Sujet Précédent Sujet Suivant

[virus] Infecté par

Résolu/Fermé
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010 - 16 août 2007 à 22:13
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 - 10 sept. 2007 à 17:26
Bonjour à tous!!

Voila, j'ai un problème avec mon ordinateur, c'est l'une des premières fois que ça m'arrive! Et c'est un virus qui m'ennerve vraiment!!
J'ai eu beau chercher sur beaucoup de forum, essayer tous ce qu'on me disait mais rien y fait... Ils appellent ça un "ver blaster"!!

A certain moment, Il y a un arret du systeme avec ce message :

Arrët du système. Veuillez enregistrer tous les travaux en cours et quitter votre session. Toutes les modifications non enregistrées seront perdues. Cet arrêt a été initié par AUTORITE NT\SYSTEM

Temps restant avant l'arrêt du système: hh/mm/ss

Message
Windows doit maintenant redémarrer car le service Lanceur de processus serveur DCOM s'est terminé de façon inattendue

J'ai reculer l'heure de l'horloge pour avoir plus de temps et trouver comment le supprimer!!

J'espere vraiment que vous pourrez m'aider
merci
A bientôt!!

38 réponses

  • 1
  • 2
Réponse 1 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
16 août 2007 à 22:16
salut a toi gatsk,

regarde ceci et fais comme indiqué,

d´abord tu fais l´update windows , et apres tu telecharge blastfix...

http://www.secuser.com/alertes/2003/blaster.htm

dis moi quoi.

@+
0
Réponse 2 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
16 août 2007 à 23:55
Bonjour à toi moK's@

Deja merci de ton aide

Voila le bloque note de FixBlast:

The file "20-{3C5BA878-C1BB-0614-2208-462712BC2E91}-v1-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v20-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\annec57@hotmail.fr\DFSR\Staging\CS{3C5BA878-C1BB-0614-2208-462712BC2E91}\01" was not scanned.

The file "13-{56F77EB8-A8B3-6D6B-887C-FA2BDF99DF99}-v1-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v13-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\cathdu57@hotmail.fr\DFSR\Staging\CS{56F77EB8-A8B3-6D6B-887C-FA2BDF99DF99}\01" was not scanned.

The file "22-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v22-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v22-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\emilie_starnight@hotmail.fr\DFSR\Staging\CS{8B6394AB-5617-EFC6-EF3A-740F291E6376}\22" was not scanned.

The file "15-{7CF96164-B614-60F8-5594-68C5BA1D9992}-v1-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v15-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\01" was not scanned.

The file "515-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v513-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v515-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\13" was not scanned.

The file "17-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v17-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v17-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\17" was not scanned.

The file "18-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v18-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v18-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\18" was not scanned.

The file "19-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v19-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v19-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\19" was not scanned.

The file "522-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v520-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v522-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\20" was not scanned.

The file "534-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v530-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v534-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\30" was not scanned.

The file "669-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v666-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v669-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\66" was not scanned.

The file "672-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v670-{2C70E6C8-0B4C-4034-A84A-509A37D9109E}-v672-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\mimi57700@hotmail.fr\DFSR\Staging\CS{7CF96164-B614-60F8-5594-68C5BA1D9992}\70" was not scanned.

The file "14-{F8DD666C-199F-B3E4-FA57-C2FAD2948775}-v1-{3778E1E0-D67F-4831-909A-2C4F83CA5917}-v14-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\gatsk@hotmail.fr\SharingMetadata\sefyu-2093@hotmail.fr\DFSR\Staging\CS{F8DD666C-199F-B3E4-FA57-C2FAD2948775}\01" was not scanned.

The file "176-{212BA5CD-4C66-32EA-4D53-51BE34E8A416}-v1-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v176-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\arnaudj57@hotmail.com\DFSR\Staging\CS{212BA5CD-4C66-32EA-4D53-51BE34E8A416}\01" was not scanned.

The file "177-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v177-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v177-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\arnaudj57@hotmail.com\DFSR\Staging\CS{212BA5CD-4C66-32EA-4D53-51BE34E8A416}\77" was not scanned.

The file "100-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v100-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v100-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\00" was not scanned.

The file "101-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v101-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v101-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\01" was not scanned.

The file "102-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v102-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v102-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\02" was not scanned.

The file "103-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v103-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v103-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\03" was not scanned.

The file "104-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v104-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v104-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\04" was not scanned.

The file "105-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v105-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v105-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\05" was not scanned.

The file "106-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v106-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v106-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\06" was not scanned.

The file "107-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v107-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v107-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\07" was not scanned.

The file "108-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v108-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v108-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\08" was not scanned.

The file "109-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v109-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v109-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\09" was not scanned.

The file "110-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v110-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v110-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\10" was not scanned.

The file "111-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v111-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v111-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\11" was not scanned.

The file "112-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v112-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v112-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\12" was not scanned.

The file "113-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v113-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v113-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\13" was not scanned.

The file "114-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v114-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v114-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\14" was not scanned.

The file "115-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v115-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v115-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\15" was not scanned.

The file "116-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v116-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v116-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\16" was not scanned.

The file "117-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v117-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v117-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\17" was not scanned.

The file "118-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v118-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v118-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\18" was not scanned.

The file "119-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v119-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v119-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\19" was not scanned.

The file "120-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v120-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v120-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\20" was not scanned.

The file "121-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v121-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v121-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\21" was not scanned.

The file "122-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v122-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v122-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\22" was not scanned.

The file "123-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v123-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v123-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\23" was not scanned.

The file "124-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v124-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v124-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\24" was not scanned.

The file "125-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v125-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v125-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\25" was not scanned.

The file "126-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v126-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v126-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\26" was not scanned.

The file "127-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v127-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v127-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\27" was not scanned.

The file "128-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v128-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v128-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\28" was not scanned.

The file "129-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v129-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v129-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\29" was not scanned.

The file "130-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v130-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v130-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\30" was not scanned.

The file "131-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v131-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v131-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\31" was not scanned.

The file "132-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v132-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v132-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\32" was not scanned.

The file "133-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v133-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v133-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\33" was not scanned.

The file "134-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v134-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v134-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\34" was not scanned.

The file "135-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v135-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v135-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\35" was not scanned.

The file "136-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v136-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v136-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\36" was not scanned.

The file "137-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v137-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v137-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\37" was not scanned.

The file "138-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v138-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v138-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\38" was not scanned.

The file "139-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v139-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v139-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\39" was not scanned.

The file "140-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v140-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v140-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\40" was not scanned.

The file "141-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v141-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v141-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\41" was not scanned.

The file "142-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v142-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v142-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\42" was not scanned.

The file "143-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v143-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v143-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\43" was not scanned.

The file "144-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v144-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v144-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\44" was not scanned.

The file "145-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v145-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v145-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\45" was not scanned.

The file "146-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v146-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v146-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\46" was not scanned.

The file "147-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v147-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v147-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\47" was not scanned.

The file "148-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v148-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v148-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\48" was not scanned.

The file "149-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v149-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v149-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\49" was not scanned.

The file "150-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v150-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v150-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\50" was not scanned.

The file "151-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v151-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v151-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\51" was not scanned.

The file "152-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v152-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v152-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\52" was not scanned.

The file "153-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v153-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v153-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\53" was not scanned.

The file "154-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v154-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v154-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\54" was not scanned.

The file "155-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v155-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v155-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\55" was not scanned.

The file "156-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v156-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v156-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\56" was not scanned.

The file "157-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v157-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v157-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\57" was not scanned.

The file "158-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v158-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v158-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\58" was not scanned.

The file "159-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v159-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v159-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\59" was not scanned.

The file "160-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v160-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v160-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\60" was not scanned.

The file "161-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v161-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v161-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\61" was not scanned.

The file "162-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v162-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v162-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\62" was not scanned.

The file "163-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v163-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v163-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\63" was not scanned.

The file "164-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v164-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v164-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\64" was not scanned.

The file "165-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v165-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v165-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\65" was not scanned.

The file "166-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v166-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v166-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\66" was not scanned.

The file "167-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v167-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v167-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\67" was not scanned.

The file "168-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v168-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v168-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\68" was not scanned.

The file "169-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v169-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v169-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\69" was not scanned.

The file "170-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v170-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v170-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\70" was not scanned.

The file "171-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v171-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v171-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\71" was not scanned.

The file "172-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v172-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v172-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\72" was not scanned.

The file "173-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v173-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v173-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\73" was not scanned.

The file "174-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v174-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v174-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\74" was not scanned.

The file "175-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v175-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v175-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\75" was not scanned.

The file "76-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v76-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v76-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\76" was not scanned.

The file "77-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v77-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v77-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\77" was not scanned.

The file "78-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v78-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v78-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\78" was not scanned.

The file "79-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v79-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v79-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\79" was not scanned.

The file "80-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v80-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v80-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\80" was not scanned.

The file "81-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v81-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v81-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\81" was not scanned.

The file "82-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v82-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v82-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\82" was not scanned.

The file "83-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v83-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v83-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\83" was not scanned.

The file "84-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v84-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v84-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\84" was not scanned.

The file "85-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v85-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v85-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\85" was not scanned.

The file "86-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v86-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v86-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\86" was not scanned.

The file "87-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v87-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v87-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\87" was not scanned.

The file "88-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v88-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v88-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\88" was not scanned.

The file "89-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v89-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v89-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\89" was not scanned.

The file "90-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v90-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v90-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\90" was not scanned.

The file "91-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v91-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v91-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\91" was not scanned.

The file "92-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v92-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v92-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\92" was not scanned.

The file "93-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v93-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v93-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\93" was not scanned.

The file "94-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v94-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v94-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\94" was not scanned.

The file "95-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v95-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v95-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\95" was not scanned.

The file "96-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v96-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v96-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\96" was not scanned.

The file "97-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v97-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v97-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\97" was not scanned.

The file "98-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v98-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v98-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\98" was not scanned.

The file "99-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v99-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v99-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\miss_dede3090@hotmail.fr\DFSR\Staging\CS{155935ED-6644-6A07-F6D8-E9E27DE4405C}\99" was not scanned.

The file "10-{76848F98-3E14-1176-57F5-E0BA86C07DED}-v1-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v10-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\seb57150@hotmail.fr\DFSR\Staging\CS{76848F98-3E14-1176-57F5-E0BA86C07DED}\01" was not scanned.

The file "16-{65F6AA41-2689-4B34-BCD3-67A575AC48ED}-v11-{68D24210-D013-480B-876C-5004D7CEFA7C}-v16-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\seb57150@hotmail.fr\DFSR\Staging\CS{76848F98-3E14-1176-57F5-E0BA86C07DED}\11" was not scanned.

The file "15-{68D24210-D013-480B-876C-5004D7CEFA7C}-v12-{68D24210-D013-480B-876C-5004D7CEFA7C}-v15-Downloaded.frx" in the folder "C:\Documents and Settings\Rachele\Local Settings\Application Data\Microsoft\Messenger\geo57150@hotmail.com\SharingMetadata\seb57150@hotmail.fr\DFSR\Staging\CS{76848F98-3E14-1176-57F5-E0BA86C07DED}\12" was not scanned.

W32.Blaster.Worm has not been found on your computer.

On me dit que je ne suis pas infecté :s

@+
0
Réponse 3 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
16 août 2007 à 23:57
ok

tu as fais les mises a jours windows?
0
Réponse 4 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
17 août 2007 à 01:19
oui j'ai fait tous ce que tu m'a dit!! j'ai du redemarrer l'ordinateur pour ça!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
17 août 2007 à 09:29
salut gatsk,

ca a réglé le probleme ou?

@+
0
Réponse 6 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
17 août 2007 à 22:56
je ne sais pas pour l'instant ça ne l'a pas refait!! je te tient au courrant si ça continu, merci de ton aide

A bientot!!
0
Réponse 7 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
17 août 2007 à 23:00
ok

* Télécharge HijackThis et poste le rapport stp

http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
0
Réponse 8 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
17 août 2007 à 23:50
Voici le rapport Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 23:48:12, on 17/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Fichiers communs\AOL\1172693715\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
E:\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\AOL Compagnon\companion.exe
D:\Program Files\eMule\eMule.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\SYMANT~1\DWHWIZRD.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1172693715\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SvcManager] winlogin6.exe
O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] E:\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d7660d9514dd4c77965da3a9f6efcf96
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d7660d9514dd4c77965da3a9f6efcf96
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_03) -
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

0
Réponse 9 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
18 août 2007 à 00:42
re,

il reste une cochonerie,

fais ceci :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
0
Réponse 10 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
18 août 2007 à 14:11
Re,

J'ai vraiment fait tous ce que tu m'dit, a peine fini les manipulation en ayant redemarrer pour la derniere fois que le message c'est affiché " arrêt du systeme"!! =(

Voici le report:


SDFix: Version 1.99

Run by Rachele on 18/08/2007 at 13:52

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Rachele\Bureau\SDFix\SDFix

Safe Mode:
Checking Services:

Name:
NDnet1
poof
runtime
SysLibrary
Kytob

ImagePath:
\??\C:\WINDOWS\system32\ksys.sys
\??\C:\WINDOWS\system32\poof
\??\C:\WINDOWS\System32\drivers\runtime.sys
\??\C:\WINDOWS\system32\DefLib.sys
C:\WINDOWS\system32\directx.exe

NDnet1 - Deleted
poof - Deleted
runtime - Deleted
SysLibrary - Deleted
Kytob - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...

Service asc3550u - Deleted after Reboot

Normal Mode:
Checking Files:

Trojan Files Found:

C:\D.EXE - Deleted
C:\D1.TMP - Deleted
C:\196278~1 - Deleted
C:\Documents and Settings\LocalService\Local Settings\Temp\stdrun1.exe - Deleted
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun1.exe - Deleted
C:\Documents and Settings\NetworkService\Local Settings\Temp\stdrun2.exe - Deleted
C:\WINDOWS\Temp\stdrun1.exe - Deleted
C:\WINDOWS\Temp\stdrun2.exe - Deleted
C:\WINDOWS\Temp\stdrun3.exe - Deleted
C:\WINDOWS\Temp\stdrun5.exe - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\v3xd1.g22me - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\v4xd3.ga2me - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\v4xd6.gam5e - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\v5xd2.g3ame - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\v5xd4.ga2me - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\v6xdt4.game - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\vx1dt1.game - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\vx1dt3.game - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\vx3dt2.game - Deleted
C:\Documents and Settings\Rachele\Local Settings\Temp\ma1x1dd1v.game - Deleted
C:\WINDOWS\system32\gmc.exe.exe - Deleted
C:\DOCUME~1\Rachele\LOCALS~1\Temp\FD.tmp.taras - Deleted
C:\DOCUME~1\Rachele\LOCALS~1\Temp\FE.tmp.taras - Deleted
C:\Documents and Settings\Rachele\new.txt - Deleted
C:\Documents and Settings\All Users\Documents\Settings\bot.dll - Deleted
C:\Documents and Settings\All Users\Documents\Settings\bot.dll~ - Deleted
C:\DOCUME~1\Rachele\LOCALS~1\Temp\explorer5.exe - Deleted
C:\d.exe - Deleted
C:\WINDOWS\album34.zip - Deleted
C:\WINDOWS\album6.zip - Deleted
C:\WINDOWS\album98.zip - Deleted
C:\WINDOWS\photo35.zip - Deleted
C:\WINDOWS\photo48.zip - Deleted
C:\WINDOWS\photo54.zip - Deleted
C:\WINDOWS\photo6.zip - Deleted
C:\WINDOWS\photos02.zip - Deleted
C:\WINDOWS\photos025.zip - Deleted
C:\WINDOWS\photos070.zip - Deleted
C:\WINDOWS\photos085.zip - Deleted
C:\WINDOWS\picture51.zip - Deleted
C:\WINDOWS\picture62.zip - Deleted
C:\WINDOWS\pictures030.zip - Deleted
C:\WINDOWS\pictures063.zip - Deleted
C:\WINDOWS\pictures087.zip - Deleted
C:\WINDOWS\retadpu1000106.exe - Deleted
C:\WINDOWS\retadpu27.exe - Deleted
C:\WINDOWS\ServicePackFiles\mm.pid - Deleted
C:\WINDOWS\ServicePackFiles\mm2222.exe - Deleted
C:\WINDOWS\ServicePackFiles\services.exe - Deleted
C:\WINDOWS\system32\3_exception.nls - Deleted
C:\WINDOWS\system32\b06FdUe\b06FdUe1083.exe - Deleted
C:\WINDOWS\system32\dllh8jkd1q1.exe - Deleted
C:\WINDOWS\system32\dllh8jkd1q2.exe - Deleted
C:\WINDOWS\system32\dllh8jkd1q5.exe - Deleted
C:\WINDOWS\system32\dllh8jkd1q6.exe - Deleted
C:\WINDOWS\system32\dllh8jkd1q7.exe - Deleted
C:\WINDOWS\system32\dllh8jkd1q8.exe - Deleted
C:\WINDOWS\system32\dnsersnd.dll - Deleted
C:\WINDOWS\system32\drivers\core.cache.dsk - Deleted
C:\WINDOWS\system32\kr_done1 - Deleted
C:\WINDOWS\system32\ldinfo.ldr - Deleted
C:\WINDOWS\system32\max1d1164v.exe - Deleted
C:\WINDOWS\system32\printers.exe - Deleted
C:\WINDOWS\system32\svcp.csv - Deleted
C:\WINDOWS\system32\vedxg4am1et2.exe - Deleted
C:\WINDOWS\system32\vedxg6ame4.exe - Deleted
C:\WINDOWS\system32\vedxga1me4t1.exe - Deleted
C:\WINDOWS\system32\vedxga3me2.exe - Deleted
C:\WINDOWS\system32\vedxga4m1et4.exe - Deleted
C:\WINDOWS\system32\vedxga4me1.exe - Deleted
C:\WINDOWS\system32\vedxga5me3.exe - Deleted
C:\WINDOWS\system32\vedxga8me6.exe - Deleted
C:\WINDOWS\system32\vx.tll - Deleted
C:\WINDOWS\system32\winsub.xml - Deleted
C:\WINDOWS\system32\wsnpoem\audio.dll - Deleted
C:\WINDOWS\system32\wsnpoem\video.dll - Deleted
C:\WINDOWS\wr.txt - Deleted
C:\WINDOWS\xpupdate.exe - Deleted
C:\WINDOWS\system32\drivers\asc3550u.sys - Deleted


Folder C:\Documents and Settings\All Users\Documents\Settings - Removed
Folder C:\Temp\brr - Removed
Folder C:\WINDOWS\system32\b06FdUe - Removed
Folder C:\WINDOWS\system32\wsnpoem - Removed

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\PPMate\\ppmate.exe:*:Enabled:PPMate"
"C:\\WINDOWS\\SVCHOST.EXE"="C:\\WINDOWS\\SVCHOST.EXE:*:Enabled:SVCHOST"
"D:\\Program Files\\uusee\\UUSeePlayer.exe"="D:\\Program Files\\uusee\\UUSeePlayer.exe:*:Enabled:UUSEE"
"E:\\Program Files\\PPStream\\PPStream.exe"="E:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


et voivi le nouveau log d'hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 10:11:15, on 18/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Fichiers communs\AOL\1172693715\ee\AOLSoftware.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\NEROPH~1\data\Xtras\mssysmgr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1172693715\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] E:\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d7660d9514dd4c77965da3a9f6efcf96
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d7660d9514dd4c77965da3a9f6efcf96
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_03) -
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe



voila
0
Réponse 11 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
18 août 2007 à 14:22
J'ai redemarre l'ordinateur, a cause de "l'arrêt systeme"
et mon antivirus me fait une liste de plein de trojan qui on était nétoyé! je ne sais pas si ça peut changer quelque chose mais j'ai cru bon de te l'avertir!!

@+
0
Réponse 12 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
18 août 2007 à 17:04
re,

oui belle infecction :

* Télécharge combofix.exe (par sUBs) sur ton Bureau.

http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

* Double clique combofix.exe.
* Tape sur la touche 1 (Yes) pour démarrer le scan.
* Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.


NOTE : Le rapport se trouve également ici : C:\Combofix.txt
0
Réponse 13 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
18 août 2007 à 17:43
Voici le rapport:

ComboFix 07-08-17.2 - "Rachele" 2007-08-18 17:29:32.1 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.171 [GMT 2:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALLUSE~1\Bureau.\UUSEE~1.LNK
C:\DOCUME~1\ALLUSE~1\MENUDM~1.\UUSEE~1.LNK
C:\DOCUME~1\Gaetan\APPLIC~1\..\new.txt
C:\DOCUME~1\Geoffroy\APPLIC~1\..\new.txt
C:\DOCUME~1\NETWOR~1\APPLIC~1\.rdr.ini
C:\DOCUME~1\Rachele\APPLIC~1.\microsoft\internet explorer\Desktop.htt
C:\DOCUME~1\Rachele\Bureau.\internet explorer.lnk
C:\temp\0c2
C:\temp\0c2\tmpFF.log
C:\WINDOWS\images013.zip
C:\WINDOWS\images016.zip
C:\WINDOWS\images06.zip
C:\WINDOWS\system32\U0
C:\WINDOWS\system32\U0\kmhp83122.exe
C:\WINDOWS\system32\U1
C:\WINDOWS\system32\U1\wr725.exe
C:\WINDOWS\system32\U2
C:\WINDOWS\system32\U2\tns2.exe
C:\WINDOWS\system32\win


((((((((((((((((((((((((( Files Created from 2007-07-18 to 2007-08-18 )))))))))))))))))))))))))))))))


2007-08-18 17:28 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-18 13:51 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-17 23:47 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-08-17 22:46 <REP> d-------- C:\DOCUME~1\Geoffroy\APPLIC~1\PPStream
2007-08-17 21:25 <REP> d-------- C:\DOCUME~1\Roger\APPLIC~1\PPStream
2007-08-16 23:21 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-08-16 23:06 <REP> d-------- C:\WINDOWS\network diagnostic
2007-08-16 00:28 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-08-14 19:35 <REP> d-------- C:\Program Files\DivX
2007-08-09 21:17 <REP> d-------- C:\DOCUME~1\Roger\APPLIC~1\VMNTOOLBAR
2007-08-09 21:00 <REP> d-------- C:\DOCUME~1\Geoffroy\APPLIC~1\VMNTOOLBAR
2007-08-01 18:48 <REP> d-------- C:\DOCUME~1\Rachele\APPLIC~1\Sports Interactive
2007-07-30 20:32 <REP> d-------- C:\Program Files\vmntoolbar
2007-07-30 20:32 <REP> d-------- C:\DOCUME~1\Rachele\APPLIC~1\vmntoolbar
2007-07-27 22:24 20,992 --a------ C:\WINDOWS\fuhrtn.exe
2007-07-27 22:06 <REP> d-------- C:\WINDOWS\system32\LogFiles
2007-07-27 17:25 7,277 --a------ C:\DOCUME~1\Rachele\nzmkbb.exe
2007-07-27 17:03 7,277 --a------ C:\DOCUME~1\Rachele\vszzcv.exe
2007-07-27 15:38 20,992 --a------ C:\fuhrtn.exe
2007-07-26 21:49 5,632 --a------ C:\cwio.exe
2007-07-26 21:49 44,233 --a------ C:\caccnpct.exe
2007-07-26 21:35 49,248 --a------ C:\llka.exe
2007-07-26 20:37 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-07-26 19:08 50 --a------ C:\56.bat
2007-07-26 19:08 50 --a------ C:\3A.bat
2007-07-26 04:53 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-26 04:53 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-25 23:05 <REP> d-------- C:\Temp
2007-07-23 18:42 <REP> d-------- C:\DOCUME~1\Rachele\Incomplete
2007-07-23 18:41 <REP> d-------- C:\DOCUME~1\Rachele\APPLIC~1\LimeWire
2007-07-21 12:07 <REP> d-------- C:\Program Files\Cyanide


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-18 14:18 --------- d-------- C:\Program Files\Symantec AntiVirus
2007-08-18 12:34 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\temp
2007-08-17 22:48 --------- d-------- C:\Program Files\Messenger Plus! Live
2007-08-15 18:40 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\ppStream
2007-08-15 18:39 --------- d-------- C:\Program Files\MSN Messenger
2007-08-15 01:42 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\dvdcss
2007-08-03 03:52 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\SopCast
2007-08-01 18:47 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-08-01 18:33 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-01 10:40 --------- d-------- C:\Program Files\Fichiers communs\AOL
2007-07-31 17:44 --------- d-------- C:\Program Files\Fichiers communs\InstallShield
2007-07-29 14:55 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\Azureus
2007-07-28 00:29 --------- d-------- C:\Program Files\WowCartographe
2007-07-28 00:29 --------- d-------- C:\Program Files\QuickTime
2007-07-27 22:30 --------- d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-07-27 22:30 --------- d-------- C:\Program Files\Messenger
2007-07-27 22:28 --------- d-------- C:\Program Files\AOL Toolbar
2007-07-27 22:28 --------- d-------- C:\Program Files\AOL 9.0
2007-07-27 22:25 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\Nero
2007-07-26 21:49 71168 --a------ C:\WINDOWS\system32\drivers\asctrm.sys
2007-06-28 18:51 --------- d-------- C:\DOCUME~1\Rachele\APPLIC~1\Ahead
2007-06-28 15:23 --------- d-------- C:\Program Files\Ahead
2007-06-28 15:22 --------- d-------- C:\Program Files\Fichiers communs\Ahead
2007-06-28 01:36 --------- d-------- C:\Program Files\Ludiclub
2007-06-27 16:46 --------- d-------- C:\Program Files\Java Web Start
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-21 16:11 --------- d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2007-06-21 12:01 103720 --a------ C:\WINDOWS\system32\AOLDial.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 13:56 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-02-28 22:10 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2003-08-14 20:13 40960 --a------ C:\Program Files\Uninstall_PCM.exe
--------- C:\Program Files\Hijackthis Version Française


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"PRISMSTA.EXE"="PRISMSTA.exe" [2003-08-04 15:54 C:\WINDOWS\system32\PRISMSTA.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1172693715\ee\AOLSoftware.exe" [2006-11-17 15:16]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2007-06-21 12:01]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-11-16 14:23]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-12-27 10:20]
"ppmate"="C:\Program Files\PPMate\PPMate\ppmate.exe" [2006-11-23 03:45]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-02 16:24]
"CloneDVDElbyDelay"="C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" [2002-11-02 08:33]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 19:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 19:51]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2007-02-28 22:17]
"PCMService"="C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe" [2003-06-24 16:23]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22]
"Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 19:36]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"Nero PhotoShow Media Manager"="E:\NEROPH~1\data\Xtras\mssysmgr.exe" [2006-01-13 23:22]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-19 11:44]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" []
"Philips Intelligent Agent"="C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" [2006-04-21 10:46]
"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"SVCHOST"=C:\WINDOWS\SVCHOST.EXE

C:\Documents and Settings\Rachele\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
AOL Compagnon.lnk - C:\Program Files\AOL Compagnon\companion.exe [2007-02-28 22:19:19]
Event Reminder.lnk - C:\Program Files\Broderbund\PrintMaster\PMremind.exe [2007-04-22 17:32:25]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]

R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
R3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys
S4 spcstb;spcstb;C:\WINDOWS\system32\DRIVERS\spcstb.sys


Contents of the 'Scheduled Tasks' folder
2007-08-18 14:51:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-18 17:38:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(1.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(26.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(66.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(75.zip 115934 bytes hidden from API

scan completed successfully
hidden files: 4

**************************************************************************

Completion time: 2007-08-18 17:39:57
C:\ComboFix-quarantined-files.txt ... 2007-08-18 17:39

--- E O F ---


de nouveau mon antivirus ma signaler des trojans supprimé...

@+
0
Réponse 14 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
18 août 2007 à 18:19
fais ceci :

Téléchargez MSNFix.zip (de !aur3n7) sur votre bureau:

http://sosvirus.changelog.fr/MSNFix.zip

Décompressez-le (clic droit >> Extraire ici) et double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

0
Réponse 15 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
18 août 2007 à 23:58
Le nettoyage c'est bien passé!! je ne sais pas si c'est fini mais voici le rapport:

MSN_Fix 1.463

C:\Documents and Settings\Rachele\Bureau\MSNFix
Fix exécuté le 18/08/2007 - 23:56:02,35 By Rachele
mode normal

************************ Recherche les fichiers présents

... C:\llka.exe

************************ Recherche les dossiers présents

... C:\Temp\




************************ Suppression des fichiers

.. OK ... C:\llka.exe


************************ Suppression des dossiers

.. OK ... C:\Temp\


************************ Nettoyage du registre



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 18082007_23563606.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------



Merci @+
0
Réponse 16 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
19 août 2007 à 11:41
salut gatsk,

supprime ces fhichiers :

C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(1.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(26.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(66.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(75.zip 115934 bytes hidden from API

pour cela fais apparaitre les fichiers cachés comme ceci :

¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage

Cocher afficher les dossiers cacher

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décocher masquer les extensions dont le type est connu
Puis fais «Ok» pour valider les changements.

Et appliquer !

et

télécharges smitfraudfix :

En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.

Copie/colle le rapport sur le forum stp.

@+
0
Réponse 17 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
19 août 2007 à 15:25
Bonjour à toi

Voici le rapport::

SmitFraudFix v2.213b

Rapport fait à 15:22:26,67, 19/08/2007
Executé à partir de C:\Documents and Settings\Rachele\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Fichiers communs\AOL\1172693715\ee\AOLSoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\AOL Compagnon\companion.exe
D:\Program Files\eMule\eMule.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Rachele


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Rachele\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Rachele\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA VT6105 Rhine III Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{202E6634-E8E6-415C-A0A9-80CC6E97DAF8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{202E6634-E8E6-415C-A0A9-80CC6E97DAF8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{202E6634-E8E6-415C-A0A9-80CC6E97DAF8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin



Dois-je supprimer manuellement ces fichiers??:
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(1.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(26.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(66.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(75.zip 115934 bytes hidden from API

c'est à dire cllique droit supprimer
ou ca le fait automatiquement avec tes manipulations à faire??

merci!!
0
Réponse 18 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
19 août 2007 à 16:11
re,

oui tu supprime manuellement les fichier paris hilton...


* télécharge AVG Anti-Spyware (ewido)

https://www.avg.com/en-ww/free-antivirus-download
http://www.infos-du-net.com/telecharger/Ewido-Security-Suite,0301-734.html

* tu l'installes

* lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
si tu n'arrives pas à le mettre à jour prends ici les màj

http://downloads.ewido.net/avgas-signatures-full-current.exe

Sur la page "analyse":

•- tu choisis d'abord l'onglet "paramètres".
- sous « Comment réagir » clic sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer »

Copie Et colle le rapport ici

Ps : une fois le scan terminé tu supprime bien tout ce qu´il a trouvé.

1>tu le mets a jour > click sur l´onglet mis a jour puis commencer la mise a jour.
2>tu click sur l´onglet analyse puis sur le sous onglet parametre >comment reagir tu click sur ce que tu voie en dessous en bleu et tu regle sur supprimer.
3>a droite "rapports" tu coche la case "généré un rapport a chaque analyse.

puis tu lance l´analyse tu click sur le sous onglet analyse puis analyse complete du systeme


a la fin tu post le rapport

@+
0
Réponse 19 / 38
gatsk Messages postés 25 Date d'inscription jeudi 16 août 2007 Statut Membre Dernière intervention 21 février 2010
19 août 2007 à 19:12
Voici le rapport:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:09:04 19/08/2007

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\Softomate.IEToolbar -> Adware.CoolWebSearch : Nettoyé.
HKLM\SOFTWARE\Classes\Softomate.IEToolbar.1 -> Adware.CoolWebSearch : Nettoyé.
HKLM\SOFTWARE\Classes\Softomate.IEToolbar\CLSID -> Adware.CoolWebSearch : Nettoyé.
HKLM\SOFTWARE\Classes\Softomate.IEToolbar\CurVer -> Adware.CoolWebSearch : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/explorer5.exe -> Downloader.Obfuscated.n : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074820.exe -> Downloader.Obfuscated.n : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/FE.tmp.taras -> Downloader.Small : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/dllh8jkd1q1.exe -> Downloader.Small : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074818.exe -> Downloader.Small : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/v5xd2.g3ame -> Downloader.Small.erg : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/vedxga3me2.exe -> Downloader.Small.erg : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074782.exe -> Downloader.Small.erg : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074826.exe -> Downloader.Small.erg : Nettoyé.
C:\caccnpct.exe -> Proxy.Dlena.cw : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@oasc08006.247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@bwincom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@canalplus.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@kaboose.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@aoleusearch.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@notrefamille.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@planetout.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@www.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@ehg-deltatre.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@ehg-groupernetworks.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@ehg-ifilm.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@search.live[3].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@paycounter[1].txt -> TrackingCookie.Paycounter : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@realguide-fr.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@h.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@try.starware[1].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Geoffroy\Cookies\geoffroy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Roger\Cookies\roger@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Rachele\Cookies\rachele@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/mm2222.exe -> Trojan.Conycspa.s : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074766.exe -> Trojan.Conycspa.s : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074823.exe -> Trojan.Conycspa.s : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/vedxga1me4t1.exe -> Trojan.Small : Nettoyé.
C:\Documents and Settings\Rachele\Bureau\SDFix\SDFix\backups\backups.zip/backups/vx1dt1.game -> Trojan.Small : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074781.exe -> Trojan.Small : Nettoyé.
C:\System Volume Information\_restore{97E3A597-8E8C-438A-83F2-75657111941C}\RP299\A0074825.exe -> Trojan.Small : Nettoyé.


Fin du rapport


J'arrive pas à supprimer manuellement les:

C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(1.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(26.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(66.zip 115934 bytes hidden from API
C:\WINDOWS\Look how wasted Paris Hilton is, after she got jailed :(75.zip 115934 bytes hidden from API
0
Réponse 20 / 38
moK´s@ Messages postés 4399 Date d'inscription mardi 18 octobre 2005 Statut Membre Dernière intervention 2 novembre 2007 89
19 août 2007 à 19:51
ok

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\1.zip
C:\WINDOWS\26.zip
C:\WINDOWS\66.zip
C:\WINDOWS\75.zip

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
http://img137.imageshack.us/img137/3558/refaitjk8.th.jpg

ah cette paris hilton elle nous enmerde jusqu´ici ;-)

post le rapport de ot- move it stp

@+
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Virus détecté
Koony -
MisteryBean -

6 réponses
y a t'il des virus qu'avast ne detecte pas
davivid -
Utilisateur anonyme -

24 réponses
Mon ordinateur a été infecté par un virus ou
henry4002 -
jorginho67 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses