Sujet Précédent Sujet Suivant

Gros virus plus rien a faire

Résolu
lilou -  
 Utilisateur anonyme -
bonsoir

j ai un soucis .
je n'ai plus d antivirus et impossible de le reinstaller , de plus hijackthis ( conseillè par un ami ) ne fonctionne plus non plus.
mon ami ma dit de prendre malwarebyte et il se bloque...que faire

merci a vous d'aider une étudiante en droit
A voir également:

82 réponses

Réponse 1 / 82
Utilisateur anonyme
 
T inkietes ..

Pour usbfix il te dira "version non supporté .." mais ça sera corrigé à la prochaine maj .

Si tu le souhaite je peux te passer une version que tu peux tester sous seven , et me faire des remontées en mp

ou ici : http://www.commentcamarche.net/forum/affich 11859597 retour de usbfix?page=10#218

pour d eventuels bugs , messages d erreures etc .

2
Réponse 2 / 82
Utilisateur anonyme
 
Re,

Euh, tu vas tous les faires ?

Télécharge ComboFix (de sUBs) sur ton Bureau.

/!\Désactive temporairement toute protection résidente /!\ (Antivirus, antispywares..)
Double clique sur ComboFix.exe.
Accepte la licence en cliquant sur Oui.
Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide :Comment utiliser ComboFix.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
1
Réponse 3 / 82
lilou
 
je peux pas poster l autre rapport
1
Réponse 4 / 82
lilou
 
ComboFix 09-05-11.01 - henri 11/05/2009 22:46.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2814.1322 [GMT 2:00]
Lancé depuis: d:\dvix\a voir\pipi5217ipip5871.exe
AV: a-squared Anti-Malware *On-access scanning disabled* (Updated)
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\henri\AppData\Roaming\drivers\downld
c:\users\henri\AppData\Roaming\drivers\downld\1312233.exe
c:\users\henri\AppData\Roaming\drivers\downld\1316071.exe
c:\users\henri\AppData\Roaming\drivers\downld\1316086.exe
c:\users\henri\AppData\Roaming\drivers\downld\1331016.exe
c:\users\henri\AppData\Roaming\drivers\downld\1332357.exe
c:\users\henri\AppData\Roaming\drivers\downld\1332778.exe
c:\users\henri\AppData\Roaming\drivers\downld\1340922.exe
c:\users\henri\AppData\Roaming\drivers\downld\1341748.exe
c:\users\henri\AppData\Roaming\drivers\downld\1345181.exe
c:\users\henri\AppData\Roaming\drivers\downld\1359891.exe
c:\users\henri\AppData\Roaming\drivers\downld\1362668.exe
c:\users\henri\AppData\Roaming\drivers\downld\1363526.exe
c:\users\henri\AppData\Roaming\drivers\downld\1448672.exe
c:\users\henri\AppData\Roaming\drivers\downld\1449202.exe
c:\users\henri\AppData\Roaming\drivers\downld\1449483.exe
c:\users\henri\AppData\Roaming\drivers\downld\147140.exe
c:\users\henri\AppData\Roaming\drivers\downld\147514.exe
c:\users\henri\AppData\Roaming\drivers\downld\1484583.exe
c:\users\henri\AppData\Roaming\drivers\downld\1485675.exe
c:\users\henri\AppData\Roaming\drivers\downld\1486252.exe
c:\users\henri\AppData\Roaming\drivers\downld\1489591.exe
c:\users\henri\AppData\Roaming\drivers\downld\1490464.exe
c:\users\henri\AppData\Roaming\drivers\downld\1490480.exe
c:\users\henri\AppData\Roaming\drivers\downld\1493849.exe
c:\users\henri\AppData\Roaming\drivers\downld\1494988.exe
c:\users\henri\AppData\Roaming\drivers\downld\1495004.exe
c:\users\henri\AppData\Roaming\drivers\downld\1504130.exe
c:\users\henri\AppData\Roaming\drivers\downld\1506564.exe
c:\users\henri\AppData\Roaming\drivers\downld\1507281.exe
c:\users\henri\AppData\Roaming\drivers\downld\169183.exe
c:\users\henri\AppData\Roaming\drivers\downld\169198.exe
c:\users\henri\AppData\Roaming\drivers\downld\169229.exe
c:\users\henri\AppData\Roaming\drivers\downld\1692330.exe
c:\users\henri\AppData\Roaming\drivers\downld\169245.exe
c:\users\henri\AppData\Roaming\drivers\downld\1692610.exe
c:\users\henri\AppData\Roaming\drivers\downld\1803090.exe
c:\users\henri\AppData\Roaming\drivers\downld\1806023.exe
c:\users\henri\AppData\Roaming\drivers\downld\1806850.exe
c:\users\henri\AppData\Roaming\drivers\downld\1807536.exe
c:\users\henri\AppData\Roaming\drivers\downld\1808503.exe
c:\users\henri\AppData\Roaming\drivers\downld\1808550.exe
c:\users\henri\AppData\Roaming\drivers\downld\199946.exe
c:\users\henri\AppData\Roaming\drivers\downld\200320.exe
c:\users\henri\AppData\Roaming\drivers\downld\205812.exe
c:\users\henri\AppData\Roaming\drivers\downld\206248.exe
c:\users\henri\AppData\Roaming\drivers\downld\207543.exe
c:\users\henri\AppData\Roaming\drivers\downld\207871.exe
c:\users\henri\AppData\Roaming\drivers\downld\207886.exe
c:\users\henri\AppData\Roaming\drivers\downld\212005.exe
c:\users\henri\AppData\Roaming\drivers\downld\217168.exe
c:\users\henri\AppData\Roaming\drivers\downld\219384.exe
c:\users\henri\AppData\Roaming\drivers\downld\223206.exe
c:\users\henri\AppData\Roaming\drivers\downld\223533.exe
c:\users\henri\AppData\Roaming\drivers\downld\223549.exe
c:\users\henri\AppData\Roaming\drivers\downld\227449.exe
c:\users\henri\AppData\Roaming\drivers\downld\233439.exe
c:\users\henri\AppData\Roaming\drivers\downld\234984.exe
c:\users\henri\AppData\Roaming\drivers\downld\235967.exe
c:\users\henri\AppData\Roaming\drivers\downld\237870.exe
c:\users\henri\AppData\Roaming\drivers\downld\254656.exe
c:\users\henri\AppData\Roaming\drivers\downld\257152.exe
c:\users\henri\AppData\Roaming\drivers\downld\257401.exe
c:\users\henri\AppData\Roaming\drivers\downld\258696.exe
c:\users\henri\AppData\Roaming\drivers\downld\259133.exe
c:\users\henri\AppData\Roaming\drivers\downld\260100.exe
c:\users\henri\AppData\Roaming\drivers\downld\261598.exe
c:\users\henri\AppData\Roaming\drivers\downld\261629.exe
c:\users\henri\AppData\Roaming\drivers\downld\263454.exe
c:\users\henri\AppData\Roaming\drivers\downld\263828.exe
c:\users\henri\AppData\Roaming\drivers\downld\264328.exe
c:\users\henri\AppData\Roaming\drivers\downld\265076.exe
c:\users\henri\AppData\Roaming\drivers\downld\267526.exe
c:\users\henri\AppData\Roaming\drivers\downld\268493.exe
c:\users\henri\AppData\Roaming\drivers\downld\268961.exe
c:\users\henri\AppData\Roaming\drivers\downld\284202.exe
c:\users\henri\AppData\Roaming\drivers\downld\286527.exe
c:\users\henri\AppData\Roaming\drivers\downld\287338.exe
c:\users\henri\AppData\Roaming\drivers\downld\298773.exe
c:\users\henri\AppData\Roaming\drivers\downld\299662.exe
c:\users\henri\AppData\Roaming\drivers\downld\300130.exe
c:\users\henri\AppData\Roaming\drivers\downld\310660.exe
c:\users\henri\AppData\Roaming\drivers\downld\313047.exe
c:\users\henri\AppData\Roaming\drivers\downld\313967.exe
c:\users\henri\AppData\Roaming\drivers\downld\343545.exe
c:\users\henri\AppData\Roaming\drivers\downld\344653.exe
c:\users\henri\AppData\Roaming\drivers\downld\345635.exe
c:\users\henri\AppData\Roaming\drivers\downld\351298.exe
c:\users\henri\AppData\Roaming\drivers\downld\353903.exe
c:\users\henri\AppData\Roaming\drivers\downld\354434.exe
c:\users\henri\AppData\Roaming\drivers\downld\367943.exe
c:\users\henri\AppData\Roaming\drivers\downld\368271.exe
c:\users\henri\AppData\Roaming\drivers\downld\368567.exe
c:\users\henri\AppData\Roaming\drivers\downld\382764.exe
c:\users\henri\AppData\Roaming\drivers\downld\383856.exe
c:\users\henri\AppData\Roaming\drivers\downld\385634.exe
c:\users\henri\AppData\Roaming\drivers\downld\387568.exe
c:\users\henri\AppData\Roaming\drivers\downld\388879.exe
c:\users\henri\AppData\Roaming\drivers\downld\389440.exe
c:\users\henri\AppData\Roaming\drivers\downld\390376.exe
c:\users\henri\AppData\Roaming\drivers\downld\390798.exe
c:\users\henri\AppData\Roaming\drivers\downld\390813.exe
c:\users\henri\AppData\Roaming\drivers\downld\393481.exe
c:\users\henri\AppData\Roaming\drivers\downld\394120.exe
c:\users\henri\AppData\Roaming\drivers\downld\394136.exe
c:\users\henri\AppData\Roaming\drivers\downld\394152.exe
c:\users\henri\AppData\Roaming\drivers\downld\394183.exe
c:\users\henri\AppData\Roaming\drivers\downld\394198.exe
c:\users\henri\AppData\Roaming\drivers\downld\395509.exe
c:\users\henri\AppData\Roaming\drivers\downld\396320.exe
c:\users\henri\AppData\Roaming\drivers\downld\396757.exe
c:\users\henri\AppData\Roaming\drivers\downld\396772.exe
c:\users\henri\AppData\Roaming\drivers\downld\396788.exe
c:\users\henri\AppData\Roaming\drivers\downld\396913.exe
c:\users\henri\AppData\Roaming\drivers\downld\399690.exe
c:\users\henri\AppData\Roaming\drivers\downld\400345.exe
c:\users\henri\AppData\Roaming\drivers\downld\400360.exe
c:\users\henri\AppData\Roaming\drivers\downld\402560.exe
c:\users\henri\AppData\Roaming\drivers\downld\402716.exe
c:\users\henri\AppData\Roaming\drivers\downld\403886.exe
c:\users\henri\AppData\Roaming\drivers\downld\403902.exe
c:\users\henri\AppData\Roaming\drivers\downld\406694.exe
c:\users\henri\AppData\Roaming\drivers\downld\408129.exe
c:\users\henri\AppData\Roaming\drivers\downld\408597.exe
c:\users\henri\AppData\Roaming\drivers\downld\413465.exe
c:\users\henri\AppData\Roaming\drivers\downld\414245.exe
c:\users\henri\AppData\Roaming\drivers\downld\414635.exe
c:\users\henri\AppData\Roaming\drivers\downld\414791.exe
c:\users\henri\AppData\Roaming\drivers\downld\415087.exe
c:\users\henri\AppData\Roaming\drivers\downld\415883.exe
c:\users\henri\AppData\Roaming\drivers\downld\417911.exe
c:\users\henri\AppData\Roaming\drivers\downld\418847.exe
c:\users\henri\AppData\Roaming\drivers\downld\419299.exe
c:\users\henri\AppData\Roaming\drivers\downld\442512.exe
c:\users\henri\AppData\Roaming\drivers\downld\443417.exe
c:\users\henri\AppData\Roaming\drivers\downld\443947.exe
c:\users\henri\AppData\Roaming\drivers\downld\446646.exe
c:\users\henri\AppData\Roaming\drivers\downld\447270.exe
c:\users\henri\AppData\Roaming\drivers\downld\447286.exe
c:\users\henri\AppData\Roaming\drivers\downld\449626.exe
c:\users\henri\AppData\Roaming\drivers\downld\450608.exe
c:\users\henri\AppData\Roaming\drivers\downld\450624.exe
c:\users\henri\AppData\Roaming\drivers\downld\455647.exe
c:\users\henri\AppData\Roaming\drivers\downld\458471.exe
c:\users\henri\AppData\Roaming\drivers\downld\459890.exe
c:\users\henri\AppData\Roaming\drivers\downld\460343.exe
c:\users\henri\AppData\Roaming\drivers\downld\578841.exe
c:\users\henri\AppData\Roaming\drivers\downld\579075.exe
c:\users\henri\AppData\Roaming\drivers\downld\579091.exe
c:\users\henri\AppData\Roaming\drivers\downld\603926.exe
c:\users\henri\AppData\Roaming\drivers\downld\605533.exe
c:\users\henri\AppData\Roaming\drivers\downld\605673.exe
c:\users\henri\AppData\Roaming\drivers\downld\634128.exe
c:\users\henri\AppData\Roaming\drivers\downld\634144.exe
c:\users\henri\AppData\Roaming\drivers\downld\634159.exe
c:\users\henri\AppData\Roaming\drivers\downld\662146.exe
c:\users\henri\AppData\Roaming\drivers\downld\662364.exe
c:\users\henri\AppData\Roaming\drivers\downld\662380.exe
c:\users\henri\AppData\Roaming\drivers\downld\663721.exe
c:\users\henri\AppData\Roaming\drivers\downld\664111.exe
c:\users\henri\AppData\Roaming\drivers\downld\664174.exe
c:\users\henri\AppData\Roaming\drivers\downld\664517.exe
c:\users\henri\AppData\Roaming\drivers\downld\665515.exe
c:\users\henri\AppData\Roaming\drivers\downld\718244.exe
c:\users\henri\AppData\Roaming\drivers\downld\719679.exe
c:\users\henri\AppData\Roaming\drivers\downld\720272.exe
c:\users\henri\AppData\Roaming\drivers\downld\720958.exe
c:\users\henri\AppData\Roaming\drivers\downld\722581.exe
c:\users\henri\AppData\Roaming\drivers\downld\722783.exe
c:\users\henri\AppData\Roaming\drivers\downld\745232.exe
c:\users\henri\AppData\Roaming\drivers\downld\745731.exe
c:\users\henri\AppData\Roaming\drivers\downld\746105.exe
c:\users\henri\AppData\Roaming\drivers\downld\746651.exe
c:\users\henri\AppData\Roaming\drivers\downld\746667.exe
c:\users\henri\AppData\Roaming\drivers\downld\746714.exe
c:\users\henri\AppData\Roaming\drivers\downld\754280.exe
c:\users\henri\AppData\Roaming\drivers\downld\754686.exe
c:\users\henri\AppData\Roaming\drivers\downld\754764.exe
c:\users\henri\AppData\Roaming\drivers\downld\755169.exe
c:\users\henri\AppData\Roaming\drivers\downld\755871.exe
c:\windows\system32\404Fix.exe
c:\windows\System32\Desktop_.ini
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\msql32sys.dll
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_SK9OU0S
-------\Legacy_SROSA
-------\Service_Boonty Games

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-12 au 2009-05-12 ))))))))))))))))))))))))))))))))))))
.

2009-05-11 20:43 . 2009-05-11 20:44 -------- d-----w C:\caca865a47c851
2009-05-11 19:58 . 2009-05-11 20:01 -------- d-----w C:\ToolBar SD
2009-05-11 13:42 . 2009-05-11 13:42 -------- d-----w C:\rsit
2009-05-11 12:01 . 2009-05-11 17:59 -------- d-----w c:\program files\a-squared Anti-Malware
2009-05-10 23:22 . 2009-05-10 23:26 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-05-10 23:22 . 2009-05-10 23:22 -------- d-----w c:\progra~2\Avira
2009-05-10 23:22 . 2009-05-10 23:22 -------- d-----w c:\users\All Users\Avira
2009-05-10 23:22 . 2009-05-10 23:22 -------- d-----w c:\program files\Avira
2009-05-10 22:56 . 2009-05-11 06:56 -------- d-----w C:\FindyKill
2009-05-10 22:32 . 2009-05-10 22:32 -------- d-----w C:\fixwareout
2009-05-10 22:12 . 2009-05-10 22:13 -------- d-----w c:\program files\FileRescue Pro
2009-05-10 21:45 . 2009-05-10 21:55 -------- d-----w C:\Lop SD
2009-05-10 20:34 . 2009-05-10 22:55 -------- d-----w c:\program files\FindyKill
2009-05-10 20:05 . 2009-05-11 07:22 -------- d-----w c:\program files\Navilog1
2009-05-10 18:30 . 2009-05-11 21:04 -------- d--h--w c:\users\henri\AppData\Roaming\drivers
2009-04-19 08:40 . 2009-04-19 08:40 -------- d-----w c:\program files\The Bitmap Brothers
2009-04-15 15:18 . 2009-04-15 15:18 -------- d-----w c:\program files\Panda Security
2009-04-15 13:02 . 2009-04-15 13:02 93 ----a-w c:\users\henri\AppData\Local\fusioncache.dat
2009-04-15 13:02 . 2009-04-15 13:08 -------- d-----w c:\users\henri\AppData\Local\ApplicationHistory
2009-04-15 12:57 . 2009-04-15 12:57 -------- d-----w c:\windows\system32\URTTEMP
2009-04-15 12:50 . 2009-04-15 12:50 -------- d-----w C:\DESI-III
2009-04-15 12:49 . 2009-04-15 12:49 -------- d-----w c:\users\henri\AppData\Local\Installer2792
2009-04-13 19:38 . 2009-05-10 22:46 -------- d-----w C:\tmp
2009-04-13 18:45 . 2009-04-13 18:45 -------- d-----w c:\users\henri\AppData\Roaming\Blender Foundation
2009-04-13 12:30 . 2009-05-11 13:26 -------- d-----w c:\program files\a-squared Free
2009-04-13 10:40 . 2006-05-10 12:18 1929216 ----a-w c:\windows\system32\cdintf250.dll
2009-04-13 10:40 . 2009-04-13 10:40 -------- d-----w c:\program files\EBP
2009-04-13 10:40 . 2009-04-13 10:40 -------- d-----w C:\EBP
2009-04-13 10:29 . 2009-04-13 10:29 201 ----a-w c:\windows\runconfmig.bat
2009-04-13 10:29 . 2009-04-13 10:29 -------- d-----w c:\program files\Common Files\Pervasive Software Shared
2009-04-13 10:29 . 2002-06-30 11:40 19456 ----a-w c:\windows\keyhh.exe
2009-04-13 10:28 . 2009-04-13 10:28 544816 ----a-w c:\windows\system32\pscl.dll
2009-04-13 10:28 . 2009-04-13 10:28 254002 ----a-w c:\windows\system32\pscore.dll
2009-04-13 10:28 . 2009-04-13 10:28 43760 ----a-w c:\windows\system32\nwlocale.dll
2009-04-13 10:28 . 2009-04-13 10:28 146976 ----a-w c:\windows\system32\mfcoleui.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-11 18:31 . 2008-05-28 13:33 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-11 11:26 . 2007-09-05 16:25 13025 ----a-w c:\users\henri\AppData\Roaming\nvModes.dat
2009-05-11 07:55 . 2006-12-10 19:02 736660 ----a-w c:\windows\system32\perfh00C.dat
2009-05-11 07:55 . 2006-12-10 19:02 151838 ----a-w c:\windows\system32\perfc00C.dat
2009-05-11 07:18 . 2008-01-21 15:26 -------- d-----w c:\program files\Mozilla Firefox 3 Beta 2
2009-05-10 23:29 . 2008-09-23 12:03 -------- d-----w c:\program files\DAEMON Tools Lite
2009-05-10 21:26 . 2008-11-05 18:34 35 ----a-w c:\users\henri\AppData\Roaming\SetValue.bat
2009-05-10 21:26 . 2008-11-05 18:34 691 ----a-w c:\users\henri\AppData\Roaming\GetValue.vbs
2009-05-10 20:16 . 2008-11-05 18:03 -------- d-----w c:\program files\Trend Micro
2009-05-07 09:04 . 2006-12-02 07:31 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-16 01:12 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-15 13:02 . 2007-09-05 16:03 150968 ----a-w c:\users\henri\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-15 12:47 . 2006-12-10 10:09 -------- d-----w c:\program files\Common Files\Adobe
2009-04-11 14:02 . 2009-04-11 14:02 -------- d-----w c:\program files\Spamihilator
2009-04-06 13:32 . 2008-09-15 19:09 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 . 2008-05-28 13:33 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-03 14:14 . 2009-04-03 14:13 -------- d-----w c:\program files\Safari
2009-04-03 14:13 . 2009-04-03 14:13 -------- d-----w c:\program files\Apple Software Update
2009-04-03 09:13 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-03 09:13 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-03 09:13 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-01 17:36 . 2009-04-01 17:36 -------- d-----w c:\program files\DIFX
2009-04-01 17:33 . 2008-09-10 19:27 -------- d-----w c:\program files\ma-config.com
2009-04-01 17:33 . 2008-09-10 19:27 -------- d-----w c:\progra~2\ma-config.com
2009-03-29 16:18 . 2008-11-21 10:22 -------- d-----w c:\program files\Common Files\Ahead
2009-03-29 14:40 . 2009-03-01 16:04 -------- d-----w c:\program files\Téléchargeur de Sonic Adventure DX
2009-03-29 14:32 . 2006-12-10 10:17 -------- d-----w c:\program files\Common Files\LightScribe
2009-03-26 08:01 . 2009-03-24 13:41 -------- d-----w c:\program files\Microsoft Visual Studio 8
2009-03-24 21:36 . 2009-01-02 15:28 -------- d-----w c:\program files\Error Repair Professional
2009-03-24 21:30 . 2007-09-05 21:41 -------- d-----w c:\program files\Google
2009-03-24 21:27 . 2009-03-03 15:39 -------- d-----w c:\program files\Motherboard Monitor 5
2009-03-24 21:25 . 2006-12-10 10:14 -------- d-----w c:\program files\CyberLink
2009-03-24 18:39 . 2009-03-24 18:36 32768 ----a-w c:\windows\system32\DesignerUninst.exe
2009-03-24 13:49 . 2009-03-24 13:49 -------- d-----w c:\program files\Microsoft Works
2009-03-24 13:49 . 2006-11-02 12:37 -------- d-----w c:\program files\MSBuild
2009-03-24 13:47 . 2008-12-04 18:33 -------- d-----w c:\program files\Microsoft.NET
2009-03-23 21:52 . 2008-08-19 22:54 -------- d-----w c:\program files\TuneUp Utilities 2008
2009-03-23 21:52 . 2009-03-23 21:52 354560 ----a-w c:\windows\system32\TuneUpDefragService.exe
2009-03-23 18:57 . 2009-03-23 18:57 -------- d-----w c:\program files\MSN Messenger
2009-03-23 11:57 . 2009-03-23 11:57 -------- d-----w c:\program files\Microsoft
2009-03-23 11:57 . 2009-03-23 11:57 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-23 11:56 . 2008-01-03 15:08 -------- d-----w c:\program files\Windows Live
2009-03-23 11:10 . 2009-03-23 11:10 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-22 20:07 . 2009-03-04 10:21 21840 ----atw c:\windows\system32\SIntfNT.dll
2009-03-22 20:07 . 2009-03-04 10:21 17212 ----atw c:\windows\system32\SIntf32.dll
2009-03-22 20:07 . 2009-03-04 10:21 12067 ----atw c:\windows\system32\SIntf16.dll
2009-03-17 03:38 . 2009-04-15 07:42 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 07:42 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-14 18:57 . 2007-12-03 23:34 -------- d-----w c:\program files\IncrediMail
2009-03-08 11:34 . 2009-04-01 09:13 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-04-01 09:13 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-04-01 09:13 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-04-01 09:13 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-04-01 09:13 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-04-01 09:13 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-04-01 09:13 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-04-01 09:13 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-04-01 09:13 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-04-01 09:13 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-04-01 09:13 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-04-01 09:13 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-04-01 09:13 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-04-01 09:13 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-04-01 09:13 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-04-01 09:13 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-04-01 09:13 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-04-01 09:13 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-15 07:42 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-15 07:42 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-15 07:42 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 07:42 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 07:42 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 07:42 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 07:42 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-15 07:42 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-15 07:42 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 07:42 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-01 18:27 . 2009-03-01 18:27 44384 ----a-w c:\windows\system32\drivers\tifsfilt.sys
2009-03-01 18:27 . 2009-03-01 18:27 441760 ----a-w c:\windows\system32\drivers\timntr.sys
2009-03-01 18:27 . 2009-03-01 18:27 129248 ----a-w c:\windows\system32\drivers\snapman.sys
2009-03-01 18:26 . 2009-03-01 18:26 368736 ----a-w c:\windows\system32\drivers\tdrpman.sys
2009-02-15 21:48 . 2008-02-13 00:45 86016 ----a-w c:\windows\system32\OpenAL32.dll
2009-02-13 08:49 . 2009-04-15 07:42 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-15 07:42 1255936 ----a-w c:\windows\system32\lsasrv.dll
2008-05-17 08:05 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2008-09-10 14:46 . 2008-06-18 14:42 72 --sh--w c:\windows\SA0594035.tmp
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"AlcoholAutomount"="d:\utilitaire\Alcohol 120\axcmd.exe" [2009-03-17 203928]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Google Update"="c:\users\henri\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-06 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-12-23 1321984]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"NetFxUpdate_v1.1.4322"="c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" [2007-01-15 73728]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-09 3784704]

c:\users\henri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Pervasive.SQL Workgroup Engine.lnk - c:\pvsw\Bin\w3dbsmgr.exe [2004-7-22 106546]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
WiFi Station pour Livebox.lnk - c:\program files\Hercules\WiFi Station pour Livebox\WiFiLB.exe [2007-11-7 102400]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\AutorunsDisabled
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384]

c:\users\henri\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\
Pervasive.SQL Workgroup Engine.lnk - c:\pvsw\Bin\w3dbsmgr.exe [2004-7-22 106546]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\WIDEST~1\FREEQU~1\QUICKA~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ "autocheck autochk *"\[u]0/uOODBS

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DSLMON.lnk]
backup=c:\windows\pss\DSLMON.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
backup=c:\windows\pss\Outil de mise à jour Google.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SnagIt 8.lnk]
backup=c:\windows\pss\SnagIt 8.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^henri^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GigaTribe.lnk]
backup=c:\windows\pss\GigaTribe.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^henri^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moteur WinSauvegarde.lnk]
backup=c:\windows\pss\Moteur WinSauvegarde.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^henri^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
backup=c:\windows\pss\OpenOffice.org 2.4.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^henri^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\henri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\au
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eTrustPPAP
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\exp32sys
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1754156993-695157337-552481621-1000]
"EnableNotificationsRef"=dword:00000007

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{081659FE-5F03-42E3-B488-636242C7D835}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{2A8BAAA4-1E02-4C0A-BC8A-3882CFC56A0D}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"TCP Query User{9F7ED434-5549-47A2-94EB-DCCE3AA2481E}d:\\jeux\\petanquedemo\\bin\\releasedemo\\petanque.exe"= UDP:d:\jeux\petanquedemo\bin\releasedemo\petanque.exe:Petanque
"UDP Query User{4AB610E7-08D8-4DF4-82A6-5F45A60BB6EE}d:\\jeux\\petanquedemo\\bin\\releasedemo\\petanque.exe"= TCP:d:\jeux\petanquedemo\bin\releasedemo\petanque.exe:Petanque
"TCP Query User{1B85A63B-D7ED-4DD7-B3FF-C581273198EE}d:\\jeux\\trackmania nations eswc\\tmnationseswc.exe"= UDP:d:\jeux\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
"UDP Query User{5BD7C597-8408-4926-8F77-1520ACB69431}d:\\jeux\\trackmania nations eswc\\tmnationseswc.exe"= TCP:d:\jeux\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
"{420A529D-26F0-4FA3-9402-62A6F4266AAE}"= UDP:c:\program files\Shareaza\Shareaza.exe:Shareaza
"{5C5BBB86-7639-49BC-8296-CD09E7567E02}"= TCP:c:\program files\Shareaza\Shareaza.exe:Shareaza
"{35333AA0-418F-49B8-A630-F2D1B0EE306B}"= UDP:d:\utilitaire\DEFRAGMENTEUR PUISSANT\UDefrag.exe:UltimateDefrag Lite
"{CBBDD1F7-35DD-41F4-AB97-C1D426DD3216}"= TCP:d:\utilitaire\DEFRAGMENTEUR PUISSANT\UDefrag.exe:UltimateDefrag Lite
"TCP Query User{1CC85DE6-CEE2-4475-9682-39916DEF32F3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule Plus
"UDP Query User{02175312-2328-43C6-876B-2D81BAF632F7}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule Plus
"{2998AF1F-AD1C-4AA7-B2DC-2F25D76B1F7E}"= UDP:c:\program files\eMule\eMule.exe:eMule Plus
"{81F178C2-B4BF-4425-ADF6-76FFD8D53E0E}"= TCP:c:\program files\eMule\eMule.exe:eMule Plus
"{76E0B84A-D1C4-45DA-81D1-B787F8F38D12}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{005EE143-17A9-4CAC-883A-ACC78B3E400B}"= UDP:56390:Pando P2P TCP Listening Port
"{72E412F1-ABD1-4631-8436-73C1B850076A}"= TCP:56390:Pando P2P UDP Listening Port
"TCP Query User{1B5CF3E8-9375-4047-9E3B-CF10C5FA2AC2}c:\\program files\\pando networks\\pando\\pando.exe"= UDP:c:\program files\pando networks\pando\pando.exe:pando
"UDP Query User{8F39B2D7-B1E2-43C6-BF9A-32BE2CE84C4F}c:\\program files\\pando networks\\pando\\pando.exe"= TCP:c:\program files\pando networks\pando\pando.exe:pando
"{4500800B-1F61-4463-BB0C-7A3C27AAAE83}"= UDP:d:\utilitaire\GigaTribe\gigatribe.exe:GigaTribe
"{34AB010E-87CD-4F74-8731-AD8FFBAEBECA}"= TCP:d:\utilitaire\GigaTribe\gigatribe.exe:GigaTribe
"TCP Query User{4CF7F9CD-AFE3-427C-A7F3-C28D415E66ED}d:\\jeux\\x-plane 8.64\\x-plane 864.exe"= Disabled:UDP:d:\jeux\x-plane 8.64\x-plane 864.exe:X-Plane 864
"UDP Query User{F3399E03-F1FB-4ADF-9E21-3EAC4DBA68E1}d:\\jeux\\x-plane 8.64\\x-plane 864.exe"= Disabled:TCP:d:\jeux\x-plane 8.64\x-plane 864.exe:X-Plane 864
"TCP Query User{3BED2BA9-947D-4725-A4D0-AE9A98CE055A}d:\\utilitaire\\telechargement peer to peers\\ares\\ares.exe"= UDP:d:\utilitaire\telechargement peer to peers\ares\ares.exe:Ares p2p for windows
"UDP Query User{8015BB2A-7538-46ED-83FD-04A3608DE0D0}d:\\utilitaire\\telechargement peer to peers\\ares\\ares.exe"= TCP:d:\utilitaire\telechargement peer to peers\ares\ares.exe:Ares p2p for windows
"{61F10847-37CD-4A58-91BB-2CB9063244A2}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{070E6C79-A26C-4BEE-A9F1-86778DBC745E}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{57B0030D-2DCC-43BD-B913-AE4A895827D0}d:\\jeux\\flightgear\\bin\\win32\\fgfs.exe"= UDP:d:\jeux\flightgear\bin\win32\fgfs.exe:fgfs
"UDP Query User{62E21F5A-A2CD-4647-A73D-72B5BD41946F}d:\\jeux\\flightgear\\bin\\win32\\fgfs.exe"= TCP:d:\jeux\flightgear\bin\win32\fgfs.exe:fgfs
"TCP Query User{0B90AE32-4F86-4454-BBEA-3AD6776EB863}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{32C4647C-2CE1-49A5-BC68-469F219FECE5}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"TCP Query User{260F391E-0476-4F4E-9DC0-94C2A72C718A}d:\\utilitaire\\aida32 - enterprise system information\\aida32.bin"= UDP:d:\utilitaire\aida32 - enterprise system information\aida32.bin:AIDA32 - Worldwide SysInfo Tool
"UDP Query User{E0A03289-3EFB-4B72-8B3D-9BEA843A4CEC}d:\\utilitaire\\aida32 - enterprise system information\\aida32.bin"= TCP:d:\utilitaire\aida32 - enterprise system information\aida32.bin:AIDA32 - Worldwide SysInfo Tool
"TCP Query User{BB4D6DC1-09D5-408B-9667-9284FE2E3EED}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{7D56974D-E112-490D-8636-1EAE2B32A6D4}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{378443D9-05CD-4080-AB94-A2BA0938C105}c:\\program files\\iepro\\minidm.exe"= UDP:c:\program files\iepro\minidm.exe:MiniDM
"UDP Query User{5BA2CF1A-049D-4882-B705-8C25BD6A158C}c:\\program files\\iepro\\minidm.exe"= TCP:c:\program files\iepro\minidm.exe:MiniDM
"TCP Query User{BEDC6B78-DDBA-46A4-B250-0A025C0C6759}d:\\utilitaire\\izispot\\izispot.exe"= UDP:d:\utilitaire\izispot\izispot.exe:IziSpot
"UDP Query User{8700A5CB-0315-45A9-B1B4-D83D50A12C55}d:\\utilitaire\\izispot\\izispot.exe"= TCP:d:\utilitaire\izispot\izispot.exe:IziSpot
"TCP Query User{5BAD5CF7-C94E-4FDA-A871-4AD59F43959F}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{CAF42D3C-CE34-402D-A02A-E5DC877C97E1}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{4DC20D1D-685D-415D-9917-2B518B0855BF}d:\\utilitaire\\emule\\emule.exe"= UDP:d:\utilitaire\emule\emule.exe:eMule
"UDP Query User{983723EC-916D-4754-91F7-5677ADB044CC}d:\\utilitaire\\emule\\emule.exe"= TCP:d:\utilitaire\emule\emule.exe:eMule
"{EF94F3A9-B56F-4443-8F76-020AA2BB3763}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{640EC807-DED8-4D00-A9C8-DE9C682BE51A}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"TCP Query User{51961A99-3997-4173-AC09-18E3935025FB}d:\\jeux\\worms\\worms 4 mayhem online demo.exe"= UDP:d:\jeux\worms\worms 4 mayhem online demo.exe:Worms 4 Mayhem
"UDP Query User{46D7A13C-B2CF-4131-8E29-3EB149BE8C9A}d:\\jeux\\worms\\worms 4 mayhem online demo.exe"= TCP:d:\jeux\worms\worms 4 mayhem online demo.exe:Worms 4 Mayhem
"TCP Query User{898FA178-CBA4-4213-B3B2-1C06DDF310EF}c:\\program files\\foxtarot4\\foxtarot.exe"= UDP:c:\program files\foxtarot4\foxtarot.exe:JEU DE TAROT
"UDP Query User{9FF49E43-2D68-46A3-8F2B-086F7071BFE9}c:\\program files\\foxtarot4\\foxtarot.exe"= TCP:c:\program files\foxtarot4\foxtarot.exe:JEU DE TAROT
"{191EF9BA-73FD-4976-8392-E7E7D8920D1D}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{AD6C26BD-4532-4C1F-AE3F-EA2A25898C17}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{778DF7F6-5FE4-4BE5-A8B0-E05B0BA3251D}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{A3B4DB02-D53C-4798-BBD7-678E5C2AC6D6}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"TCP Query User{7D96B69D-293A-41BF-9D63-64DE1A12D3A3}d:\\jeux\\tmnationsforever\\tmforever.exe"= UDP:d:\jeux\tmnationsforever\tmforever.exe:TmForever
"UDP Query User{6E093925-0C0F-4F5A-95EC-7BEB808646E6}d:\\jeux\\tmnationsforever\\tmforever.exe"= TCP:d:\jeux\tmnationsforever\tmforever.exe:TmForever
"TCP Query User{B1BAFC55-24EC-4C5A-88D6-197C66466BB6}c:\\program files\\echanblard\\emule.exe"= UDP:c:\program files\echanblard\emule.exe:eChanblard
"UDP Query User{9DAD1F0E-E220-4B8F-A826-0DB6DC696C38}c:\\program files\\echanblard\\emule.exe"= TCP:c:\program files\echanblard\emule.exe:eChanblard
"TCP Query User{D9813E72-A67A-440B-A82B-31CFC2764662}c:\\program files\\echanblard\\emule.exe"= UDP:c:\program files\echanblard\emule.exe:eChanblard
"UDP Query User{1278CF72-7DFF-4852-BE9A-70463A11C02D}c:\\program files\\echanblard\\emule.exe"= TCP:c:\program files\echanblard\emule.exe:eChanblard
"TCP Query User{AFE86CA7-924D-4E89-8ED0-37D13BA860E7}d:\\jeux\\aquadelic gt\\run.exe"= UDP:d:\jeux\aquadelic gt\run.exe:Aquadelic GT game
"UDP Query User{3A8866ED-93D3-4A37-98B2-919A21B22C73}d:\\jeux\\aquadelic gt\\run.exe"= TCP:d:\jeux\aquadelic gt\run.exe:Aquadelic GT game
"TCP Query User{A9B8BEC8-3AC3-46F2-A2CB-3635868326BB}c:\\users\\henri\\appdata\\local\\emule\\emule.exe"= UDP:c:\users\henri\appdata\local\emule\emule.exe:emule.exe
"UDP Query User{63111BC0-99A7-44AB-B8DF-01D4B9968FF8}c:\\users\\henri\\appdata\\local\\emule\\emule.exe"= TCP:c:\users\henri\appdata\local\emule\emule.exe:emule.exe
"TCP Query User{B47A071B-F523-4672-B258-FD071F46F20A}h:\\gtl\\gtl.exe"= UDP:h:\gtl\gtl.exe:GT Legends
"UDP Query User{258BAE91-2BC4-4DFA-9610-597609CB41D0}h:\\gtl\\gtl.exe"= TCP:h:\gtl\gtl.exe:GT Legends
"{427DC75E-E4AF-4428-8E65-C82E782D76CB}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{F6E146A2-FBC2-40C7-8124-54925E6EF5C8}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{EDB0FFC9-A7B2-4C0D-80E7-D79695F6FA7A}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{1F6490C7-ED2C-4173-B77C-028126D70440}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"TCP Query User{E6630856-3CE7-4057-8CA0-4BF987D9513E}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{9669BABA-303B-4E26-A00C-7ECE9DF7E0AB}c:\\program files\\java\\jre1.6.0_07\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_07\bin\javaw.exe:Java(TM) Platform SE binary
"{12EC6FF8-0AFD-43F1-A1E1-6FBD0C819F15}"= UDP:c:\pvsw\Bin\w3dbsmgr.exe:Database Service Manager
"{4209A43E-D4E3-4DAA-B099-A5C937AF6EB5}"= TCP:c:\pvsw\Bin\w3dbsmgr.exe:Database Service Manager
"{ECC7DB0A-59A0-4447-A03C-1CA85031E567}"= UDP:c:\pvsw\Bin\w3dbsmgr.exe:Database Service Manager
"{FB43423C-6BD1-4C7D-A934-22D9B41A49A1}"= TCP:c:\pvsw\Bin\w3dbsmgr.exe:Database Service Manager
"{4430D02C-9B45-4D6E-9EF8-E38FF83A60E7}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{3EA6E84A-BB75-42CA-A53A-E8FFF1FD3C02}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{F08EB402-BC07-475D-AE71-59C5C3BFCBD7}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{8492B468-B174-44CE-B925-D03E7D84A184}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{7B590E8C-CEE9-4776-AB34-293956E22B6E}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{CDA0F618-08C0-4513-B421-42E0938D2C32}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{86B95658-206E-472D-9F28-CA38E9362B5C}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"TCP Query User{746DF77F-8900-4C64-BAB9-D046D4CA9FD5}d:\\utilitaire\\shareaza\\shareaza.exe"= UDP:d:\utilitaire\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
"UDP Query User{0C934E9A-5B86-4F78-9FA3-F1705A7AEAF7}d:\\utilitaire\\shareaza\\shareaza.exe"= TCP:d:\utilitaire\shareaza\shareaza.exe:Shareaza Ultimate File Sharing
"{2B4E082F-56B3-4087-B1CF-AA23C92816B3}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{1EA72BFE-83DD-482E-BAED-813DF96EBDC7}"= TCP:6004|d:\utilitaire\WORD\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{78B040A7-5F07-4FFD-B736-8257C90ABBFD}i:\\jeux loulou\\racer\\racer070\\racer.exe"= UDP:i:\jeux loulou\racer\racer070\racer.exe:racer
"UDP Query User{D74EAA9B-DE96-4D09-ADFB-F6C403466B56}i:\\jeux loulou\\racer\\racer070\\racer.exe"= TCP:i:\jeux loulou\racer\racer070\racer.exe:racer
"{E528D0F2-36AE-4517-9316-3F0307D9B95F}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{C838080A-886E-490E-AC60-83D9B95F82EA}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{ECBC4CA1-2902-4A8B-8E16-4DE6A5ADF3B7}"= UDP:c:\program files\Spamihilator\cdcc.exe:Spamihilator DCC Filter Configuration
"{3D0064B1-F623-444F-9E42-FDF23E1455AC}"= TCP:c:\program files\Spamihilator\cdcc.exe:Spamihilator DCC Filter Configuration
"{E118666B-9316-4858-973B-9FBAD2291A81}"= UDP:c:\program files\Spamihilator\dccproc.exe:Spamihilator DCC Filter
"{2804B16F-F9C2-4DBA-845A-3515916E2A8E}"= TCP:c:\program files\Spamihilator\dccproc.exe:Spamihilator DCC Filter
"{7DD1EE1A-78FE-43C3-A25A-BA6A99C9225B}"= UDP:c:\program files\Spamihilator\spamihilator.exe:Spamihilator
"{DB5AC62D-9626-4B9B-B7B2-A396983DB663}"= TCP:c:\program files\Spamihilator\spamihilator.exe:Spamihilator
"TCP Query User{1AEA6EA0-5595-4BFE-BFE5-449E43C28B52}c:\\program files\\spamihilator\\dccproc.exe"= UDP:c:\program files\spamihilator\dccproc.exe:dccproc
"UDP Query User{0C793B68-6C0B-41E7-9A56-308859D669CD}c:\\program files\\spamihilator\\dccproc.exe"= TCP:c:\program files\spamihilator\dccproc.exe:dccproc
"TCP Query User{32B33E33-2A51-4313-809B-A2D1389E49B3}c:\\pvsw\\bin\\w3dbsmgr.exe"= UDP:c:\pvsw\bin\w3dbsmgr.exe:Database Service Manager
"UDP Query User{77C6C854-8020-4324-8977-66759D543F94}c:\\pvsw\\bin\\w3dbsmgr.exe"= TCP:c:\pvsw\bin\w3dbsmgr.exe:Database Service Manager

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS
"c:\\Program Files\\IEPro\\MiniDM.exe"= c:\program files\IEPro\MiniDM.exe:*:Enabled:MiniDM

R0 PzWDM;PzWDM;c:\windows\System32\drivers\PzWDM.sys [04/06/2008 14:31 15172]
R1 ElRawDisk;ElRawDisk;c:\windows\System32\drivers\elrawdsk.sys [18/08/2008 01:24 12800]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/05/2009 01:22 108289]
R2 MSSQL$EBP;SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 23:31 29263712]
S2 Apache2.2;Apache2.2;"d:\xampplite\xampplite\apache\bin\apache.exe" -k runservice --> d:\xampplite\xampplite\apache\bin\apache.exe [?]
S2 ELOADER;General Purpose USB Driver (adildr.sys);c:\windows\System32\drivers\adildr.sys [05/09/2007 20:54 56088]
S3 Ipbuoi;Ipbuoi; [x]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]
S3 magpsc;magpsc;c:\windows\System32\drivers\magpsc.sys [03/04/2009 11:12 53719]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista;c:\windows\System32\drivers\netr73.sys [07/11/2007 18:21 256000]
S3 papycpu;papycpu;c:\windows\System32\drivers\papycpu.sys [22/09/2007 15:34 1984]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [07/11/2007 17:52 28224]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [20/09/2008 18:50 80744]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10e1844f-f520-11dd-a758-0016d3547c20}]
\shell\AutoRun\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f647f947-8966-11dd-93ef-0016d3547c20}]
\shell\AutoRun\command - F:\MLLaunch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
HKCU-Run-german.exe - c:\windows\system32\wintems.exe

.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.76\AMVConverter\grab.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - d:\utilit~2\WORD\Office10\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - d:\utilit~2\WORD\Office12\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 3.76\MediaManager\grab.html
Trusted Zone: localhost
TCP: {ED5973AF-F337-492D-9BDD-9273F4F194FE} = 80.10.246.2,80.10.246.129
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - c:\program files\Skyline\TerraExplorer\TerraExplorerX.dll
DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} - hxxp://plug-in.reallusion.com/CrazyTalk4.cab
FF - ProfilePath - c:\users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\hjs756fj.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search=
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox 3 Beta 2\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox 3 Beta 2\plugins\npSton3D.dll
FF - plugin: c:\users\henri\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\hjs756fj.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\users\henri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-12 08:48
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

c:\users\henri\AppData\Local\Temp\STS7E2E.tmp 79 bytes

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1754156993-695157337-552481621-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Gif"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1754156993-695157337-552481621-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1754156993-695157337-552481621-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1754156993-695157337-552481621-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"

[HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(1232)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'Explorer.exe'(1936)
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Acer Arcade Deluxe\VideoMagician\Kernel\EditMovie\MDTLM2Splter.ax
c:\program files\Acer Arcade Deluxe\VideoMagician\Kernel\EditMovie\MDTLM1Splter.ax
c:\windows\system32\DivXAF.ax
c:\program files\CyberLink\PowerDVD\NavFilter\CLDemuxer.ax
d:\utilitaire\VOSPHOTOALATELE\mcspmpeg.ax
d:\utilitaire\VOSPHOTOALATELE\mcmpegin.dll
c:\program files\K-Lite Codec Pack\Filters\avisplitter.ax
c:\program files\K-Lite Codec Pack\Filters\MP4Splitter.ax
c:\program files\K-Lite Codec Pack\Filters\WavPackDSSplitter.ax
c:\program files\Super DVD Creator 9.20\RMSP.DLL
d:\utilitaire\VOSPHOTOALATELE\HDX4FlashDemuxer.ax
d:\utilitaire\VOSPHOTOALATELE\mcdsmpeg.ax
d:\utilitaire\VOSPHOTOALATELE\mcmpgadec.dll
d:\utilitaire\VOSPHOTOALATELE\mcmpgvdec.dll
c:\program files\CyberLink\PowerDVD\NavFilter\clm4splt.ax
c:\program files\K-Lite Codec Pack\Filters\MpegSplitter.ax
c:\program files\Acer Arcade Deluxe\VideoMagician\Kernel\Movie\CLDemuxer.ax
c:\windows\system32\aac_parser.ax
d:\utilitaire\VOSPHOTOALATELE\HDX4AACParser.ax
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\a-squared Anti-Malware\a2service.exe
c:\program files\a-squared Free\a2service.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\System32\drivers\CDANTSRV.EXE
c:\windows\System32\Crypserv.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Common Files\microsoft shared\VS7Debug\mdm.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\System32\oodag.exe
d:\utilitaire\photodexgold\scsiaccess.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
d:\utilitaire\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\System32\drivers\XAudio.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\users\henri\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Mozilla Firefox 3 Beta 2\firefox.exe
.
**************************************************************************
.
Heure de fin: 2009-05-12 8:57 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-12 06:56

Avant-CF: 11 261 714 432 octets libres
Après-CF: 13 293 916 160 octets libres

736 --- E O F --- 2009-05-11 10:23
1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 82
Utilisateur anonyme
 
non , on en a pas parlé mais oui l uac seven va pauser des soucis à AD , mais rien de grave .

Bonne suite .
1
Réponse 6 / 82
Utilisateur anonyme
 
Salut,

Télécharge FindyKill de Chiquitine29

▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

▶ Laisse toi guider pour l'installer.

▶ Double clic sur " FindyKill." pour lancer l'outil .

▶ Choisis La langue:F pour français

▶ Choisis l'option 1 . Puis laisses travailler ...

▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

Les-risques-securitaires-du-peer-to-peer

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 7 / 82
loloetseb Messages postés 5684 Statut Membre 174
 
Désactivez le contrôle des comptes utilisateurs avant utilisation de cet outil:

* Allez dans "Démarrer" puis Panneau de configuration.
* Double Cliquez sur l'icône Comptes d'utilisateurs et sur "Activer ou désactiver le contrôle des comptes d'utilisateurs".
* Décochez la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
* Validez par OK et redémarrez .

Aides en images ( Uac )

*****************************************************
*************** Option 1 (Recherche) ***************
*****************************************************

Télécharge FindyKill ( de Chiquitine29) sur ton bureau :

! Déconnecte toi et ferme toutes applications en cours !

* Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

* Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Aides en images ( Installation )
Aides en images ( Recherche )
0
Réponse 8 / 82
lilou
 
merci de m aider
mais ça marche pas
ça me marque acces refuse
et aucun rapport
par contre je poste des rapport que ma fait faire mon copain

Search Navipromo version 3.7.1 commencé le 10/05/2009 à 23:00:09,26

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : henri ( Administrator )
BOOT : Normal boot

C:\ (Local Disk) - NTFS - Total:51 Go (Free:9 Go)
D:\ (Local Disk) - NTFS - Total:44 Go (Free:18 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT - Total:961 Mo (Free:0 Go)
H:\ (Local Disk) - NTFS - Total:35 Go (Free:22 Go)
I:\ (Local Disk) - FAT32 - Total:15 Go (Free:12 Go)

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "c:\users\henri\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\henri\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\henri\AppData\Local" ***

*** Recherche dossiers dans "C:\Users\henri\AppData\Roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
0
Réponse 9 / 82
lilou
 
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : henri ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:51 Go (Free:10 Go)
D:\ (Local Disk) - NTFS - Total:44 Go (Free:18 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT - Total:961 Mo (Free:0 Go)
H:\ (Local Disk) - NTFS - Total:35 Go (Free:22 Go)
I:\ (Local Disk) - FAT32 - Total:15 Go (Free:12 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 10/05/2009|23:46 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[11/02/2008|16:57] C:\Users\henri\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[13/11/2007|14:40] C:\Users\henri\AppData\Local\{C8A2BB40-90D2-4928-AB81-2A84EFB7EA4C}
[01/01/2008|22:27] C:\Users\henri\AppData\Local\ACD Systems
[05/09/2007|18:07] C:\Users\henri\AppData\Local\acer eNM
[29/05/2008|14:31] C:\Users\henri\AppData\Local\Adobe
[25/01/2008|00:12] C:\Users\henri\AppData\Local\Ahead
[03/04/2009|16:13] C:\Users\henri\AppData\Local\Apple
[03/04/2009|16:14] C:\Users\henri\AppData\Local\Apple Computer
[05/09/2007|18:03] C:\Users\henri\AppData\Local\Application Data
[15/04/2009|15:08] C:\Users\henri\AppData\Local\ApplicationHistory
[15/04/2008|02:15] C:\Users\henri\AppData\Local\Apps
[26/03/2008|19:06] C:\Users\henri\AppData\Local\Ares
[27/05/2008|18:04] C:\Users\henri\AppData\Local\CDBurnerXP_Soft
[10/04/2008|00:15] C:\Users\henri\AppData\Local\cdrtfe
[24/06/2008|17:44] C:\Users\henri\AppData\Local\d3d9caps.dat
[10/05/2009|21:59] C:\Users\henri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[06/04/2009|17:33] C:\Users\henri\AppData\Local\Deployment
[01/01/2008|22:21] C:\Users\henri\AppData\Local\Downloaded Installations
[06/01/2009|23:59] C:\Users\henri\AppData\Local\Dynacom
[04/12/2008|20:58] C:\Users\henri\AppData\Local\Ebp
[02/11/2008|00:26] C:\Users\henri\AppData\Local\eMule
[15/04/2009|15:02] C:\Users\henri\AppData\Local\fusioncache.dat
[15/04/2009|15:02] C:\Users\henri\AppData\Local\GDIPFONTCACHEV1.DAT
[13/08/2008|11:21] C:\Users\henri\AppData\Local\GMail Drive
[07/04/2009|11:28] C:\Users\henri\AppData\Local\Google
[05/09/2007|18:03] C:\Users\henri\AppData\Local\Historique
[09/12/2008|17:41] C:\Users\henri\AppData\Local\HP
[10/05/2009|23:10] C:\Users\henri\AppData\Local\IconCache.db
[14/03/2009|20:59] C:\Users\henri\AppData\Local\IM
[15/04/2009|14:49] C:\Users\henri\AppData\Local\Installer2792
[27/09/2008|22:10] C:\Users\henri\AppData\Local\Installer3980
[19/11/2008|18:52] C:\Users\henri\AppData\Local\Installer4136
[20/01/2009|19:53] C:\Users\henri\AppData\Local\Installer4600
[23/07/2008|12:06] C:\Users\henri\AppData\Local\Macromedia
[09/09/2007|16:47] C:\Users\henri\AppData\Local\MCE Deluxe Suite
[03/05/2009|15:49] C:\Users\henri\AppData\Local\Micro Application
[23/10/2008|13:07] C:\Users\henri\AppData\Local\Microsoft
[12/11/2007|02:18] C:\Users\henri\AppData\Local\Microsoft Games
[24/03/2009|15:40] C:\Users\henri\AppData\Local\Microsoft Help
[13/09/2007|01:02] C:\Users\henri\AppData\Local\MigWiz
[21/01/2008|17:26] C:\Users\henri\AppData\Local\Mozilla
[17/09/2007|00:27] C:\Users\henri\AppData\Local\NFS Underground 2
[26/04/2008|01:21] C:\Users\henri\AppData\Local\Paint.NET
[11/02/2008|17:03] C:\Users\henri\AppData\Local\Pando
[09/09/2007|16:46] C:\Users\henri\AppData\Local\PowerCinema
[06/11/2007|13:53] C:\Users\henri\AppData\Local\Real
[10/10/2007|11:54] C:\Users\henri\AppData\Local\Shareaza
[25/09/2007|21:44] C:\Users\henri\AppData\Local\Steam
[04/12/2008|20:53] C:\Users\henri\AppData\Local\Stimulsoft
[21/11/2007|02:17] C:\Users\henri\AppData\Local\TechSmith
[10/05/2009|23:46] C:\Users\henri\AppData\Local\Temp
[09/10/2008|00:40] C:\Users\henri\AppData\Local\TempDIR
[05/09/2007|18:03] C:\Users\henri\AppData\Local\Temporary Internet Files
[22/01/2009|22:32] C:\Users\henri\AppData\Local\vdownloader
[07/11/2007|17:52] C:\Users\henri\AppData\Local\VirtualStore
[07/01/2009|12:09] C:\Users\henri\AppData\Local\WDSetup
[07/10/2008|10:13] C:\Users\henri\AppData\Local\Xenocode

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[10/05/2009 19:57][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1754156993-695157337-552481621-1000.job
[10/05/2009 23:15][--a------] C:\Windows\tasks\Google Software Updater.job
[08/05/2009 17:17][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[10/05/2009 23:11][--a------] C:\Windows\tasks\GlaryInitialize.job
[10/05/2009 23:13][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{886D59AA-7D3A-4B5C-9D4D-FDB08718D2A7}.job
[10/05/2009 23:11][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2009 23:10][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[11/09/2008|23:49] C:\ProgramData\.zreglib
[04/01/2009|13:52] C:\ProgramData\{3AA1BE04-7F2A-41E0-98CA-BC79285DF0A3}
[04/01/2009|13:47] C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}
[06/01/2009|23:58] C:\ProgramData\{B73EC431-2F59-4E5E-9CEA-001681A75E3E}
[26/11/2008|23:34] C:\ProgramData\4D
[18/09/2007|10:22] C:\ProgramData\a32l
[01/01/2008|22:24] C:\ProgramData\ACD Systems
[23/04/2009|19:24] C:\ProgramData\Acronis
[15/04/2009|14:48] C:\ProgramData\Adobe
[25/01/2008|00:00] C:\ProgramData\Ahead
[03/04/2009|16:13] C:\ProgramData\Apple
[12/09/2008|00:20] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[24/03/2009|23:23] C:\ProgramData\Aquadelic GT
[30/04/2008|01:15] C:\ProgramData\Arovax
[01/02/2009|21:56] C:\ProgramData\Avira
[31/01/2009|18:47] C:\ProgramData\Avira(338)
[21/01/2008|21:02] C:\ProgramData\AVS4YOU
[24/06/2008|15:29] C:\ProgramData\BOONTY
[23/10/2008|20:23] C:\ProgramData\Broadcom
[05/09/2007|18:02] C:\ProgramData\Bureau
[19/12/2007|18:50] C:\ProgramData\CA
[01/06/2008|16:24] C:\ProgramData\CheckPoint
[04/12/2008|18:40] C:\ProgramData\Ciel
[25/01/2008|10:32] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[19/12/2008|23:08] C:\ProgramData\DVD Shrink
[06/01/2009|23:53] C:\ProgramData\Dynacom
[27/11/2008|16:22] C:\ProgramData\EBP
[24/01/2008|19:43] C:\ProgramData\Elaborate Bytes
[09/08/2008|01:05] C:\ProgramData\eMule
[20/01/2009|23:24] C:\ProgramData\ezsidmv.dat
[05/09/2007|18:02] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[23/07/2008|12:49] C:\ProgramData\FLEXnet
[01/02/2009|20:34] C:\ProgramData\GESTAN
[24/03/2009|23:30] C:\ProgramData\Google
[10/05/2009|16:29] C:\ProgramData\Google Updater
[10/03/2008|19:08] C:\ProgramData\HP
[25/10/2007|16:06] C:\ProgramData\HPSSUPPLY
[09/12/2008|17:41] C:\ProgramData\hpzinstall.log
[16/08/2008|01:42] C:\ProgramData\IM
[04/12/2007|01:35] C:\ProgramData\IncrediMail
[28/02/2009|14:34] C:\ProgramData\Installations
[05/09/2007|18:05] C:\ProgramData\InstallShield
[19/08/2008|00:59] C:\ProgramData\iolo
[29/03/2008|14:54] C:\ProgramData\jahafydk
[24/03/2008|21:01] C:\ProgramData\Kaspersky Lab
[16/12/2007|23:57] C:\ProgramData\Kaspersky Lab Setup Files
[01/04/2009|19:33] C:\ProgramData\ma-config.com
[23/07/2008|11:49] C:\ProgramData\Macromedia
[29/03/2008|20:49] C:\ProgramData\Macrovision
[28/05/2008|15:33] C:\ProgramData\Malwarebytes
[21/01/2008|10:35] C:\ProgramData\McAfee
[05/09/2007|18:02] C:\ProgramData\Menu D‚marrer
[24/03/2009|15:47] C:\ProgramData\Microsoft
[02/05/2009|00:34] C:\ProgramData\Microsoft Help
[05/09/2007|18:02] C:\ProgramData\ModŠles
[29/03/2008|14:54] C:\ProgramData\noipjros
[03/11/2007|01:55] C:\ProgramData\NtiDvdCopy
[17/01/2009|13:53] C:\ProgramData\ntuser.pol
[26/12/2007|15:43] C:\ProgramData\NVIDIA
[10/01/2008|17:00] C:\ProgramData\Pinnacle
[06/11/2007|13:53] C:\ProgramData\Real
[04/03/2009|23:59] C:\ProgramData\Skyline
[20/01/2009|23:21] C:\ProgramData\Skype
[20/01/2008|15:29] C:\ProgramData\SlySoft
[29/03/2009|17:13] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[27/10/2008|18:24] C:\ProgramData\SWiSHMax2WorkFolder
[16/12/2007|23:46] C:\ProgramData\Symantec
[27/02/2008|14:34] C:\ProgramData\TDK
[21/11/2007|02:17] C:\ProgramData\TechSmith
[20/12/2008|16:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[09/10/2008|00:15] C:\ProgramData\TrackMania
[19/08/2008|01:15] C:\ProgramData\TuneUp Software
[25/10/2007|17:02] C:\ProgramData\WEBREG
[18/09/2007|01:18] C:\ProgramData\WinZip
[26/04/2008|00:31] C:\ProgramData\WLInstaller
[05/09/2007|18:52] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[11/09/2008|22:57] C:\Program Files\AAALOGO2008
[30/04/2008|01:17] C:\Program Files\ACD Systems
[30/04/2008|01:17] C:\Program Files\Acer Arcade Deluxe
[30/04/2008|01:18] C:\Program Files\Acer Inc
[01/03/2009|20:26] C:\Program Files\Acronis
[15/04/2009|14:47] C:\Program Files\Adobe
[15/09/2008|21:26] C:\Program Files\adslTV
[06/01/2009|23:28] C:\Program Files\AMtechnologie
[03/04/2009|16:13] C:\Program Files\Apple Software Update
[13/04/2009|15:47] C:\Program Files\a-squared Free
[01/02/2009|21:56] C:\Program Files\Avira
[23/10/2008|20:28] C:\Program Files\Broadcom
[13/04/2009|12:29] C:\Program Files\Common Files
[24/03/2009|23:25] C:\Program Files\CyberLink
[23/09/2008|14:03] C:\Program Files\DAEMON Tools Lite
[01/04/2009|19:36] C:\Program Files\DIFX
[19/12/2008|22:54] C:\Program Files\DVD Shrink
[13/04/2009|12:40] C:\Program Files\EBP
[04/01/2009|13:46] C:\Program Files\eChanblard
[24/03/2009|23:36] C:\Program Files\Error Repair Professional
[08/08/2008|15:51] C:\Program Files\FileZilla FTP Client
[10/05/2009|22:46] C:\Program Files\FindyKill
[07/01/2009|13:03] C:\Program Files\GESTAN
[26/09/2008|21:33] C:\Program Files\GIMP-2.0
[30/04/2008|01:19] C:\Program Files\Glary Utilities
[24/03/2009|23:30] C:\Program Files\Google
[30/04/2008|01:19] C:\Program Files\Hercules
[09/12/2008|17:37] C:\Program Files\HP
[10/05/2008|09:50] C:\Program Files\IEPro
[14/03/2009|20:57] C:\Program Files\IncrediMail
[07/05/2009|11:04] C:\Program Files\InstallShield Installation Information
[09/05/2009|03:01] C:\Program Files\Internet Explorer
[30/04/2008|01:20] C:\Program Files\Inventel
[02/09/2008|01:38] C:\Program Files\Java
[21/11/2008|18:57] C:\Program Files\JRE
[30/04/2008|01:20] C:\Program Files\K-Lite Codec Pack
[30/04/2008|01:20] C:\Program Files\Launch Manager
[10/09/2008|21:21] C:\Program Files\Lavalys
[01/04/2009|19:33] C:\Program Files\ma-config.com
[26/02/2009|10:40] C:\Program Files\Macromedia
[23/03/2009|23:57] C:\Program Files\Malwarebytes' Anti-Malware
[23/03/2009|13:57] C:\Program Files\Microsoft
[30/04/2008|01:20] C:\Program Files\Microsoft ActiveSync
[30/04/2008|01:20] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/04/2008|01:20] C:\Program Files\Microsoft Games
[23/10/2008|20:23] C:\Program Files\Microsoft IntelliPoint
[30/04/2008|01:20] C:\Program Files\Microsoft Office
[09/02/2009|21:14] C:\Program Files\Microsoft SQL Server
[30/04/2008|01:20] C:\Program Files\Microsoft Visual Studio
[26/03/2009|10:01] C:\Program Files\Microsoft Visual Studio 8
[24/03/2009|15:49] C:\Program Files\Microsoft Works
[24/03/2009|15:47] C:\Program Files\Microsoft.NET
[24/03/2009|23:27] C:\Program Files\Motherboard Monitor 5
[17/05/2008|09:52] C:\Program Files\Movie Maker
[10/05/2009|23:01] C:\Program Files\Mozilla Firefox 3 Beta 2
[24/03/2009|15:49] C:\Program Files\MSBuild
[23/03/2009|20:57] C:\Program Files\MSN Messenger
[10/05/2009|23:00] C:\Program Files\Navilog1
[01/02/2009|21:54] C:\Program Files\Notebook Hardware Control
[30/04/2008|01:20] C:\Program Files\Notepad++
[30/04/2008|01:20] C:\Program Files\Nvu
[30/04/2008|01:20] C:\Program Files\OpenAL
[04/01/2009|13:46] C:\Program Files\OpenOffice.org 2.4
[21/11/2008|18:56] C:\Program Files\OpenOffice.org 3
[30/04/2008|01:20] C:\Program Files\OpenSource Flash Video Splitter
[15/04/2009|17:18] C:\Program Files\Panda Security
[21/02/2009|19:41] C:\Program Files\pdfforge Toolbar
[12/09/2008|00:21] C:\Program Files\QuickTime
[30/04/2008|01:21] C:\Program Files\RealMedia
[30/04/2008|01:21] C:\Program Files\Realtek
[03/03/2009|11:24] C:\Program Files\Recuva
[30/04/2008|01:21] C:\Program Files\Reference Assemblies
[03/04/2009|16:14] C:\Program Files\Safari
[04/03/2009|23:59] C:\Program Files\Skyline
[10/09/2008|16:53] C:\Program Files\SlySoft
[11/04/2009|16:02] C:\Program Files\Spamihilator
[01/03/2009|14:17] C:\Program Files\SpeedFan
[06/11/2008|02:11] C:\Program Files\Spybot - Search & Destroy
[04/01/2009|13:46] C:\Program Files\Super DVD Creator 9.20
[30/04/2008|01:21] C:\Program Files\Synaptics
[24/09/2008|20:23] C:\Program Files\SystemRequirementsLab
[30/04/2008|01:21] C:\Program Files\TechSmith
[01/03/2009|18:10] C:\Program Files\T‚l‚chargeur de Powershot Pinball
[29/03/2009|16:40] C:\Program Files\T‚l‚chargeur de Sonic Adventure DX
[19/04/2009|10:40] C:\Program Files\The Bitmap Brothers
[10/05/2009|22:16] C:\Program Files\Trend Micro
[23/03/2009|23:52] C:\Program Files\TuneUp Utilities 2008
[29/01/2009|00:40] C:\Program Files\TuneUp Utilities 2009
[22/01/2009|22:32] C:\Program Files\VDOWNLOADER
[04/01/2009|13:46] C:\Program Files\Wanadoo
[30/04/2008|01:21] C:\Program Files\WinASPI
[17/05/2008|09:52] C:\Program Files\Windows Calendar
[17/05/2008|09:52] C:\Program Files\Windows Collaboration
[17/05/2008|09:52] C:\Program Files\Windows Defender
[17/05/2008|09:52] C:\Program Files\Windows Journal
[23/03/2009|13:56] C:\Program Files\Windows Live
[24/12/2008|18:39] C:\Program Files\Windows Live Safety Center
[23/03/2009|13:57] C:\Program Files\Windows Live SkyDrive
[16/04/2009|03:12] C:\Program Files\Windows Mail
[12/03/2009|04:06] C:\Program Files\Windows Media Player
[04/01/2009|13:46] C:\Program Files\Windows NT
[17/05/2008|09:52] C:\Program Files\Windows Photo Gallery
[17/05/2008|09:52] C:\Program Files\Windows Sidebar
[30/04/2008|01:21] C:\Program Files\WinZip
[20/08/2008|00:46] C:\Program Files\Zoom Player

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[30/04/2008|01:18] C:\Program Files\Common Files\ACD Systems
[01/03/2009|20:26] C:\Program Files\Common Files\Acronis
[15/04/2009|14:47] C:\Program Files\Common Files\Adobe
[30/04/2008|01:18] C:\Program Files\Common Files\Adobe Systems Shared
[29/03/2009|18:18] C:\Program Files\Common Files\Ahead
[30/04/2008|01:18] C:\Program Files\Common Files\AVSMedia
[15/09/2008|00:40] C:\Program Files\Common Files\BOONTY Shared
[30/04/2008|01:18] C:\Program Files\Common Files\Designer
[30/04/2008|01:18] C:\Program Files\Common Files\France Telecom
[30/04/2008|01:18] C:\Program Files\Common Files\Hewlett-Packard
[09/12/2008|17:37] C:\Program Files\Common Files\HP
[30/04/2008|01:18] C:\Program Files\Common Files\InstallShield
[30/04/2008|01:18] C:\Program Files\Common Files\Java
[30/04/2008|01:18] C:\Program Files\Common Files\L&H
[29/03/2009|16:32] C:\Program Files\Common Files\LightScribe
[23/07/2008|12:25] C:\Program Files\Common Files\Macromedia
[23/07/2008|02:02] C:\Program Files\Common Files\Macrovision Shared
[26/03/2009|09:59] C:\Program Files\Common Files\microsoft shared
[06/01/2009|23:53] C:\Program Files\Common Files\MSSoap
[30/04/2008|01:19] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|01:19] C:\Program Files\Common Files\NewTech Infosystems
[07/01/2009|12:10] C:\Program Files\Common Files\PC SOFT
[13/04/2009|12:29] C:\Program Files\Common Files\Pervasive Software Shared
[30/04/2008|01:19] C:\Program Files\Common Files\PX Storage Engine
[30/04/2008|01:19] C:\Program Files\Common Files\Scanner
[30/04/2008|01:19] C:\Program Files\Common Files\Services
[20/01/2009|23:21] C:\Program Files\Common Files\Skype
[30/04/2008|01:19] C:\Program Files\Common Files\SpeechEngines
[27/10/2008|18:13] C:\Program Files\Common Files\SWiSHzone.com
[30/04/2008|01:19] C:\Program Files\Common Files\Symantec Shared
[24/03/2009|15:54] C:\Program Files\Common Files\System
[23/03/2009|13:10] C:\Program Files\Common Files\Windows Live
[02/03/2008|01:57] C:\Program Files\Common Files\WindowsLiveInstaller
[20/08/2008|00:52] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 82 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-10 23:47:15
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
? [4912]
scanning hidden files ...
C:\Windows\System32\IME\shared
C:\Windows\System32\IME\shared\IMEAPIS.DLL 29696 bytes executable
C:\Windows\System32\IME\shared\res
C:\Windows\System32\IME\shared\res\padrs404.dll 11264 bytes executable
C:\Windows\System32\IME\shared\res\padrs804.dll 11776 bytes executable
C:\Windows\System32\mdelk.exe 67667 bytes executable
C:\Windows\System32\wintems.exe 67667 bytes executable
scan completed successfully
hidden processes: 1
hidden files: 96

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA]
Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]

--------------------\\ Cracks & Keygens ..

C:\Users\henri\AppData\Roaming\Microsoft\Office\Recent\crack.LNK
C:\Users\henri\AppData\Roaming\Shareaza\Torrents\CloneDVD v2.9.1.2 Incl Keygen.torrent
C:\Users\henri\AppData\Roaming\Shareaza\Torrents\O&O Defrag 10 Professional Edition + Keygen.rar.torrent
C:\Users\henri\Favorites\KEYGEN.MS - Generates cracks serials keygens for the software to unlock it for free.url
C:\Users\henri\Favorites\performancetest 6.0 crack EASY CRACKS - the largest cracks keygens and serials database.url
C:\Users\henri\Favorites\informatique\CRACK.MS - All CRACKs and SERIALs on ONE Site.url

[F:5][D:5]-> C:\Users\henri\AppData\Local\Temp
[F:4][D:1]-> C:\Users\henri\AppData\Roaming\MICROS~1\Windows\Cookies
[F:474][D:17]-> C:\Users\henri\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:29][D:49]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 10/05/2009|23:55 - Option : [2]

--------------------\\ Fin du rapport a 23:55:02
0
Réponse 10 / 82
lilou
 
SmitFraudFix v2.323

Scan done at 23:24:25,49, 10/05/2009
Run from C:\Users\henri\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Contrôleur de réseau NVIDIA nForce
DNS Server Search Order: 80.10.246.2
DNS Server Search Order: 80.10.246.129

Description: Carte réseau Broadcom 802.11g
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{99ABC338-4ECA-4792-BEB7-AF20591F034D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E48E3209-09E1-435B-8A80-A1EDA3A76950}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{ED5973AF-F337-492D-9BDD-9273F4F194FE}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{ED5973AF-F337-492D-9BDD-9273F4F194FE}: NameServer=80.10.246.2,80.10.246.129
HKLM\SYSTEM\CS1\Services\Tcpip\..\{99ABC338-4ECA-4792-BEB7-AF20591F034D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E48E3209-09E1-435B-8A80-A1EDA3A76950}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{ED5973AF-F337-492D-9BDD-9273F4F194FE}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{ED5973AF-F337-492D-9BDD-9273F4F194FE}: NameServer=80.10.246.2,80.10.246.129
HKLM\SYSTEM\CS3\Services\Tcpip\..\{99ABC338-4ECA-4792-BEB7-AF20591F034D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E48E3209-09E1-435B-8A80-A1EDA3A76950}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{ED5973AF-F337-492D-9BDD-9273F4F194FE}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{ED5973AF-F337-492D-9BDD-9273F4F194FE}: NameServer=80.10.246.2,80.10.246.129
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End
0
Réponse 11 / 82
lilou
 
ben si ça peut vous aider j en sais rien moi
0
Réponse 12 / 82
lilou
 
############################## [ FindyKill V4.728 ]

# User : henri (Administrateurs) # PC-DE-HENRI
# Update on 03/05/09 by Chiquitine29
# Start at: 00:56:44 | 11/05/2009
# Website : http://pagesperso-orange.fr/NosTools/findykill.html

# AMD Turion(tm) 64 X2 Mobile Technology TL-50
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 51,99 Go (10,23 Go free) [VISTA] # NTFS
# D:\ # Disque fixe local # 44,66 Go (18,93 Go free) [LOISIR UTILITAIRE] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# G:\ # Disque amovible # 961,73 Mo (347,94 Mo free) [PHOTO USB] # FAT
# H:\ # Disque fixe local # 35,62 Go (22,94 Go free) [AMOVIBLE1] # NTFS
# I:\ # Disque fixe local # 15,47 Go (12,93 Go free) [AMOVIBLE2] # FAT32

############################## [ Processus actifs ]

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Windows\system32\DRIVERS\CDANTSRV.EXE
C:\Windows\system32\crypserv.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\oodag.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
D:\utilitaire\photodexgold\ScsiAccess.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\utilitaire\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\henri\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\System32\wintems.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Users\henri\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox 3 Beta 2\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

################## [ Processus infectieux stoppés ]

"C:\Windows\System32\wintems.exe" (4220)

################## [ Fichiers / Dossiers infectieux ]

Found ! C:\Windows\system32\mdelk.exe
Found ! C:\Windows\system32\wintems.exe
Found ! "C:\Users\henri\AppData\Roaming\drivers"
Found ! "C:\Users\henri\AppData\Roaming\drivers\downld"
Found ! "C:\Users\henri\AppData\Roaming\drivers\wfsintwq.sys"

################## [ Infected Temp Files ]

Found ! C:\Users\henri\Local Settings\Temporary Internet Files\Content.IE5\UG2RGG88\file[1].txt

################## [ Registre / Clés infectieuses ]

Found ! HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\DateTime4
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! HKEY_CURRENT_USER\Software\DateTime4
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
Found ! HKEY_USERS\S-1-5-21-1754156993-695157337-552481621-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"

# (!) HKLM\SYSTEM\...\Services\srosa -> Start = 0x1

################## [ Recherche dans supports amovibles]

################## [ Registre / Mountpoints2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.728 ! ]
0
Réponse 13 / 82
Utilisateur anonyme
 
Re,

Ne fait pas combofix.

Findykill de chiquitine29 option 2:

▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

▶ Double-clique sur le raccourci FindyKill sur ton bureau

▶ Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 1 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

▶ Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 14 / 82
lilou
 
ok merci
0
Réponse 15 / 82
lilou
 
je n ai pas de rapport et ça fait 5 mn que le pc a redemarrer
0
Réponse 16 / 82
Utilisateur anonyme
 
Re,

le rapport FindyKill.txt est sauvegardé à la racine du disque.
0
Réponse 17 / 82
Utilisateur anonyme
 
Re, 

V-X, la star du X.
chuuuuuut euhhhhhh !! , faut pas le dire....
0
Réponse 18 / 82
Hiuto
 
J'ai très envie de toi.
0
Réponse 19 / 82
Utilisateur anonyme
 
Re,

Ah bon ?? Femme /Homme ?
0
Réponse 20 / 82
Hiuto
 
Femme sur Homme ou Homme sur Femme, c'est toi qui voit.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Site pour regarder animé sans virus
ShaylahScarlet -
bendrop -

1 réponse