Sujet Précédent Sujet Suivant

Pirate sur mon pc (rapport HijackThis)

Résolu/Fermé
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011 - 18 févr. 2009 à 13:07
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011 - 20 févr. 2009 à 22:14
Bonjour,
Je pense avoir un pirate sur ma machine: l'ordinateur se redémarre tout seul, je ne peux plus accéder au gestionnaire de taches ("le gestionnaire de tâches a été désactivé par votre administrateur"), l'ordinateur buggue, certains programmes comme spybot ne se démarrent pas, mon fond s'écran s'enlève... j'ai bloqué le trafic avec bitdefender donc il ne redémarre plus mon ordinateur donc je ne peux plus aller sur internet (je suis sur un autre ordinateur) et ni bitdefender, ni ad-aware ne détectent de virus. Merci pour les pros de m'aider, voici mon rapport HIjackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50, on 2009-02-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\frmwrk32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\TuneUp Utilities 2009\Integrator.exe
C:\Program Files\TuneUp Utilities 2009\SpeedOptimizer.exe
C:\Program Files\TuneUp Utilities 2009\ProcessManager.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dwwin.exe
N:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [*svchostBoot] "C:\Documents and Settings\martin\Application Data\svchost.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1879577834-1025582869-3424800659-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7B4C27-63F5-49AA-BC6F-38E97E6C4738}: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS11\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS12\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
A voir également:

41 réponses

Précédent
Réponse 21 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
18 févr. 2009 à 22:00
! Déconnectes toi et fermes toutes applications en cours !

● Relances "Ad-remover" : au menu principal choisi l'option "B" .

● Coche à l'écran de sélection :


1. Suppression Boonty/BoontyGames
4. Suppression Funwebproduct/MyWay/MyWebsearch
6. Suppression Sweetim


Tape le chiffre correspondant à la suppression demandée et valide par ENTER pour le cocher.

● Puis choisi "S" , le programme va travailler,

● Postes le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides)

Ensuite refais un nouveau rapport hijackthis stp
0
Réponse 22 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
18 févr. 2009 à 22:31
merci, voila mon rapport ad-remover:



------- LOGFILE OF AD-REMOVER 1.1.1.3 | ONLY XP/VISTA -------

Updated by C_XX on 15/02/2009 at 10:20

*** LIMITED TO ***

Boonty/BoontyGames
FunWebProduct/MyWay/MyWebSearch
Sweetim

******************

Start at: 22:10:51 | 2009-02-18 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
Computer Name: NOM-3FC1E207337
Current User: martin - Administrator
Drive(s):
- C:\ (File System: NTFS)
- O:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 38

(!) ---- IE start pages/Tabs reset

+--------------------| Boonty/Boonty Games Elements Deleted :

Service: "Boonty Games"
.
HKCR\boontybox
HKLM\Software\Boonty
.
C:\Program Files\BoontyGames
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Documents and Settings\All Users\Application Data\BOONTY

+-----------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
.

+-----------------| Sweetim Elements Deleted :

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCR\MgMediaPlayer.GifAnimator
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\Software\Macrogaming
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\309c41a.msi
C:\WINDOWS\Installer\309c41f.msi
C:\Program Files\Macrogaming

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+-----------------| Added Scan :

---- Mozilla FireFox Version 3.0.6 ----

ProfilePath: 7fbhqhpt.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Yahoo"
Prefs.js: Browser.Search.SelectedEngine: "Google"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
.
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_USERS\S-1-5-21-1879577834-1025582869-3424800659-1007\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/

+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://ieframe.dll/tabswelcome.htm

+---------------------------------------------------------------------------+

[~6792 Bytes] - "C:\Ad-Report-Clean-20.9-.2-18.log"
[~7555 Bytes] - "C:\Ad-Report-Scan-20.9-.2-18.log"
-
C:\Program Files\Ad-remover\TOOLS\BACKUP\20.9-.2-18 - Prefs.js
C:\Program Files\Ad-remover\TOOLS\BACKUP\20.9-.2-18 - User.js

End at: 22:27:08 | 2009-02-18
.
+-----------------| E.O.F - 106 Lines
.




et mon nouveau rapport HiJackThis:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:28:59, on 2009-02-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\WINDOWS\explorer.exe
N:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 23 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
18 févr. 2009 à 23:11
Ok pas de problèmes... Tu pourras faire ceci demain :

relance hijackthis en cliquant sur scan only et coches ces lignes stp :

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

puis tu cliques sur fix checked.


ensuite :


▶ Télécharge RegCleaner

▶ Une fois installé, double-clique sur son icône pour l'exécuter

▶ Dans la barre de menu, clique sur Options puis sélectionne Language => Select language

▶ recherche French.rlg et double-clique dessus pour appliquer la langue

▶ Clique ensuite sur Outils dans la barre de menu

▶ Sélectionne Nettoyage du registre => Nettoyeur de registre automatique

▶ RegCleaner va alors lancer le nettoyage automatiquement

▶ Coche ensuite les entrées invalides qui sont apparues dans la fenêtre et clique sur Supprimer sélections => Terminer => Quitter


Est-ce que tu as encore des problèmes ??
0
Réponse 24 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
19 févr. 2009 à 18:04
Infiniment Merci geoffrey5 !!! Tu es trop sympa!! mon ordi remarche aucun bug et je peux même faire les mises à jour des logiciels que je ne pouvais plus faire depuis longtemps... Regcleaner m'a supprimé les erreurs du registre et maintenant plus de problèmes. Veux-tu que je te fasse un rapport Hijackthis?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
19 févr. 2009 à 18:12
J'ai peut-être tp vite parlé car dans les processus je vois toujours le programme du pirate qui essaie de se connecter a mon pc il s'appelle (je crois car il est assez dur a retenir) pnkstbr et je pense que c'est lui car l'éditeur est inconnu et il vient du system 32.
0
Réponse 26 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
19 févr. 2009 à 18:27
Je n'aurais pas du crier victoire trop tôt, il vient de redémarrer ma machine!!!

je te joins dons mon rapport Hijackthis avec un grand merci pour tout ce que tu fais pour moi
le processus s'appelle en fait pnkstrb et revient toujours

MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\WINDOWS\system32\wuauclt.exe
N:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 27 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
19 févr. 2009 à 21:07
Bonsoir,

je ne vois pourtant pas ce processus dans hijackthis...

▶ Télécharge Combofix de sUBs


▶ et enregistre le sur le Bureau.


▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)


Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


Je te conseille d'installer la console de récupération !!


ensuite envois le rapport et refais un nouveau rapport hijackthis stp
0
Réponse 28 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
19 févr. 2009 à 21:13
avant de faire cette manip, je voulais te dire que j'avais supprimé ce processus avant de faire l'analyse.
0
Réponse 29 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
19 févr. 2009 à 21:55
Merci, la console de récupération n'a pas pu s'installer mais je n'ai pas eu besoin de l'installer manuellement

voici le rapport de combofix:

ComboFix 09-02-18.01 - martin 2009-02-19 21:38:55.8 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.484 [GMT 1:00]
Lancé depuis: c:\documents and settings\martin\Bureau\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning disabled* (Updated)
FW: Bitdefender Firewall *enabled*

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\IE4 Error Log.txt
c:\windows\system32\_004517_.tmp.dll
c:\windows\system32\_004518_.tmp.dll
c:\windows\system32\_004519_.tmp.dll
c:\windows\system32\_004520_.tmp.dll
c:\windows\system32\_004527_.tmp.dll
c:\windows\system32\_004528_.tmp.dll
c:\windows\system32\_004529_.tmp.dll
c:\windows\system32\_004530_.tmp.dll
c:\windows\system32\_004531_.tmp.dll
c:\windows\system32\_004532_.tmp.dll
c:\windows\system32\_004533_.tmp.dll
c:\windows\system32\_004534_.tmp.dll
c:\windows\system32\_004535_.tmp.dll
c:\windows\system32\_004536_.tmp.dll
c:\windows\system32\_004537_.tmp.dll
c:\windows\system32\_004538_.tmp.dll
c:\windows\system32\_004539_.tmp.dll
c:\windows\system32\_004540_.tmp.dll
c:\windows\system32\_004541_.tmp.dll
c:\windows\system32\_004542_.tmp.dll
c:\windows\system32\_004543_.tmp.dll
c:\windows\system32\_004544_.tmp.dll
c:\windows\system32\_004545_.tmp.dll
c:\windows\system32\_004546_.tmp.dll
c:\windows\system32\_004547_.tmp.dll
c:\windows\system32\_004548_.tmp.dll
c:\windows\system32\_004551_.tmp.dll
c:\windows\system32\_004552_.tmp.dll
c:\windows\system32\_004553_.tmp.dll
c:\windows\system32\_004554_.tmp.dll
c:\windows\system32\_004555_.tmp.dll
c:\windows\system32\_004556_.tmp.dll
c:\windows\system32\_004557_.tmp.dll
c:\windows\system32\_004559_.tmp.dll
c:\windows\system32\_004560_.tmp.dll
c:\windows\system32\_004561_.tmp.dll
c:\windows\system32\_004562_.tmp.dll
c:\windows\system32\_004563_.tmp.dll
c:\windows\system32\_004564_.tmp.dll
c:\windows\system32\_004565_.tmp.dll
c:\windows\system32\_004566_.tmp.dll
c:\windows\system32\_004567_.tmp.dll
c:\windows\system32\_004568_.tmp.dll
c:\windows\system32\_004569_.tmp.dll
c:\windows\system32\_004570_.tmp.dll
c:\windows\system32\_004573_.tmp.dll
c:\windows\system32\_004574_.tmp.dll
c:\windows\system32\_004575_.tmp.dll
c:\windows\system32\_004577_.tmp.dll
c:\windows\system32\_004578_.tmp.dll
c:\windows\system32\_004579_.tmp.dll
c:\windows\system32\_004580_.tmp.dll
c:\windows\system32\_004581_.tmp.dll
c:\windows\system32\_004582_.tmp.dll
c:\windows\system32\_004583_.tmp.dll
c:\windows\system32\_004584_.tmp.dll
c:\windows\system32\_004585_.tmp.dll
c:\windows\system32\_004586_.tmp.dll
c:\windows\system32\_004588_.tmp.dll
c:\windows\system32\_004589_.tmp.dll
c:\windows\system32\_004590_.tmp.dll
c:\windows\system32\_004591_.tmp.dll
c:\windows\system32\_004593_.tmp.dll
c:\windows\system32\_004595_.tmp.dll
c:\windows\system32\_004596_.tmp.dll
c:\windows\system32\_004597_.tmp.dll
c:\windows\system32\_004598_.tmp.dll
c:\windows\system32\_004599_.tmp.dll
c:\windows\system32\_004600_.tmp.dll
c:\windows\system32\_004601_.tmp.dll
c:\windows\system32\_004603_.tmp.dll
c:\windows\system32\_004604_.tmp.dll
c:\windows\system32\_004605_.tmp.dll
c:\windows\system32\_004606_.tmp.dll
c:\windows\system32\_004607_.tmp.dll
c:\windows\system32\_004608_.tmp.dll
c:\windows\system32\_004609_.tmp.dll
c:\windows\system32\_004610_.tmp.dll
c:\windows\system32\_004612_.tmp.dll
c:\windows\system32\_004613_.tmp.dll
c:\windows\system32\_004616_.tmp.dll
c:\windows\system32\_004617_.tmp.dll
c:\windows\system32\_004621_.tmp.dll
c:\windows\system32\_004622_.tmp.dll
c:\windows\system32\_004624_.tmp.dll
c:\windows\system32\_004627_.tmp.dll
c:\windows\system32\_004629_.tmp.dll
c:\windows\system32\_004630_.tmp.dll
c:\windows\system32\_004631_.tmp.dll
c:\windows\system32\_004632_.tmp.dll
c:\windows\system32\_004635_.tmp.dll
c:\windows\system32\_004636_.tmp.dll
c:\windows\system32\_004637_.tmp.dll
c:\windows\system32\_004638_.tmp.dll
c:\windows\system32\_004639_.tmp.dll
c:\windows\system32\_004644_.tmp.dll
c:\windows\system32\_004646_.tmp.dll
c:\windows\system32\303369.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\gaopdxcounter
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\TDSSreat.dat
c:\windows\system32\tmp.reg
c:\windows\system32\uDKmonnn.ini
c:\windows\system32\uniq.tll
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\winlogon2.exe
c:\windows\system32\WS2Fix.exe

----- BITS: Il y a peut-être des sites infectés -----

hxxp://onestopstation.net
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_seneka


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-19 au 2009-02-19 ))))))))))))))))))))))))))))))))))))
.

2009-02-19 18:17 . 2009-02-19 18:17 362,240 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-02-19 17:51 . 2009-02-19 17:53 <REP> d-------- c:\program files\RegCleaner
2009-02-18 21:27 . 2009-02-18 22:07 <REP> d-------- c:\program files\Ad-remover
2009-02-18 18:37 . 2009-02-18 19:40 <REP> d-------- c:\program files\Navilog1
2009-02-18 16:54 . 2009-02-18 16:54 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-18 16:54 . 2009-02-18 16:54 <REP> d-------- c:\documents and settings\martin\Application Data\Malwarebytes
2009-02-18 16:54 . 2009-02-18 16:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-18 16:54 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-18 16:54 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-17 19:33 . 2009-02-17 19:33 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2009-02-17 19:23 . 2009-02-17 19:23 <REP> d-------- c:\program files\Adobe Media Player
2009-02-17 19:19 . 2009-02-17 19:19 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR
2009-02-17 19:11 . 2009-02-17 19:11 <REP> d-------- c:\program files\Fichiers communs\Macrovision Shared
2009-02-16 18:55 . 2009-02-18 09:53 <REP> d-------- c:\program files\WinPcap
2009-02-15 19:40 . 2009-02-19 18:08 <REP> d-------- c:\program files\TuneUp Utilities 2009
2009-02-15 19:40 . 2009-02-15 19:40 <REP> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-15 11:01 . 2009-01-18 22:35 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-02-15 10:46 . 2009-02-15 10:46 <REP> d-------- c:\documents and settings\LocalService\Bureau
2009-02-15 10:23 . 2009-01-18 22:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-15 10:21 . 2009-02-15 10:21 <REP> d-------- c:\program files\Lavasoft
2009-02-15 10:21 . 2009-02-15 10:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-15 10:21 . 2009-02-15 10:21 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-14 22:26 . 2009-02-14 22:26 <REP> d----c--- c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-02-14 19:47 . 2009-02-14 19:47 <REP> d-------- c:\program files\Driver-Soft
2009-02-14 19:47 . 2004-06-14 14:56 427,864 --a------ c:\windows\system32\XceedZip.dll
2009-02-13 20:45 . 2009-02-13 20:45 30 --a------ c:\windows\system32\hgset.ini
2009-02-13 09:06 . 2009-02-13 10:42 <REP> d-------- c:\documents and settings\martin\Application Data\_f8e5c1e4f5f99d5c95dd47f89ab97df6
2009-02-12 19:38 . 2009-02-12 19:38 75,264 --a------ c:\windows\system32\‹õ÷õûýÿýûõ÷õ‹‹•—•›Ÿ›•—•‹‹µ·µ»½¿½»µ·µ‹‹•—•›Ÿ
2009-02-11 17:09 . 2009-02-11 18:06 <REP> d-------- c:\program files\Video Convert Master
2009-02-11 17:09 . 2009-02-11 17:10 <REP> d-------- c:\documents and settings\martin\Application Data\Vso
2009-02-11 17:09 . 2009-02-11 17:09 81,920 --a------ c:\documents and settings\martin\Application Data\ezpinst.exe
2009-02-11 17:09 . 2009-02-11 17:09 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2009-02-11 17:09 . 2009-02-11 17:09 47,360 --a------ c:\documents and settings\martin\Application Data\pcouffin.sys
2009-02-11 09:38 . 2009-02-11 10:14 28 --a------ c:\windows\Robota.INI
2009-02-11 09:37 . 2009-02-11 09:37 <REP> d-------- c:\documents and settings\martin\Application Data\MAGIX
2009-02-11 09:37 . 2001-05-11 13:18 420,240 --a------ c:\windows\system32\mpg4c32.dll
2009-02-11 09:37 . 2001-03-26 04:41 245,760 --a------ c:\windows\system32\mp4sds32.ax
2009-02-11 09:31 . 2009-02-11 09:34 <REP> d-------- c:\documents and settings\All Users\Application Data\MAGIX
2009-02-11 09:30 . 2009-02-11 09:34 <REP> d-------- c:\program files\MAGIX
2009-02-10 22:08 . 2009-02-10 22:08 <REP> d-------- c:\documents and settings\martin\Application Data\DAEMON Tools Pro
2009-02-10 22:08 . 2009-02-10 22:08 <REP> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-02-09 19:15 . 2009-02-09 19:15 2,287,104 --a------ c:\windows\system32\TUKernel.exe
2009-02-09 18:16 . 2009-02-09 18:16 <REP> d-------- c:\documents and settings\martin\Application Data\TuneUp Software
2009-02-09 18:14 . 2009-02-09 18:14 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-02-08 11:42 . 2009-02-08 11:42 <REP> d-------- C:\Downloads
2009-02-07 06:51 . 2009-02-19 21:46 206,530 --a------ c:\windows\system32\nvapps.xml
2009-02-07 06:49 . 2009-01-15 08:19 453,152 --a------ c:\windows\system32\nvudisp.exe
2009-02-07 06:49 . 2009-01-15 08:19 18,725 --a------ c:\windows\system32\nvdisp.nvu
2009-02-06 19:12 . 2007-09-02 20:56 1,686,016 --a------ c:\windows\system32\clinetsuitex6.ocx
2009-02-06 18:24 . 2009-01-07 11:28 453,152 --a------ c:\windows\system32\NVUNINST.EXE
2009-02-05 20:12 . 2009-02-05 20:12 <REP> d-------- c:\program files\Microsoft.NET
2009-02-05 20:08 . 2009-02-05 20:08 <REP> d-------- c:\program files\Microsoft Visual Studio 8
2009-02-05 20:07 . 2009-02-05 20:29 <REP> d-------- c:\windows\SHELLNEW
2009-02-05 20:05 . 2009-02-05 20:05 <REP> dr-h----- C:\MSOCache
2009-02-04 10:53 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-02-04 10:33 . 2009-02-16 18:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-29 19:28 . 2008-12-29 19:48 361,600 --a------ c:\windows\system32\drivers\tcpip.sys.old
2009-01-29 10:06 . 2009-01-29 10:06 <REP> d-------- c:\documents and settings\martin\Application Data\Leadertech
2009-01-28 23:55 . 2009-01-28 23:55 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-01-27 19:27 . 2009-01-27 19:27 <REP> d-------- c:\program files\Electronic Arts
2009-01-26 20:42 . 2009-02-09 07:02 <REP> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-01-26 20:11 . 2009-01-27 22:37 <REP> d-------- c:\documents and settings\martin\Application Data\SystemRequirementsLab
2009-01-25 14:46 . 2009-01-25 14:46 <REP> d-------- c:\program files\SOFTWAREDEPO.COM
2009-01-25 14:46 . 2004-02-05 14:53 389,120 --a------ c:\windows\system32\actskn43.ocx
2009-01-25 14:46 . 2004-01-09 04:54 188,416 --a------ c:\windows\system32\actsplash.ocx
2009-01-25 14:41 . 2009-01-25 14:41 9,728 --a------ c:\windows\system32\Rnaph.dll
2009-01-21 19:13 . 2009-02-07 06:50 <REP> d-------- c:\windows\nview
2009-01-20 23:05 . 2009-01-20 23:05 <REP> dr-h----- c:\documents and settings\martin\Application Data\SecuROM
2009-01-20 18:36 . 2008-05-30 14:19 507,400 --a------ c:\windows\system32\XAudio2_1.dll
2009-01-20 18:36 . 2008-05-30 14:18 238,088 --a------ c:\windows\system32\xactengine3_1.dll
2009-01-20 18:36 . 2008-05-30 14:17 65,032 --a------ c:\windows\system32\XAPOFX1_0.dll
2009-01-20 18:35 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\system32\D3DX9_38.dll
2009-01-20 18:35 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\system32\D3DX9_37.dll
2009-01-20 18:35 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\system32\D3DCompiler_38.dll
2009-01-20 18:35 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\system32\D3DCompiler_37.dll
2009-01-20 18:35 . 2008-03-05 16:03 479,752 --a------ c:\windows\system32\XAudio2_0.dll
2009-01-20 18:35 . 2008-05-30 14:11 467,984 --a------ c:\windows\system32\d3dx10_38.dll
2009-01-20 18:35 . 2008-02-05 23:07 462,864 --a------ c:\windows\system32\d3dx10_37.dll
2009-01-20 18:35 . 2008-03-05 16:03 238,088 --a------ c:\windows\system32\xactengine3_0.dll
2009-01-20 18:35 . 2008-05-30 14:17 25,608 --a------ c:\windows\system32\X3DAudio1_4.dll
2009-01-20 18:35 . 2008-03-05 16:00 25,608 --a------ c:\windows\system32\X3DAudio1_3.dll
2009-01-20 18:34 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\system32\d3dx9_36.dll
2009-01-20 18:34 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\system32\d3dx9_35.dll
2009-01-20 18:34 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\system32\D3DCompiler_36.dll
2009-01-20 18:34 . 2007-07-19 18:14 1,358,192 --a------ c:\windows\system32\D3DCompiler_35.dll
2009-01-20 18:34 . 2007-10-02 09:56 444,776 --a------ c:\windows\system32\d3dx10_36.dll
2009-01-20 18:34 . 2007-07-19 18:14 444,776 --a------ c:\windows\system32\d3dx10_35.dll
2009-01-20 18:34 . 2007-10-22 03:39 267,272 --a------ c:\windows\system32\xactengine2_10.dll
2009-01-20 18:34 . 2007-07-20 00:57 267,112 --a------ c:\windows\system32\xactengine2_9.dll
2009-01-20 18:34 . 2007-06-20 20:46 266,088 --a------ c:\windows\system32\xactengine2_8.dll
2009-01-20 18:34 . 2007-10-22 03:37 17,928 --a------ c:\windows\system32\X3DAudio1_2.dll
2009-01-20 18:33 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2009-01-20 18:33 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2009-01-20 18:33 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2009-01-20 18:27 . 2009-01-20 18:27 <REP> d-------- c:\windows\Logs
2009-01-20 18:25 . 2009-01-20 18:49 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-01-20 18:25 . 2009-01-20 18:49 22,328 --a------ c:\documents and settings\martin\Application Data\PnkBstrK.sys
2009-01-20 18:24 . 2009-01-20 18:48 2,250,024 --a------ c:\windows\system32\pbsvc.exe
2009-01-20 18:24 . 2009-01-20 18:49 107,832 --a------ c:\windows\system32\PnkBstrB.exe
2009-01-20 18:24 . 2009-01-20 18:48 66,872 --a------ c:\windows\system32\PnkBstrA.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-18 17:20 --------- d-----w c:\documents and settings\martin\Application Data\Desktopicon
2009-02-18 10:25 --------- d-----w c:\documents and settings\martin\Application Data\uTorrent
2009-02-17 23:18 --------- d-----w c:\program files\Unlocker
2009-02-17 18:25 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-02-14 23:06 --------- d-----w c:\program files\KITPHOTO
2009-02-14 23:04 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-14 22:54 --------- d-----w c:\program files\DivX
2009-02-14 22:52 --------- d-----w c:\documents and settings\All Users\Application Data\2DBoy
2009-02-14 22:44 --------- d-----w c:\program files\Mio Technology
2009-02-14 22:44 --------- d-----w c:\program files\Logitech
2009-02-14 22:41 --------- d-----w c:\program files\Fichiers communs\Ahead
2009-02-14 19:51 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-11 18:43 --------- d-----w c:\program files\Micro Application
2009-02-09 19:47 --------- d-----w c:\program files\Windows Live Toolbar
2009-02-09 19:45 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-09 19:45 --------- d-----r c:\program files\Skype
2009-02-09 19:35 --------- d-----w c:\program files\Windows Live
2009-02-05 19:14 --------- d-----w c:\program files\MSBuild
2009-02-05 19:14 --------- d-----w c:\program files\Microsoft Works
2009-02-04 15:59 31,422 ----a-w c:\documents and settings\martin\Application Data\wklnhst.dat
2009-01-28 22:04 --------- d-----w c:\program files\Wanadoo
2009-01-20 17:14 --------- d-----w c:\program files\Ubisoft
2009-01-18 19:33 --------- d-----w c:\program files\Fichiers communs\Nero
2009-01-18 18:03 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2009-01-18 15:32 --------- d-----w c:\documents and settings\martin\Application Data\DivX
2009-01-15 07:19 6,301,248 ----a-w c:\windows\system32\drivers\nv4_mini.sys
2009-01-10 16:26 --------- d-----w c:\documents and settings\martin\Application Data\LimeWire
2009-01-09 20:07 --------- d-----w c:\program files\BitComet
2009-01-05 19:28 --------- d-----w c:\documents and settings\martin\Application Data\codeblocks
2009-01-05 18:50 --------- d-----w c:\documents and settings\martin\Application Data\Dev-Cpp
2009-01-05 18:49 --------- d-----w c:\program files\Dev-Cpp
2008-12-30 20:06 --------- d-----w c:\documents and settings\martin\Application Data\FDRLab
2008-12-29 18:48 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
2008-12-27 10:28 --------- d-----w c:\documents and settings\All Users\Application Data\NortonInstaller
2008-12-24 15:11 --------- d-----w c:\program files\uTorrent
2008-12-24 09:09 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-22 20:52 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-20 18:03 53,248 ----a-w c:\windows\fados.exe
2008-12-20 12:37 --------- d-----w c:\program files\Fichiers communs\Atlence
.

------- Sigcheck -------

2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2004-08-05 13:00 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB889527$\tcpip.sys
2005-05-25 20:07 359936 63fdfea54eb53de2d863ee454937ce1e c:\windows\$NtUninstallKB917953$\tcpip.sys
2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$NtUninstallKB941644$\tcpip.sys
2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\$NtUninstallKB951748$\tcpip.sys
2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\ServicePackFiles\i386\tcpip.sys
2008-12-29 19:48 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\system32\dllcache\tcpip.sys
2008-12-29 19:48 361600 a18b54f12e86b5f21266937e485e3df5 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\program files\P2P_Energy\tbP2P_.dll" [2007-12-19 1514520]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
2007-12-19 15:53 1514520 --a------ c:\program files\P2P_Energy\tbP2P_.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\program files\P2P_Energy\tbP2P_.dll" [2007-12-19 1514520]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "c:\program files\P2P_Energy\tbP2P_.dll" [2007-12-19 1514520]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\Softwin\BitDefender10\bdagent.exe" [2007-04-19 69632]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 849280]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCpl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
"EditLevel"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 c:\program files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\o:\[u]0/uautocheck autochk *\[u]0/ulsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^KODAK Software Updater.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\KODAK Software Updater.lnk
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LG SyncManager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LG SyncManager.lnk
backup=c:\windows\pss\LG SyncManager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk
backup=c:\windows\pss\Logiciel Kodak EasyShare.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MioSync.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\MioSync.lnk
backup=c:\windows\pss\MioSync.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^martin^Menu Démarrer^Programmes^Démarrage^BitComet SpeedUp Pro.lnk]
path=c:\documents and settings\martin\Menu Démarrer\Programmes\Démarrage\BitComet SpeedUp Pro.lnk
backup=c:\windows\pss\BitComet SpeedUp Pro.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^martin^Menu Démarrer^Programmes^Démarrage^BitComet Turbo Accelerator.lnk]
path=c:\documents and settings\martin\Menu Démarrer\Programmes\Démarrage\BitComet Turbo Accelerator.lnk
backup=c:\windows\pss\BitComet Turbo Accelerator.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^martin^Menu Démarrer^Programmes^Démarrage^MSN Pictures Displayer.lnk]
path=c:\documents and settings\martin\Menu Démarrer\Programmes\Démarrage\MSN Pictures Displayer.lnk
backup=c:\windows\pss\MSN Pictures Displayer.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 07:58 611712 c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2008-11-23 02:04 203720 c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
--a------ 2007-04-19 20:33 290816 c:\progra~1\Softwin\BITDEF~1\bdmcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-08-08 13:11 490952 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-11-06 15:03 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
--a------ 2003-05-08 11:00 49152 c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
--------- 2008-04-08 18:35 14491648 c:\program files\inKline Global\PC Booster\PCBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSWWATCH]
--------- 2004-12-15 13:33 24576 c:\progra~1\PSW\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
--a------ 2008-04-16 16:56 985440 c:\program files\Search Settings\SearchSettings.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-02 05:15 15872 c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-09-14 18:08 49152 c:\progra~1\Wanadoo\TaskBarIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-09-14 18:08 24576 c:\progra~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2009-01-15 08:19 1657376 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
--a------ 2005-01-07 16:07 61952 c:\windows\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MSConfig"=c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-15 64160]
R2 extradrv;Extra Driver;c:\windows\system32\drivers\extradrv.sys [2005-11-05 36352]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 921936]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2006-09-05 71040]
S2 ramdrive;RAM Driver;c:\windows\system32\drivers\ramdrive.sys [2005-11-05 5632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2009-02-11 1527900]
.
Contenu du dossier 'Tâches planifiées'

2009-02-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 22:34]

2009-02-15 c:\windows\Tasks\EasyShare Registration Task.job
- c:\docume~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16 []

2009-02-19 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-21 12:14]

2007-10-31 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-02-06 00:52]
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-ALDI_FotoSuite_Download - c:\program files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe
MSConfigStartUp-au - c:\program files\Dealio\DealioAU.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-egasqck - c:\documents and settings\martin\local settings\application data\egasqck.exe
MSConfigStartUp-fsc-reminder - c:\windows\reminder\fsc-reminder.exe
MSConfigStartUp-Muscbrigade - c:\musicbrigade\Musicbrigade.exe
MSConfigStartUp-NeroFilterCheck - c:\windows\system32\NeroCheck.exe
MSConfigStartUp-PSPVideo9 - c:\program files\pspvideo9\pspvideo9.exe
MSConfigStartUp-XtraToolsTray - c:\program files\Godlike Developers\XtraTools 2008\rsvr\xttray.exe
MSConfigStartUp-Yahoo! Pager - ~c:\program files\Yahoo!\Messenger\ypager.exe


.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\martin\Application Data\Mozilla\Firefox\Profiles\7fbhqhpt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=2&q=
FF - component: c:\documents and settings\martin\Application Data\Mozilla\Firefox\Profiles\7fbhqhpt.default\extensions\{2bae58c2-79f9-45d1-a286-81f911301c3a}\components\FFAlert.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: content.max.tokenizing.time - 1500000
FF - user.js: content.notify.interval - 750000
FF - user.js: nglayout.initialpaint.delay - 100
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 21:46:08
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet011\Services\{ED5EB4D0-3CE2-4A12-9477-62B797FDF47F}]

[HKEY_LOCAL_MACHINE\System\ControlSet011\Services\ 9 õ ÷ õ û ý ÿ ý û õ ÷ õ 9    9 "  " :  x : "  " 9    9 µ · µ » ½ ¿ ½ » µ · µ 9    9 "  " :  x]
Binary file temp00 matches

[HKEY_LOCAL_MACHINE\System\ControlSet011\Services\ 9 õ ÷ õ û ý ÿ ý û õ ÷ õ 9    9 "  " :  x : "  " 9    9 µ · µ » ½ ¿ ½ » µ · µ 9    9 "  " :  x]
"imagepath"="‹‹•—•›Ÿ›•—•‹‹µ·µ»½¿½»µ·µ‹‹•—•›Ÿ"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1879577834-1025582869-3424800659-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=

[HKEY_USERS\S-1-5-21-1879577834-1025582869-3424800659-1007\Software\SecuROM\License information*]
"datasecu"=hex:04,69,9c,ac,dc,dc,8e,73,9e,06,6f,78,a4,c0,5d,68,34,5d,55,11,51,
7a,2d,a3,1e,d1,eb,5b,07,67,0e,3a,90,86,57,5c,1e,c7,2d,a6,fe,30,69,bd,3d,5e,\
"rkeysecu"=hex:41,d0,00,83,af,41,c0,55,4c,70,5c,45,70,69,81,dd

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1656)
c:\program files\AlienGUIse\fastload.dll
c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
c:\program files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Softwin\BitDefender10\vsserv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Heure de fin: 2009-02-19 21:50:58 - La machine a redémarré [martin]
ComboFix-quarantined-files.txt 2009-02-19 20:50:54

Avant-CF: 64,909,496,320 octets libres
Après-CF: 65,296,490,496 octets libres

528 --- E O F --- 2009-02-13 19:05:52









et le nouveau de hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:41, on 19/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
N:\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 30 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
19 févr. 2009 à 22:10
Encore merci et bonne soirée, je vais me coucher et je continuerais ce demain
a demain ;)
0
Réponse 31 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
19 févr. 2009 à 22:17
Pour moi ce processus est légitime... Fais ceci stp :

▶ Télécharge OTMoveIt3 (de Old_Timer) sur ton Bureau

▶ Double-clique sur OTMoveIt.exe pour le lancer.

▶ Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.

▶ Copie la liste qui se trouve en gras dans la citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous "Paste instructions for item to be moved".


:processes
explorer.exe

:files
c:\windows\fados.exe

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]



▶ clique sur MoveIt! pour lancer la suppression.

▶ Le résultat apparaitra dans le cadre "Results".

▶ Clique sur Exit pour fermer.

▶ Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

▶ Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.


ensuite :


▶ Télécharger et enregistrer lopSD sur le Bureau

▶ Double-clic Lop S&D

▶ Faire l'installation

▶ Fermer toutes les applications

▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur

▶ Taper F pour français , puis presser entrée

▶ Taper 1

▶ Presser Entrée

▶ Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer

▶ Attendre l'apparition du rapport
▶ Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
0
Réponse 32 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
20 févr. 2009 à 17:48
Avant de faire la suite, j'en ai profité que le processus que je soupconne d'être espion soit activé pour te faire un rapport HiJackThis.
le voici:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:39:53, on 20/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
N:\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 33 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
20 févr. 2009 à 18:24
Merci, voici le rapport de OTmovit3 :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
c:\windows\fados.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\martin\LOCALS~1\Temp\Perflib_Perfdata_830.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02202009_175639





et voici encore un rapport (tu dois adorer ca!) long et passionnant:


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 04/19/06 17:46:43 Ver: 08.00.12
USER : martin ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:60 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)
M:\ (CD or DVD)
N:\ (USB) - FAT32 - Total:7663 Mo (Free:6 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 20/02/2009|18:08 )

--------------------\\ Listing des dossiers dans APPLIC~1

[29/09/2006|08:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[29/09/2006|09:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[29/09/2006|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[14/02/2009|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[15/02/2009|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[15/02/2009|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
[14/02/2009|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2DBoy
[17/02/2009|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/09/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/12/2008|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[19/04/2007|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[11/11/2006|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[10/02/2009|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[30/08/2007|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Emjysoft
[17/02/2009|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[08/02/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
[25/03/2008|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[28/01/2009|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[06/01/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[15/02/2009|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[11/02/2009|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[18/02/2009|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[08/05/2007|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[15/04/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[05/02/2009|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/02/2009|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[18/01/2009|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[27/12/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[09/02/2009|07:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[29/09/2006|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/11/2006|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[09/02/2009|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[22/12/2008|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[11/11/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[04/12/2007|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[15/12/2008|06:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[09/02/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[29/09/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/09/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[29/09/2006|08:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[29/09/2006|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[29/09/2006|09:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[29/09/2006|08:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/02/2009|10:42] C:\DOCUME~1\martin\APPLIC~1\_f8e5c1e4f5f99d5c95dd47f89ab97df6
[17/02/2009|19:40] C:\DOCUME~1\martin\APPLIC~1\Adobe
[09/11/2006|09:00] C:\DOCUME~1\martin\APPLIC~1\AdobeUM
[07/04/2008|10:33] C:\DOCUME~1\martin\APPLIC~1\Ahead
[17/05/2008|17:42] C:\DOCUME~1\martin\APPLIC~1\Apple Computer
[22/06/2008|22:00] C:\DOCUME~1\martin\APPLIC~1\ArcSoft
[15/12/2008|13:11] C:\DOCUME~1\martin\APPLIC~1\Azureus
[19/04/2007|19:44] C:\DOCUME~1\martin\APPLIC~1\Bitdefender
[02/12/2008|16:44] C:\DOCUME~1\martin\APPLIC~1\Canon
[05/01/2009|20:28] C:\DOCUME~1\martin\APPLIC~1\codeblocks
[26/10/2008|22:15] C:\DOCUME~1\martin\APPLIC~1\DAEMON Tools
[10/02/2009|22:08] C:\DOCUME~1\martin\APPLIC~1\DAEMON Tools Pro
[18/12/2008|18:52] C:\DOCUME~1\martin\APPLIC~1\DeepBurner
[18/02/2009|18:20] C:\DOCUME~1\martin\APPLIC~1\Desktopicon
[05/01/2009|19:50] C:\DOCUME~1\martin\APPLIC~1\Dev-Cpp
[18/01/2009|16:32] C:\DOCUME~1\martin\APPLIC~1\DivX
[15/12/2008|13:09] C:\DOCUME~1\martin\APPLIC~1\EmailNotifier
[30/12/2008|21:06] C:\DOCUME~1\martin\APPLIC~1\FDRLab
[09/11/2006|22:29] C:\DOCUME~1\martin\APPLIC~1\F-Secure
[10/07/2008|13:18] C:\DOCUME~1\martin\APPLIC~1\Godlike
[03/09/2007|15:08] C:\DOCUME~1\martin\APPLIC~1\Google
[09/05/2008|21:15] C:\DOCUME~1\martin\APPLIC~1\Help
[17/02/2008|16:06] C:\DOCUME~1\martin\APPLIC~1\Identities
[05/11/2008|19:58] C:\DOCUME~1\martin\APPLIC~1\InstallShield
[09/11/2006|22:27] C:\DOCUME~1\martin\APPLIC~1\InterVideo
[09/11/2006|21:40] C:\DOCUME~1\martin\APPLIC~1\ispnews
[29/01/2009|10:06] C:\DOCUME~1\martin\APPLIC~1\Leadertech
[01/07/2007|12:59] C:\DOCUME~1\martin\APPLIC~1\LG Electronics
[10/01/2009|17:26] C:\DOCUME~1\martin\APPLIC~1\LimeWire
[29/09/2006|09:11] C:\DOCUME~1\martin\APPLIC~1\Macromedia
[11/02/2009|09:37] C:\DOCUME~1\martin\APPLIC~1\MAGIX
[18/02/2009|16:54] C:\DOCUME~1\martin\APPLIC~1\Malwarebytes
[05/11/2008|20:00] C:\DOCUME~1\martin\APPLIC~1\Megaupload
[16/02/2009|18:46] C:\DOCUME~1\martin\APPLIC~1\Microsoft
[02/05/2007|21:40] C:\DOCUME~1\martin\APPLIC~1\Mozilla
[10/11/2006|20:19] C:\DOCUME~1\martin\APPLIC~1\MSNInstaller
[11/11/2008|17:23] C:\DOCUME~1\martin\APPLIC~1\Nero
[16/11/2008|09:32] C:\DOCUME~1\martin\APPLIC~1\OpenOffice.org
[09/11/2006|21:44] C:\DOCUME~1\martin\APPLIC~1\PEX
[16/08/2007|12:08] C:\DOCUME~1\martin\APPLIC~1\RVM
[21/02/2008|13:44] C:\DOCUME~1\martin\APPLIC~1\Samsung
[11/11/2006|22:14] C:\DOCUME~1\martin\APPLIC~1\ScanSoft
[06/05/2007|16:07] C:\DOCUME~1\martin\APPLIC~1\Screenshot Sender
[01/05/2008|07:08] C:\DOCUME~1\martin\APPLIC~1\Search Settings
[20/01/2009|23:05] C:\DOCUME~1\martin\APPLIC~1\SecuROM
[09/12/2008|20:19] C:\DOCUME~1\martin\APPLIC~1\Shareaza
[24/09/2008|15:06] C:\DOCUME~1\martin\APPLIC~1\skypePM
[30/05/2007|20:20] C:\DOCUME~1\martin\APPLIC~1\Sun
[27/01/2009|22:37] C:\DOCUME~1\martin\APPLIC~1\SystemRequirementsLab
[30/08/2007|19:51] C:\DOCUME~1\martin\APPLIC~1\Talkback
[08/11/2006|19:01] C:\DOCUME~1\martin\APPLIC~1\Template
[23/11/2008|10:37] C:\DOCUME~1\martin\APPLIC~1\TigerPlayer
[04/12/2008|15:44] C:\DOCUME~1\martin\APPLIC~1\Todae
[09/02/2009|18:16] C:\DOCUME~1\martin\APPLIC~1\TuneUp Software
[18/02/2009|11:25] C:\DOCUME~1\martin\APPLIC~1\uTorrent
[18/06/2008|08:23] C:\DOCUME~1\martin\APPLIC~1\Viewpoint
[29/05/2007|18:08] C:\DOCUME~1\martin\APPLIC~1\vlc
[11/02/2009|17:10] C:\DOCUME~1\martin\APPLIC~1\Vso
[22/07/2007|19:02] C:\DOCUME~1\martin\APPLIC~1\WinRAR

[29/09/2006|08:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[20/02/2009 18:01][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[16/02/2009 10:23][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[15/02/2009 14:37][--a------] C:\WINDOWS\tasks\EasyShare Registration Task.job
[31/10/2007 23:13][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[20/02/2009 18:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"


--------------------\\ Listing des dossiers dans C:\Program Files

[31/01/2008|16:42] C:\Program Files\AbiSuite2
[17/02/2009|19:26] C:\Program Files\Adobe
[17/02/2009|19:23] C:\Program Files\Adobe Media Player
[18/02/2009|22:07] C:\Program Files\Ad-remover
[13/12/2008|13:40] C:\Program Files\Alcohol Soft
[04/11/2007|23:13] C:\Program Files\AlienGUIse
[11/11/2007|17:38] C:\Program Files\AnimGif
[15/12/2008|13:09] C:\Program Files\Apple Software Update(2)
[03/12/2008|21:14] C:\Program Files\Astonsoft
[27/03/2008|17:47] C:\Program Files\Audacity
[23/01/2008|14:15] C:\Program Files\AviSynth 2.5
[09/01/2009|21:07] C:\Program Files\BitComet
[22/07/2007|13:08] C:\Program Files\Blender Foundation
[31/08/2008|11:00] C:\Program Files\Bluetooth Remote Control
[14/09/2007|17:44] C:\Program Files\Buzz
[12/02/2008|19:08] C:\Program Files\CamStudio
[11/11/2006|22:11] C:\Program Files\Canon
[17/12/2008|15:44] C:\Program Files\Common Files
[17/12/2008|20:38] C:\Program Files\Conduit
[14/09/2007|17:45] C:\Program Files\Creative Labs
[26/10/2008|23:39] C:\Program Files\DAEMON Tools Lite
[05/01/2009|19:49] C:\Program Files\Dev-Cpp
[14/02/2009|23:54] C:\Program Files\DivX
[14/02/2009|19:47] C:\Program Files\Driver-Soft
[27/01/2009|19:27] C:\Program Files\Electronic Arts
[19/02/2009|21:42] C:\Program Files\Fichiers communs
[25/03/2008|20:45] C:\Program Files\Google
[06/06/2007|15:16] C:\Program Files\Infogrames
[10/07/2008|13:40] C:\Program Files\inKline Global
[15/02/2009|00:04] C:\Program Files\InstallShield Installation Information
[13/02/2009|20:27] C:\Program Files\Internet Explorer
[29/09/2006|09:15] C:\Program Files\InterVideo
[27/12/2007|09:44] C:\Program Files\Java
[11/09/2007|21:29] C:\Program Files\Jeskola Buzz
[15/02/2009|00:06] C:\Program Files\KITPHOTO
[05/02/2008|11:38] C:\Program Files\Kodak
[15/02/2009|10:21] C:\Program Files\Lavasoft
[30/06/2007|18:14] C:\Program Files\LG Electronics
[01/07/2007|13:19] C:\Program Files\LG PC Suite
[22/10/2007|15:50] C:\Program Files\Logiciel Photo Orange
[14/02/2009|23:44] C:\Program Files\Logitech
[11/02/2009|09:34] C:\Program Files\MAGIX
[18/02/2009|16:54] C:\Program Files\Malwarebytes' Anti-Malware
[12/02/2008|10:39] C:\Program Files\MastaLine Software
[09/11/2008|21:22] C:\Program Files\Messenger
[14/02/2009|20:51] C:\Program Files\Messenger Plus! Live
[22/04/2007|13:06] C:\Program Files\MessengerPlus! 3
[11/02/2009|19:43] C:\Program Files\Micro Application
[25/02/2008|22:38] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[29/09/2006|08:19] C:\Program Files\microsoft frontpage
[31/10/2007|23:06] C:\Program Files\Microsoft IntelliPoint
[05/02/2009|20:13] C:\Program Files\Microsoft Office
[17/12/2006|11:17] C:\Program Files\Microsoft Référence
[13/03/2008|21:34] C:\Program Files\Microsoft SQL Server Compact Edition
[29/09/2006|09:13] C:\Program Files\Microsoft Visual Studio
[05/02/2009|20:08] C:\Program Files\Microsoft Visual Studio 8
[05/02/2009|20:14] C:\Program Files\Microsoft Works
[05/02/2009|20:12] C:\Program Files\Microsoft.NET
[14/02/2009|23:44] C:\Program Files\Mio Technology
[21/10/2008|17:10] C:\Program Files\Movie Maker
[19/02/2009|20:42] C:\Program Files\Mozilla Firefox
[05/02/2009|20:14] C:\Program Files\MSBuild
[08/11/2006|23:14] C:\Program Files\MSN
[29/09/2006|08:17] C:\Program Files\MSN Gaming Zone
[07/04/2008|20:23] C:\Program Files\MSN Messenger
[19/11/2006|23:15] C:\Program Files\MSXML 4.0
[18/02/2009|19:40] C:\Program Files\Navilog1
[21/10/2008|17:04] C:\Program Files\NetMeeting
[29/09/2006|08:17] C:\Program Files\Online Services
[16/11/2008|09:20] C:\Program Files\OpenOffice.org 3
[21/10/2008|17:04] C:\Program Files\Outlook Express
[17/12/2008|20:38] C:\Program Files\P2P_Energy
[13/11/2008|18:44] C:\Program Files\Personal Media Manager
[14/11/2007|16:56] C:\Program Files\Picasa2
[29/07/2007|21:42] C:\Program Files\PowerTCP
[06/06/2008|12:12] C:\Program Files\PSW
[11/11/2008|19:49] C:\Program Files\Reference Assemblies
[19/02/2009|17:53] C:\Program Files\RegCleaner
[20/02/2008|13:39] C:\Program Files\Samsung
[11/11/2006|22:13] C:\Program Files\ScanSoft
[30/04/2008|22:16] C:\Program Files\Search Settings
[29/09/2006|08:18] C:\Program Files\Services en ligne
[29/11/2008|14:26] C:\Program Files\SIM MAX
[09/02/2009|20:45] C:\Program Files\Skype
[16/08/2007|12:07] C:\Program Files\smplayer
[25/01/2009|14:46] C:\Program Files\SOFTWAREDEPO.COM
[19/04/2007|19:26] C:\Program Files\Softwin
[24/12/2008|10:09] C:\Program Files\Spybot - Search & Destroy
[20/09/2008|20:59] C:\Program Files\StuffPlug3
[11/12/2007|18:18] C:\Program Files\Téléchargement PHOTOWAYS
[19/02/2009|18:08] C:\Program Files\TuneUp Utilities 2009
[20/01/2009|18:14] C:\Program Files\Ubisoft
[15/04/2007|17:27] C:\Program Files\Uninstall Information
[18/02/2009|00:18] C:\Program Files\Unlocker
[24/12/2008|16:11] C:\Program Files\uTorrent
[11/02/2009|18:06] C:\Program Files\Video Convert Master
[29/05/2007|18:07] C:\Program Files\VideoLAN
[02/05/2007|21:40] C:\Program Files\Viewpoint
[28/01/2009|23:04] C:\Program Files\Wanadoo
[08/11/2006|23:28] C:\Program Files\Wanadoo Messager
[09/02/2009|20:35] C:\Program Files\Windows Live
[09/02/2009|20:47] C:\Program Files\Windows Live Toolbar
[22/04/2007|13:34] C:\Program Files\Windows Media Connect 2
[04/12/2008|15:44] C:\Program Files\Windows Media Player
[21/10/2008|17:04] C:\Program Files\Windows NT
[29/09/2006|08:18] C:\Program Files\WindowsUpdate
[18/02/2009|09:53] C:\Program Files\WinPcap
[27/12/2008|11:23] C:\Program Files\WinRAR
[29/09/2006|08:19] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/02/2009|19:25] C:\Program Files\Fichiers communs\Adobe
[17/02/2009|19:19] C:\Program Files\Fichiers communs\Adobe AIR
[14/02/2009|23:41] C:\Program Files\Fichiers communs\Ahead
[13/12/2008|19:39] C:\Program Files\Fichiers communs\Apple
[20/12/2008|13:37] C:\Program Files\Fichiers communs\Atlence
[05/02/2009|20:13] C:\Program Files\Fichiers communs\DESIGNER
[14/02/2007|17:50] C:\Program Files\Fichiers communs\InstallShield
[25/05/2007|16:40] C:\Program Files\Fichiers communs\Java
[06/01/2008|14:34] C:\Program Files\Fichiers communs\Kodak
[14/02/2007|18:09] C:\Program Files\Fichiers communs\Logitech
[17/02/2009|19:11] C:\Program Files\Fichiers communs\Macrovision Shared
[09/02/2009|20:11] C:\Program Files\Fichiers communs\Microsoft Shared
[29/09/2006|08:17] C:\Program Files\Fichiers communs\MSSoap
[18/01/2009|20:33] C:\Program Files\Fichiers communs\Nero
[29/09/2006|10:13] C:\Program Files\Fichiers communs\ODBC
[13/06/2008|15:06] C:\Program Files\Fichiers communs\ScanSoft Shared
[29/09/2006|08:17] C:\Program Files\Fichiers communs\Services
[19/04/2007|19:26] C:\Program Files\Fichiers communs\Softwin
[29/09/2006|10:13] C:\Program Files\Fichiers communs\SpeechEngines
[03/11/2007|08:28] C:\Program Files\Fichiers communs\Stardock
[05/02/2009|20:07] C:\Program Files\Fichiers communs\System
[17/12/2008|15:45] C:\Program Files\Fichiers communs\Windows Live
[13/03/2008|21:25] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 35 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-20 18:11:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 12

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\martin\Application Data\Microsoft\Office\Recent\Smart Cleaner v3.3 (FR) + Keygen.LNK
C:\DOCUME~1\martin\Application Data\uTorrent\Call Of Duty 5 - World at War + Patch + Crack + Serial - By JOULSSS.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\CRACK.Crysis.Warhead.rar.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\Crysis Warhead Crack.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\Crysis_Warhead_Crack___Serial.rar.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\Driver Genius Pro 2008 v8.0.316+Keygen.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\KaperSky AntiVirus Keygen.rar.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\Kapersky Keygen.rar.torrent
C:\DOCUME~1\martin\Application Data\uTorrent\RAZOR1911 [WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING.rar.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\atimgpud.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\Benchmark_CPU.bat
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\Benchmark_CPU2.bat
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\Benchmark_GPU.bat
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\Cry3DEngine.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryAction.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryAISystem.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryAnimation.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryEntitySystem.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryFont.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryGame.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryInput.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryMovie.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryNetwork.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryPhysics.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryRenderD3D10.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryRenderD3D9.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryRenderNULL.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CryScriptSystem.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\Crysis.exe
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CrysisDedicatedServer.exe
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CrySoundSystem.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\CrySystem.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\fmodex.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\fmod_event.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\fmod_event_net.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\fxc.exe
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\ijl15.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\IntelLaptopGaming.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\jpeg62.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\readme.nfo
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\SHAllocator.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\Crysis Warhead\CRACK.Crysis.Warhead\Bin32\zlib1.dll
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED\nfs.exe
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED\NOTICE.TXT
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED\uld-nfsuco
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED\uld-nfsuco.nfo
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED\uld-nfsuco.rar
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Crack.Only-UNLOADED\uld-nfsuco.sfv
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED\rld-nfsk.exe
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED\uld-nfsukgo
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED\uld-nfsukgo.nfo
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED\uld-nfsukgo.rar
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED\uld-nfsukgo.sfv
C:\DOCUME~1\martin\Bureau\Gaël\Jeux\NFS undercover\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED\Need.for.Speed.Undercover.Keygen.Only-UNLOADED\uld-nfsukgo\rld-nfsk.exe
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\airdecap.exe
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\airodump.exe
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\cygwin1.dll
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Lang
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\logo.jpg
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\MSVCR70.DLL
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\PEEK.DLL
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\PEEK5.SYS
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\README.txt
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Updater
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Updater.exe
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Updater.ini
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\WinAircrack.exe
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\wzcook.exe
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Lang\english.ini
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Lang\francais.ini
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Lang\spanish.ini
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Lang\system.ini.txt
C:\DOCUME~1\martin\Bureau\Gaël\Piratez un reseau WIFI\Tools\winaircrackpack\WinAircrackPack\WinAircrackPack\Updater\Data.upd
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\Call of Duty 5 World at War Keygen
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\Call of Duty 5 World at War Keygen.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\FarCry2Keygen.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\Call of Duty 5 World at War Keygen\rzr-c5kg.exe
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\Call of Duty 5 World at War Keygen\rzr-c5kg.sfv
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\Gratis Godis här.URL
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\GTA.4.REAL.PROPER.Crack.ONLY-FCUKTHESCENE
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\Gratis Godis här.URL
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r00
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r01
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r02
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r03
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r04
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r05
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r06
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r07
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r08
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r09
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r10
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r11
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r12
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r13
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r14
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r15
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r16
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r17
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r18
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r19
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r20
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r21
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r22
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r23
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r24
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r25
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r26
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r27
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r28
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r29
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r30
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r31
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r32
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r33
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r34
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r35
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r36
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r37
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r38
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r39
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r40
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r41
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r42
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r43
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r44
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r45
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r46
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r47
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r48
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r49
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r50
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r51
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r52
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r53
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r54
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r55
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r56
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r57
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r58
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r59
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r60
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r61
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r62
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r63
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r64
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r65
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r66
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r67
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r68
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r69
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r70
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r71
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r72
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r73
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.r74
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD1\gta4-epen15-dvd1.sfv
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\Gratis Godis här.URL
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r00
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r01
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r02
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r03
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r04
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r05
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r06
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r07
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r08
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r09
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r10
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r11
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r12
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r13
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r14
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r15
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r16
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r17
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r18
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r19
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r20
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r21
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r22
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r23
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r24
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r25
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r26
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r27
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r28
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r29
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r30
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r31
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r32
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r33
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r34
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r35
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r36
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r37
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r38
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r39
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r40
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r41
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r42
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r43
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r44
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r45
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r46
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r47
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r48
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r49
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r50
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r51
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r52
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r53
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r54
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r55
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r56
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r57
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r58
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r59
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r60
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r61
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r62
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r63
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r64
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r65
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r66
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r67
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r68
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r69
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r70
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r71
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.r72
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\DVD2\gta4-epen15-dvd2.sfv
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\GTA.4.REAL.PROPER.Crack.ONLY-FCUKTHESCENE\fts-gta4crack_realproper.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\GTA.4.REAL.PROPER.Crack.ONLY-FCUKTHESCENE\fts-gta4crack_realproper.sfv
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements Bitcomet\GRAND_THEFT_AUTO_4_CLONEDVD_READNFO-ePEN15 + PROPER CRACK\GTA.4.REAL.PROPER.Crack.ONLY-FCUKTHESCENE\Gratis Godis här.URL
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Adobe Photoshop CS4 Extended Keygen & Patch.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Adobe Premiere Pro CS3 Multi-Language + Crack + Tutorials
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN].rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Driver Genius Professional 8 + Keygen.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Adobe Premiere Pro CS3 Multi-Language + Crack + Tutorials\Adobe Premiere Pro CS3 MultiLanguage.uif
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\Alcohol.1.9.8.7117
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\Alcohol.1.9.8.7117.rar
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\INFO-2.txt
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\INFO.TXT
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\SEED.gif
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\STRUS.txt
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\SCIAGASZ -SEEDUJ.jpg
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\Alcohol.1.9.8.7117\Activador.exe
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\Alcohol.1.9.8.7117\Alcohol120_1.9.8.7117_retail.exe
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN]\Alcohol.1.9.8.7117\Serial.txt
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Daemon Tools Pro 4.30.0303 Advanced [RH].-\Daemon Tools Pro 4.30.0303 Advanced\DTP4300303-PRO\Cracks
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Daemon Tools Pro 4.30.0303 Advanced [RH].-\Daemon Tools Pro 4.30.0303 Advanced\DTP4300303-PRO\Cracks\dtproAdv-key-1.4300302
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Daemon Tools Pro 4.30.0303 Advanced [RH].-\Daemon Tools Pro 4.30.0303 Advanced\DTP4300303-PRO\Cracks\hosts
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\fichiers torrents\Adobe Premiere Pro CS3 Multi-Language + Crack + Tutorials.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\fichiers torrents\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN].rar.1.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\fichiers torrents\Driver Genius Pro 2008 v8.0.316 Plus Crack Works.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\fichiers torrents\Driver Genius Professional 8 + Keygen.rar.1.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\fichiers torrents\Smart Cleaner v3.3 (FR) + Keygen.1.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\fichiers torrents\TuneUp Utilities 2008 Francais +Keygen.torrent
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\MAGIX Music Maker 2008 Producer Edition\MAGIX Music Maker 2008 Producer Edition\Crack
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\MAGIX Music Maker 2008 Producer Edition\MAGIX Music Maker 2008 Producer Edition\Crack\crack.exe
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\MAGIX Music Maker 2008 Producer Edition\MAGIX Music Maker 2008 Producer Edition\Crack\Dague76.nfo
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen\ECLiPSE.NFO
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen\FILE_ID.DiZ
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen\Smart Cleaner NFO.nfo
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen\SmartCleaner Setup.msi
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen\smartcleaner33.exe
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart Cleaner v3.3 (FR) + Keygen\Smart_Cleaner_v3.3_Kengen.zip
C:\DOCUME~1\martin\Bureau\Gaël\Téléchargements utorrent\Smart PC PRO V5.3+Speed Up My PC(NEW-with serial key)\Smart PC Professional V5.3\Crack
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis Warhead Crack
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis_Warhead_Crack___Serial
C:\DOCUME~1\martin\Mes documents\Downloads\Driver Genius Pro 2008 v8.0.316+Keygen
C:\DOCUME~1\martin\Mes documents\Downloads\KaperSky AntiVirus Keygen.rar
C:\DOCUME~1\martin\Mes documents\Downloads\RAZOR1911 [WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING.rar
C:\DOCUME~1\martin\Mes documents\Downloads\TuneUp Utilities 2008 Francais +Keygen
C:\DOCUME~1\martin\Mes documents\Downloads\[RAZOR1911][WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\atimgpud.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\Benchmark_CPU.bat
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\Benchmark_CPU2.bat
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\Benchmark_GPU.bat
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\Cry3DEngine.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryAction.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryAISystem.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryAnimation.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryEntitySystem.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryFont.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryGame.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryInput.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryMovie.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryNetwork.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryPhysics.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryRenderD3D10.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryRenderD3D9.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryRenderNULL.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CryScriptSystem.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\Crysis.exe
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CrysisDedicatedServer.exe
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CrySoundSystem.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\CrySystem.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\fmodex.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\fmod_event.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\fmod_event_net.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\fxc.exe
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\ijl15.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\IntelLaptopGaming.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\jpeg62.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\readme.nfo
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\SHAllocator.dll
C:\DOCUME~1\martin\Mes documents\Downloads\CRACK.Crysis.Warhead\Bin32\zlib1.dll
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis Warhead Crack\Crysis.exe
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis Warhead Crack\How to.html
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis Warhead Crack\PAUL.DLL
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis Warhead Crack\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis_Warhead_Crack___Serial\Crysis Warhead Crack & Serial
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis_Warhead_Crack___Serial\Crysis Warhead Crack & Serial\Crysis Warhead Key.txt
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis_Warhead_Crack___Serial\Crysis Warhead Crack & Serial\heic0707a.jpg
C:\DOCUME~1\martin\Mes documents\Downloads\Crysis_Warhead_Crack___Serial\Crysis Warhead Crack & Serial\PAUL.DLL
C:\DOCUME~1\martin\Mes documents\Downloads\Driver Genius Pro 2008 v8.0.316+Keygen\keygen.exe
C:\DOCUME~1\martin\Mes documents\Downloads\Driver Genius Pro 2008 v8.0.316+Keygen\setup.exe
C:\DOCUME~1\martin\Mes documents\Downloads\Office 2007 Enterprise\Crack
C:\DOCUME~1\martin\Mes documents\Downloads\Office 2007 Enterprise\Crack\office.reg
C:\DOCUME~1\martin\Mes documents\Downloads\TuneUp Utilities 2008 Francais +Keygen\TU2008TrialFR.exe
C:\DOCUME~1\martin\Mes documents\Downloads\TuneUp Utilities 2008 Francais +Keygen\~uTorrentPartFile_E1BEE0.dat
C:\DOCUME~1\martin\Mes documents\Downloads\[RAZOR1911][WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING\FAH.exe
C:\DOCUME~1\martin\Mes documents\Downloads\[RAZOR1911][WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING\FarCry2.exe
C:\DOCUME~1\martin\Mes documents\Downloads\[RAZOR1911][WEB SEED] FAR CRY 2 CRACK - REAL 100% FULLY WORKING\Instructions.txt
C:\DOCUME~1\martin\Recent\Crysis Warhead Crack & Serial.lnk
C:\DOCUME~1\martin\Recent\Driver Genius Pro 2008 v8.0.316+Keygen.lnk
C:\DOCUME~
0
Réponse 34 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
20 févr. 2009 à 19:17
Bonsoir,

WOW tous les cracks !! Un bon conseil : vire-moi tous ça...

A lire :

le danger des cracks

bagle/beagle

Est-ce que tu as encore des problèmes ??
0
Réponse 35 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
20 févr. 2009 à 19:49
Merci de tes conseils,
J'ai supprimé tous les keygens et crack.
J'ai été dans l'outil msconfig et le processus pnkBstrB s'était mis dans les services. J'ai fais une recherche sur le disque dur et trouvé l'éxécutable PnkBstrB ainsi qu'un fichier log du même nom. est-ce que je peux les supprimer? car ils se trouvent dans le system 32. La j'ai débloqué le trafic et je vais sur internet et le processus ne revient pas, je ne vois plus de signe d'infections.
0
Réponse 36 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
20 févr. 2009 à 19:54
Comme je te l'ai déjà dis, je ne pense pas que ça soit une infection...

Voici un excellent petit logiciel très utile qui te permettra de savoir les nouvelles mises à jour disponibles pour les différents logiciels installés sur ton PC :

▶ Télécharge Update Checker

▶ Installe le avec les paramètres par défaut en cliquant chaques fois sur Suivant.

▶ Une fois installé, patiente quelques secondes et tu verras apparaître une icône verte dans ta barre des tâches te signalant qu'il y a des mises à jour disponibles.

▶ Double-cliques sur l'icône pour être redirrigé sur le site de téléchargement des mises à jour.

Un conseil : n'installe pas les BETA qui sont listées en dessous.

▶ Tu installes les mises à jour que tu désires, les plus importantes sont :

● Java

● Adobe Reader

● Adobe Flash Player

● Internet explorer


Ensuite :


Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :

▶ Télécharge Toolscleaner sur ton Bureau


▶ Double-clique sur ToolsCleaner2.exe et laisse le travailler
▶ Clique sur Recherche et laisse le scan se terminer.
▶ Clique sur Suppression pour finaliser.
▶ Tu peux, si tu le souhaites, te servir des Options facultatives.
▶ Clique sur Quitter, pour que le rapport puisse se créer.
▶ Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse


Ensuite :


Désactive et réactive la Restauration du système :


Le fait de faire cette manipulation va supprimer tous les virus qui auraient pu se loger dans les
points de restauration que tu avais créé auparavant.. Il est donc recommandé de la faire :


1 Dans la barre des tâches de Windows, clique sur Démarrer.

2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.

3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"

4 Clique sur Appliquer.

5 Ensuite décoche "Désactiver la restauration du systeme"

6 clique sur appliquer puis ok

7 vas créer un point de restauration en cliquant sur démarrer => tous les programmes => accessoires =>

outils systeme => restauration du systeme => créer un point de restauration => tu mets un nom

(exemple : après désinfection sur CCM) puis tu valides.


Tu peux mettre ton problème résolu !! Comment mettre résolu ??


IMPORTANT : lire les quelques liens pour la prévention et la sécurité de votre PC qui se trouvent en bas de la page !!


WOT - Extension pour ton navigateur internet :

Voici une extension à télécharger qui te permettra, en faisant tes recherches sur google, de savoir si le site proposé lors de tes recherches est un site de confiance ou un site à éviter car il pourrait infecter ton PC :


Pour Firefox : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/

Pour internet explorer : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp

0
Réponse 37 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
20 févr. 2009 à 20:57
merci pour toutes ces astuces pratiques
Le log m'a détecté 15 logiciels a mettre a jour, je risque de m'amuser...
Tools cleaner a tout supprimé sauf qoobox ou se trouvaient probablement 2 virus que j'ai effacé manuellement mais je n'arrive pas a supprimer les dossiers même avec unlocker qui me dit pourtant que ça a marché.
Je vais mettre le sujet en résolu mais je voulais te demander si je pouvais supprimer l'éxécutable qui permettait au pirate de se connecter a mon pc malgré qu'il soit dans le system 32.
0
Réponse 38 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
20 févr. 2009 à 21:00
Comme je te l'ai déjà dis, je ne pense pas que ça soit une infection... Je ne te conseille pas de le supprimer..

Poste le rapport de toolscleaner pour vérifier stp
0
Réponse 39 / 41
arthurm96 Messages postés 55 Date d'inscription dimanche 15 février 2009 Statut Membre Dernière intervention 20 février 2011
20 févr. 2009 à 21:06
excuse j'allais le mettre mais j'ai oublié, le voila:



[ Rapport ToolsCleaner version 2.3.1 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\lopR.txt: trouvé !
C:\Combofix: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\martin\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\martin\Bureau\SmitFraudfix: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\martin\Bureau\SmitFraudFix.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\lopR.txt: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Combofix: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: ERREUR DE SUPPRESSION !!
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\martin\Bureau\SmitFraudfix: supprimé !
C:\Program Files\Navilog1: supprimé !
0
Réponse 40 / 41
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
20 févr. 2009 à 21:10
C'est la quarantaine de ComboFix... Essaye de supprimer le dossier en mode sans échec..
0