Tom's Guide > Forum > Sécurité - Virus > Windows Sécurity Alert probléme

Windows Sécurity Alert probléme

Forum Sécurité - Virus : Windows Sécurity Alert probléme

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
cynid   12-06-2009 à 19:49:50

Bonjours à tous, j'ai un petit souci sur mon pc. Depuis quelque jours j'ai Windows Sécurity Alert qui c'est mis sur mon pc alors que je ne l'est pas enregistré.
Depuis ce jour j'ai une fêntre qui s'ouvre en me demandent en anglais un truc imcompréhensible
Je vous montre
http://img132.imageshack.us/img132/1972/cap1g.jpg

Et depuis se jour je n'arrive plus à aller sur Internet explorer je peux aller que sur Mozzilla....

Est ce que quelqu'un pourrait m'aider??

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
frederix   13-06-2009 à 11:45:35
- 0 +

Bonjour cynid,

pour une meilleure réponse, télécharge le logiciel HijackThis v 2.0.2
Lien de téléchargement et démo en image : http://www.infos-du-net.com/forum/ [...] hijackthis
Puis fais un scan et poste l' analyse.

A+

Répondre à frederix
cynid   13-06-2009 à 20:39:31
- 0 +

bonjour frederix et voilà le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:11, on 13/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\APPS\skype\phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\sysguard.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/adve [...] &x_dp_id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = free
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.57 spydetect.microsoft.com
O1 - Hosts: 209.44.111.57 antivirwin2009.com
O1 - Hosts: 209.44.111.57 www.antivirwin2009.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BHO - {1CFB0023-AD6F-4e34-8734-7A40CC068AFF} - C:\WINDOWS\system32\iehelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BoontyBox AOL.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b992385ffa5a44af957b67e6350ff8f5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b992385ffa5a44af957b67e6350ff8f5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 9922417546
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://signin9.valueactive.eu/Regi [...] lashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS3\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 10984 bytes

Répondre à cynid
frederix   14-06-2009 à 13:07:46
- 0 +

Bonjour cynid,

ta machine est infectée...

Télécharge SmitfraudFix (merci S!Ri) : http://siri.urz.free.fr/Fix/SmitfraudFix.exe

* Installe-le à la racine de C
* Double-clique sur l' exe pour le décompresser et lancer le fix.
Utilisation---option1---Recherche :
* Double clique sur smitfraudfix.cmd
* Sélectionne 1 pour créer un rapport des fichiers responsables de l' infection.
* Poste le rapport.

process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...), d' où l' alerte émise par ces antivirus.

A+

Répondre à frederix
cynid   14-06-2009 à 16:31:52
- 0 +

bonjour voici le rapport

SmitFraudFix v2.422

Rapport fait à 16:21:24,60, 14/06/2009
Executé à partir de C:\Documents and Settings\sophie simoes\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\APPS\skype\phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\sysguard.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mspaint.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wuauclt.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

209.44.111.57 spydetect.microsoft.com

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\sysguard.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\iehelper.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\sophie simoes


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\sophie simoes\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SOPHIE~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.53.252
DNS Server Search Order: 212.27.54.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à cynid
frederix   14-06-2009 à 17:48:45
- 0 +

Re,

double-clique sur smitfraudfix.cmd

* Sélectionne 2 pour supprimer les fichiers responsables de l' infection.
A la question Voulez-vous nettoyer le registre?, répondre O (Oui) afin de débloquer le fond d' écran et de supprimer les clés de démarrage automatique de l' infection. Le fix déterminera si le fichier wininet.dll est infecté.
A la question Corriger le fichier infecté?, répondre O (Oui) pour remplacer le fichier corrompu.
* Redémarre en mode normal et poste le rapport.

NB : Cette étape élimine les fichiers infectieux détectés à l' option 1. Attention elle supprime le fond d' écran!

Répondre à frederix
cynid   15-06-2009 à 00:31:12
- 0 +

SmitFraudFix v2.422

Rapport fait à 23:20:14,93, 14/06/2009
Executé à partir de C:\Documents and Settings\sophie simoes\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
::1 localhost
209.44.111.57 spydetect.microsoft.com
209.44.111.57 antivirwin2009.com
209.44.111.57 www.antivirwin2009.com

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.53.252
DNS Server Search Order: 212.27.54.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer=212.27.53.252,212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK.2



»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Répondre à cynid
frederix   15-06-2009 à 01:15:24
- 0 +

Bonsoir cynid,

1) Télécharge :
CCleaner - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.
Tuto : http://www.infos-du-net.com/telech [...] -1039.html

Malwarebytes' Anti-Malware : http://www.besttechie.net/tools/mbam-setup.exe
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps la 1ère fois).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois et ferme CCleaner

3) Lance Malwarebytes' Anti-Malware :
Tuto : http://www.infos-du-net.com/forum/ [...] lware-mbam

4) Poste le rapport Malwarebytes' Anti-Malware.

A+

Répondre à frederix
cynid   15-06-2009 à 19:31:18
- 0 +

bonjour deja merçi l'antivirus s'affiche plus et voilà le rapport

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2283
Windows 5.1.2600 Service Pack 2

15/06/2009 19:18:32
mbam-log-2009-06-15 (19-18-32).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 236158
Temps écoulé: 2 hour(s), 9 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 10

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1cfb0023-ad6f-4e34-8734-7a40cc068aff} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1cfb0023-ad6f-4e34-8734-7a40cc068aff} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox\extensions (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox\extensions\components (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox\extensions\plugins (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\Hotbar\bin\10.2.191.0\arrow.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\copyright.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\link.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox\extensions\chrome.manifest (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox\extensions\install.rdf (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\Hotbar\bin\10.2.191.0\firefox\extensions\components\npclntax.xpt (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\sophie simoes\Application Data\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\WINDOWS\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Répondre à cynid
frederix   15-06-2009 à 21:02:51
- 0 +

Bonsoir cynid,

désactive tes protections résidentes (seulement le temps du scan) : http://forum.pcastuces.com/desacti [...] -f31s4.htm

*Télécharge Combofix (merci sUBs) sur ton Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double-clique sur combofix.exe et suis les invitations.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle celui-ci dans ta prochaine réponse.

A+

Répondre à frederix
cynid   16-06-2009 à 01:13:46
- 0 +

Merci de m'aider mais j'ai un souci, l'icone de Malwarebyte's Antimalware je l'est pas vers mon horloge

Message cité 1 fois
Message édité par cynid le 16-06-2009 à 01:28:25
Répondre à cynid
frederix   16-06-2009 à 13:17:35
- 0 +

cynid a écrit :

> l'icone de Malwarebyte's Antimalware je l'est pas vers mon horloge



Bonjour cynid,

> Ce n' est le cas que pour la version payante...

A+

Répondre à frederix
cynid   16-06-2009 à 15:20:57
- 0 +

Bonjour Frederix et voilà le rapport

ComboFix 09-06-15.04 - sophie simoes 16/06/2009 14:45.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.451 [GMT 2:00]
Lancé depuis: c:\documents and settings\sophie simoes\Bureau\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Bitdefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\sophie simoes\Application Data\Hotbar
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostOL\static\DownLoad\buttondir.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte10_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte11_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte12_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte13_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte14_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte19_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte20_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte21_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030104_emte9_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\030203lib_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102angel_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102bigluf_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102bigsmile_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102birthday_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102cheers_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102flo_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102good_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102jump_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102king_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102lough_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102luf_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102smile_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102smiled_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102sor_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102thanx_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\033102uhu_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\040103ahh_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\040103wow_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\040104_emi2_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\042102_1134_112_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\050103big_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\050103gig_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\050103hm_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\050103nomail_emoti_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\050103norm_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema15_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema16_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema17_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema18_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema19_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema20_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema21_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema24_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema25_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema26_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema30_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema33_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\060104_ema34_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\062802hippi_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\062802jumpie_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\080402argh_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\080402oops_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\080402ouch_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\082502no_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\082502yes_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_boring1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_confused_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_crying_ugly_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_fantastic_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_feel_better_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_gimme_break_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_heehee_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_hlopaet_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_ign_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_lol_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_no_comment_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_peace_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_smashing_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\110103_talk2thehand_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\avatar.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\block_sm.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\block_sm2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\block_smli.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\block_smli2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\blocked.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\blocked2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_add-but.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_back-but.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_left_cut_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_left_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_left_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_middle_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_middle_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_right_cut_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_right_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\btn_right_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\business_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\buttondir.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\components.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\css_cattree.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\css_flashpreview.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\css2_main.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\css2_pagingmodule.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\css2_topbuttons.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\delete.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\edit_clear_sound.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\edit_fs.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\edit_select.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-511745-514279.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-backgrounds.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-bcards.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-ecards.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-edit.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-emoticons.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-estationery.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-funny.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-help.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-images.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-info.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-more.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-my.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-people.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-photo.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-tell.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-temp.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-temp_OI.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-text.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def-email-voice.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-def.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-premium-email-premium.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-premium-email-premium_OI.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-t1-bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\email-temp-bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\estatationery.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\flashpatch.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\flashpreview.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\fs3.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\hotbar_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_checked_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_close_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_close_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_edit_preview.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_edit_send.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_flash_preview.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_recently_used.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_remove_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_remove_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_sand-clock2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_tell_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_tell_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_tree_null.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_unchecked_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\icon_unchecked_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\img_barlayout.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\img_barlayout2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\img_barlayout4.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\img_corner_left.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\img_local_logo.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_basetemplate.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_hbgroups.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_hbobject3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_hbobjectset3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_hotbarwrapper.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_iteratorsandreaders3nf.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_pagingmoduleobj3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_texts3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\js2_xmltree3nf.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\layout.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\linkpathlegal.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\more.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\n.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\nav_b_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\nav_bb_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\nav_f_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\nav_ff_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\progress.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\searchbtn.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\submit.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_bg.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_bga.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_bgia.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_l.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_la.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_lia.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_r.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_ra.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tab_ria.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tree_dots.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tree_minus.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\tree_plus.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\treedata_animations.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\treedata_backgrounds.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\treedata_ecards.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\treedata_emoticons.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\treedata_notifiers.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\1\treedata_text.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte10_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte11_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte12_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte13_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte14_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte19_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte20_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte21_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030104_emte9_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\030203lib_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102angel_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102bigluf_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102bigsmile_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102birthday_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102cheers_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102flo_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102good_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102jump_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102king_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102lough_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102luf_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102smile_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102smiled_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102sor_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102thanx_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\033102uhu_1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\040103ahh_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\040103wow_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\040104_emi2_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\042102_1134_112_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\050103big_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\050103gig_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\050103hm_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\050103nomail_emoti_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\050103norm_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema15_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema16_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema17_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema18_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema19_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema20_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema21_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema24_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema25_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema26_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema30_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema33_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\060104_ema34_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\062802hippi_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\062802jumpie_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\080402argh_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\080402oops_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\080402ouch_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\082502no_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\082502yes_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_boring1_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_confused_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_crying_ugly_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_fantastic_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_feel_better_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_gimme_break_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_heehee_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_hlopaet_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_ign_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_lol_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_no_comment_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_peace_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_smashing_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\110103_talk2thehand_prv.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\avatar.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\block_sm.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\block_sm2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\block_smli.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\block_smli2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\blocked.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\blocked2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_add-but.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_back-but.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_left_cut_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_left_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_left_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_middle_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_middle_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_right_cut_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_right_enabled_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\btn_right_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\business_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\buttondir.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\components.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\css_cattree.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\css_flashpreview.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\css2_main.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\css2_pagingmodule.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\css2_topbuttons.css
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\delete.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\edit_clear_sound.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\edit_fs.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\edit_select.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-511745-514279.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-backgrounds.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-bcards.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-ecards.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-edit.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-emoticons.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-estationery.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-funny.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-help.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-images.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-info.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-more.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-my.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-people.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-photo.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-tell.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-temp.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-temp_OI.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-text.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def-email-voice.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-def.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-premium-email-premium.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-premium-email-premium_OI.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-t1-bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\email-temp-bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\estatationery.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\flashpatch.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\flashpreview.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\fs3.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\hotbar_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_checked_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_close_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_close_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_edit_preview.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_edit_send.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_flash_preview.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_recently_used.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_remove_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_remove_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_sand-clock2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_tell_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_tell_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_tree_null.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_unchecked_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\icon_unchecked_pressed_1.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\img_barlayout.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\img_barlayout2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\img_barlayout4.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\img_corner_left.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\img_local_logo.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_basetemplate.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_hbgroups.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_hbobject3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_hbobjectset3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_hotbarwrapper.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_iteratorsandreaders3nf.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_pagingmoduleobj3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_texts3.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\js2_xmltree3nf.js
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\layout.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\linkpathlegal.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\more.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\n.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\nav_b_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\nav_bb_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\nav_f_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\nav_ff_2.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\progress.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\searchbtn.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\submit.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_bg.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_bga.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_bgia.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_l.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_la.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_lia.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_r.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_ra.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tab_ria.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tree_dots.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tree_minus.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\tree_plus.gif
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\treedata_animations.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\treedata_backgrounds.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\treedata_ecards.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\treedata_emoticons.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\treedata_notifiers.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\2\treedata_text.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\avatar.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\business_promo.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\buttondir.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\code.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\email-def.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\email-t1-bg.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\email-temp-bg.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\hotbar_promo.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\images.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\layout.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\linkpathlegal.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\localcontent.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\more.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\progress.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\HostWD\static\DownLoad\treexml.xip
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\btntrans.idx
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\btntrans1.dat
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\cursors.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_weather.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_511745-514279.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz1.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz10.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz11.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz12.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz13.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz14.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz15.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz16.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz17.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz18.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz19.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz2.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz20.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz3.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz4.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz5.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz6.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz7.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz8.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_bidz9.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-people.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_jemster.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_jemsterie.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_jemsteruk.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_jobsearch.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Mails.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_reun.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtones.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_SearchBoxTrapper.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\editblbuttons.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\email-def-511724-548964.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\email-def-511724-9595.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\gamesmenu.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\gamesMenu.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\hb_ie_menu.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\ie_games_icon.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\ie_video.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords.idx
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords1.dat
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\more.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\new_games.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\sales_buttons.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\sdfmodifier.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\1\weathericon.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\ads.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\btntrans.idx
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\btntrans1.dat
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\cursors.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_2000.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_3000.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bar.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar1.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_logos.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_other.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_weather.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_511745-514279.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz1.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz10.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz11.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz12.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz13.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz14.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz15.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz16.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz17.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz18.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz19.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz2.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz20.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz3.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz4.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz5.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz6.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz7.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz8.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz9.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_em_PROFL_CA_flow_b_IEB.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-people.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jemster.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jemsterie.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jemsteruk.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jobsearch.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Mails.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_reun.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_ringtones.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_SearchBoxTrapper.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\editblbuttons.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\email-def-511724-548964.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\email-def-511724-9595.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\gamesmenu.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\gamesMenu.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\hb_ie_menu.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar-premium-hotbar-premium.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar-premium.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\icons2.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\ie_games_icon.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\ie_video.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords.idx
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords1.dat
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\linkpathlegal.txt
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\more.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\new_games.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\progress.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\sales_buttons.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\sdfmodifier.xml
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\t2_bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\tsd_bg.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\2\weathericon.res
c:\documents and settings\sophie simoes\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt
c:\documents and settings\sophie simoes\Application Data\WeatherDPA
c:\documents and settings\sophie simoes\Application Data\WeatherDPA\Weather\WeatherStartup.xml
c:\windows\kb913800.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\lsp.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\wbem\proquota.exe
c:\windows\system32\WS2Fix.exe

c:\windows\system32\proquota.exe . . . manque!!

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-16 au 2009-06-16 ))))))))))))))))))))))))))))))))))))
.

2009-06-15 14:03 . 2009-06-15 14:03 -------- d-----w- c:\documents and settings\sophie simoes\Application Data\Malwarebytes
2009-06-15 14:03 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-15 14:03 . 2009-06-15 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-15 14:03 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-15 14:03 . 2009-06-15 14:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-13 18:22 . 2009-06-13 18:22 -------- d-----w- c:\program files\Trend Micro
2009-06-11 15:40 . 2009-06-11 15:40 772624 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\updater.dll
2009-06-11 15:40 . 2009-06-11 15:40 25104 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\ushata.dll
2009-06-11 15:40 . 2009-06-11 15:40 112144 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\X86\kl1.sys
2009-06-11 15:40 . 2009-06-11 15:40 354832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\ckahum.dll
2009-06-11 15:40 . 2009-06-11 15:40 195344 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\klif.sys
2009-06-11 15:40 . 2009-06-11 15:40 150032 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\diffs.dll
2009-06-11 15:40 . 2009-06-11 15:40 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\dnsq.dll
2009-06-11 15:28 . 2009-06-11 15:40 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-11 15:28 . 2009-06-11 15:40 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-11 15:28 . 2009-06-16 12:55 62752 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-11 15:28 . 2009-06-16 12:54 17307168 --sha-w- c:\windows\system32\drivers\fidbox.dat

Répondre à cynid
frederix   16-06-2009 à 23:12:10
- 0 +

Bonsoir cynid,

le rapport de Combofix est incomplet...

A+


Message édité par frederix le 25-06-2009 à 11:28:19
Répondre à frederix
cynid   21-06-2009 à 04:47:06
- 0 +

bonsoir désolé du temps ke j'ai mit voilà le rapport

ComboFix 09-06-20.02 - sophie simoes 21/06/2009 4:38.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.570 [GMT 2:00]
Lancé depuis: c:\documents and settings\sophie simoes\Bureau\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Bitdefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1440683532-3511256512-2844932746-500
c:\recycler\S-1-5-21-1881165369-188665281-785277742-1484

c:\windows\system32\proquota.exe . . . manque!!

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-21 au 2009-06-21 ))))))))))))))))))))))))))))))))))))
.

2009-06-20 23:25 . 2009-06-20 23:25 -------- d-----w- c:\windows\LastGood
2009-06-15 14:03 . 2009-06-15 14:03 -------- d-----w- c:\documents and settings\sophie simoes\Application Data\Malwarebytes
2009-06-15 14:03 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-15 14:03 . 2009-06-15 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-15 14:03 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-15 14:03 . 2009-06-15 14:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-13 18:22 . 2009-06-13 18:22 -------- d-----w- c:\program files\Trend Micro
2009-06-11 15:40 . 2009-06-11 15:40 772624 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\updater.dll
2009-06-11 15:40 . 2009-06-11 15:40 25104 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\ushata.dll
2009-06-11 15:40 . 2009-06-11 15:40 112144 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\X86\kl1.sys
2009-06-11 15:40 . 2009-06-11 15:40 354832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\ckahum.dll
2009-06-11 15:40 . 2009-06-11 15:40 195344 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\klif.sys
2009-06-11 15:40 . 2009-06-11 15:40 150032 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\diffs.dll
2009-06-11 15:40 . 2009-06-11 15:40 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.1.321\dnsq.dll
2009-06-11 15:28 . 2009-06-11 15:40 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-11 15:28 . 2009-06-11 15:40 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-11 15:28 . 2009-06-21 02:43 105504 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-11 15:28 . 2009-06-21 02:42 18436128 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-11 15:28 . 2009-06-20 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-11 15:07 . 2009-06-11 15:07 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-06-11 10:38 . 2009-06-11 10:38 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-21 02:24 . 2007-05-24 14:18 -------- d-----w- c:\documents and settings\sophie simoes\Application Data\Skype
2009-06-20 23:26 . 2007-04-14 16:37 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-20 09:33 . 2009-06-11 15:28 245396 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-20 09:33 . 2009-06-11 15:28 10364 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-18 19:46 . 2007-02-26 11:06 356 ----a-w- c:\documents and settings\sophie simoes\Application Data\wklnhst.dat
2009-06-17 15:28 . 2004-09-23 17:12 89538 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-17 15:28 . 2004-09-23 17:12 503098 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-11 17:29 . 2007-01-28 00:26 -------- d-----w- c:\program files\Microsoft Works
2009-06-11 15:41 . 2007-10-31 11:41 112144 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-06-11 11:34 . 2008-04-13 08:50 117928 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-06-06 15:47 . 2007-01-27 17:49 -------- d-----w- c:\documents and settings\sophie simoes\Application Data\U3
2009-05-12 00:07 . 2007-02-22 19:41 -------- d-----w- c:\program files\eMule
2009-05-07 15:43 . 2004-09-23 17:10 347136 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:31 . 2004-09-23 17:11 672256 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:31 . 2004-09-23 17:10 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-20 18:19 . 2007-02-14 13:53 4756 ----a-w- c:\windows\mozver.dat
2009-04-19 20:09 . 2004-09-23 17:11 1846784 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 15:17 . 2004-09-23 17:11 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2009-03-24 14:07 . 2009-05-04 14:45 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2007-04-17 09:49 . 2007-04-17 09:49 774144 ----a-w- c:\program files\RngInterstitial.dll
2006-05-03 10:06 . 2009-03-04 15:19 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2009-03-04 15:19 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 . 2009-03-04 15:19 216064 --sh--r- c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-06-16_12.57.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-09-23 17:11 . 2009-05-05 17:32 73270 c:\windows\system32\perfc009.dat
+ 2004-09-23 17:11 . 2009-06-17 15:28 73270 c:\windows\system32\perfc009.dat
+ 2004-09-23 17:11 . 2009-06-17 15:28 431616 c:\windows\system32\perfh009.dat
- 2004-09-23 17:11 . 2009-05-05 17:32 431616 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-11-19 5724184]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Skype"="c:\apps\skype\phone\Skype.exe" [2006-01-18 19417640]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 1211176]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7573504]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

c:\documents and settings\sophie simoes\Menu D‚marrer\Programmes\D‚marrage\
BoontyBox AOL.lnk - c:\program files\Boonty\BoontyBox\BoontyBox.exe [2007-3-18 857696]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-8-11 110592]
BTTray.lnk - c:\program files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-10-9 610365]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/12/2007 13:28 24592]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [27/01/2007 19:14 21344]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{62542A8B-3FD1-F805-EDD1-02A81B10DD21}]
c:\program files\InterneExplorer\iexplorer.exe s
.
Contenu du dossier 'Tâches planifiées'

2009-06-21 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: c:\program files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b992385ffa5a44af957b67e6350ff8f5
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b992385ffa5a44af957b67e6350ff8f5
TCP: {6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564} = 212.27.53.252,212.27.54.252
TCP: {EA965B4F-6875-4C7E-A665-B03F69679940} = 212.27.53.252,212.27.54.252
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-21 04:43
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3655187026-3661103029-2307014801-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1132)
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
c:\windows\system32\klogon.dll

- - - - - - - > 'lsass.exe'(1188)
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll

- - - - - - - > 'explorer.exe'(3004)
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll
c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\PhotoDeluxe BE 1.0 TO\PbeShell.dll
.
Heure de fin: 2009-06-21 4:45
ComboFix-quarantined-files.txt 2009-06-21 02:45
ComboFix2.txt 2009-06-16 13:02

Avant-CF: 62 144 307 200 octets libres
Après-CF: 62 240 727 040 octets libres

186 --- E O F --- 2009-06-11 17:38

Répondre à cynid
frederix   23-06-2009 à 13:14:51
- 0 +

Bonjour cynid,

comment va ton Pc?

A+

Répondre à frederix
cynid   23-06-2009 à 17:10:40
- 0 +

bonjour Frederix

alors je voulais te dire merçi vu ke l'antivirus c'est enlever c'est deja une bonne chose mais bon internet explorer déconne, je peux aller dessus mais au bout de quelques minutes un message s'apparait avec un message et en bas de ce message sur les boutons y'a marker avancé ou continuer alors j'appuie sur continué et sa me ferme ma page net d'un coup, je sais pas si c'est compréhensible je que je t'explique

Répondre à cynid
frederix   23-06-2009 à 20:07:16
- 0 +

Re,

télécharge R-Hosts (merci S!RI) : http://siri.urz.free.fr/Softs/RHosts.exe
Lance R-Hosts.exe puis clique sur Restaurer
Valide la modification en appuyant sur OK

Répondre à frederix
cynid   24-06-2009 à 01:56:21
- 0 +

reuh

alors voilà je l'es fait mais c'est normal que sa fait rien??

Message cité 1 fois
Répondre à cynid
frederix   24-06-2009 à 13:17:32
- 0 +

cynid a écrit :

> ...c'est normal que sa fait rien??



Bonjour cynid,

> Oui...

Poste un nouveau rapport HijackThis.

A+

Répondre à frederix
cynid   24-06-2009 à 18:36:04
- 0 +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:27, on 24/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\APPS\skype\phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = free
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - (no file)
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BoontyBox AOL.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b992385ffa5a44af957b67e6350ff8f5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b992385ffa5a44af957b67e6350ff8f5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 9922417546
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://signin9.valueactive.eu/Regi [...] lashax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA965B4F-6875-4C7E-A665-B03F69679940}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS3\Services\Tcpip\..\{6EEBEF2E-A27F-4A19-81A6-B8A89DFCE564}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 10154 bytes

Répondre à cynid
frederix   25-06-2009 à 11:46:49
- 0 +

Bonjour cynid,

il faut mettre à jour ta machine Java (sous peine de faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u14 et dans la page suivante, coche I agree et télécharge Windows Offline Installation, Multi-language/jre-6u14-windows-i586-p.exe/15.50 MB
Adobe Reader (idem) :
Acrobat Reader 9.1 : http://www.adobe.com/fr/products/a [...] step2.html

De+ mets à jour Internet Explorer (8) : http://www.microsoft.com/france/wi [...] fault.aspx

A+

Répondre à frederix
cynid   26-06-2009 à 02:07:54
- 0 +

bonsoir et voilà j'ai fait tout sa

Répondre à cynid
frederix   26-06-2009 à 12:18:41
- 0 +

Bonjour cynid,

comment va ton Pc?

A+

Répondre à frederix
cynid   26-06-2009 à 17:24:54
- 0 +

bonjour

ben c'est parfait pour l'instant y'a aucun probleme donc je dis un grand merçi c'est super gentil

Répondre à cynid
frederix   26-06-2009 à 20:33:30
- 0 +

Re,

supprime SmitfraudFix et Combofix...

Fais un scan antivirus en ligne avec BitDefender.
Tuto : http://forum.pcastuces.com/bitdefe [...] -f31s2.htm
Poste le rapport.

Répondre à frederix
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Windows Sécurity Alert probléme
Aller à :

Il y a 1257 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,899 secondes
Liens