pub CID qui vien tous le temps

Neurone isolé Messages: 6 Tutoriaux : 0

bonjour jai un probleme avec mon pc je recois des pub CID a chaque fois que je vais sur internet ou consulter mais mail
je narive pas a comprendre se ke ces si kelkun pourai maider car la je suis a bout Pas content !

je ny arrive pas.
merci davance pour l'aide que vous me fournirer Très
content

Carte Mère AidoAntivirus Messages: 846 Tutoriaux : 0

Bonsoir requin93300 Sourire

Bienvenue sur ce forum.

Prends soin de suivre cette pré-procédure de nettoyage à la lettre et de joindre les rapports correspondants.

Si tu rencontres un souci, n'hésite pas à demander. A bientôt.

Bienvenue requin93300 Très content

Comme le dit Gaf suis la pré-prosédure de nettoyage et si il y a toujours un souci ont est là Clin d'oeil

Bonne courage

Neurone isolé Messages: 6 Tutoriaux : 0

je vous remerci beaucoup je suis vraiment conten detre venu sur ce site je mis mais tous de suite au travail merci encore

Neurone isolé Messages: 6 Tutoriaux : 0

voila je te passe mes raport
raport 1 avg
------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:06:17 16/05/2007

+ Résultat de l'analyse:

C:\System Volume Information\_restore{EC481EE5-43E2-4D1D-A126-8EACA2D699AB}\RP87\A0009798.exe -> Adware.SaveNow : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\_edonkey\shared\calc.exe -> Downloader.Agent.aii : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\mule\shared\calc.exe -> Downloader.Agent.aii : Nettoyé.
C:\System Volume Information\_restore{EC481EE5-43E2-4D1D-A126-8EACA2D699AB}\RP93\A0010037.exe -> Downloader.Agent.aii : Nettoyé.
C:\WINDOWS\system32\mljgdde.dll -> Downloader.ConHook.ah : Nettoyé.
C:\WINDOWS\system32\WinFlyer32.dll -> Dropper.Agent.bhc : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\Répertoire temporaire 1 pour bazoooka_2.5.zip\á®ÙƒƒƒÛñ áƒ¬ÝÞƒƒƒƒƒ.exe -> Not-A-Virus.Constructor.Win32.VB.x : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\Répertoire temporaire 3 pour bazoooka_2.5.zip\á®ÙƒƒƒÛñ áƒ¬ÝÞƒƒƒƒƒ.exe -> Not-A-Virus.Constructor.Win32.VB.x : Nettoyé.
C:\WINDOWS\system32\bpkhk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.c : Nettoyé.
C:\WINDOWS\system32\bpkwb.dll -> Not-A-Virus.Monitor.Win32.Perflogger.d : Nettoyé.
C:\WINDOWS\system32\rinst.exe -> Not-A-Virus.Monitor.Win32.Perflogger.f : Nettoyé.
C:\System Volume Information\_restore{EC481EE5-43E2-4D1D-A126-8EACA2D699AB}\RP93\A0010033.exe -> Not-A-Virus.PSWTool.Win32.Messen.103 : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\0exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\10exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\11exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\13exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\14exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\16exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\1exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\20exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\21exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\25exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\27exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\29exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\2exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\30exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\31exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\35exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\36exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\38exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\39exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\40exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\41exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\43exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\44exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\45exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\46exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\49exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\4exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\53exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\54exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\56exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\57exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\5exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\60exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\66exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\67exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\69exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\6exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\70exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\71exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\75exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\7exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\80exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\85exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\88exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\8exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\90exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\91exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\94exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\95exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\96exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\99exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\9exinjs.a9.exe -> Proxy.Horst.sv : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\11exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\13exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\15exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\18exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\19exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\26exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\29exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\32exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\38exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\39exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\44exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\47exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\48exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\49exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\54exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\55exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\67exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\70exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\75exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\76exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\79exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\81exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\85exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\8exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\92exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\96exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\97exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\98exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\99exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\9exa5txt.3.exe -> Proxy.Horst.wo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\15exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\23exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\44exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\50exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\71exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\72exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\78exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\81exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\83exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\98exym50.a.exe -> Proxy.Horst.ya : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@lsfnetwork.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@stats.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@clickbank[1].txt -> TrackingCookie.Clickbank : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@www.lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@www.paypal[3].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@edge.ru4[1].txt -> TrackingCookie.Ru4 : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\administrator\Cookies\administrator@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\lylo\Cookies\lylo@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\tmp10F.tmp.exe -> Trojan.BHO.g : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\tmp17.tmp.exe -> Trojan.BHO.g : Nettoyé.
C:\Documents and Settings\lylo\Local Settings\Temp\tmpEC.tmp.exe -> Trojan.BHO.g : Nettoyé.
C:\WINDOWS\system32\tmp10F.tmp.dll -> Trojan.BHO.g : Nettoyé.
C:\WINDOWS\system32\tmp17.tmp.dll -> Trojan.BHO.g : Nettoyé.
C:\WINDOWS\system32\tmpEC.tmp.dll -> Trojan.BHO.g : Nettoyé.
C:\System Volume Information\_restore{EC481EE5-43E2-4D1D-A126-8EACA2D699AB}\RP87\A0009799.exe -> Trojan.Inject.ba : Nettoyé.
C:\Documents and Settings\All Users\Application Data\ProcWayPlusDelete\Forkgrid.exe -> Trojan.Obfuscated.en : Nettoyé.
C:\Documents and Settings\lylo\Application Data\browseoptioncash\uyrqukez.exe -> Trojan.Obfuscated.en : Nettoyé.

Fin du rapport

raport 2 clean

16/05/2007 a 15:23:57,29

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
C:\WINDOWS\system\smss.exe FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Multi_Media_France\" FOUND
*** Fin du rapport !

raport 3 hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 15:21:55, on 16/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\slserv.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\lylo\Bureau\hijackthis\aidoforum.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {dbf9465a-3b14-453a-a97f-c51648f3b348} - C:\WINDOWS\system32\logund.dll
O2 - BHO: (no name) - {E2EE5C44-C66D-499d-BEAE-A2A79189A63A} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WinFlyer32.dll] "rundll32.exe" C:\WINDOWS\system32\WinFlyer32.dll,Run
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MA Handset Manager] "C:\Program Files\Mobile Action\Samsung E350_E358 USB - Handset Manager V9.2\PanelExe.exe" /HIDE
O4 - HKCU\..\Run: [FilmElse] C:\DOCUME~1\lylo\APPLIC~1\BROWSE~1\mapiacid.exe
O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: logund - C:\WINDOWS\SYSTEM32\logund.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

Carte Mère AidoAntivirus Messages: 846 Tutoriaux : 0

Déroule la liste des instructions ci-dessous :

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum.

Je t'attends donc avec ces 3 rapports : Vundofix, sdfix, et un nouveau log hijackthis. A bientôt.

PC de Compèt' Messages: 1275 Tutoriaux : 0

Carte Mère AidoAntivirus Messages: 846 Tutoriaux : 0

Bonsoir jossmam Sourire

Edite ton message afin d'ôter ton post s'il te plait, et crée toi un nouveau sujet pour y poster tes rapports.

Comme cela, on ne risque pas de se mélanger les pinceaux entre les rapports.

Et je te serais reconnaissant de ne pas tout écrire en gras, ce serait plus agréable pour moi. Clin d'oeil

PC de Compèt' Messages: 1275 Tutoriaux : 0

J'ai créé un autre sujet mais je ne sais pas si ma procédure a fonctionné comme tu le voulais ??
Merci de m'en tenir informée
A plus

Neurone isolé Messages: 6 Tutoriaux : 0

bonjour jai terminer les trois raport que tu ma demander je te les envoie voila

voici le raport de vundofix:

VundoFix V6.3.23

Checking Java version...

Java version is 1.5.0.11

Scan started at 20:33:07 17/05/2007

Listing files found while scanning....

No infected files were found.

VundoFix V6.3.23

Checking Java version...

Java version is 1.5.0.11

Scan started at 07:59:37 18/05/2007

Listing files found while scanning....

C:\WINDOWS\system32\tmpD.tmp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\tmpD.tmp.dll
C:\WINDOWS\system32\tmpD.tmp.dll Has been deleted!

Performing Repairs to the registry.
Done!

voici le raport de hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 08:16:16, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
C:\WINDOWS\system32\slserv.exe
C:\DOCUME~1\lylo\LOCALS~1\Temp\3exinjs.a9.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\lylo\Mes documents\antivirus\hijackthis\aidoforum.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Online_TV - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
R3 - URLSearchHook: (no name) - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - (no file)
O2 - BHO: Online_TV - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\WINDOWS\system32\tmpB0.tmp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {dbf9465a-3b14-453a-a97f-c51648f3b348} - C:\WINDOWS\system32\logund.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Online_TV - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnli.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PlusDeleteBashMeal] C:\Documents and Settings\All Users\Application Data\ProcWayPlusDelete\Forkgrid.exe
O4 - HKLM\..\Run: [WinFlyer32.dll] "rundll32.exe" C:\WINDOWS\system32\WinFlyer32.dll,Run
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MA Handset Manager] "C:\Program Files\Mobile Action\Samsung E350_E358 USB - Handset Manager V9.2\PanelExe.exe" /HIDE
O4 - HKCU\..\Run: [FilmElse] C:\DOCUME~1\lylo\APPLIC~1\BROWSE~1\mapiacid.exe
O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: logund - C:\WINDOWS\SYSTEM32\logund.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

voici le raport de sdfix:

SDFix: Version 1.84

Run by lylo - 18/05/2007 - 8:22:34,78

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\lylo\Bureau\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\DOCUME~1\lylo\LOCALS~1\Temp\tmpB0.tmp.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\tmpD.tmp.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\10exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\13exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\16exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\17exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\26exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\2exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\32exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\33exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\35exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\38exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\39exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\3exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\41exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\42exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\43exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\44exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\48exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\4exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\50exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\54exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\55exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\57exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\58exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\60exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\62exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\68exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\6exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\70exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\71exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\72exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\73exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\78exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\7exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\81exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\83exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\86exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\92exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\93exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\97exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\99exinjs.a9.exe - Deleted
C:\DOCUME~1\lylo\LOCALS~1\Temp\injs.a9.exe.conf - Deleted
C:\WINDOWS\system\smss.exe - Deleted

Removing Temp Files...

ADS Check:

Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.

Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standar dProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\WINDOWS\\system32\\lxcgcoms.exe"="C:\\WINDOWS\\system32\\lxcgcoms.exe:*:Enabled: 2300 Series"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\60exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\60exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\1exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\1exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\73exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\73exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\28exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\28exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\5exml32.9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\Te mp\\5exml32.9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\56exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\56exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\17exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\17exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\51exml32.9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\51exml32.9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\32exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\32exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\ADMINI~1\\LO CALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\17exml32.9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\17exml32.9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\83exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\83exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\24exml32.9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\24exml32.9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\69exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\69exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\33exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\33exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\14exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\14exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\53exed32_2.d.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\ \Temp\\53exed32_2.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\T emp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\lylo\\LOCALS~1\\Temp\\55exinjs.a9.exe"="C:\\DOCUME~1\\lylo\\LOCALS~1\\ Temp\\55exinjs.a9.exe:*:Enabled:Microsoft Update"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainP rofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\lylo\Bureau\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes:

C:\Documents and Settings\lylo\Local Settings\Application Data\Microsoft\Messenger\choupine_93@hotmail.com\Sharing Folders\stefano_forzitalia@hotmail.com\Thumbs.db

Finished

voila mes raport je te remerci jaten ta nouvel reponces

Carte Mère AidoAntivirus Messages: 846 Tutoriaux : 0

Bonjour requin93300 Sourire

Bien travaillé, mais ce n'est pas encore terminé, tu es encore infecté.

Tu ne m'as pas répondu pour le pare-feu ! Il va te falloir de toute façon opter pour en installer un (celui de xp activé ou pas), sinon tu ne t'en sortiras pas avec ton infection.

Zone Alarm (2 versions )
Lien de téléchargement de la version FREE : http://www.zonelabs.com/store/content/cata...&lid=nav_za
Lien de téléchargement de la version PRO : http://www.zonelabs.com/store/content/cata...lid=dbtopnav_za
La version pro est payante après une période d'essai.
Tuto de Tesgaz pour la version pro : http://speedweb1.free.fr/frames2.php?page=tuto1
Tuto de Odsen pour la version free : http://benoit.aun.free.fr/securite-facile-php/zonealarm.php

Kerio (2 versions également)
Lien de téléchargement : http://www.sunbelt-software.com/evaluation/440/kerio.exe
Tuto de Malekal_morte : http://www.malekal.com/kerio_firewall.html

Jetico
Lien de téléchargement éditeur : http://www.jetico.com/
Lien de téléchargement sur Zebulon (en fr) : http://telechargement.zebulon.fr/license-1-225.html
Tuto de Odsen (lien site) : http://benoit.aun.free.fr/securite-facile-php/jetico.php
Tuto de Odsen (lien zeb) : http://forum.zebulon.fr/index.php?showtopic=93489

Outpost firewall free
Lien de téléchargement éditeur : http://www.agnitum.com/products/outpostfree/download.php
Tuto de Odsen (lien site) : http://securite-facile.ovh.org/jetico.php

La liste n'est pas exhaustive, il en existe d'autres gratuits, et d'autres avec plus de fonctions payants. Télécharge l'exécutable d'installation du pare-feu que tu auras choisi. Déconnecte toi, débranche physiquement ta connexion, désactive le pare-feu windows et lance l'installation de ton pare-feu. Puis reconnecte toi et suis les instructions supplémentaires s'il y en a. Aide toi des tutos. Clin d'oeil

Je te conseille Zone Alarm dans un premier temps, la première prise en main est plus rapide. Tu pourras opter pour un autre que tu souhaites par la suite.

Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.

Double-clique combofix.exe afin de l'exécuter et suis les instructions.
Lorsque l'analyse sera complétée, un rapport apparaîtra.
Copie-colle ce rapport dans ta prochaine réponse. suivi d'un nouveau log hijackthis.

Neurone isolé Messages: 6 Tutoriaux : 0

voila les raport

"lylo" - 2007-05-18 15:18:05 Service Pack 2
ComboFix 07-05.17.6.V - Running from: "C:\Documents and Settings\lylo\Bureau\"

(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\WinFlyer32.dll
C:\WINDOWS\system32\logund.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\tmp10F.tmp.dll
C:\WINDOWS\system32\tmp17.tmp.dll
C:\WINDOWS\system32\tmpB0.tmp.dll
C:\WINDOWS\system32\tmpEC.tmp.dll
C:\install.log

((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-18 ))))))))))))))))))))))))))))))))))

2007-05-18 15:09 <REP> d-------- C:\Program Files\Fichiers communs\Agnitum Shared
2007-05-18 15:09 <REP> d-------- C:\Program Files\Agnitum
2007-05-17 20:33 <REP> d-------- C:\VundoFix Backups
2007-05-16 22:53 <REP> d-------- C:\Program Files\Secured_eMule
2007-05-16 22:53 <REP> d-------- C:\Program Files\Secured eMule
2007-05-16 17:50 <REP> d-------- C:\Program Files\PC Inspector File Recovery
2007-05-16 16:51 <REP> d-------- C:\Program Files\GetData
2007-05-16 16:50 <REP> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-05-16 16:47 <REP> d-------- C:\Restoration
2007-05-16 16:37 <REP> d-------- C:\DOCUME~1\ADMINI~1\Contacts
2007-05-16 16:34 <REP> d-------- C:\DOCUME~1\ADMINI~1\Phone Browser
2007-05-16 16:34 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Spyware Terminator
2007-05-16 16:34 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\CamTrack
2007-05-16 13:12 <REP> d-------- C:\Program Files\CCleaner
2007-05-15 09:59 1,308,216 --a------ C:\HiJackThis_v2.exe
2007-05-14 18:21 40,448 --a------ C:\NoLop.exe
2007-05-14 17:38 43 --a------ C:\Ping.bat
2007-05-14 14:37 29,556 --a------ C:\WINDOWS\system32\ddcyw.exe
2007-05-14 14:32 8,305 --a------ C:\WINDOWS\system32\mljgdde.dll
2007-05-11 12:26 <REP> d-------- C:\Program Files\ElcomSoft
2007-05-10 03:02 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-05-09 13:23 <REP> d-------- C:\Program Files\Online_TV
2007-05-09 13:19 <REP> d-------- C:\Program Files\Multi_Media_France
2007-05-09 13:14 <REP> d-------- C:\Program Files\browseoptioncash
2007-05-09 13:14 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\browseoptioncash
2007-05-09 13:14 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ProcWayPlusDelete
2007-05-07 15:25 <REP> d-------- C:\Program Files\Xinek
2007-05-05 22:16 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\Nokia
2007-05-05 22:16 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\DataLayer
2007-05-05 22:15 38,016 --a------ C:\WINDOWS\system32\drivers\bthmodem.sys
2007-05-05 22:13 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2007-05-05 22:13 59,648 --a------ C:\WINDOWS\system32\drivers\rfcomm.sys
2007-05-05 22:13 28,160 --a------ C:\WINDOWS\system32\irmon.dll
2007-05-05 22:13 274,944 --a------ C:\WINDOWS\system32\drivers\bthport.sys
2007-05-05 22:13 18,944 --a------ C:\WINDOWS\system32\drivers\BTHUSB.SYS
2007-05-05 22:13 17,024 --a------ C:\WINDOWS\system32\drivers\BthEnum.sys
2007-05-05 22:13 154,112 --a------ C:\WINDOWS\system32\irftp.exe
2007-05-05 22:13 100,992 --a------ C:\WINDOWS\system32\drivers\bthpan.sys
2007-05-05 22:12 <REP> d-------- C:\DOCUME~1\lylo\Phone Browser
2007-05-05 22:12 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\PC Suite
2007-05-05 22:10 <REP> d-------- C:\Program Files\Nokia
2007-05-05 22:10 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2007-05-05 22:10 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2007-05-03 12:10 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\XINEK
2007-05-03 12:09 <REP> d-------- C:\WINDOWS\system32\log
2007-05-02 14:28 <REP> d-------- C:\Program Files\uTorrent
2007-05-02 14:28 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\uTorrent
2007-05-02 14:08 <REP> d-------- C:\DOCUME~1\lylo\APPLIC~1\Shareaza
2007-04-27 11:09 7,680 --a------ C:\WINDOWS\system32\bpkhk.dll
2007-04-27 11:09 596 --a------ C:\WINDOWS\system32\rinst.dat
2007-04-27 11:09 5,120 --a------ C:\WINDOWS\system32\rinst.exe
2007-04-27 11:09 23,552 --a------ C:\WINDOWS\system32\bpkwb.dll
2007-04-27 11:09 1,344 --a------ C:\WINDOWS\system32\bpk.bin
2007-04-27 10:59 <REP> d--h----- C:\WINDOWS\PIF
2007-04-27 09:43 <REP> d-------- C:\Program Files\Shareaza
2007-04-26 13:22 <REP> d-------- C:\Program Files\QuickTime
2007-04-25 15:56 <REP> d-------- C:\Program Files\IntelliTamper
2007-04-23 14:51 <REP> d-------- C:\WINDOWS\Eurobarre
2007-04-23 14:34 <REP> d-------- C:\DOCUME~1\ADMINI~2\Contacts
2007-04-23 12:03 83,456 --a------ C:\DOCUME~1\ADMINI~2\olepro32.dll
2007-04-23 12:03 65,024 --a------ C:\DOCUME~1\ADMINI~2\asycfilt.dll
2007-04-23 12:03 553,472 --a------ C:\DOCUME~1\ADMINI~2\oleaut32.dll
2007-04-23 12:03 22,288 --a------ C:\DOCUME~1\ADMINI~2\COMCAT.DLL
2007-04-23 12:03 20,480 --a------ C:\DOCUME~1\ADMINI~2\Eurofake.exe
2007-04-23 12:03 119,568 --a------ C:\DOCUME~1\ADMINI~2\VB6FR.DLL
2007-04-23 12:03 102,912 --a------ C:\DOCUME~1\ADMINI~2\VB6STKIT.DLL
2007-04-23 12:03 1,392,671 --a------ C:\DOCUME~1\ADMINI~2\msvbvm60.dll
2007-04-23 11:57 <REP> d-------- C:\DOCUME~1\ADMINI~2\APPLIC~1\OpenOffice.org2
2007-04-23 11:46 <REP> d-------- C:\DOCUME~1\ADMINI~2\APPLIC~1\vlc
2007-04-23 11:37 119,568 --------- C:\WINDOWS\system32\vb6fr.dll
2007-04-23 11:37 <REP> d-------- C:\Program Files\Eurobarre

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-18 06:44:57 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\OpenOffice.org2
2007-05-18 06:15:04 -------- d-----w C:\Program Files\Spyware Terminator
2007-05-18 06:13:39 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\Azureus
2007-05-17 12:51:04 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\Spyware Terminator
2007-05-17 06:00:29 -------- d-----w C:\Program Files\eMule
2007-05-16 15:50:11 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-11 09:28:44 -------- d-----w C:\Program Files\WinClamAVShield
2007-05-07 12:30:04 681,984 ----a-w C:\WINDOWS\system32\CDUninst.exe
2007-05-05 20:14:41 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-05-05 20:14:41 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-05-02 12:57:04 -------- d-----w C:\Program Files\Azureus
2007-04-23 09:08:03 -------- d-----w C:\Program Files\MSN Messenger
2007-04-17 09:16:29 -------- d-----w C:\Program Files\Apple Software Update
2007-04-11 11:00:27 -------- d-----w C:\Program Files\Windows Live Safety Center
2007-04-03 08:59:07 -------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2007-04-03 08:28:25 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\AVSMedia
2007-04-03 08:12:20 -------- d-----w C:\Program Files\Winamp
2007-04-02 20:46:59 -------- d-----w C:\Program Files\ImTOO
2007-04-02 20:29:00 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\Vso
2007-04-02 15:20:23 36,441 ----a-w C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2007-04-02 15:20:22 131,072 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-04-02 15:20:09 -------- d-----w C:\Program Files\Illustrate
2007-03-31 16:57:21 -------- d-----w C:\Program Files\Mobile Action
2007-03-31 13:10:38 -------- d-----w C:\Program Files\LizardTech
2007-03-31 11:49:38 -------- d-----w C:\Program Files\Samsung
2007-03-30 19:32:16 -------- d-----w C:\Program Files\Fichiers communs\Logitech
2007-03-30 19:31:46 -------- d-----w C:\Program Files\Logitech
2007-03-30 19:22:57 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-03-30 19:06:58 -------- d-----w C:\Program Files\Microsoft Encarta
2007-03-30 19:05:50 -------- d-----w C:\Program Files\Microsoft Picture It! 7
2007-03-30 19:00:58 -------- d-----w C:\Program Files\Microsoft Works
2007-03-30 18:57:09 -------- d-----w C:\Program Files\Microsoft Works Suite 2003
2007-03-30 17:30:00 -------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-03-30 07:49:16 -------- d-----w C:\Program Files\Alcatel
2007-03-30 01:07:40 -------- d-----w C:\Program Files\Windows Live Toolbar
2007-03-30 01:00:32 -------- d-----w C:\Program Files\MSXML 4.0
2007-03-29 19:45:24 -------- d-----w C:\Program Files\Yahoo!
2007-03-28 17:40:38 -------- d-----w C:\Program Files\Google
2007-03-28 15:46:48 135,936 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-03-28 15:35:15 -------- d-----w C:\Program Files\Lexmark 2300 Series
2007-03-28 15:31:04 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\InterVideo
2007-03-28 15:27:36 -------- d-----w C:\Program Files\InterVideo Information Service
2007-03-28 15:27:36 -------- d-----w C:\Program Files\Fichiers communs\Ulead
2007-03-28 15:23:40 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\Apple Computer
2007-03-28 15:18:37 -------- d-----w C:\Program Files\InterVideo
2007-03-28 15:18:37 -------- d-----w C:\Program Files\Fichiers communs\InterVideo
2007-03-28 15:09:26 -------- d-----w C:\Program Files\Ahead
2007-03-28 15:07:28 123,213,632 ----a-w C:\WinDVD8.exe
2007-03-28 15:07:15 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\vlc
2007-03-28 15:06:04 -------- d-----w C:\Program Files\VideoLAN
2007-03-28 14:45:07 -------- d-----w C:\Program Files\OpenOffice.org 2.1
2007-03-28 14:43:43 -------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-03-28 14:43:39 -------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-03-28 14:38:00 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\Google
2007-03-28 14:20:54 -------- d-----w C:\DOCUME~1\lylo\APPLIC~1\CamTrack
2007-03-28 14:16:32 481 ----a-w C:\pnpID.dat
2007-03-28 14:03:49 -------- d-----w C:\Program Files\DigitalPeers
2007-03-28 13:57:37 -------- d-----w C:\Program Files\ATI Technologies
2007-03-28 13:13:14 -------- d-----w C:\Program Files\UTILS
2007-03-28 13:13:13 -------- d-----w C:\Program Files\JEUX
2007-03-28 13:01:37 -------- d-----w C:\Program Files\microsoft frontpage
2007-03-28 12:59:35 0 --sha-r C:\MSDOS.SYS
2007-03-28 12:59:35 0 --sha-r C:\IO.SYS
2007-03-28 12:59:35 0 ----a-w C:\CONFIG.SYS
2007-03-28 12:59:35 0 ----a-w C:\AUTOEXEC.BAT
2007-03-28 12:56:47 -------- d--h--w C:\Program Files\WindowsUpdate
2007-03-28 12:56:38 -------- d-----w C:\Program Files\Services en ligne
2007-03-28 12:55:33 -------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-03-28 12:55:23 -------- d-----w C:\Program Files\Movie Maker
2007-03-28 12:53:55 21,892 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-03-28 12:52:58 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-03-28 12:52:50 -------- d-----w C:\Program Files\Windows NT
2007-03-17 13:47:04 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-08 15:50:30 579,072 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:50:30 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:50:30 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 15:45:59 1,844,096 ----a-w C:\WINDOWS\system32\win32k.sys
2007-02-05 20:19:06 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll

(((((((((((((((((((((((((((((((((((((