s ter.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOW S \ S y s tem32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program File s \Avant Brow s er\avant.exe C:\Program File s \Trend Micro\Hijac k Thi s \Hijac k Thi s .exe R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S earch Bar = http://format.pac k ardbell.com/cgi-bin/redi...& k ey= S EARCH R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://fr.m s n.com/ R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_Page_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_ S earch_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S earch Page = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main,Window Title = Orange R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Toolbar,Lin k s FolderName = Lien s R3 - URL S earchHoo k : S earch Cla s s - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\ S EARCH~1.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program File s \Fichier s commun s \Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: S pybot- S &D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O2 - BHO: S S VHelper Cla s s - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program File s \Java\jre1.6.0_03\bin\ s s v.dll O2 - BHO: Window s Live S ign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program File s \Fichier s commun s \Micro s oft S hared\Window s Live\Window s LiveLogin.dll O4 - H K LM\..\Run: [iMJPMIG8.1] "C:\WINDOW S \IME\imjp8_1\IMJPMIG.EXE" / S poil /RemAdvDef /Migration32 O4 - H K LM\..\Run: [PHIME2002A S ync] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE / S YNC O4 - H K LM\..\Run: [PHIME2002A] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE /IMEName O4 - H K LM\..\Run: [Raccourci ver s la page de s propri é t é s de High Definition Audio] HDAudProp S hortcut.exe O4 - H K LM\..\Run: [ s oundMan] S OUNDMAN.EXE O4 - H K LM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - H K LM\..\Run: [Alcmtr] ALCMTR.EXE O4 - H K LM\..\Run: [ATIPTA] C:\ATI Technologie s \ATI Control Panel\atiptaxx.exe O4 - H K LM\..\Run: [PCM S ervice] "c:\App s \Powercinema\PCM S ervice.exe" O4 - H K LM\..\Run: [ACTIVBOARD] c:\app s \ABoard\ABoard.exe O4 - H K LM\..\Run: [Me s s ager S tarter Wanadoo] C:\PROGRA~1\ME S S AG~1\ S tartMe s s ager.exe Me s s ager Wanadoo O4 - H K LM\..\Run: [AVG7_CC] C:\PROGRA~1\Gri s oft\AVGFRE~1\avgcc.exe / S TARTUP O4 - H K LM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - H K LM\..\Run: [WOOTA S K BARICON] C:\PROGRA~1\Wanadoo\Ge s tMaj.exe Ta s k BarIcon.exe O4 - H K LM\..\Run: [inCD] C:\Program File s \Ahead\InCD\InCD.exe O4 - H K LM\..\Run: [!AVG Anti- S pyware] "C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\avga s .exe" /minimized O4 - H K LM\..\Run: [ s unJavaUpdate S ched] C:\Program File s \Java\jre1.6.0_03\bin\ju s ched.exe O4 - H K CU\..\Run: [ctfmon.exe] C:\WINDOW S \ s y s tem32\ctfmon.exe O4 - H K CU\..\Run: [WOO K IT] C:\PROGRA~1\Wanadoo\ S hell.exe appLaunchClientZone. s hl|DEFAULT=cnx|PARAM= O4 - H K CU\..\Run: [ s pybot S D TeaTimer] C:\Program File s \ S pybot - S earch & De s troy\TeaTimer.exe O4 - H K U S \ S -1-5-19\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Gri s oft\AVGFRE~1\avgw.exe /RUNONCE (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-20\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S ERVICE R É S EAU') O4 - H K U S \ S -1-5-18\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S Y S TEM') O4 - H K U S \.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er 'Default u s er') O8 - Extra context menu item: Bloquer ce s erveur... - C:\Program File s \Avant Brow s er\AddAllToADBlac k Li s t.htm O8 - Extra context menu item: Bloquer cette publicit é ... - C:\Program File s \Avant Brow s er\AddToADBlac k Li s t.htm O8 - Extra context menu item: Ouvrir dan s une nouvelle fen ê tre d'Avant Brow s er - C:\Program File s \Avant Brow s er\OpenInNewBrow s er.htm O8 - Extra context menu item: Ouvrir tou s le s lien s de la page... - C:\Program File s \Avant Brow s er\OpenAllLin k s .htm O8 - Extra context menu item: Rechercher s ur le Web... - C:\Program File s \Avant Brow s er\ S earch.htm O8 - Extra context menu item: S urligner - C:\Program File s \Avant Brow s er\Highlight.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.6.0_03\bin\ s s v.dll O9 - Extra 'Tool s ' menuitem: Con s ole Java ( S un) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.6.0_03\bin\ s s v.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOW S \ s y s tem32\ S hdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O9 - Extra 'Tool s ' menuitem: S pybot - S earch & De s troy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O9 - Extra button: Me s s ager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Me s s ager.exe O9 - Extra 'Tool s ' menuitem: Me s s ager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Me s s ager.exe O14 - IERE S ET.INF: S TART_PAGE_URL=file://C:\APP S \IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (C K AVWeb S can Object) - http://web s canner. k a s per s k y.fr/ k avweb s can_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnline S can Control) - http://download s .ewido.net/ewidoOnline S can.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Total S can In s taller Cla s s ) - http://www.nano s can.com/a s /cab s /a s c s tubie.cab O23 - S ervice: ATI S mart - Un k nown owner - C:\WINDOW S \ s y s tem32\ati2 s gag.exe O23 - S ervice: AVG Anti- S pyware Guard - GRI S OFT s .r.o. - C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe O23 - S ervice: AVG7 Alert Manager S erver (Avg7Alrt) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgam s vr.exe O23 - S ervice: AVG7 Update S ervice (Avg7Upd S vc) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgup s vc.exe O23 - S ervice: AVG E-mail S canner (AVGEM S ) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgemc.exe O23 - S ervice: CyberLin k Bac k ground Capture S ervice (CBC S ) (CLCap S vc) - Un k nown owner - c:\APP S \Powercinema\ K ernel\TV\CLCap S vc.exe O23 - S ervice: CyberLin k Ta s k S cheduler (CT S ) (CL S ched) - Un k nown owner - c:\APP S \Powercinema\ K ernel\TV\CL S ched.exe O23 - S ervice: CyberLin k Media Library S ervice - Cyberlin k - C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S erver.exe O23 - S ervice: Generic S ervice for HID K eyboard Input Collection s (GenericHid S ervice) - Un k nown owner - c:\APP S \HID S ERVICE\HID S ERVICE.exe O23 - S ervice: InCD Helper (InCD s rv) - Nero AG - C:\Program File s \Ahead\InCD\InCD s rv.exe O23 - S ervice: My s qlInventime - Un k nown owner - c:\my s ql\bin\my s qld-nt.exe O23 - S ervice: Pml Driver HPZ12 - HP - C:\WINDOW S \ s y s tem32\HPZipm12.exe O23 - S ervice: S martLin k S ervice ( S L S ervice) - - C:\WINDOW S \ S Y S TEM32\ s l s erv.exe -- End of file - 8956 byte s Quant au ralentissement, il s'agit plus de "figeages" car tout s'arrette, y compris le copteur de temps de ma connexion orange. A l'usage depuis hier, jen ai moins mais il y a quand même eu 1 ou 2 blocages. Je vais essayer de passer sur Mozilla et suprimer Avant Browser pour voir. En tout cas merci pour tout ça déja. Manu

Panda : ;*********************************************************************************************************************************************************************************** ANALY S I S : 2007-12-23 19:37:46 PROTECTION S : 1 MALWARE: 14 S U S PECT S : 0 ;*********************************************************************************************************************************************************************************** PROTECTION S De s cription Ver s ion Active Updated ;=================================================================================================================================================================================== AVG 7.5.516 7.5.516 Ye s Ye s ;=================================================================================================================================================================================== MALWARE Id De s cription Type Active S everity Di s infectable Di s infected Location ;=================================================================================================================================================================================== 00096188 s pyware/ s earchcentrix S pyware No 1 Ye s No h k ey_current_u s er\ s oftware\dynamic toolbar 00139061 Coo k ie/Doubleclic k Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@doubleclic k [1].txt 00139064 Coo k ie/Atla s DMT Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@atdmt[2].txt 00145393 Coo k ie/Tradedoubler Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@tradedoubler[2].txt 00145457 Coo k ie/Fa s tClic k Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@fa s tclic k [2].txt 00145738 Coo k ie/Mediaplex Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@mediaplex[1].txt 00167704 Coo k ie/Xiti Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@xiti[1].txt 00167753 Coo k ie/ S tatcounter Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s tatcounter[2].txt 00168061 Coo k ie/Apmebf Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@apmebf[2].txt 00168106 Coo k ie/Weborama Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@weborama[1].txt 00169190 Coo k ie/Adverti s ing Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@adverti s ing[1].txt 00173520 Coo k ie/Blue s trea k Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@blue s trea k [1].txt 00207936 Coo k ie/Adviva Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@adviva[1].txt 00273339 Coo k ie/ S martad s erver Trac k ingCoo k ie No 0 Ye s No C:\Document s and S etting s \nadia p\Coo k ie s \nadia_p@ s martad s erver[1].txt ;=================================================================================================================================================================================== S U S PECT S Location ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== Et voila le Hijackthis : Logfile of Trend Micro Hijac k Thi s v2.0.2 S can s aved at 19:45:04, on 23/12/2007 Platform: Window s XP S P2 (WinNT 5.01.2600) M S IE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running proce s s e s : C:\WINDOW S \ S y s tem32\ s m s s .exe C:\WINDOW S \ s y s tem32\winlogon.exe C:\WINDOW S \ s y s tem32\ s ervice s .exe C:\WINDOW S \ s y s tem32\l s a s s .exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\WINDOW S \ S y s tem32\ s vcho s t.exe C:\Program File s \Ahead\InCD\InCD s rv.exe C:\WINDOW S \ s y s tem32\ s pool s v.exe C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgam s vr.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgup s vc.exe C:\WINDOW S \Explorer.EXE C:\PROGRA~1\Gri s oft\AVGFRE~1\avgemc.exe c:\APP S \Powercinema\ K ernel\TV\CLCap S vc.exe c:\APP S \Powercinema\ K ernel\TV\CL S ched.exe C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S erver.exe C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S ervice.exe c:\APP S \HID S ERVICE\HID S ERVICE.exe C:\Program File s \Fichier s commun s \Micro s oft S hared\V S 7Debug\mdm.exe C:\WINDOW S \ s y s tem32\HPZipm12.exe C:\WINDOW S \ s y s tem32\ s l s erv.exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\WINDOW S \ S OUNDMAN.EXE C:\WINDOW S \ALCWZRD.EXE C:\ATI Technologie s \ATI Control Panel\atiptaxx.exe C:\App s \Powercinema\PCM S ervice.exe C:\app s \ABoard\ABoard.exe C:\PROGRA~1\ME S S AG~1\ S tartMe s s ager.exe C:\app s \ABoard\AO S D.exe C:\Program File s \Quic k Time\QTTa s k .exe C:\Program File s \Fichier s commun s \Real\Update_OB\real s ched.exe C:\Program File s \Ahead\InCD\InCD.exe C:\PROGRA~1\Wanadoo\Ta s k BarIcon.exe C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\avga s .exe C:\Program File s \Java\jre1.6.0_03\bin\ju s ched.exe C:\WINDOW S \ s y s tem32\ctfmon.exe C:\PROGRA~1\Wanadoo\Ge s tionnaireInternet.exe C:\Program File s \ S pybot - S earch & De s troy\TeaTimer.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toa s ter.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOW S \ S y s tem32\ALERTM~1\ALERTM~1.EXE C:\Program File s \HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program File s \HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOW S \ s y s tem32\w s cntfy.exe C:\Program File s \M S N Me s s enger\u s n s vc.exe C:\Program File s \Avant Brow s er\avant.exe C:\Program File s \Trend Micro\Hijac k Thi s \Hijac k Thi s .exe C:\Program File s \Trend Micro\Hijac k Thi s \Hijac k Thi s .exe R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S earch Bar = http://format.pac k ardbell.com/cgi-bin/redi...& k ey= S EARCH R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://fr.m s n.com/ R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_Page_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_ S earch_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S earch Page = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main,Window Title = Orange R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Toolbar,Lin k s FolderName = Lien s R3 - URL S earchHoo k : S earch Cla s s - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\ S EARCH~1.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program File s \Fichier s commun s \Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: S pybot- S &D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O2 - BHO: S S VHelper Cla s s - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program File s \Java\jre1.6.0_03\bin\ s s v.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Window s Live S ign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program File s \Fichier s commun s \Micro s oft S hared\Window s Live\Window s LiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) O4 - H K LM\..\Run: [iMJPMIG8.1] "C:\WINDOW S \IME\imjp8_1\IMJPMIG.EXE" / S poil /RemAdvDef /Migration32 O4 - H K LM\..\Run: [PHIME2002A S ync] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE / S YNC O4 - H K LM\..\Run: [PHIME2002A] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE /IMEName O4 - H K LM\..\Run: [Raccourci ver s la page de s propri é t é s de High Definition Audio] HDAudProp S hortcut.exe O4 - H K LM\..\Run: [ s oundMan] S OUNDMAN.EXE O4 - H K LM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - H K LM\..\Run: [Alcmtr] ALCMTR.EXE O4 - H K LM\..\Run: [ATIPTA] C:\ATI Technologie s \ATI Control Panel\atiptaxx.exe O4 - H K LM\..\Run: [PCM S ervice] "c:\App s \Powercinema\PCM S ervice.exe" O4 - H K LM\..\Run: [ACTIVBOARD] c:\app s \ABoard\ABoard.exe O4 - H K LM\..\Run: [Me s s ager S tarter Wanadoo] C:\PROGRA~1\ME S S AG~1\ S tartMe s s ager.exe Me s s ager Wanadoo O4 - H K LM\..\Run: [Quic k Time Ta s k ] "C:\Program File s \Quic k Time\QTTa s k .exe" -atboottime O4 - H K LM\..\Run: [T k BellExe] "C:\Program File s \Fichier s commun s \Real\Update_OB\real s ched.exe" -o s boot O4 - H K LM\..\Run: [AVG7_CC] C:\PROGRA~1\Gri s oft\AVGFRE~1\avgcc.exe / S TARTUP O4 - H K LM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - H K LM\..\Run: [WOOTA S K BARICON] C:\PROGRA~1\Wanadoo\Ge s tMaj.exe Ta s k BarIcon.exe O4 - H K LM\..\Run: [inCD] C:\Program File s \Ahead\InCD\InCD.exe O4 - H K LM\..\Run: [!AVG Anti- S pyware] "C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\avga s .exe" /minimized O4 - H K LM\..\Run: [ s unJavaUpdate S ched] C:\Program File s \Java\jre1.6.0_03\bin\ju s ched.exe O4 - H K CU\..\Run: [ctfmon.exe] C:\WINDOW S \ s y s tem32\ctfmon.exe O4 - H K CU\..\Run: [WOO K IT] C:\PROGRA~1\Wanadoo\ S hell.exe appLaunchClientZone. s hl|DEFAULT=cnx|PARAM= O4 - H K CU\..\Run: [m s nm s gr] "C:\Program File s \M S N Me s s enger\m s nm s gr.exe" /bac k ground O4 - H K CU\..\Run: [ s pybot S D TeaTimer] C:\Program File s \ S pybot - S earch & De s troy\TeaTimer.exe O4 - H K U S \ S -1-5-19\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Gri s oft\AVGFRE~1\avgw.exe /RUNONCE (U s er ' S ERVICE LOCAL') O4 - H K U S \ S -1-5-20\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S ERVICE R É S EAU') O4 - H K U S \ S -1-5-18\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er ' S Y S TEM') O4 - H K U S \.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOW S \ s y s tem32\CTFMON.EXE (U s er 'Default u s er') O4 - Global S tartup: D é marrage rapide du logiciel HP Image Zone.ln k = C:\Program File s \HP\Digital Imaging\bin\hpqthb08.exe O4 - Global S tartup: HP Digital Imaging Monitor.ln k = C:\Program File s \HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: & S earch - ?p=ZNxdm414YYFR O8 - Extra context menu item: Bloquer ce s erveur... - C:\Program File s \Avant Brow s er\AddAllToADBlac k Li s t.htm O8 - Extra context menu item: Bloquer cette publicit é ... - C:\Program File s \Avant Brow s er\AddToADBlac k Li s t.htm O8 - Extra context menu item: Ouvrir dan s une nouvelle fen ê tre d'Avant Brow s er - C:\Program File s \Avant Brow s er\OpenInNewBrow s er.htm O8 - Extra context menu item: Ouvrir tou s le s lien s de la page... - C:\Program File s \Avant Brow s er\OpenAllLin k s .htm O8 - Extra context menu item: Rechercher s ur le Web... - C:\Program File s \Avant Brow s er\ S earch.htm O8 - Extra context menu item: S urligner - C:\Program File s \Avant Brow s er\Highlight.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.6.0_03\bin\ s s v.dll O9 - Extra 'Tool s ' menuitem: Con s ole Java ( S un) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.6.0_03\bin\ s s v.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOW S \ s y s tem32\ S hdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O9 - Extra 'Tool s ' menuitem: S pybot - S earch & De s troy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ S PYBOT~1\ S DHelper.dll O9 - Extra button: Me s s ager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Me s s ager.exe O9 - Extra 'Tool s ' menuitem: Me s s ager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Me s s ager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file mi s s ing) (H K CU) O14 - IERE S ET.INF: S TART_PAGE_URL=file://C:\APP S \IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (C K AVWeb S can Object) - http://web s canner. k a s per s k y.fr/ k avweb s can_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnline S can Control) - http://download s .ewido.net/ewidoOnline S can.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (Total S can In s taller Cla s s ) - http://www.nano s can.com/a s /cab s /a s c s tubie.cab O23 - S ervice: ATI S mart - Un k nown owner - C:\WINDOW S \ s y s tem32\ati2 s gag.exe O23 - S ervice: AVG Anti- S pyware Guard - GRI S OFT s .r.o. - C:\Program File s \Gri s oft\AVG Anti- S pyware 7.5\guard.exe O23 - S ervice: AVG7 Alert Manager S erver (Avg7Alrt) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgam s vr.exe O23 - S ervice: AVG7 Update S ervice (Avg7Upd S vc) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgup s vc.exe O23 - S ervice: AVG E-mail S canner (AVGEM S ) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgemc.exe O23 - S ervice: CyberLin k Bac k ground Capture S ervice (CBC S ) (CLCap S vc) - Un k nown owner - c:\APP S \Powercinema\ K ernel\TV\CLCap S vc.exe O23 - S ervice: CyberLin k Ta s k S cheduler (CT S ) (CL S ched) - Un k nown owner - c:\APP S \Powercinema\ K ernel\TV\CL S ched.exe O23 - S ervice: CyberLin k Media Library S ervice - Cyberlin k - C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S erver.exe O23 - S ervice: Generic S ervice for HID K eyboard Input Collection s (GenericHid S ervice) - Un k nown owner - c:\APP S \HID S ERVICE\HID S ERVICE.exe O23 - S ervice: Google Updater S ervice (gu s vc) - Google - C:\Program File s \Google\Common\Google Updater\GoogleUpdater S ervice.exe O23 - S ervice: InCD Helper (InCD s rv) - Nero AG - C:\Program File s \Ahead\InCD\InCD s rv.exe O23 - S ervice: My s qlInventime - Un k nown owner - c:\my s ql\bin\my s qld-nt.exe O23 - S ervice: Pml Driver HPZ12 - HP - C:\WINDOW S \ s y s tem32\HPZipm12.exe O23 - S ervice: S martLin k S ervice ( S L S ervice) - - C:\WINDOW S \ S Y S TEM32\ s l s erv.exe -- End of file - 10291 byte s Alors docteur ? Merci manu

Bon j'ai fait presque tout fait sauf le scan en ligne avec kasperky. Enfin si je l'ai fait mais blocage à la fin et impossible d'éditer le rapport pourtant il y a 3 infections que ne detecte pas AVG ! Au bout de 3 tentatives j'ai laissé tomber et suis en train de lancer un scan en ligne avec panda. Si ça marche, je le posterai ainsi qu'un nouveau Hijack comme demandé. Merci

Bonjour à vous deux et d'avance merci. Ok je vais suivre les premières procédures d'Ogu ---------------------------------------------------------------------------------------------------- J'ai fait la première partie avec Hijackthis et nettoyé les fichiers que tu m'as conseillé. ---------------------------------------------------------------------------------------------------- Pour les scan, j'ai lu qu'il est déconseillé d'avoir 2 antispyware. J'avais installé Spyboot-Search&destroy et déja lancé un scan hier avant de te lire. Dois je le dé-insinstaller pour faire le scan avec EWIDO ? -------------------------------------------------------------------------------------------------------- Pour le scan avec MWAV, une fois installé, impossible de télécharger la mise à jour . j'ai donc fait sans : il m'a détecté pas mal de trucs mais il n'y a pas de bouton clean ou delete ????? Alors j'ai voulu édité le log mais impossible de le copier coller ici J'ai donc posté le journal de virus copié directement sur MWAV, j'espère qu'il est assez explicite. Objet "video activex acce s s Trojan" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet "funwebproduct s S pyware/Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet "gro k s ter S pyware/Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet "gro k s ter S pyware/Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet " s rng/ s hopnav S pyware/Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet "broadca s tpc S pyware/Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet "wareout Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Objet "wareout Adware" trouv é dan s fichier s y s t è me ! Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\ComPlu s MetaData.M s CorHo s t" s e r é f è re à l'objet invalide "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\ComPlu s MetaData.M s CorHo s t.2" s e r é f è re à l'objet invalide "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\DirectAnimation.PathControl" s e r é f è re à l'objet invalide "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\DirectAnimation. S equence" s e r é f è re à l'objet invalide "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\DirectAnimation. S equencerControl" s e r é f è re à l'objet invalide "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\DirectAnimation. S priteControl" s e r é f è re à l'objet invalide "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\DirectAnimation. S tructuredGraphic s Control" s e r é f è re à l'objet invalide "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\L S Client. S ub s criptionInfo" s e r é f è re à l'objet invalide "{9B3A3465-FE53-11D3-9784-005004D12CC3}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\L S Client. S ub s criptionInfo.1" s e r é f è re à l'objet invalide "{9B3A3465-FE53-11D3-9784-005004D12CC3}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\pbfrv2.PBFRV2" s e r é f è re à l'objet invalide "{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\ S m s _object. S M S " s e r é f è re à l'objet invalide "{46E1BF8E-AA99-4749-AA37-E18A20629B2E5}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CR\ S ymWriter.pdb" s e r é f è re à l'objet invalide "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\ModuleU s age" s e r é f è re à l'objet invalide "C:\WINDOW S \Downloaded Program File s \Axi s CamControl.ocx". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\ModuleU s age" s e r é f è re à l'objet invalide "C:\WINDOW S \Downloaded Program File s \HbIn s tIE.dll". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\ S haredDll s " s e r é f è re à l'objet invalide "C:\WINDOW S \Downloaded Program File s \Axi s CamControl.ocx". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\Decompo s er s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Application Data\ S ymantec\Common Client\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\Help\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\ID S Def s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Norton Internet S ecurity\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\Anti s pam\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\Anti S pam\ S pamDef s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\Regi s try Bac k up\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\AdBloc k ing\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Menu D é marrer\Programme s \Norton Internet S ecurity\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\WINDOW S \In s taller\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\ S cript Bloc k ing\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\Viru s Def s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Application Data\ S ymantec\Norton AntiViru s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Norton Internet S ecurity\Norton AntiViru s \Quarantine\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Norton Internet S ecurity\Norton AntiViru s \Quarantine\Portal\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Norton Internet S ecurity\Norton AntiViru s \Quarantine\Incoming\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Application Data\ S ymantec\Norton AntiViru s \Ta s k s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Menu D é marrer\Programme s \Norton Internet S ecurity\Norton AntiViru s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\WINDOW S \In s taller\{C6F5B6CF-609C-428E-876F-CA83176C021B}\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\ S ecurity Center\Plug-in\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \Micro s oft S hared\ S mart Tag\Li s t s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Micro s oft Office\Office10\ S hortcut Bar\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Menu D é marrer\Programme s \ S onic\MyDVD\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Menu D é marrer\Programme s \ S onic\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \All U s er s \Menu D é marrer\Programme s \ S onic\MyDVD\Documentation\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Ahead\CoverDe s igner\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Ahead\CoverDe s igner\Template s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \Fichier s commun s \ S ymantec S hared\ID S \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \DE\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \DE\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \DE\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \DE\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \DE\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \EN\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \EN\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \EN\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \EN\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \EN\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \E S \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \E S \PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \E S \PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \E S \PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \E S \PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \FR\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \FR\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \FR\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \FR\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \FR\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \IT\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \IT\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \IT\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \IT\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \IT\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \JP\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \JP\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \JP\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \JP\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \JP\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \NL\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \NL\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \NL\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \NL\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A16E0E70-E9DB-4337-8807-04C3CE708250\Language s \NL\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \DE\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \DE\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \DE\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \DE\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \DE\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \EN\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \EN\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \EN\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \EN\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \EN\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \E S \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \E S \PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \E S \PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \E S \PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \E S \PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \FR\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \FR\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \FR\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \FR\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \FR\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \IT\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \IT\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \IT\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \IT\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \IT\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \JP\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \JP\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \JP\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \JP\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \JP\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \NL\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \NL\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \NL\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \NL\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\A3D606AA-C861-4A77-973C-C43409A6F621\Language s \NL\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \DE\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \DE\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \DE\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \DE\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \DE\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \EN\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \EN\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \EN\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \EN\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \EN\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \E S \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \E S \PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \E S \PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \E S \PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \E S \PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \FR\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \FR\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \FR\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \FR\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \FR\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \IT\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \IT\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \IT\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \IT\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \IT\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \JP\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \JP\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \JP\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \JP\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \JP\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \NL\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \NL\PCUUI\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \NL\PCUUI\Image s \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \NL\PCUUI\Image s \Button\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\Corel\6EF6252D-E892-44A9-B850-002964323D0F\Language s \NL\PCUUI\Image s \Frame\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\German\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\Italian\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\French\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\ S pani s h\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\Portugue s e\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\Dutch\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\ S wedi s h\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Program File s \ S am s ung\Ea s y S tudio 1.1\ S ync ML De s k top S erver\Gree k \". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\In s taller\Folder s " s e r é f è re à l'objet invalide "C:\Document s and S etting s \nadia p\Menu D é marrer\Programme s \ S imon Bergner ´ s ATC S imulator\". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".2". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".72". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".air". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".ba k ". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".B_W". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".CAL". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".cfg". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".LCB". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".LNG". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".MDL". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".OB S 2670". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".photo00". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".pvm". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".r1m". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K CU\ S oftware\Micro s oft\Window s \CurrentVer s ion\Explorer\FileExt s " s e r é f è re à l'objet invalide ".tmp". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "E S CX3600 Guide de r é f.". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "Happyneuron n ° 1 - Archipel de la M é moire". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "Pac-Man World 2". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide " S imCity 3000". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "WgaNotify". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "{109D28C7-FB38-483A-9C91-001CB59E2699}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "{1526D87C-A955-4FAB-BF18-697BA457E352}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "{503AA035-41E2-4858-B31F-1E49AC66C309}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "{AC76BA86-7AD7-1036-7B44-A80000000002}". Me s ure pri s e : Pa s de me s ure pri s e. Entr é e "H K LM\ S oftware\Micro s oft\Window s \CurrentVer s ion\App Management\ARPCache" s e r é f è re à l'objet invalide "{BAFD3C1E-03EC-11DA-BFBD-00065BBDC0B5}". Me s ure pri s e : Pa s de me s ure pri s e. Fichier C:\Document s and S etting s \nadia p\Local S etting s \Temporary Internet File s \Content.IE5\80VL9VG2\in s tala-emule[1].exe nomm é "not-a-viru s :FraudTool.Win32.Ta k edawnload.a". Me s ure pri s e : Pa s de me s ure pri s e. Fichier C:\Program File s \IncrediMail\bin\IncrediMail_In s tall.exe nomm é "not-a-viru s :Downloader.Win32.ImLoader.c". Me s ure pri s e : Pa s de me s ure pri s e. Fichier C:\Program File s \Trend Micro\Hijac k Thi s \bac k up s \bac k up-20071222-215854-913.dll nomm é "not-a-viru s :AdWare.Win32.Power S earch.c". Me s ure pri s e : Pa s de me s ure pri s e. Fichier C:\ S y s tem Volume Information\_re s tore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP746\A0314526.dll nomm é "not-a-viru s :AdWare.Win32.Time S in k .c". Me s ure pri s e : Pa s de me s ure pri s e. Fichier C:\ S y s tem Volume Information\_re s tore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP746\A0314527.exe nomm é "not-a-viru s :AdWare.Win32.Time S in k ". Me s ure pri s e : Pa s de me s ure pri s e. Fichier C:\ S y s tem Volume Information\_re s tore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP746\A0315531.dll nomm é "not-a-viru s :AdWare.Win32.Power S earch.c". Me s ure pri s e : Pa s de me s ure pri s e.

Bonjour, Après avoir excellement fait réparer mon ordi perso par Charles Ingals en début de mois, je vous soumets un petit pb sur celui de ma mère qui m'héberge pendant les vacances de Noël Son navigateur se bloque fréquemment et rien n'y fait pas même le ctrl+alt+sup, seul un arrachage violent et énergique de la prise de courant y met fin ! Si quelqu'un peut jeter un coup d'oeil sur le rapport ! merci d'avance. Manu Logfile of Hijac k Thi s v1.99.1 S can s aved at 18:08:11, on 22/12/2007 Platform: Window s XP S P2 (WinNT 5.01.2600) M S IE: Internet Explorer v7.00 (7.00.6000.16574) Running proce s s e s : C:\WINDOW S \ S y s tem32\ s m s s .exe C:\WINDOW S \ s y s tem32\winlogon.exe C:\WINDOW S \ s y s tem32\ s ervice s .exe C:\WINDOW S \ s y s tem32\l s a s s .exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\WINDOW S \ S y s tem32\ s vcho s t.exe C:\Program File s \Ahead\InCD\InCD s rv.exe C:\WINDOW S \Explorer.EXE C:\WINDOW S \ s y s tem32\ s pool s v.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgam s vr.exe C:\WINDOW S \ S OUNDMAN.EXE C:\WINDOW S \ALCWZRD.EXE C:\PROGRA~1\Gri s oft\AVGFRE~1\avgup s vc.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgemc.exe C:\ATI Technologie s \ATI Control Panel\atiptaxx.exe C:\Program File s \Java\jre1.5.0_09\bin\ju s ched.exe C:\App s \Powercinema\PCM S ervice.exe C:\app s \ABoard\ABoard.exe c:\APP S \Powercinema\ K ernel\TV\CLCap S vc.exe C:\PROGRA~1\ME S S AG~1\ S tartMe s s ager.exe C:\Program File s \Quic k Time\QTTa s k .exe c:\APP S \Powercinema\ K ernel\TV\CL S ched.exe C:\Program File s \Fichier s commun s \Real\Update_OB\real s ched.exe C:\app s \ABoard\AO S D.exe C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S erver.exe C:\PROGRA~1\Gri s oft\AVGFRE~1\avgcc.exe C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S ervice.exe c:\APP S \HID S ERVICE\HID S ERVICE.exe C:\Program File s \Fichier s commun s \Micro s oft S hared\V S 7Debug\mdm.exe C:\Program File s \Ahead\InCD\InCD.exe C:\Program File s \HP\HP S oftware Update\HPWu S chd2.exe C:\WINDOW S \ s y s tem32\ctfmon.exe C:\PROGRA~1\Wanadoo\Ta s k BarIcon.exe C:\WINDOW S \ s y s tem32\ s l s erv.exe C:\WINDOW S \ s y s tem32\ s vcho s t.exe C:\app s \ s k ype\phone\ S k ype.exe C:\Program File s \Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program File s \M S N Me s s enger\m s nm s gr.exe C:\PROGRA~1\Wanadoo\Ge s tionnaireInternet.exe C:\Program File s \HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toa s ter.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOW S \ S y s tem32\ALERTM~1\ALERTM~1.EXE C:\Program File s \HP\Digital Imaging\bin\hpqgalry.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program File s \M S N Me s s enger\u s n s vc.exe C:\Program File s \Avant Brow s er\avant.exe C:\Program File s \Java\jre1.5.0_09\bin\juchec k .exe C:\WINDOW S \ s y s tem32\HPZipm12.exe C:\DOCUME~1\NADIAP~1\LOCAL S ~1\Temp\R é pertoire temporaire 2 pour hijac k thi s _199.zip\Hijac k Thi s .exe R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S earch Bar = http://format.pac k ardbell.com/cgi-bin/redi...& k ey= S EARCH R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://fr.m s n.com/ R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_Page_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main,Default_ S earch_URL = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R1 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S earch Page = http://go.micro s oft.com/fwlin k /?Lin k Id=54896 R0 - H K LM\ S oftware\Micro s oft\Internet Explorer\Main, S tart Page = http://go.micro s oft.com/fwlin k /?Lin k Id=69157 R1 - H K CU\ S oftware\Micro s oft\Internet Explorer\Main,Window Title = Orange R0 - H K CU\ S oftware\Micro s oft\Internet Explorer\Toolbar,Lin k s FolderName = Lien s R3 - URL S earchHoo k : S earch Cla s s - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\ S EARCH~1.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program File s \Fichier s commun s \Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOW S \ s y s tem32\pbfrv2.dll O2 - BHO: S S VHelper Cla s s - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program File s \Java\jre1.5.0_09\bin\ s s v.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Window s Live S ign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program File s \Fichier s commun s \Micro s oft S hared\Window s Live\Window s LiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program file s \google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program File s \Google\GoogleToolbarNotifier\2.0.301.7164\ s wg.dll O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOW S \ s y s tem32\pbfrv2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program file s \google\googletoolbar2.dll O4 - H K LM\..\Run: [iMJPMIG8.1] "C:\WINDOW S \IME\imjp8_1\IMJPMIG.EXE" / S poil /RemAdvDef /Migration32 O4 - H K LM\..\Run: [PHIME2002A S ync] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE / S YNC O4 - H K LM\..\Run: [PHIME2002A] C:\WINDOW S \ s y s tem32\IME\TINTLGNT\TINT S ETP.EXE /IMEName O4 - H K LM\..\Run: [Raccourci ver s la page de s propri é t é s de High Definition Audio] HDAudProp S hortcut.exe O4 - H K LM\..\Run: [ s oundMan] S OUNDMAN.EXE O4 - H K LM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - H K LM\..\Run: [Alcmtr] ALCMTR.EXE O4 - H K LM\..\Run: [ATIPTA] C:\ATI Technologie s \ATI Control Panel\atiptaxx.exe O4 - H K LM\..\Run: [ s unJavaUpdate S ched] "C:\Program File s \Java\jre1.5.0_09\bin\ju s ched.exe" O4 - H K LM\..\Run: [PCM S ervice] "c:\App s \Powercinema\PCM S ervice.exe" O4 - H K LM\..\Run: [ACTIVBOARD] c:\app s \ABoard\ABoard.exe O4 - H K LM\..\Run: [Me s s ager S tarter Wanadoo] C:\PROGRA~1\ME S S AG~1\ S tartMe s s ager.exe Me s s ager Wanadoo O4 - H K LM\..\Run: [EP S ON S tylu s CX3600 S erie s ] C:\WINDOW S \ S y s tem32\ s pool\DRIVER S \W32X86\3\E_FATI9BE.EXE /P26 "EP S ON S tylu s CX3600 S erie s " /O6 "U S B001" /M " S tylu s CX3600" O4 - H K LM\..\Run: [Quic k Time Ta s k ] "C:\Program File s \Quic k Time\QTTa s k .exe" -atboottime O4 - H K LM\..\Run: [T k BellExe] "C:\Program File s \Fichier s commun s \Real\Update_OB\real s ched.exe" -o s boot O4 - H K LM\..\Run: [AVG7_CC] C:\PROGRA~1\Gri s oft\AVGFRE~1\avgcc.exe / S TARTUP O4 - H K LM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - H K LM\..\Run: [WOOTA S K BARICON] C:\PROGRA~1\Wanadoo\Ge s tMaj.exe Ta s k BarIcon.exe O4 - H K LM\..\Run: [inCD] C:\Program File s \Ahead\InCD\InCD.exe O4 - H K LM\..\Run: [HP S oftware Update] "C:\Program File s \HP\HP S oftware Update\HPWu S chd2.exe" O4 - H K LM\..\Run: [Adobe Reader S peed Launcher] "C:\Program File s \Adobe\Reader 8.0\Reader\Reader_ s l.exe" O4 - H K CU\..\Run: [ctfmon.exe] C:\WINDOW S \ s y s tem32\ctfmon.exe O4 - H K CU\..\Run: [WOO K IT] C:\PROGRA~1\Wanadoo\ S hell.exe appLaunchClientZone. s hl|DEFAULT=cnx|PARAM= O4 - H K CU\..\Run: [ s k ype] "C:\app s \ s k ype\phone\ S k ype.exe" /no s pla s h /minimized O4 - H K CU\..\Run: [ s wg] C:\Program File s \Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - H K CU\..\Run: [m s nm s gr] "C:\Program File s \M S N Me s s enger\m s nm s gr.exe" /bac k ground O4 - Global S tartup: D é marrage rapide du logiciel HP Image Zone.ln k = C:\Program File s \HP\Digital Imaging\bin\hpqthb08.exe O4 - Global S tartup: HP Digital Imaging Monitor.ln k = C:\Program File s \HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: & S earch - http://edit s .myweb s earch.com/toolbaredit s /...?p=ZNxdm414YYFR O8 - Extra context menu item: Bloquer ce s erveur... - C:\Program File s \Avant Brow s er\AddAllToADBlac k Li s t.htm O8 - Extra context menu item: Bloquer cette publicit é ... - C:\Program File s \Avant Brow s er\AddToADBlac k Li s t.htm O8 - Extra context menu item: Ouvrir dan s une nouvelle fen ê tre d'Avant Brow s er - C:\Program File s \Avant Brow s er\OpenInNewBrow s er.htm O8 - Extra context menu item: Ouvrir tou s le s lien s de la page... - C:\Program File s \Avant Brow s er\OpenAllLin k s .htm O8 - Extra context menu item: Rechercher s ur le Web... - C:\Program File s \Avant Brow s er\ S earch.htm O8 - Extra context menu item: S urligner - C:\Program File s \Avant Brow s er\Highlight.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.5.0_09\bin\ s s v.dll O9 - Extra 'Tool s ' menuitem: Con s ole Java ( S un) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program File s \Java\jre1.5.0_09\bin\ s s v.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOW S \ s y s tem32\ S hdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Networ k Diagno s tic\xpnetdiag.exe (file mi s s ing) O9 - Extra 'Tool s ' menuitem: @xp s p3re s .dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Networ k Diagno s tic\xpnetdiag.exe (file mi s s ing) O9 - Extra button: Me s s ager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Me s s ager.exe O9 - Extra 'Tool s ' menuitem: Me s s ager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Me s s ager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file mi s s ing) (H K CU) O11 - Option s group: [iNTERNATIONAL] International* O14 - IERE S ET.INF: S TART_PAGE_URL=file://C:\APP S \IE\offline\fr.htm O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://a k .imgfarm.com/image s /nocache/funwe...tup1.0.0.15.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtIn s tObj) - http://in s tall s .hotbar.com/in s tall s /hbtool...am s /hbtool s .cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Cla s s ) - http://www.cabourg.net/meteocam/Axi s CamControl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ( S hoc k wave Fla s h Object) - http://fpdownload2.macromedia.com/get/ s hoc...a s h/ s wfla s h.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\M S NME S ~1\M S GRAP~1.DLL O18 - Protocol: m s nim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\M S NME S ~1\M S GRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOW S \ S Y S TEM32\WgaLogon.dll O21 - S S ODL: WPD S h S erviceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOW S \ s y s tem32\WPD S h S erviceObj.dll O23 - S ervice: ATI S mart - Un k nown owner - C:\WINDOW S \ s y s tem32\ati2 s gag.exe O23 - S ervice: AVG7 Alert Manager S erver (Avg7Alrt) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgam s vr.exe O23 - S ervice: AVG7 Update S ervice (Avg7Upd S vc) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgup s vc.exe O23 - S ervice: AVG E-mail S canner (AVGEM S ) - GRI S OFT, s .r.o. - C:\PROGRA~1\Gri s oft\AVGFRE~1\avgemc.exe O23 - S ervice: CyberLin k Bac k ground Capture S ervice (CBC S ) (CLCap S vc) - Un k nown owner - c:\APP S \Powercinema\ K ernel\TV\CLCap S vc.exe O23 - S ervice: CyberLin k Ta s k S cheduler (CT S ) (CL S ched) - Un k nown owner - c:\APP S \Powercinema\ K ernel\TV\CL S ched.exe O23 - S ervice: CyberLin k Media Library S ervice - Cyberlin k - C:\Program File s \CyberLin k \ S hared File s \CLML_NT S ervice\CLML S erver.exe O23 - S ervice: Generic S ervice for HID K eyboard Input Collection s (GenericHid S ervice) - Un k nown owner - c:\APP S \HID S ERVICE\HID S ERVICE.exe O23 - S ervice: Google Updater S ervice (gu s vc) - Google - C:\Program File s \Google\Common\Google Updater\GoogleUpdater S ervice.exe O23 - S ervice: InCD Helper (InCD s rv) - Nero AG - C:\Program File s \Ahead\InCD\InCD s rv.exe O23 - S ervice: My s qlInventime - Un k nown owner - c:\my s ql\bin\my s qld-nt.exe O23 - S ervice: Pml Driver HPZ12 - HP - C:\WINDOW S \ s y s tem32\HPZipm12.exe O23 - S ervice: S martLin k S ervice ( S L S ervice) - - C:\WINDOW S \ S Y S TEM32\ s l s erv.exe

Ok, j'irais sur Malware Complaints pour déposer ma "plainte", je peux évidemment faire ça à mon tour. Encore merci. Manu

Poste le dernier rapport ComboFix ComboFix 07-12-07.3 - Papa 2007-12-11 6:15:18.10 - NTF S x86 Micro s oft Window s XP É dition familiale 5.1.2600.2.1252.1.1036.18.641 [GMT 1:00] Running from: C:\Document s and S etting s \Papa\Bureau\ComboFix.exe Command s witche s u s ed :: C:\Document s and S etting s \Papa\Bureau\CF S cript.txt * Created a new re s tore point FILE c:\window s \downloaded program file s \i s tactivex.inf C:\WINDOW S \m s nch k .exe c:\window s \ s y s tem32\xplugin.dll D:\utilitaire s \multimedia\video\Copier DVD en divx.exe D:\utilitaire s \multimedia\video\Pac k pour copier dvd en divx.exe D:\utilitaire s \Utilitaire PC\Addremove\arfree11.exe . (((((((((((((((((((((((((((((((((((( Autre s s uppre s s ion s )))))))))))))))))))))))))))))))))))))))))))))))) . c:\Document s and S etting s \Papa\Bureau\DiagHelp c:\Document s and S etting s \Papa\Bureau\DiagHelp\catchme.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\catchmego.cmd c:\Document s and S etting s \Papa\Bureau\DiagHelp\chercher.cmd c:\Document s and S etting s \Papa\Bureau\DiagHelp\diff.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\dumphive.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\File s InfoCmd.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\find2.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\Fport.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\go.cmd c:\Document s and S etting s \Papa\Bureau\DiagHelp\grep.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\gzip.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\help.cmd c:\Document s and S etting s \Papa\Bureau\DiagHelp\ K ProcChec k .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ K ProcChec k . s y s c:\Document s and S etting s \Papa\Bureau\DiagHelp\LFile s .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\LI S TDLL S .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\md5 s um s .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ntbtlog_chec k .txt c:\Document s and S etting s \Papa\Bureau\DiagHelp\p s li s t.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\reboot.cmd c:\Document s and S etting s \Papa\Bureau\DiagHelp\ s igchec k .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ s tream s .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ s wreg.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\tar.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\te s t.hiv c:\Document s and S etting s \Papa\Bureau\DiagHelp\tmp.hiv c:\Document s and S etting s \Papa\Bureau\DiagHelp\tmp.txt c:\Document s and S etting s \Papa\Bureau\DiagHelp\tmp2.txt c:\Document s and S etting s \Papa\Bureau\DiagHelp\tmp3.txt c:\window s \downloaded program file s \i s tactivex.inf C:\WINDOW S \m s nch k .exe c:\window s \ s y s tem32\xplugin.dll D:\t é l é chargement s \Antiviru s and Co\M S NFix D:\t é l é chargement s \Antiviru s and Co\M S NFix\2007-12-09_ 81603.07.zip D:\t é l é chargement s \Antiviru s and Co\M S NFix\incl\ban k er.reg D:\t é l é chargement s \Antiviru s and Co\M S NFix\incl\MD5File.exe D:\t é l é chargement s \Antiviru s and Co\M S NFix\incl\m s nch k .exe D:\t é l é chargement s \Antiviru s and Co\M S NFix\incl\Proce s s .exe D:\t é l é chargement s \Antiviru s and Co\M S NFix\incl\ s wreg.exe D:\t é l é chargement s \Antiviru s and Co\M S NFix\incl\zip.exe D:\t é l é chargement s \Antiviru s and Co\M S NFix\M S NFix.bat D:\utilitaire s \multimedia\video\Pac k pour copier dvd en divx.exe D:\utilitaire s \Utilitaire PC\Addremove\arfree11.exe . ((((((((((((((((((((((((((((((((((((((( Driver s / S ervice s ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\poof ((((((((((((((((((((((((((((( Fichier s cr ‚ ‚ s 2007-11-11 to 2007-12-11 )))))))))))))))))))))))))))))))))))) . 2007-12-10 20:08 . 2007-12-10 20:08 <REP> d-------- C:\Program File s \Panda S ecurity 2007-12-10 20:01 . 2007-12-10 20:01 15,769,917 --a------ C:\upload_moi_LEGEND.tar.gz 2007-12-09 13:36 . 2007-12-09 13:36 <REP> d-------- C:\Program File s \Reallu s ion 2007-12-09 13:36 . 2007-12-09 13:36 <REP> d-------- C:\Document s and S etting s \Papa\Application Data\Reallu s ion 2007-12-09 13:35 . 2007-12-09 13:35 <REP> d-------- C:\Program File s \Fichier s commun s \Reallu s ion 2007-12-09 13:34 . 2007-12-09 13:34 <REP> d-------- C:\Document s and S etting s \Papa\Application Data\In s tall S hield 2007-12-09 12:28 . 2007-12-09 12:28 <REP> d-------- C:\vc s 5BGEffect s 2007-12-02 11:10 . 2007-01-18 13:00 3,968 --a------ C:\WINDOW S \ s y s tem32\driver s \AvgArCln. s y s 2007-11-28 17:09 . 2007-11-28 17:09 <REP> d--- s ---- C:\Document s and S etting s \Lili\U s erData 2007-11-25 16:28 . 2007-11-25 16:28 <REP> d-------- C:\Document s and S etting s \Lili\Contact s 2007-11-17 09:27 . 2007-11-17 09:27 <REP> d-------- C:\WINDOW S \ s y s tem32\ K a s per s k y Lab 2007-11-17 09:27 . 2007-11-17 09:27 <REP> d-------- C:\Document s and S etting s \All U s er s \Application Data\ K a s per s k y Lab 2007-11-14 12:31 . 2007-11-14 12:31 268 --ah----- C:\ s qmdata02. s qm 2007-11-14 12:31 . 2007-11-14 12:31 244 --ah----- C:\ s qmnoopt02. s qm 2007-11-13 18:08 . 2007-11-13 20:56 <REP> d-------- C:\Document s and S etting s \All U s er s \Application Data\Prevx 2007-11-11 18:11 . 2007-11-11 18:11 <REP> d-------- C:\Document s and S etting s \Maman\Application Data\Avant Profile s . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-11 05:07 --------- d-----w C:\Document s and S etting s \Papa\Application Data\ S k ype 2007-12-10 21:51 --------- d-----w C:\Document s and S etting s \All U s er s \Application Data\AVG7 2007-12-10 19:41 --------- d-----w C:\Program File s \Alice 2007-12-09 12:35 --------- d--h--w C:\Program File s \In s tall S hield In s tallation Information 2007-12-06 17:18 --------- d-----w C:\Document s and S etting s \Papa\Application Data\LimeWire 2007-11-18 14:36 --------- d-----w C:\Document s and S etting s \All U s er s \Application Data\Me s s enger Plu s ! 2007-11-11 15:52 --------- d-----w C:\Program File s \Logiciel s 2007-11-11 15:51 --------- d-----w C:\Program File s \Fichier s commun s \Wi s e In s tallation Wizard 2007-11-07 18:34 --------- d-----w C:\Program File s \Window s Live 2007-11-07 18:34 --------- d-----w C:\Program File s \M S N Me s s enger 2007-11-07 18:34 --------- d-----w C:\Program File s \Me s s enger Plu s ! Live 2007-11-04 12:02 --------- d-----w C:\Program File s \Dcad s Game s Collection 2007-11-04 11:58 --------- d-----w C:\Program File s \PlayMP3z 2007-11-04 07:26 --------- d-----w C:\Document s and S etting s \All U s er s \Application Data\DVD S hrin k 2007-11-01 11:48 --------- d-----w C:\Program File s \Micro s oft Game s 2007-10-27 15:32 --------- d-----w C:\Program File s \Micro s oft Active S ync 2007-10-18 19:06 --------- d-----w C:\Program File s \DivX 2007-10-14 14:44 --------- d-----w C:\Program File s \Google 2002-07-26 15:02 153,088 ----a-w C:\Program File s \UNWI S E.EXE 2004-11-01 09:17 104 -- s h--r C:\WINDOW S \ s y s tem32\DDFE015B67. s y s . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* le s ‚ l ‚ ment s vide s & le s ‚ l ‚ ment s initiaux l ‚ gitime s ne s ont pa s li s t ‚ s [H K EY_CURRENT_U S ER\ S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Run] "H/PC Connection Agent"="C:\Program File s \Micro s oft Active S ync\wce s comm.exe" [2006-06-26 21:45] "ctfmon.exe"="C:\WINDOW S \ s y s tem32\ctfmon.exe" [2004-08-20 00:09] "NBJ"="C:\Program File s \Ahead\Nero Bac k ItUp\NBJ.exe" [2003-10-01 17:29] [H K EY_LOCAL_MACHINE\ S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Run] "AVG7_CC"="C:\PROGRA~1\Gri s oft\AVG7\avgcc.exe" [2007-10-23 17:17] "Quic k Time Ta s k "="C:\Program File s \Quic k Time\qtta s k .exe" [2007-09-14 18:45] [H K EY_U S ER S \.DEFAULT\ S oftware\Micro s oft\Window s \CurrentVer s ion\Run] "CTFMON.EXE"="C:\WINDOW S \ S y s tem32\CTFMON.EXE" [2004-08-20 00:09] "ALUAlert"="C:\Program File s \ S ymantec\LiveUpdate\ALUNotify.exe" [] "AVG7_Run"="C:\PROGRA~1\Gri s oft\AVG7\avgw.exe" [2007-10-23 17:17] "Pica s a Media Detector"="C:\Logiciel s \Pica s a2\Pica s aMediaDetector.exe" [2007-09-28 02:17] [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s hared tool s \m s config\ s tartupfolder\C:^Document s and S etting s ^All U s er s ^Menu D é marrer^Programme s ^D é marrage^Micro s oft Recherche acc é l é r é e.ln k ] path=C:\Document s and S etting s \All U s er s \Menu D é marrer\Programme s \D é marrage\Micro s oft Recherche acc é l é r é e.ln k bac k up=C:\WINDOW S \p s s \Micro s oft Recherche acc é l é r é e.ln k Common S tartup [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\ s hared tool s \m s config\ s tartupfolder\C:^Document s and S etting s ^Papa^Menu D é marrer^Programme s ^D é marrage^de s k top.ln k ] path=C:\Document s and S etting s \Papa\Menu D é marrer\Programme s \D é marrage\de s k top.ln k bac k up=C:\WINDOW S \p s s \de s k top.ln k S tartup [H K EY_CURRENT_U S ER\ s oftware\micro s oft\window s \currentver s ion\run-] "LDM"=c:\program file s \logitech\De s k top Me s s enger\8876480\Program\LogitechDe s k topMe s s enger.exe [H K EY_LOCAL_MACHINE\ s oftware\micro s oft\window s \currentver s ion\run-] "Control K id s "=C:\Program File s \Control K id s \Control k id s .exe " S peedTouch U S B Diagno s tic s "="C:\Program File s \Thom s on\ S peedTouch U S B\Dragdiag.exe" /icon R1 A s api;A s api;C:\WINDOW S \ s y s tem32\driver s \A s api. s y s R3 Cap7134;A S U S TV7134 WDM Video Capture;C:\WINDOW S \ s y s tem32\DRIVER S \Cap7134. s y s R3 PhTVTune;A S U S WDM TV Tuner;C:\WINDOW S \ s y s tem32\DRIVER S \PhTVTune. s y s S 1 tvtool;tvtool;\??\C:\Logiciel s \Tv Tool s \tvtool. s y s S 3 A S IOMI;A S IOMI;\??\C:\WINDOW S \ s y s tem32\driver s \A S IOMI. s y s S 3 CtlCam;Video Bla s ter WebCam Go Plu s (WDM);C:\WINDOW S \ s y s tem32\DRIVER S \Wcgopvid. s y s S 3 MPC S Y S ;MPC S Y S ;\??\C:\WINDOW S \ S y s tem32\DRIVER S \mpc s y s . s y s S 3 VC4CB104;U S B PC Camera;C:\WINDOW S \ s y s tem32\Driver s \VC4CB104. S Y S S 3 WCGOPHAL;WCGOPHAL;C:\WINDOW S \ s y s tem32\driver s \Wcgophal. s y s S 4 Boonty Game s ;Boonty Game s ;"C:\Program File s \Fichier s commun s \BOONTY S hared\ S ervice\Boonty.exe" [H K EY_CURRENT_U S ER\ s oftware\micro s oft\window s \currentver s ion\explorer\mountpoint s 2\E] \ S hell\AutoRun\command - E:\ S tart.exe [H K EY_CURRENT_U S ER\ s oftware\micro s oft\window s \currentver s ion\explorer\mountpoint s 2\F] \ S hell\AutoRun\command - F:\autorun.exe . ************************************************************************** catchme 0.3.1318 W2 K /XP/Vi s ta - root k it/ s tealth malware detector by Gmer, http://www.gmer.net Root k it s can 2007-12-11 06:20:38 Window s 5.1.2600 S ervice Pac k 2 NTF S s canning hidden proce s s e s ... s canning hidden auto s tart entrie s ... s canning hidden file s ... s can completed s ucce s s fully hidden file s : 0 ************************************************************************** "ImagePath"="\??\C:\Document s and S etting s \Papa\Me s document s \Diver s \Decodificar Canal plu s funciona con XP + audio y video\Decodificar Canal plu s + audio y video - [by Homero] -\video\HWIONT. s y s " . Completion time: 2007-12-11 6:21:51 - machine wa s rebooted C:\ComboFix2.txt ... 2007-12-10 19:28 . --- E O F --- comment fonctionne le pc à présent ? Ben plus de message de virus quand on ouvre l'explorateur et surtout je vois que tu as bien nettoyé plein de trucs (Mirar,...) dont je pensais m'être débarassé. Tu as même fait le ménage de tous les différents rapports crées et autres ! Merci beaucoup, vous faites du très bon boulot tous. Comme pour les toubibs, on espère repasser le plus tard possible mais si je dois revenir, ça sera avec plaisir ! (enfin pour moi du moins !) Bonne contination à toi et toute l'équipe et bonnes fêtes de fin d'année ! Manu

Dans ce cas, poste donc un nouveau rapport DiagHelp stp pour voir. si les fichiers ont bien disparu DiagHelp ver s ion v1.4 - http://www.male k al.com excute le 10/12/2007 à 20:00:04,81 Li s te de s dernier s fichie s modifie s /cree s dan s windir\ s y s tem32 et prefetch C:\WINDOW S \prefetch\CHCP.COM-17EDBDC9.pf -->10/12/2007 20:00:01 C:\WINDOW S \prefetch\CMD.EXE-034B0549.pf -->10/12/2007 19:59:55 C:\WINDOW S \prefetch\WINZIP32.EXE-05C8BFA5.pf -->10/12/2007 19:58:25 C:\WINDOW S \prefetch\QTTA S K .EXE-1876A1A1.pf -->10/12/2007 19:58:08 C:\WINDOW S \prefetch\AVANT.EXE-28ACE82E.pf -->10/12/2007 19:57:53 C:\WINDOW S \prefetch\E_ S 10RN2.EXE-25EB6618.pf -->10/12/2007 19:56:43 C:\WINDOW S \prefetch\E_ S 10MT2.EXE-1480C3F8.pf -->10/12/2007 19:56:43 C:\WINDOW S \prefetch\E_DPPE03.EXE-033582C8.pf -->10/12/2007 19:56:36 C:\WINDOW S \prefetch\RUNDLL32.EXE-4FF9832D.pf -->10/12/2007 19:56:28 C:\WINDOW S \prefetch\VERCL S ID.EXE-28F52AD2.pf -->10/12/2007 19:52:23 C:\WINDOW S \ S y s tem32\driver s \avg7core. s y s -->23/10/2007 17:17:39 C:\WINDOW S \ S y s tem32\driver s \pxhelp20. s y s -->15/08/2007 23:33:10 C:\WINDOW S \ S y s tem32\driver s \CDAC15BA. S Y S -->30/06/2007 12:43:28 C:\WINDOW S \ S y s tem32\driver s \avgmfx86. s y s -->25/06/2007 17:17:27 C:\WINDOW S \ S y s tem32\driver s \N S Driver. s y s -->04/06/2007 15:18:48 C:\WINDOW S \ S y s tem32\driver s \AWRTRD. s y s -->04/06/2007 15:17:02 C:\WINDOW S \ S y s tem32\driver s \AWRTPD. s y s -->04/06/2007 15:14:56 C:\WINDOW S \ S y s tem32\Perf S tringBac k up.INI -->10/12/2007 19:01:42 C:\WINDOW S \ S y s tem32\perfh00C.dat -->10/12/2007 19:01:42 C:\WINDOW S \ S y s tem32\perfh009.dat -->10/12/2007 19:01:42 C:\WINDOW S \ S y s tem32\perfc00C.dat -->10/12/2007 19:01:42 C:\WINDOW S \ S y s tem32\perfc009.dat -->10/12/2007 19:01:42 C:\WINDOW S \ S y s tem32\wpa.dbl -->10/12/2007 18:57:58 C:\WINDOW S \ S y s tem32\ s w s c.exe -->04/12/2007 01:00:42 C:\WINDOW S \ S y s tem32\FNTCACHE.DAT -->02/11/2007 10:32:41 C:\WINDOW S \ S y s tem32\MRT.exe -->02/11/2007 08:12:57 C:\WINDOW S \ S y s tem32\xp s p3re s .dll -->29/10/2007 16:35:14 C:\WINDOW S \ S y s tem32\ s hell32.dll -->25/10/2007 17:56:24 C:\WINDOW S \ S y s tem32\divxdec.ax -->18/09/2007 13:24:32 C:\WINDOW S \ S y s tem32\divx_xx0c.dll -->17/09/2007 19:23:00 C:\WINDOW S \ S y s tem32\divx_xx07.dll -->17/09/2007 19:23:00 C:\WINDOW S \ S y s tem32\divx_xx11.dll -->17/09/2007 19:22:58 C:\WINDOW S \ S y s tem32\DivX.dll -->17/09/2007 19:22:58 C:\WINDOW S \ S y s tem32\DivXCodecVer s ionChec k er.exe -->12/09/2007 00:14:30 C:\WINDOW S \ S y s tem32\TZLog.log -->30/08/2007 02:00:54 C:\WINDOW S \ S y s tem32\wininet.dll -->22/08/2007 14:13:08 C:\WINDOW S \ S y s tem32\urlmon.dll -->22/08/2007 14:13:08 C:\WINDOW S \ S y s tem32\ s hlwapi.dll -->22/08/2007 14:13:08 C:\WINDOW S \ S y s tem32\ s hdocvw.dll -->22/08/2007 14:13:08 C:\WINDOW S \ S y s tem32\pngfilt.dll -->22/08/2007 14:13:07 C:\WINDOW S \ S y s tem32\m s time.dll -->22/08/2007 14:13:07 C:\WINDOW S \ S y s tem32\m s rating.dll -->22/08/2007 14:13:07 C:\WINDOW S \win.ini -->10/12/2007 19:52:16 C:\WINDOW S \ s y s tem.ini -->10/12/2007 19:27:36 C:\WINDOW S .log -->10/12/2007 18:57:44 C:\WINDOW S \wiadebug.log -->10/12/2007 18:57:42 C:\WINDOW S \wia s ervc.log -->10/12/2007 18:57:39 C:\WINDOW S \Window s Update.log -->10/12/2007 18:57:37 C:\WINDOW S \boot s tat.dat -->10/12/2007 18:57:19 C:\WINDOW S \ S chedLgU.Txt -->10/12/2007 18:56:24 C:\WINDOW S \offitem s .log -->10/12/2007 06:07:43 C:\WINDOW S \Papa8.xlb -->09/12/2007 15:54:44 C:\WINDOW S \winamp.ini -->09/12/2007 14:00:02 C:\WINDOW S \m s nfix.txt -->09/12/2007 08:16:18 C:\WINDOW S \ntbtlog.txt -->07/12/2007 06:14:57 C:\WINDOW S \COM+.log -->03/12/2007 19:27:02 C:\WINDOW S \ s etupapi.log -->02/12/2007 12:53:37 winlogon.exe Verified: S igned s vcho s t.exe Verified: S igned w s 2_32.dll Verified: S igned u s er32.dll Verified: S igned tcpip. s y s Verified: Un s igned ndi s . s y s Verified: S igned null. s y s Verified: S igned Li s tDLL s v2.25 - DLL li s ter for Win9x/NT Copyright © 1997-2004 Mar k Ru s s inovich S y s internal s - www. s y s internal s .com ------------------------------------------------------------------------------ explorer.exe pid: 2952 Command line: C:\WINDOW S \explorer.exe Ba s e S ize Ver s ion Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOW S \ s y s tem32\comctl32.dll 0x10100000 0x16000 C:\Program File s \Logitech\ S etPoint\lg s croll.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOW S \ s y s tem32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOW S \ s y s tem32\COMRe s .dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOW S \ s y s tem32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOW S \ s y s tem32\m s i.dll 0x10000000 0xb000 2.00.0000.0000 C:\LOGICI~1\WinZip\wz s hlext.dll 0x73ce0000 0x27000 4.00.1183.0001 C:\WINDOW S \ s y s tem32\CRTDLL.dll 0x40000000 0x9000 1.00.0000.0001 C:\LOGICI~1\WINZIP\WZCAB2.DLL 0x02240000 0x8b000 C:\WINDOW S \ s y s tem32\incinerator.dll 0x023d0000 0x9b000 C:\WINDOW S \ s y s tem32\rjhExt.dll 0x74da0000 0x6c000 5.30.0023.1228 C:\WINDOW S \ s y s tem32\RICHED20.DLL 0x621a0000 0x10000 7.05.0000.0409 C:\Program File s \Gri s oft\AVG7\avg s e.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOW S \ s y s tem32\M S VCP71.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOW S \ s y s tem32\M S VCR71.dll 0x00d70000 0x12000 6.07.0000.0000 c:\App s \RecordNow\ s hlext.dll 0x7c000000 0x54000 7.00.9466.0000 c:\App s \RecordNow\M S VCR70.dll 0x00f80000 0x3d000 4.02.4876.0000 C:\PROGRA~1\MI3AA1~1\Wce s view.dll 0x21000000 0x1f000 4.02.4876.0000 C:\PROGRA~1\MI3AA1~1\pegconv.dll 0x22b00000 0x7000 4.02.4876.0000 C:\WINDOW S \ s y s tem32\CEUTIL.dll 0x21300000 0x1e000 4.02.4876.0000 C:\WINDOW S \ s y s tem32\RAPI.dll 0x5a500000 0x4e000 8.01.0178.0000 C:\Program File s \M S N Me s s enger\f s s hext.8.1.0178.00.dll 0x78130000 0x9b000 8.00.50727.0163 C:\WINDOW S \Win S x S \x86_Micro s oft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\M S VCR80.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOW S \ s y s tem32\ODBC32.dll 0x016e0000 0x18000 3.525.1117.0000 C:\WINDOW S \ s y s tem32\odbcint.dll 0x092d0000 0x7a000 5.02.3790.3646 C:\WINDOW S \ S y s tem32\Audiodev.dll 0x086c0000 0x244000 10.00.0000.3702 C:\WINDOW S \ S y s tem32\WMVCore.DLL 0x070d0000 0x3b000 10.00.0000.3646 C:\WINDOW S \ S y s tem32\WMA S F.DLL 0x01700000 0xb000 6.00.0000.0878 C:\Program File s \Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll 0x00b90000 0xe000 C:\Logiciel s \lumix\PhotoImpre s s ion\ s hare\pihoo k .dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOW S \ s y s tem32\M S I S IP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOW S \ S y s tem32\w s hext.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOW S \ s y s tem32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOW S \ s y s tem32\MFC42LOC.DLL 0x59000000 0xe000 5.06.0000.6626 C:\WINDOW S \ S y s tem32\w s hFR.DLL Li s tDLL s v2.25 - DLL li s ter for Win9x/NT Copyright © 1997-2004 Mar k Ru s s inovich S y s internal s - www. s y s internal s .com ------------------------------------------------------------------------------ winlogon.exe pid: 604 Command line: winlogon.exe Ba s e S ize Ver s ion Path 0x01000000 0x81000 \??\C:\WINDOW S \ s y s tem32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOW S \ s y s tem32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOW S \ s y s tem32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOW S \ s y s tem32\odbcint.dll 0x011d0000 0x3b000 1.07.0018.0005 C:\WINDOW S \ s y s tem32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOW S \ s y s tem32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOW S \ s y s tem32\COMRe s .dll Le volume dan s le lecteur C s 'appelle HDD Le num é ro de s é rie du volume e s t B0BB-8D68 R é pertoire de C:\WINDOW S \ s y s tem32 20/08/2004 00:09 6 144 c s r s s .exe 1 fichier( s ) 6 144 octet s 0 R é p( s ) 74 811 375 616 octet s libre s Contenu de Downloaded Program File s Le volume dan s le lecteur C s 'appelle HDD Le num é ro de s é rie du volume e s t B0BB-8D68 R é pertoire de C:\WINDOW S \Downloaded Program File s 08/12/2007 09:16 <REP> . 08/12/2007 09:16 <REP> .. 17/11/2006 22:00 73 216 Account.dll 17/11/2006 10:08 216 Account.inf 15/11/2001 17:42 325 Axi s CamControl.inf 15/11/2001 17:40 221 184 Axi s CamControl.ocx 28/03/2007 10:06 541 ca.pub 08/11/2001 10:59 192 512 CamCli.dll 21/09/2004 15:09 36 864 coltran s .ax 21/09/2004 15:10 163 840 CoreExecutive.dll 02/12/2007 11:26 133 916 daa s .log 07/05/2007 16:38 500 120 daa s _ s .dll 21/11/2006 17:11 172 default.inf 30/09/2002 12:03 65 de s k top.ini 14/10/1997 17:52 697 DirectAnimation Java Cla s s e s .o s d 21/09/2004 15:10 36 864 Downloader s WI.dll 07/05/2007 16:39 192 920 f s auc.dll 07/05/2007 16:39 254 360 f s cax.dll 13/04/2007 15:52 482 f s cax.inf 21/09/2004 15:10 90 112 HtmlPar s er.dll 21/09/2004 15:10 53 248 HTML S ourceFilter.ax 18/08/1999 08:54 180 224 ijl11.dll 22/03/2005 18:32 377 ImageUploader3.inf 22/03/2005 18:32 1 918 488 ImageUploader3.ocx 27/04/2004 20:16 227 I S Tactivex.inf 14/03/2007 03:02 1 055 jin s tall-6u1.inf 07/01/2007 12:55 2 305 k avweb s can.inf 21/09/2004 15:11 57 344 Melody S ourcePar s er.ax 29/05/2003 14:00 160 864 me s s enger s tat s client.dll 20/01/2000 15:25 1 162 Micro s oft XML Par s er for Java.o s d 21/09/2004 15:11 81 920 MPO.dll 29/05/2003 14:00 77 408 m s grch k r.dll 30/06/2005 15:19 227 M s nMe s s enger S etupDownloader.inf 14/08/2005 00:26 113 664 M s nMe s s enger S etupDownloader.ocx 08/10/2004 16:01 372 736 M s nPUpld.dll 08/10/2004 16:13 587 M S NPupld.inf 21/09/2004 15:12 229 376 Par s er s .dll 21/09/2004 15:12 36 864 Player S erver.dll 21/09/2004 15:11 94 208 PNG S ource.ax 22/09/2004 15:59 110 592 PURen-u s .dll 15/10/2004 07:59 110 592 PURfr-xx.dll 28/06/2007 23:02 144 QTPlugin.inf 21/09/2004 15:12 32 768 RegType_IE.dll 21/09/2004 15:13 25 600 s cg.ax 14/02/2007 15:30 144 s etup.inf 21/09/2004 15:13 147 456 S MILInetCtrl.dll 21/09/2004 15:14 28 326 S MILViewer_DX6.inf 21/09/2004 15:11 57 344 S treamControl.ax 26/03/2007 15:46 5 085 s wfla s h.inf 21/10/2004 16:55 1 390 teleir_cert.o s d 21/11/2006 17:13 816 888 UploaderX.dll 21/09/2004 15:13 110 592 VideoCompo s itor.ax 21/09/2004 15:13 36 864 WBMP S ource.ax 08/12/2005 16:00 215 WinAT S .inf 21/09/2004 15:10 45 056 xmlpar s e.dll 21/09/2004 15:10 65 536 xmlto k .dll 54 fichier( s ) 6 875 282 octet s Total de s fichier s li s t é s : 54 fichier( s ) 6 875 282 octet s 2 R é p( s ) 74 811 371 520 octet s libre s Recherche de root k it! (Merci S !Ri) Recherche d'infection s connue s Export de s clef s s en s ible s .. Li s te de s fichier s en exception s ur le pare-feu XP S P2 Export de la clef S haredTa s k S cheduler [ s haredTa s k S cheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr é -chargeur Brow s eui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D é mon de cache de s cat é gorie s de compo s ant" export s de s policie s REGEDIT4 [ s y s tem] "dontdi s playla s tu s ername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" " s hutdownwithoutlogon"=dword:00000001 "undoc k withoutlogon"=dword:00000001 Export de s clef s s en s ible s .. Rechercher adre s s e s s en s ible s dan s le fichier HO S T S ... catchme 0.3.1319 W2 K /XP/Vi s ta - root k it/ s tealth malware detector by Gmer, http://www.gmer.net Root k it s can 2007-12-10 20:00:26 Window s 5.1.2600 S ervice Pac k 2 NTF S s canning hidden s ervice s & s y s tem hive ... IPC error: 2 Le fichier s p é cifi é e s t introuvable. s canning hidden regi s try entrie s ... s canning hidden file s ... s can completed s ucce s s fully hidden s ervice s : 0 hidden file s : 0 K ProcChec k Ver s ion 0.2-beta1 Proof-of-Concept by S IG^2 (www. s ecurity.org. s g) Proce s s li s t by traver s al of K iWaitLi s tHead 4 - S y s tem 172 - cmd.exe 252 - s vcho s t.exe 580 - c s r s s .exe 604 - winlogon.exe 648 - s ervice s .exe 660 - l s a s s .exe 712 - avgcc.exe 820 - s vcho s t.exe 852 - wce s comm.exe 868 - s vcho s t.exe 908 - ctfmon.exe 936 - s vcho s t.exe 976 - avant.exe 1000 - s vcho s t.exe 1152 - S k ype.exe 1232 - s pool s v.exe 1740 - aaw s ervice.exe 1796 - avgam s vr.exe 1896 - avgemc.exe 1932 - Cryp s erv.exe 2952 - explorer.exe 3740 - avgwb.dat Total number of proce s s e s = 23 NOTE: Under WinXP, thi s will not s how all proce s s e s . K ProcChec k Ver s ion 0.2-beta1 Proof-of-Concept by S IG^2 (www. s ecurity.org. s g) Driver/Module li s t by traver s al of P s LoadedModuleLi s t 804D7000 - \WINDOW S \ s y s tem32\nto s k rnl.exe 806FD000 - \WINDOW S \ s y s tem32\hal.dll F7987000 - \WINDOW S \ s y s tem32\ K DCOM.DLL F7897000 - \WINDOW S \ s y s tem32\BOOTVID.dll F7437000 - ACPI. s y s F7989000 - \WINDOW S \ S y s tem32\DRIVER S \WMILIB. S Y S F7426000 - pci. s y s F7487000 - i s apnp. s y s F798B000 - avgar k t. s y s F7A4F000 - pciide. s y s F7707000 - \WINDOW S \ S y s tem32\DRIVER S \PCIIDEX. S Y S F798D000 - aliide. s y s F798F000 - cmdide. s y s F7991000 - to s ide. s y s F7993000 - viaide. s y s F7995000 - intelide. s y s F7497000 - MountMgr. s y s F7407000 - ftdi s k . s y s F770F000 - PartMgr. s y s F74A7000 - Vol S nap. s y s F789B000 - cpqarray. s y s F73EF000 - \WINDOW S \ S y s tem32\DRIVER S \ S C S IPORT. S Y S F73D7000 - atapi. s y s F789F000 - aha154x. s y s F7717000 - s parrow. s y s F78A3000 - s ymc810. s y s F74B7000 - aic78xx. s y s F78A7000 - dac960nt. s y s F74C7000 - ql10wnt. s y s F78AB000 - am s int. s y s F771F000 - a s c. s y s F78AF000 - a s c3550. s y s F7727000 - mraid35x. s y s F772F000 - i2omp. s y s F78B3000 - ini910u. s y s F74D7000 - ql1240. s y s F74E7000 - aic78u2. s y s F7737000 - s ymc8xx. s y s F773F000 - s ym_hi. s y s F7747000 - s ym_u3. s y s F774F000 - ABP480N5. S Y S F7757000 - a s c3350p. s y s F7997000 - cd20xrnt. s y s F74F7000 - ultra. s y s F73BE000 - adpu160m. s y s F775F000 - dpti2o. s y s F7507000 - ql1080. s y s F7517000 - ql1280. s y s F7527000 - ql12160. s y s F7767000 - perc2. s y s F7999000 - perc2hib. s y s F776F000 - hpn. s y s F78B7000 - cbidf2 k . s y s F7392000 - dac2w2 k . s y s F7537000 - di s k . s y s F7547000 - \WINDOW S \ S y s tem32\DRIVER S \CLA S S PNP. S Y S F7372000 - fltmgr. s y s F7360000 - s r. s y s F7557000 - PxHelp20. s y s F7349000 - K S ecDD. s y s F72BC000 - Ntf s . s y s F728F000 - NDI S . s y s F7567000 - ComboFix. s y s F7577000 - S I S AGPX. s y s F7587000 - viaagp. s y s F7597000 - ohci1394. s y s F75A7000 - \WINDOW S \ S y s tem32\DRIVER S \1394BU S . S Y S F7274000 - Mup. s y s F75B7000 - alim1541. s y s F75C7000 - amdagp. s y s F75D7000 - agp440. s y s F75E7000 - agpCPQ. s y s F7617000 - \ S y s temRoot\ S y s tem32\DRIVER S \nic1394. s y s F6720000 - \ S y s temRoot\ S y s tem32\DRIVER S \intelppm. s y s F7198000 - \ S y s temRoot\ s y s tem32\driver s \pfc. s y s F7637000 - \ S y s temRoot\ S y s tem32\DRIVER S \cdrom. s y s F7647000 - \ S y s temRoot\ S y s tem32\DRIVER S \redboo k . s y s F66FD000 - \ S y s temRoot\ S y s tem32\DRIVER S \ k s . s y s F77B7000 - \ S y s temRoot\ S y s tem32\Driver s \A s api. S Y S F7657000 - \ S y s temRoot\ S y s tem32\DRIVER S \imapi. s y s F66AE000 - \ S y s temRoot\ S y s tem32\DRIVER S \ s lntamr. s y s F77BF000 - \ S y s temRoot\ S y s tem32\DRIVER S \ S lWdm S up. s y s F6692000 - \ S y s temRoot\ S y s tem32\DRIVER S \Mtlmnt5. s y s F77C7000 - \ S y s temRoot\ S y s tem32\Driver s \Modem. S Y S F6623000 - \ S y s temRoot\ s y s tem32\driver s \ALCXWDM. S Y S F65FF000 - \ S y s temRoot\ s y s tem32\driver s \portcl s . s y s F7667000 - \ S y s temRoot\ s y s tem32\driver s \drm k . s y s F659C000 - \ S y s temRoot\ s y s tem32\driver s \ALCX S EN S . S Y S F77CF000 - \ S y s temRoot\ S y s tem32\DRIVER S \u s bohci. s y s F6579000 - \ S y s temRoot\ S y s tem32\DRIVER S \U S BPORT. S Y S F77D7000 - \ S y s temRoot\ S y s tem32\DRIVER S \u s behci. s y s F64B2000 - \ S y s temRoot\ s y s tem32\DRIVER S \ati2mtag. s y s F649E000 - \ S y s temRoot\ s y s tem32\DRIVER S \VIDEOPRT. S Y S F6448000 - \ S y s temRoot\ S y s tem32\DRIVER S \Cap7134. s y s F7677000 - \ S y s temRoot\ S y s tem32\DRIVER S \ S TREAM. S Y S F7687000 - \ S y s temRoot\ S y s tem32\DRIVER S \R8139n51. S Y S F6437000 - \ S y s temRoot\ S y s tem32\DRIVER S \ s erial. s y s F7137000 - \ S y s temRoot\ S y s tem32\DRIVER S \ s erenum. s y s F6423000 - \ S y s temRoot\ S y s tem32\DRIVER S \parport. s y s F7697000 - \ S y s temRoot\ S y s tem32\DRIVER S \i8042prt. s y s F76A7000 - \ S y s temRoot\ S y s tem32\DRIVER S \L8042mou. S y s F76B7000 - \ S y s temRoot\ S y s tem32\DRIVER S \LMou K E. S y s F77DF000 - \ S y s temRoot\ S y s tem32\DRIVER S \moucla s s . s y s F7133000 - \ S y s temRoot\ S y s tem32\DRIVER S \L8042 K bd. s y s F77E7000 - \ S y s temRoot\ S y s tem32\DRIVER S \ k bdcla s s . s y s F7B7D000 - \ S y s temRoot\ S y s tem32\DRIVER S \aud s tub. s y s F76C7000 - \ S y s temRoot\ S y s tem32\DRIVER S \ra s l2tp. s y s F712F000 - \ S y s temRoot\ S y s tem32\DRIVER S \ndi s tapi. s y s F640C000 - \ S y s temRoot\ S y s tem32\DRIVER S \ndi s wan. s y s F76D7000 - \ S y s temRoot\ S y s tem32\DRIVER S \ra s pppoe. s y s F76E7000 - \ S y s temRoot\ S y s tem32\DRIVER S \ra s pptp. s y s F77EF000 - \ S y s temRoot\ S y s tem32\DRIVER S \TDI. S Y S F63D3000 - \ S y s temRoot\ S y s tem32\DRIVER S \p s ched. s y s F76F7000 - \ S y s temRoot\ S y s tem32\DRIVER S \m s gpc. s y s F77F7000 - \ S y s temRoot\ S y s tem32\DRIVER S \ptilin k . s y s F77FF000 - \ S y s temRoot\ S y s tem32\DRIVER S \ra s pti. s y s F7264000 - \ S y s temRoot\ S y s tem32\DRIVER S \termdd. s y s F79CB000 - \ S y s temRoot\ S y s tem32\DRIVER S \ s wenum. s y s F637A000 - \ S y s temRoot\ S y s tem32\DRIVER S \update. s y s F6363000 - \ S y s temRoot\ S y s tem32\DRIVER S \MarvinBu s . s y s F7123000 - \ S y s temRoot\ S y s tem32\DRIVER S \m s s mbio s . s y s F7254000 - \ S y s temRoot\ S y s tem32\Driver s \NDProxy. S Y S F7244000 - \ S y s temRoot\ S y s tem32\DRIVER S \u s bhub. s y s F79CD000 - \ S y s temRoot\ S y s tem32\DRIVER S \U S BD. S Y S F780F000 - \ S y s temRoot\ S y s tem32\DRIVER S \PhTVTune. s y s F79D1000 - \ S y s temRoot\ S y s tem32\Driver s \i2omgmt. S Y S F79D3000 - \ S y s temRoot\ S y s tem32\Driver s \F s _Rec. S Y S F7B74000 - \ S y s temRoot\ S y s tem32\Driver s \Null. S Y S F79D5000 - \ S y s temRoot\ S y s tem32\Driver s \Beep. S Y S F7B73000 - \ S y s temRoot\ S y s tem32\DRIVER S \AvgArCln. s y s F7B75000 - \ S y s temRoot\ S y s tem32\Driver s \avgclean. s y s F781F000 - \ S y s temRoot\ S y s tem32\driver s \vga. s y s F79D7000 - \ S y s temRoot\ S y s tem32\Driver s \mnmdd. S Y S F79D9000 - \ S y s temRoot\ S y s tem32\DRIVER S \RDPCDD. s y s F7827000 - \ S y s temRoot\ S y s tem32\Driver s \M s f s . S Y S F782F000 - \ S y s temRoot\ S y s tem32\Driver s \Npf s . S Y S F797B000 - \ S y s temRoot\ S y s tem32\DRIVER S \ra s acd. s y s F2216000 - \ S y s temRoot\ S y s tem32\DRIVER S \ip s ec. s y s F21BE000 - \ S y s temRoot\ S y s tem32\DRIVER S \tcpip. s y s F2175000 - \ S y s temRoot\ S y s tem32\DRIVER S \ipnat. s y s F214D000 - \ S y s temRoot\ S y s tem32\DRIVER S \netbt. s y s F7214000 - \ S y s temRoot\ S y s tem32\DRIVER S \wanarp. s y s F212B000 - \ S y s temRoot\ S y s tem32\driver s \afd. s y s F7204000 - \ S y s temRoot\ S y s tem32\DRIVER S \netbio s . s y s F71F4000 - \ S y s temRoot\ S y s tem32\DRIVER S \arp1394. s y s F2100000 - \ S y s temRoot\ S y s tem32\DRIVER S \rdb s s . s y s F71A4000 - \ S y s temRoot\ s y s tem32\c k ldrv. s y s F2091000 - \ S y s temRoot\ S y s tem32\DRIVER S \mrx s mb. s y s F7627000 - \ S y s temRoot\ S y s tem32\Driver s \Fip s . S Y S F1FC8000 - \ S y s temRoot\ S y s tem32\Driver s \avg7core. s y s F7847000 - \ S y s temRoot\ S y s tem32\DRIVER S \u s bccgp. s y s F784F000 - \ S y s temRoot\ S y s tem32\DRIVER S \U S B S TOR. S Y S F63F8000 - \ S y s temRoot\ S y s tem32\DRIVER S \u s b s can. s y s F7857000 - \ S y s temRoot\ S y s tem32\DRIVER S \u s bprint. s y s F79E1000 - \ S y s temRoot\ S y s tem32\Driver s \avg7r s w. s y s F785F000 - \ S y s temRoot\ S y s tem32\Driver s \avg7r s xp. s y s F6FDB000 - \ S y s temRoot\ S y s tem32\Driver s \Cdf s . S Y S F1F7D000 - \ S y s temRoot\ S y s tem32\Driver s \Fa s tfat. S Y S F1F65000 - \ S y s temRoot\ S y s tem32\Driver s \dump_atapi. s y s F79E7000 - \ S y s temRoot\ S y s tem32\Driver s \dump_WMILIB. S Y S BF800000 - \ S y s temRoot\ S y s tem32\win32 k . s y s F7977000 - \ S y s temRoot\ S y s tem32\driver s \Dxapi. s y s F7877000 - \ S y s temRoot\ S y s tem32\watchdog. s y s BF000000 - \ S y s temRoot\ S y s tem32\driver s \dxg. s y s F7A54000 - \ S y s temRoot\ S y s tem32\driver s \dxgth k . s y s BF012000 - \ S y s temRoot\ S y s tem32\ati2dvag.dll BF048000 - \ S y s temRoot\ S y s tem32\ati2cqag.dll BF080000 - \ S y s temRoot\ S y s tem32\ati3d1ag.dll F1E55000 - \ S y s temRoot\ S y s tem32\DRIVER S \ndi s uio. s y s F1BE0000 - \ S y s temRoot\ s y s tem32\driver s \wdmaud. s y s F1D65000 - \ S y s temRoot\ s y s tem32\driver s \ s y s audio. s y s F19CD000 - \ S y s temRoot\ S y s tem32\DRIVER S \mrxdav. s y s F799B000 - \ S y s temRoot\ S y s tem32\Driver s \ParVdm. S Y S F79A5000 - \ S y s temRoot\ S y s tem32\Driver s \avgtdi. s y s F1DBD000 - \??\C:\WINDOW S \ S y s tem32\driver s \CDAC15BA. S Y S F1863000 - \ S y s temRoot\ S y s tem32\DRIVER S \ s rv. s y s F1B72000 - \ S y s temRoot\ S y s tem32\DRIVER S \ s ecdrv. s y s F1372000 - \ S y s temRoot\ S y s tem32\Driver s \HTTP. s y s F79B9000 - \??\C:\WINDOW S \ s y s tem32\Driver s \PROCEXP90. S Y S F7817000 - \??\C:\DOCUME~1\Papa\LOCAL S ~1\Temp\catchme. s y s F0FAC000 - \ S y s temRoot\ s y s tem32\driver s \ k mixer. s y s F7B0B000 - \ S y s temRoot\ S y s tem32\DRIVER S \ K ProcChec k . s y s Total number of driver s = 182 Li s te de s programme s in s talle s AC3Filter (remove only) Ad-Aware 2007 Adobe Fla s h Player 9 ActiveX Adobe Reader 6.0 - Fran ç ai s Adobe S hoc k wave Player Analy s eur et S D K M S XML 4.0 S P2 Archiveur WinRAR Arc S oft PhotoImpre s s ion Arc S oft S oftware S uite Avant Brow s er (remove only) AVG 7.5 AVG Anti-Root k it Free Bin k and S mac k er Cele s tia 1.3.2 CMDialog ActiveX Control DLL Correctif Window s XP - K B873339 Correctif Window s XP - K B885835 Correctif Window s XP - K B885836 Correctif Window s XP - K B886185 Correctif Window s XP - K B887472 Correctif Window s XP - K B888302 Correctif Window s XP - K B890859 Correctif Window s XP - K B891781 CrazyTal k v4.6 Trial Creative Video Bla s ter WebCam Go Control Creative Video Bla s ter WebCam Go Plu s Driver Creative WebCam Monitor Dcad s Game s Collection DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player D é s in s talleur DVD S hrin k 3.2 Ea s y Thumbnail s (Remove only) eMule EP S ON CardMonitor EP S ON Copy Utility EP S ON Logiciel imprimante EP S ON Photo Print EP S ON PhotoQuic k er3.5 EP S ON Photo S tarter3.1 EP S ON S can EP S ON S mart Panel FUJIFILM U S B Driver GoldWave v4.19 Grand Prix 4 Hallowen S creen S aver Hijac k Thi s 2.0.2 Hotfix for Window s XP ( K B909394) ImageCollection In k s cape 0.42.2 iolo technologie s ' S y s tem Mechanic J2 S E Runtime Environment 5.0 J2 S E Runtime Environment 5.0 Update 6 Java S E Runtime Environment 6 Update 1 jv16 PowerTool s 1.3 K a s per s k y Online S canner K it de Connexion Alice AD S L La Documentation de votre Ordinateur Language pac k for Ad-Aware S E Lecteur Window s Media 10 Le s S im s Abracadabra LimeWire 4.14.10 Loc k heed 049A Con s tellation Logitech De s k top Me s s enger Logitech S etPoint Macromedia Dreamweaver 2 MediaLife Me s s enger Plu s ! Live MeuhMeuhTV 2.30 Micro s oft .NET Framewor k 1.1 Micro s oft .NET Framewor k 1.1 Micro s oft .NET Framewor k 1.1 Hotfix ( K B928366) Micro s oft Active S ync 4.0 Micro s oft Component Category Manager Library Micro s oft Office 97 Profe s s ional Micro s oft OLE 2.40 for Window s NT and Window s 95 Operating S y s tem s Micro s oft Vi s ual C++ 2005 Redi s tributable Micro s oft Wor k s 7.0 Mi s e à jour de l'affichage de s d é cor s photo de Flight S imulator X de Micro s oft Mi s e à jour de s é curit é pour Lecteur Window s Media ( K B911564) Mi s e à jour de s é curit é pour Lecteur Window s Media 10 ( K B917734) Mi s e à jour de s é curit é pour Lecteur Window s Media 10 ( K B936782) Mi s e à jour de s é curit é pour Lecteur Window s Media 6.4 ( K B925398) Mi s e à jour de s é curit é pour S tep by S tep Interactive Training ( K B898458) Mi s e à jour de s é curit é pour S tep by S tep Interactive Training ( K B923723) Mi s e à jour de s é curit é pour Window s XP ( K B890046) Mi s e à jour de s é curit é pour Window s XP ( K B893756) Mi s e à jour de s é curit é pour Window s XP ( K B896358) Mi s e à jour de s é curit é pour Window s XP ( K B896423) Mi s e à jour de s é curit é pour Window s XP ( K B896424) Mi s e à jour de s é curit é pour Window s XP ( K B896428) Mi s e à jour de s é curit é pour Window s XP ( K B899587) Mi s e à jour de s é curit é pour Window s XP ( K B899591) Mi s e à jour de s é curit é pour Window s XP ( K B900725) Mi s e à jour de s é curit é pour Window s XP ( K B901017) Mi s e à jour de s é curit é pour Window s XP ( K B901214) Mi s e à jour de s é curit é pour Window s XP ( K B902400) Mi s e à jour de s é curit é pour Window s XP ( K B905414) Mi s e à jour de s é curit é pour Window s XP ( K B905749) Mi s e à jour de s é curit é pour Window s XP ( K B908519) Mi s e à jour de s é curit é pour Window s XP ( K B911562) Mi s e à jour de s é curit é pour Window s XP ( K B911927) Mi s e à jour de s é curit é pour Window s XP ( K B912919) Mi s e à jour de s é curit é pour Window s XP ( K B913580) Mi s e à jour de s é curit é pour Window s XP ( K B914388) Mi s e à jour de s é curit é pour Window s XP ( K B914389) Mi s e à jour de s é curit é pour Window s XP ( K B917344) Mi s e à jour de s é curit é pour Window s XP ( K B917422) Mi s e à jour de s é curit é pour Window s XP ( K B917953) Mi s e à jour de s é curit é pour Window s XP ( K B918118) Mi s e à jour de s é curit é pour Window s XP ( K B919007) Mi s e à jour de s é curit é pour Window s XP ( K B920213) Mi s e à jour de s é curit é pour Window s XP ( K B920670) Mi s e à jour de s é curit é pour Window s XP ( K B920683) Mi s e à jour de s é curit é pour Window s XP ( K B920685) Mi s e à jour de s é curit é pour Window s XP ( K B921398) Mi s e à jour de s é curit é pour Window s XP ( K B921503) Mi s e à jour de s é curit é pour Window s XP ( K B921883) Mi s e à jour de s é curit é pour Window s XP ( K B922616) Mi s e à jour de s é curit é pour Window s XP ( K B922819) Mi s e à jour de s é curit é pour Window s XP ( K B923191) Mi s e à jour de s é curit é pour Window s XP ( K B923414) Mi s e à jour de s é curit é pour Window s XP ( K B923689) Mi s e à jour de s é curit é pour Window s XP ( K B923694) Mi s e à jour de s é curit é pour Window s XP ( K B923980) Mi s e à jour de s é curit é pour Window s XP ( K B924191) Mi s e à jour de s é curit é pour Window s XP ( K B924270) Mi s e à jour de s é curit é pour Window s XP ( K B924496) Mi s e à jour de s é curit é pour Window s XP ( K B924667) Mi s e à jour de s é curit é pour Window s XP ( K B925454) Mi s e à jour de s é curit é pour Window s XP ( K B925486) Mi s e à jour de s é curit é pour Window s XP ( K B925902) Mi s e à jour de s é curit é pour Window s XP ( K B926255) Mi s e à jour de s é curit é pour Window s XP ( K B926436) Mi s e à jour de s é curit é pour Window s XP ( K B927779) Mi s e à jour de s é curit é pour Window s XP ( K B927802) Mi s e à jour de s é curit é pour Window s XP ( K B928090) Mi s e à jour de s é curit é pour Window s XP ( K B928255) Mi s e à jour de s é curit é pour Window s XP ( K B928843) Mi s e à jour de s é curit é pour Window s XP ( K B929123) Mi s e à jour de s é curit é pour Window s XP ( K B929969) Mi s e à jour de s é curit é pour Window s XP ( K B930178) Mi s e à jour de s é curit é pour Window s XP ( K B931261) Mi s e à jour de s é curit é pour Window s XP ( K B931768) Mi s e à jour de s é curit é pour Window s XP ( K B931784) Mi s e à jour de s é curit é pour Window s XP ( K B932168) Mi s e à jour de s é curit é pour Window s XP ( K B933566) Mi s e à jour de s é curit é pour Window s XP ( K B933729) Mi s e à jour de s é curit é pour Window s XP ( K B935839) Mi s e à jour de s é curit é pour Window s XP ( K B935840) Mi s e à jour de s é curit é pour Window s XP ( K B936021) Mi s e à jour de s é curit é pour Window s XP ( K B937143) Mi s e à jour de s é curit é pour Window s XP ( K B938127) Mi s e à jour de s é curit é pour Window s XP ( K B938829) Mi s e à jour de s é curit é pour Window s XP ( K B939653) Mi s e à jour de s é curit é pour Window s XP ( K B941202) Mi s e à jour de s é curit é pour Window s XP ( K B943460) Mi s e à jour pour Window s XP ( K B898461) Mi s e à jour pour Window s XP ( K B900485) Mi s e à jour pour Window s XP ( K B908531) Mi s e à jour pour Window s XP ( K B910437) Mi s e à jour pour Window s XP ( K B911280) Mi s e à jour pour Window s XP ( K B916595) Mi s e à jour pour Window s XP ( K B920872) Mi s e à jour pour Window s XP ( K B922582) Mi s e à jour pour Window s XP ( K B927891) Mi s e à jour pour Window s XP ( K B929338) Mi s e à jour pour Window s XP ( K B930916) Mi s e à jour pour Window s XP ( K B931836) Mi s e à jour pour Window s XP ( K B933360) Mi s e à jour pour Window s XP ( K B936357) Mi s e à jour pour Window s XP ( K B938828) MMTV In s tall dll Mozilla Firefox (1.5.0.11) Mozilla Thunderbird (2.0.0.4) M S XML 4.0 S P2 ( K B927978) M S XML 4.0 S P2 ( K B936181) NA S A World Wind 1.3 Neat Image v5 Demo Nero 6 PCDive Photodex Pre s enter PhotoFiltre Pica s a 2 PlayMP3z rjhExten s ion s S B ATC S imulator S ector Development K it 1.00 S canToWeb S imCity 3000 S imon Bergner ´ s ATC S imulator S i S oftware S andra S tandard 2003 S k ype ™ 3.5 S onic RecordNow! S peedTouch U S B S oftware S pywareBla s ter v3.5.1 S treamDown S tudio 9 Content CD/DVD S Wi S H v2.0 FRA TuneUp Utilitie s 2004 U S B GAME WHEEL Vi s ual Ba s ic Virtual Machine Winamp (remove only) Window s In s taller 3.1 ( K B893803) Window s Live Me s s enger Window s Media Format Runtime Window s Media Player 10 Hotfix - K B894476 Window s XP Creativity Fun Pac k s - Window s Movie Ma k er 2 Window s XP S ervice Pac k 2 WinZip Le volume dan s le lecteur C s 'appelle HDD Le num é ro de s é rie du volume e s t B0BB-8D68 R é pertoire de C:\Program File s 09/12/2007 13:36 <REP> . 09/12/2007 13:36 <REP> .. 01/01/2006 11:18 <REP> 3D GIF De s igner 12/04/2006 18:31 <REP> AC3Filter 06/04/2004 14:42 <REP> Adobe 08/05/2005 20:39 <REP> Ahead 09/09/2007 09:18 <REP> Alice 05/07/2006 19:07 <REP> ArcRail 2.0 04/09/2004 17:04 <REP> Arc S oft 18/02/2005 15:49 <REP> Avant Brow s er 06/04/2004 14:38 <REP> Common File s 30/09/2002 12:01 <REP> ComPlu s Application s 19/02/2005 18:29 <REP> Control K id s 20/11/2005 09:48 <REP> Creative 06/04/2004 14:43 <REP> CyberLin k 04/11/2007 13:02 <REP> Dcad s Game s Collection 20/11/2005 09:47 <REP> directx 18/10/2007 20:06 <REP> DivX 04/09/2004 17:18 <REP> EP S ON 09/12/2007 13:35 <REP> Fichier s commun s 14/10/2007 15:44 <REP> Google 03/07/2007 17:55 <REP> Gri s oft 24/03/2007 09:56 <REP> Hijac k thi s Ver s ion Fran ç ai s e 11/10/2007 05:59 <REP> Internet Explorer 21/08/2004 15:50 <REP> iolo 10/06/2007 07:38 <REP> Java 18/02/2006 11:07 <REP> Livecom 11/11/2007 16:52 <REP> Logiciel s 05/12/2004 12:01 <REP> Logitech 01/01/2007 09:27 <REP> Me s s enger 07/11/2007 19:34 <REP> Me s s enger Plu s ! Live 27/10/2007 16:32 <REP> Micro s oft Active S ync 30/09/2002 12:05 <REP> micro s oft frontpage 01/11/2007 12:48 <REP> Micro s oft Game s 31/03/2007 07:23 <REP> Micro s oft Office 21/06/2004 07:19 <REP> Micro s oft Wor k s 31/05/2004 14:21 <REP> Mjuice Media Player 30/12/2006 17:52 <REP> Movie Ma k er 07/12/2007 18:08 <REP> Mozilla Firefox 06/09/2007 19:14 <REP> Mozilla Thunderbird 30/09/2002 12:00 <REP> M S N 30/09/2002 12:00 <REP> M S N Gaming Zone 07/11/2007 19:34 <REP> M S N Me s s enger 30/12/2006 21:39 <REP> M S XML 4.0 30/12/2006 17:49 <REP> NetMeeting 01/07/2007 10:19 <REP> Outloo k Expre s s 30/11/2006 19:23 <REP> Photodex Pre s enter 18/09/2006 18:10 <REP> Pinnacle 04/11/2007 12:58 <REP> PlayMP3z 14/09/2007 18:45 <REP> Quic k Time 17/06/2006 16:10 <REP> RADVideo 09/07/2007 20:06 <REP> Real 09/12/2007 13:36 <REP> Reallu s ion 23/09/2007 05:52 <REP> S k ype 22/11/2004 18:33 <REP> S mart Panel 06/04/2004 14:45 <REP> S onic 10/02/2005 19:12 <REP> Thom s on 26/07/2002 16:02 153 088 UNWI S E.EXE 10/11/2005 20:29 <REP> U S B GAME WHEEL 07/11/2007 19:34 <REP> Window s Live 30/12/2006 17:52 <REP> Window s Media Player 31/03/2007 07:23 <REP> Window s Me s s aging 30/12/2006 17:49 <REP> Window s NT 22/10/2005 08:39 <REP> WinRAR 30/09/2002 12:05 <REP> xerox 1 fichier( s ) 153 088 octet s 64 R é p( s ) 74 819 874 816 octet s libre s Le volume dan s le lecteur C s 'appelle HDD Le num é ro de s é rie du volume e s t B0BB-8D68 R é pertoire de C:\Program File s \fichier s commun s 09/12/2007 13:35 <REP> . 09/12/2007 13:35 <REP> .. 04/06/2004 15:16 <REP> Adobe 23/08/2004 17:08 <REP> Ahead 31/05/2004 13:17 <REP> AOL 21/06/2004 07:19 <REP> aol s hare 01/07/2007 10:18 <REP> BOONTY S hared 21/02/2005 22:48 <REP> DirectX 22/08/2004 09:41 <REP> In s tall S hield 02/01/2006 16:19 <REP> Java 05/12/2004 11:58 <REP> Logitech 27/10/2007 15:14 <REP> Micro s oft S hared 30/09/2002 12:02 <REP> M S S oap 30/09/2002 11:55 <REP> ODBC 04/09/2004 17:03 <REP> Python 13/07/2007 05:57 <REP> Real 09/12/2007 13:35 <REP> Reallu s ion 30/09/2002 12:02 <REP> S ervice s 23/09/2007 05:52 <REP> S k ype 30/09/2002 11:55 <REP> S peechEngine s 20/06/2004 21:13 <REP> S ureThing S hared 01/11/2004 09:14 <REP> S ymantec S hared 28/04/2007 20:09 <REP> S ynaca s t 01/07/2007 10:19 <REP> S y s tem 11/11/2007 16:51 <REP> Wi s e In s tallation Wizard 0 fichier( s ) 0 octet s 25 R é p( s ) 74 819 870 720 octet s libre s Le volume dan s le lecteur C s 'appelle HDD Le num é ro de s é rie du volume e s t B0BB-8D68 R é pertoire de C:\Program File s \fichier s commun s \Micro s oft S hared\Web Folder s 30/09/2002 12:09 <REP> . 30/09/2002 12:09 <REP> .. 18/05/2001 16:57 561 209 M S ON S EXT.DLL 03/06/1999 13:09 122 937 M S OW S 409.DLL 07/03/2001 08:00 127 033 M S OW S 40c.DLL 3 fichier( s ) 811 179 octet s 2 R é p( s ) 74 819 870 720 octet s libre s Le volume dan s le lecteur C s 'appelle HDD Le num é ro de s é rie du volume e s t B0BB-8D68 R é pertoire de C:\Program File s \common file s 06/04/2004 14:38 <REP> . 06/04/2004 14:38 <REP> .. 06/04/2004 14:38 <REP> S y s tem 0 fichier( s ) 0 octet s 3 R é p( s ) 74 819 870 720 octet s libre s c:\Document s and S etting s \Papa\Application Data\LimeWire\.Networ k S hare\LimeWireWin4.14.12.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{1AC91509-E17B-46F7-A032-B54DCCA6E8BB}\ARPPRODUCTICON.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{8478CB20-423A-4FFC-9C90-FC7F3D07E039}\_16496df1.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{8478CB20-423A-4FFC-9C90-FC7F3D07E039}\_18be6784.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{8478CB20-423A-4FFC-9C90-FC7F3D07E039}\_294823.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{8478CB20-423A-4FFC-9C90-FC7F3D07E039}\_2cd672ae.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{8478CB20-423A-4FFC-9C90-FC7F3D07E039}\_4ae13d6c.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{8478CB20-423A-4FFC-9C90-FC7F3D07E039}\_69525f90.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{EA312C43-6187-11D8-AEFD-00A0CC5F5288}\_4e146a1e.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{EA312C43-6187-11D8-AEFD-00A0CC5F5288}\_62cc3fcc.exe c:\Document s and S etting s \Papa\Application Data\Micro s oft\In s taller\{EA312C43-6187-11D8-AEFD-00A0CC5F5288}\_b5e19e6.exe c:\Document s and S etting s \Papa\Application Data\pp S tream\update.exe c:\Document s and S etting s \Papa\Bureau\ComboFix.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\catchme.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\diff.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\dumphive.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\File s InfoCmd.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\find2.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\Fport.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\grep.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\gzip.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ K ProcChec k .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\LFile s .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\LI S TDLL S .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\md5 s um s .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\p s li s t.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ s igchec k .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ s tream s .exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\ s wreg.exe c:\Document s and S etting s \Papa\Bureau\DiagHelp\tar.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \2001\2001 - DIVER S \VUE S PANORAMIQUE S DIVER S E S PIXAROUND\chateau de ver s aille s exterieur.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \2001\2001 - DIVER S \VUE S PANORAMIQUE S DIVER S E S PIXAROUND\chateau de ver s aille s interieur.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \2001\2001 - DIVER S \VUE S PANORAMIQUE S DIVER S E S PIXAROUND\ s ni le 03 mar s 2001 .exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\DO S S IER VUE S AERIENNE S \vol s \trou de fer\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\DO S S IER VUE S AERIENNE S \vol s \vol du 13 et feu d'artifice\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\DO S S IER VUE S AERIENNE S \vol s \vol du 16\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\DO S S IER VUE S AERIENNE S \vol s \vol s du 26\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\Le s collegue s \ACTIVITE S BA S E AERIENNE 181 - S T DENI S 3.04.24 GAL Veron CA S S IC\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\Le s fille s \jumelle s \vol lili et bapteme plong é e alexia\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\mi s s ion s COTAM\trou de fer\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\Panoramique s \974 - s alazie.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\Panoramique s \ S t-Gille s .exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\Panoramique s \tromelin be s t s ize.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \La R é union\Vi s ite s , vacance s \villa s du lagon\Viewer.exe c:\Document s and S etting s \Papa\Me s document s \Me s image s \pp s \EU v s Italy.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \lili m s n.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\Chi k \chi k exe.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\Communion Lili\Communion.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\FA\FA exe final.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\FA\Fox Alpha.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\FA\image s FA exe2.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\Voeux 2007\Voeux 2007.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\Voeux 2007\Voeux 2007-1.exe c:\Document s and S etting s \Papa\Me s document s \Me s vid é o s \Pro s how Gold\Voeux 2007\Voeux.exe c:\Document s and S etting s \Pouf 1\Me s document s \Ma mu s ique\Tele boo k \telboo k .exe c:\Document s and S etting s \Pouf 2\Bureau\CODE.EXE c:\Document s and S etting s \All U s er s \Application Data\Micro s oft\IdentityCRL\ppcrlconfig.dll c:\Document s and S etting s \All U s er s \Application Data\Micro s oft\IdentityCRL\production\ppcrlconfig.dll c:\Document s and S etting s \All U s er s \Application Data\Micro s oft\U S MT\iconlib.dll c:\Document s and S etting s \Lili\Application Data\Avant Brow s er\update.dll c:\Document s and S etting s \Papa\Application Data\Avant Brow s er\update.dll c:\Document s and S etting s \Papa\Application Data\Micro s oft\IdentityCRL\ppcrlconfig.dll c:\Document s and S etting s \Papa\Application Data\Mozilla\Firefox\Profile s \6n4pydfn.default\exten s ion s \{3112ca9c-de6d-4884-a869-9855de68056c}\component s \googletoolbar.dll c:\Document s and S etting s \Papa\Application Data\Mozilla\Firefox\Profile s \6n4pydfn.default\exten s ion s \{3112ca9c-de6d-4884-a869-9855de68056c}\component s \metric s .dll c:\Document s and S etting s \Papa\Application Data\Mozilla\Plugin s \npPxPlay.dll c:\Document s and S etting s \Papa\Application Data\Net s cape\Plugin s \npPxPlay.dll c:\Document s and S etting s \Pouf 2\Application Data\Avant Brow s er\update.dll ****** Fin du rapport DiagHelp Veuillez s vp envoyer le fichier C:\upload_moi_LEGEND.tar.gz a l'adre s s e http://upload.male k al.com Elimine ce dossier > C:\Qoobox OK Fais un scan en ligne avec Panda > ;*********************************************************************************************************************************************************************************** ANALYSIS: 2007-12-10 22:27:04 PROTECTIONS: 1 MALWARE: 75 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== AVG 7.5.503 7.5.503 Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00000431 adware/ist.istbar Adware No 1 Yes No c:\windows\downloaded program files\istactivex.inf 00003553 adware/xplugin Adware No 0 Yes No c:\windows\system32\xplugin.dll 00039703 Application/Pskill.A HackTools No 0 Yes No C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] 00039703 Application/Pskill.A HackTools No 0 Yes No C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] 00110532 spyware/clientman Spyware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB} 00118765 Adware/Gator Adware No 0 No No D:\utilitaires\multimedia\video\Pack pour copier dvd en divx.exe[DivXPro511Adware.exe][Gain_Trickler.exe] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@casalemedia[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@doubleclick[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.doubleclick.net/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.atdmt.com/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@atdmt[2].txt 00139535 Application/Processor HackTools No 0 Yes No D:\téléchargements\Antivirus and Co\MSNFix\incl\Process.exe 00145083 adware/mirar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} 00145083 adware/mirar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@tradedoubler[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@247realmedia[1].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@247realmedia[2].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@fastclick[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@tribalfusion[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.mediaplex.com/] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@mediaplex[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@mediaplex[1].txt 00145869 Cookie/SpyLog TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@spylog[1].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@anm.co[1].txt 00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@clickbank[1].txt 00156964 Cookie/2o7 TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@112.2o7[2].txt 00157454 Joke/Button Jokes No 0 Yes No D:\backup\20072808_081631_Images\C\Documents and Settings\Papa\Mes documents\Mes images\La Réunion\Chikungunya 2006\Divers autre que photos\intello.zip.nco[20070805_081620_Images\C\DOCUME~1\Papa\MESDOC~1\MESIMA~1\LARUNI~1\CHIKUN~1\DIVERS~2\intello.zip][Fitnessdesdoigts.exe] 00157454 Joke/Button Jokes No 0 Yes No C:\Documents and Settings\Papa\Mes documents\Mes images\La Réunion\Chikungunya 2006\Divers autre que photos\intello.zip[Fitnessdesdoigts.exe] 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@revenue[1].txt 00162398 Spyware/Conducent-Timesink Spyware No 1 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP20\A0004627.dll 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@com[1].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@com[1].txt 00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@yadro[2].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@xiti[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Pouf 2\Cookies\pouf 2@xiti[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.xiti.com/] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@xiti[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@xiti[2].txt 00167724 Cookie/HotLog TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@hotlog[1].txt 00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@toplist[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.statcounter.com/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@statcounter[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@statcounter[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@ad.yieldmanager[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@ad.yieldmanager[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@apmebf[2].txt 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.burstnet.com/] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.burstnet.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@serving-sys[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@bs.serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@bs.serving-sys[1].txt 00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.888.com/] 00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.888.com/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@weborama[1].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@weborama[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@adtech[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@adtech[2].txt 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@fl01.ct2.comclick[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@advertising[2].txt 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@adrevolver[2].txt 00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@statse.webtrendslive[2].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@ads.pointroll[1].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@overture[2].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@overture[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@questionmarket[3].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@zedo[2].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.zedo.com/] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@adrevolver[1].txt 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@searchportal.information[1].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@target[1].txt 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@did-it[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@adviva[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@adviva[1].txt 00260426 Adware/Mirar Adware No 1 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP4\A0000086.dll 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Lili\Cookies\lili@smartadserver[1].txt 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@ehg-dig.hitbox[2].txt 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@ehg-dig.hitbox[1].txt 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@ads.addynamix[3].txt 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@ads.addynamix[1].txt 00308505 Application/ErrorSafe HackTools No 0 Yes No C:\RECYCLER\S-1-5-21-2664711679-1219709786-2474612711-1005\Dc2\Quarantine\C\WINDOWS\Downloaded Program Files\UERSV_9999_N91S1912NetInstaller.exe.vir 00501005 Generic Adware Spyware No 0 Yes No C:\RECYCLER\S-1-5-21-2664711679-1219709786-2474612711-1005\Dc2\Quarantine\C\WINDOWS\Downloaded Program Files\HbInstIE.dll.vir 00741783 Spyware/Conducent-Timesink Spyware No 1 Yes No D:\utilitaires\Utilitaire PC\Addremove\arfree11.exe 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.enhance.com/] 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@enhance[2].txt 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\6n4pydfn.default\cookies.txt[.enhance.com/] 01196326 Cookie/GoClick TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@goclick[1].txt 01205219 Generic Malware Virus/Trojan No 0 No No D:\utilitaires\multimedia\video\Copier DVD en divx.exe[GordianKnot.exe] 01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Papa\Bureau\ComboFix.exe[nircmd.exe] 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP40\A0010303.exe 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP40\A0010351.exe 01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Papa\Bureau\ComboFix.exe[nircmd.cfexe] 01262593 Application/NirCmd.A HackTools No 0 No No D:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP34\A0006997.exe[nircmd.cfexe] 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP39\A0010252.exe 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP33\A0006994.exe 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP34\A0007027.exe 01262593 Application/NirCmd.A HackTools No 0 No No D:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP34\A0006997.exe[nircmd.exe] 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP35\A0007080.exe 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP37\A0009132.exe 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP38\A0010187.exe 01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe 01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Papa\Cookies\papa@adserver.easyad[1].txt 02402183 Application/Playmp3z HackTools No 0 Yes No D:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP15\A0002491.exe 02402183 Application/Playmp3z HackTools No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP31\A0006893.exe 02649837 Application/Playmp3z HackTools No 0 Yes No C:\Program Files\PlayMP3z\PlayMP3.exe 02673723 Adware/IconAds Adware No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP10\A0002269.dll 02698319 Adware/BHO Adware No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP35\A0007038.dll 02698319 Adware/BHO Adware No 0 Yes No C:\RECYCLER\S-1-5-21-2664711679-1219709786-2474612711-1005\Dc2\Quarantine\C\WINDOWS\system32\spads.dll.vir 02698319 Adware/BHO Adware No 0 Yes No D:\téléchargements\backups\backup-20071207-062630-345.dll 02702272 Trj/Cimuz.HM Virus/Trojan No 1 Yes No C:\RECYCLER\S-1-5-21-2664711679-1219709786-2474612711-1005\Dc1.zip[dmconfi.dll] 02800612 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP10\A0002266.dll 02800612 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP27\A0006574.dll 02800612 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP24\A0006187.dll 02812218 Adware/AdRotator Adware No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP24\A0006188.dll 02812218 Adware/AdRotator Adware No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP27\A0006575.dll 02812218 Adware/AdRotator Adware No 0 Yes No C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP10\A0002267.dll 02820129 Spyware/Virtumonde Spyware No 1 No No D:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP15\A0002495.exe[crack.exe] 02861976 Trj/Agent.HEH Virus/Trojan No 1 Yes No C:\WINDOWS\msnchk.exe 02861976 Trj/Agent.HEH Virus/Trojan No 1 Yes No D:\téléchargements\Antivirus and Co\MSNFix\incl\msnchk.exe 02878052 Spyware/Virtumonde Spyware No 1 No No D:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP15\A0002495.exe[keygen.exe] ;=================================================================================================================================================================================== SUSPECTS Location ;=================================================================================================================================================================================== ;===================================================================================================================================================================================

Ben j'ai bien compris mais il n'y a que ça, même dans C:\Combofix\Combofix.txt ! et je l'ai refais 3 fois avec le CFscript ! CA Y EST, ça refonctionne, j'ai ça au 4° essai mais aussi un virus détecté par AVG ! ComboFix 07-12-07.3 - Papa 2007-12-10 19:25:24.9 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.655 [GMT 1:00] Running from: C:\Documents and Settings\Papa\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Papa\Bureau\CFScript.txt * Created a new restore point FILE C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll C:\WINDOWS\System32\adssite-remove.exe C:\WINDOWS\system32\adssite_sidebar.dll C:\WINDOWS\system32\adssite_sidebar_uninstall.exe C:\WINDOWS\system32\dmconfi.dll C:\WINDOWS\system32\drivers\ijxihjxu.dat C:\WINDOWS\system32\drivers\oyebcbdc.dat C:\WINDOWS\System32\rightonadz-uninst.exe C:\WINDOWS\System32\spads.dll C:\WINDOWS\System32\superiorads-uninst.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll C:\WINDOWS\System32\adssite-remove.exe C:\WINDOWS\system32\adssite_sidebar.dll C:\WINDOWS\system32\adssite_sidebar_uninstall.exe C:\WINDOWS\system32\dmconfi.dll C:\WINDOWS\system32\drivers\ijxihjxu.dat C:\WINDOWS\system32\drivers\oyebcbdc.dat C:\WINDOWS\System32\rightonadz-uninst.exe C:\WINDOWS\System32\spads.dll C:\WINDOWS\System32\superiorads-uninst.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_ZKZAILWM -------\poof -------\zkzailwm -------\zkzailwm ((((((((((((((((((((((((((((( Fichiers créés 2007-11-10 to 2007-12-10 )))))))))))))))))))))))))))))))))))) . 2007-12-09 13:36 . 2007-12-09 13:36 <REP> d-------- C:\Program Files\Reallusion 2007-12-09 13:36 . 2007-12-09 13:36 <REP> d-------- C:\Documents and Settings\Papa\Application Data\Reallusion 2007-12-09 13:35 . 2007-12-09 13:35 <REP> d-------- C:\Program Files\Fichiers communs\Reallusion 2007-12-09 13:34 . 2007-12-09 13:34 <REP> d-------- C:\Documents and Settings\Papa\Application Data\InstallShield 2007-12-09 12:28 . 2007-12-09 12:28 <REP> d-------- C:\vcs5BGEffects 2007-12-09 08:15 . 2007-09-22 12:59 3,377 --a------ C:\WINDOWS\msnchk.exe 2007-12-08 11:09 . 2007-12-08 11:09 24,257,559 --a------ C:\upload_moi_LEGEND.tar.gz 2007-12-02 11:10 . 2007-01-18 13:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys 2007-11-28 17:09 . 2007-11-28 17:09 <REP> d---s---- C:\Documents and Settings\Lili\UserData 2007-11-25 16:28 . 2007-11-25 16:28 <REP> d-------- C:\Documents and Settings\Lili\Contacts 2007-11-17 09:27 . 2007-11-17 09:27 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-11-17 09:27 . 2007-11-17 09:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-11-14 12:31 . 2007-11-14 12:31 268 --ah----- C:\sqmdata02.sqm 2007-11-14 12:31 . 2007-11-14 12:31 244 --ah----- C:\sqmnoopt02.sqm 2007-11-13 18:08 . 2007-11-13 20:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2007-11-11 18:11 . 2007-11-11 18:11 <REP> d-------- C:\Documents and Settings\Maman\Application Data\Avant Profiles 2007-11-10 10:06 . 2007-11-10 10:06 268 --ah----- C:\sqmdata01.sqm 2007-11-10 10:06 . 2007-11-10 10:06 244 --ah----- C:\sqmnoopt01.sqm 2007-11-10 09:47 . 2007-11-18 15:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-10 17:35 --------- d-----w C:\Documents and Settings\Papa\Application Data\Skype 2007-12-09 13:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2007-12-09 12:35 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-06 17:18 --------- d-----w C:\Documents and Settings\Papa\Application Data\LimeWire 2007-11-11 15:52 --------- d-----w C:\Program Files\Logiciels 2007-11-11 15:51 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-11-07 18:34 --------- d-----w C:\Program Files\Windows Live 2007-11-07 18:34 --------- d-----w C:\Program Files\MSN Messenger 2007-11-07 18:34 --------- d-----w C:\Program Files\Messenger Plus! Live 2007-11-04 12:02 --------- d-----w C:\Program Files\Dcads Games Collection 2007-11-04 11:58 --------- d-----w C:\Program Files\PlayMP3z 2007-11-04 07:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2007-11-01 11:48 --------- d-----w C:\Program Files\Microsoft Games 2007-10-27 15:32 --------- d-----w C:\Program Files\Microsoft ActiveSync 2007-10-25 16:56 8,510,976 ------w C:\WINDOWS\system32\dllcache\shell32.dll 2007-10-18 19:06 --------- d-----w C:\Program Files\DivX 2007-10-14 14:44 --------- d-----w C:\Program Files\Google 2007-10-10 12:34 --------- d-----w C:\Documents and Settings\Papa\Application Data\AdobeUM 2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2007-09-17 18:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2007-09-17 18:22 739,840 ----a-w C:\WINDOWS\system32\DivX.dll 2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2002-07-26 15:02 153,088 ----a-w C:\Program Files\UNWISE.EXE 1999-06-30 13:06 151,552 ----a-r C:\WINDOWS\inf\AGFA\message.exe 2004-11-01 09:17 104 --sh--r C:\WINDOWS\system32\DDFE015B67.sys . ((((((((((((((((((((((((((((( snapshot@2007-12-08_ 9.19.32.98 ))))))))))))))))))))))))))))))))))))))))) . + 2007-03-13 09:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE - 2007-12-07 05:32:39 60,236 ----a-w C:\WINDOWS\system32\perfc009.dat + 2007-12-10 18:01:42 60,236 ----a-w C:\WINDOWS\system32\perfc009.dat - 2007-12-07 05:32:39 72,634 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2007-12-10 18:01:42 72,634 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2007-12-07 05:32:39 397,274 ----a-w C:\WINDOWS\system32\perfh009.dat + 2007-12-10 18:01:42 397,274 ----a-w C:\WINDOWS\system32\perfh009.dat - 2007-12-07 05:32:39 464,134 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2007-12-10 18:01:42 464,134 ----a-w C:\WINDOWS\system32\perfh00C.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2003-10-01 17:29] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-23 17:17] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-14 18:45] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 17:17] "Picasa Media Detector"="C:\Logiciels\Picasa2\PicasaMediaDetector.exe" [2007-09-28 02:17] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe [2004-12-05 11:58:35] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Recherche accélérée.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk backup=C:\WINDOWS\pss\Microsoft Recherche accélérée.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Papa^Menu Démarrer^Programmes^Démarrage^desktop.lnk] path=C:\Documents and Settings\Papa\Menu Démarrer\Programmes\Démarrage\desktop.lnk backup=C:\WINDOWS\pss\desktop.lnkStartup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "LDM"=c:\program files\logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Control Kids"=C:\Program Files\Control Kids\Control kids.exe "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys S1 tvtool;tvtool;\??\C:\Logiciels\Tv Tools\tvtool.sys S3 ASIOMI;ASIOMI;\??\C:\WINDOWS\system32\drivers\ASIOMI.sys S3 CtlCam;Video Blaster WebCam Go Plus (WDM);C:\WINDOWS\system32\DRIVERS\Wcgopvid.sys S3 MPCSYS;MPCSYS;\??\C:\WINDOWS\System32\DRIVERS\mpcsys.sys S3 VC4CB104;USB PC Camera;C:\WINDOWS\system32\Drivers\VC4CB104.SYS S3 WCGOPHAL;WCGOPHAL;C:\WINDOWS\system32\drivers\Wcgophal.sys S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \Shell\AutoRun\command - F:\autorun.exe . ************************************************************************** catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-10 19:27:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** "ImagePath"="\??\C:\Documents and Settings\Papa\Mes documents\Divers\Decodificar Canal plus funciona con XP + audio y video\Decodificar Canal plus + audio y video - [by Homero] -\video\HWIONT.sys" . Completion time: 2007-12-10 19:28:49 . --- E O F ---

Le problème est que je n'ai rien directement sous la racine C:\ et le seul ComboFix.txt se trouve dans le repertoire C:\ComboFix\Combofix.txt... J'ai refait un glissé du script et même résultat !!!!!!! PS : j'ai remarqué, avant qu'il ne redémarre Windows qu'il signalait qu'il ne pouvait acceder à ComboFix\DirRoot car cette ressource était utilisée par autre chose. Est ce que ça a un rapport ? Dois je ré-installer ComboFix ? Je recommencerai ce soir après le boulot. Merci à toi aussi !

Petit souci...! Tu as posté le même rapport ComboFix que la première fois! ....Recommence stp juste cette opération et poste le rapport. Oups, je sais pourquoi, en fait il me semble que le bon fichier n'est pas directement sous la racine C:\ mais dans C:\Combofix\Combofix.txt Or il y en avait un sous C:\ et c'est celui que je t'ai envoyé. Voila celui d'aujourd'hui avec le "glissage" du script : ComboFix 07-12-07.3 - Papa 2007-12-10 6:06:47.4 - NTF S x86 Micro s oft Window s XP É dition familiale 5.1.2600.2.1252.1.1036.18.591 [GMT 1:00] Running from: C:\Document s and S etting s \Papa\Bureau\ComboFix.exe Command s witche s u s ed :: C:\Document s and S etting s \Papa\Bureau\CF S cript.txt * Created a new re s tore point FILE C:\Program File s \Mozilla Firefox\component s \n s Brow s erOpt.dll C:\WINDOW S \ S y s tem32\ad s s ite-remove.exe C:\WINDOW S \ s y s tem32\ad s s ite_ s idebar.dll C:\WINDOW S \ s y s tem32\ad s s ite_ s idebar_unin s tall.exe C:\WINDOW S \ s y s tem32\dmconfi.dll C:\WINDOW S \ s y s tem32\driver s \ijxihjxu.dat C:\WINDOW S \ s y s tem32\driver s \oyebcbdc.dat C:\WINDOW S \ S y s tem32\rightonadz-unin s t.exe C:\WINDOW S \ S y s tem32\ s pad s .dll C:\WINDOW S \ S y s tem32\ s uperiorad s -unin s t.exe Je crois y lire que les véroles qui me faisaient c... ont été suprimées Je vais par contre te demander d'en scanner un autre si tu veux bien de la même manière >C:\WINDOWS\system32\DDFE015B67.sys Voila, Fichier DDFE015B67. s y s re ç u le 2007.12.10 06:20:26 (CET) S ituation actuelle: termin é R é s ultat: 0/32 (0%) Antiviru s Ver s ion Derni è re mi s e à jour R é s ultat AhnLab-V3 2007.12.8.0 2007.12.10 - AntiVir 7.6.0.40 2007.12.07 - Authentium 4.93.8 2007.12.08 - Ava s t 4.7.1098.0 2007.12.09 - AVG 7.5.0.503 2007.12.09 - BitDefender 7.2 2007.12.10 - CAT-Quic k Heal 9.00 2007.12.08 - ClamAV 0.91.2 2007.12.10 - DrWeb 4.44.0.09170 2007.12.09 - e S afe 7.0.15.0 2007.12.09 - eTru s t-Vet 31.3.5361 2007.12.08 - Ewido 4.0 2007.12.09 - FileAdvi s or 1 2007.12.10 - Fortinet 3.14.0.0 2007.12.10 - F-Prot 4.4.2.54 2007.12.08 - F- S ecure 6.70.13030.0 2007.12.10 - I k aru s T3.1.1.12 2007.12.10 - K a s per s k y 7.0.0.125 2007.12.10 - McAfee 5181 2007.12.08 - Micro s oft 1.3007 2007.12.10 - NOD32v2 2712 2007.12.09 - Norman 5.80.02 2007.12.07 - Panda 9.0.0.4 2007.12.09 - Prevx1 V2 2007.12.10 - Ri s ing 20.21.42.00 2007.12.07 - S opho s 4.24.0 2007.12.10 - S unbelt 2.2.907.0 2007.12.07 - S ymantec 10 2007.12.10 - TheHac k er 6.2.9.154 2007.12.09 - VBA32 3.12.2.5 2007.12.07 - Viru s Bu s ter 4.3.26:9 2007.12.09 - Webwa s her-Gateway 6.6.2 2007.12.08 - Information additionnelle File s ize: 104 byte s MD5: 00a8a830b809bae677fc2dcb1ce8ed9c S HA1: 143c0e255921cd2a543d9f5146bf9b5d5474f520 PEiD: - Stp manu78, peux tu envoyer le fichier Upload_Me.zip qui se trouve sur ton bureau ici > C'est fait Encore merci pour cette nouvelle étape qui nous approche du but j'ai l'impression. Manu

Voila docteur et encore merci d'avance. PS : mon fichier parasite dmconfi.dll a disparu de l'explorateur mais apparait encore (comme fichier manquant certes) dans Hijachthis. 1) Ajouter ou Supprimer des Programmes : C'est fait 2) Combofix EDIT par manu : j'ai supprimé le ComboFix pour ne pas surcharger car c'était pas le bon demandé ! 3) MSNFix MSNFix 1.603 D:\téléchargements\MSNFix Fix exécuté le 2007-12-09 - 8:15:19.14 By Papa mode normal ************************ Recherche les fichiers présents ... C:\GETDRIVE.EXE ************************ MSNCHK ***** /!\ beta test /!\ ************************ Recherche les dossiers présents ... C:\Temp\ ************************ Suppression des fichiers .. OK ... C:\GETDRIVE.EXE ************************ Suppression des dossiers .. OK ... C:\Temp\ ************************ Nettoyage du registre ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\WINDOWS\system32\QTJava.zip] F6FB16B48A4DB0CCF6401A39DD8A5BF9 [C:\PROGRA~1\UNWISE.EXE] 973567B98CDFC147DF4E60471D9DF072 ==> SVP merci d'envoyer le fichier C:\DOCUME~1\Papa\Bureau\Upload_Me.zip sur http://upload.changelog.fr Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 2007-12-09_ 81603.07.zip ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END --------------------------------------------- 4)mpcsys.sys Il n'y a pas de rapport comme les autres, je t'ai copié tout ce qu'il y avait. Fichier mpcsys.SYS reçu le 2007.12.09 08:25:46 (CET) Situation actuelle: terminé Résultat: 0/32 (0%) Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2007.12.8.0 2007.12.07 - AntiVir 7.6.0.40 2007.12.07 - Authentium 4.93.8 2007.12.08 - Avast 4.7.1098.0 2007.12.08 - AVG 7.5.0.503 2007.12.08 - BitDefender 7.2 2007.12.09 - CAT-QuickHeal 9.00 2007.12.08 - ClamAV 0.91.2 2007.12.09 - DrWeb 4.44.0.09170 2007.12.08 - eSafe 7.0.15.0 2007.12.06 - eTrust-Vet 31.3.5361 2007.12.08 - Ewido 4.0 2007.12.08 - FileAdvisor 1 2007.12.09 - Fortinet 3.14.0.0 2007.12.09 - F-Prot 4.4.2.54 2007.12.08 - F-Secure 6.70.13030.0 2007.12.09 - Ikarus T3.1.1.12 2007.12.09 - Kaspersky 7.0.0.125 2007.12.09 - McAfee 5181 2007.12.08 - Microsoft 1.3007 2007.12.09 - NOD32v2 2711 2007.12.07 - Norman 5.80.02 2007.12.07 - Panda 9.0.0.4 2007.12.09 - Prevx1 V2 2007.12.09 - Rising 20.21.42.00 2007.12.07 - Sophos 4.24.0 2007.12.09 - Sunbelt 2.2.907.0 2007.12.07 - Symantec 10 2007.12.09 - TheHacker 6.2.9.153 2007.12.07 - VBA32 3.12.2.5 2007.12.07 - VirusBuster 4.3.26:9 2007.12.08 - Webwasher-Gateway 6.6.2 2007.12.08 - Information additionnelle File size: 15360 bytes MD5: 53f1949ed36e9bb6b1bf488f379a22aa SHA1: 0b72bfe1f99db68179e837fca7f9815ac8ffd1f8 PEiD: -