Au secours!!carpe diem;oubli rapport

voici Logfile of HijackThis v1.99.1
Scan saved at 10:38:45, on 16/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\QuickTime\qttask.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Wireless LAN USB Dongle\ZDWlan.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\GRGORY~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199[1].zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - Startup: ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Wireless LAN USB Dongle.lnk = C:\Program Files\Wireless LAN USB Dongle\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://10117.kit.carpediem.fr/ParisVoyeur.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - Unknown owner - c:\program files\mcafee\msk\msksrver.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

mon rapport hijackthis:

Configuration: Windows XP
Internet Explorer 7.0

voici rapport bloc notesSearch Navipromo version 1.0.3 commencé le 16/02/2007 à 18:08:10,56

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Documents and Settings\gr‚gory\Bureau\navilog1
Mise a jour le 15.02.2007 a 17h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\gr‚gory\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1055.

[+] Started on 02/16/07 at 18:08:16.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .............................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 02/16/07 at 18:14:29 (return code = 0).


*** Recherche fichiers ***




*** Recherche cles registre ***


Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recharche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de recherche complémentaire ***
(recherche fichiers spécifiques)



*** Analyse Terminé le 16/02/2007 à 18:17:50,34 ***

salut
je travaille à l'hotel du lac prés de dunkerque
voici le rapport:que des cookies apparemment?,je te joint aussi le rapport que j'ai fait hier sous le conseil d'un ami avec spyware doctor(version gratuite)si ça peut t'aider.
merci à toi!!!
A+---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 00:33:06 17/02/2007

+ Résultat de l'analyse:



C:\Documents and Settings\grégory\Cookies\grégory@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\laurence\Cookies\laurence@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\grégory\Cookies\grégory@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\laurence\Cookies\laurence@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\grégory\Cookies\grégory@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\laurence\Cookies\laurence@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\laurence\Cookies\laurence@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\grégory\Cookies\grégory@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\laurence\Cookies\laurence@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\laurence\Cookies\laurence@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\louis\Cookies\louis@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.


Fin du rapport
Résultats de l'analyse :
démarrage de l'analyse : 15/02/2007 23:53:40
arrêt de l'analyse : 16/02/2007 00:15:13
Eléments analysés : 96592
éléments trouvés : 17
trouvés et ignorés : 0
outils utilisés : General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



Nom de l'infection Emplacement Risque
Tracking Cookie(s) C:\Documents and Settings\grégory\Cookies\grégory@247realmedia[1].txt Bas
Tracking Cookie(s) C:\Documents and Settings\grégory\Cookies\grégory@xiti[1].txt Bas
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353 Haut
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353## Haut
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353##Blob Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9} Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##Installer Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##SystemComponent Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation##CODEBASE Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion##LastModified Haut


Autres sections :

salut régis
ai fait analyse avec spybot:me dit "félicitations aucun mouchards trouvés".
MERCI

non c'était mon serveur,tt fonctionne normalement pour l'instant
A+

salut
viens de refaire un scan avec "spyware doctor".
c'est planqué ou ces mdr.
Résultats de l'analyse :
démarrage de l'analyse : 17/02/2007 15:20:14
arrêt de l'analyse : 17/02/2007 15:35:39
Eléments analysés : 97898
éléments trouvés : 18
trouvés et ignorés : 0
outils utilisés : General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



Nom de l'infection Emplacement Risque
Tracking Cookie(s) C:\Documents and Settings\grégory\Cookies\grégory@247realmedia[1].txt Bas
Advertising C:\Documents and Settings\grégory\Cookies\grégory@www.smartadserver[1].txt Bas
Tracking Cookie(s) C:\Documents and Settings\grégory\Cookies\grégory@xiti[1].txt Bas
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353 Haut
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353## Haut
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353##Blob Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9} Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##Installer Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##SystemComponent Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation##CODEBASE Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion##LastModified Haut

salut
voila,espére que c'est ça.
merci à toi
REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "CARPE DIEM" 17/02/2007 16:33:39

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_USERS\S-1-5-21-1350440936-75311580-3448397319-1005\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="carpe diem"
A+

salut,
copier coller ok
enregistre sous et dans: bureau? doc?........
bureau.reg ok
type:me donne choix doc texte;docformat rtf;doc texte ms-dos;doc texte unicode ?
préfére te demander,milles excuses chu pas doué hein! comme on dit chez nous
merci

Salut
désolé mais type me donne que ces 4 choix de doc,ai pas codage,
Juste un petit carré en dessous "enregistrer doc par défaut.
MERCI ENCORE
tu as passé un bon week end?C'est le carnaval ici!!
A+

salut
voici rapport scan aprés l'exécution de ton fichier qui c'est bien enregistré.
Analyses (informations de base uniquement) :

Résultats de l'analyse :
démarrage de l'analyse : 21/02/2007 09:42:40
arrêt de l'analyse : 21/02/2007 09:59:53
Eléments analysés : 98629
éléments trouvés : 17
trouvés et ignorés : 0
outils utilisés : General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



Nom de l'infection Emplacement Risque
Tracking Cookie(s) C:\Documents and Settings\grégory\Cookies\grégory@247realmedia[1].txt Bas
Tracking Cookie(s) C:\Documents and Settings\grégory\Cookies\grégory@xiti[1].txt Bas
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353 Haut
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353## Haut
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2DCB4C0C78BBE64B52C0312BAB2E95EA2971C353##Blob Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9} Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##Installer Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##SystemComponent Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation##CODEBASE Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion## Haut
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion##LastModified Haut
Est l'ordi qui rame c'est du à ça?
MERCI
Oui dk dimanche,lundi citadelle,mardi rosendael,mercredi bal enfantin,c'est ce qu'on appelle ici les 3 joyeuses.
A+ MERCI ENCORE

salut

voici le rapport:
REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "carpediem" 21/02/2007 23:44:25

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation]
"CODEBASE"="http://10117.kit.carpediem.fr/ParisVoyeur.exe"
merci encore à toi
a+