Sujet Précédent Sujet Suivant

Probleme de virus

Résolu/Fermé
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 - 25 mars 2008 à 15:51
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 25 mars 2008 à 20:34
Bonjour,
voila mon problème, j'ai un virus qui arrête pas de m'ouvrire une fenêtre disant windows security center, et me signale plein de problème différent et un triangle jeune me disant que j'ai un virus j'ai fait un hidjakthis.

Logfile of HijackThis v1.99.1
Scan saved at 15:43:22, on 25/03/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\sbwltbxa.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox 3 Beta 2\firefox.exe
C:\Users\Cristal1\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\sbwltbxa.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: BatBHO - {63F7460B-C831-4142-A4AA-5EC303EC4343} - C:\Program Files\Bat\Bat.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - https://www.fileplanet.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)



voila en espèrent que cela vous aidera a m'aider.
Merci!

20 réponses

Réponse 1 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 15:59
salut,

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message ainsi qu´un nouveau rapport hijack this .

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

@+
0
Réponse 2 / 20
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
25 mars 2008 à 16:00
slt

le triangle est jeune ou jaune?

______________


Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".


F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\sbwltbxa.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: BatBHO - {63F7460B-C831-4142-A4AA-5EC303EC4343} - C:\Program Files\Bat\Bat.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
________________



Télécharge MSNFix de Laurent
http://sosvirus.changelog.fr/MSNFix.zip

Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.


envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr pour faire evoluer msnfix

__________________



Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

__________________


télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :
C:\Program Files\Bat\Bat.dll
C:\Windows\system32\sbwltbxa.exe

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

__________________
vire ce qui est dans moved file en allant dans poste de travail puis C puis otmovit

__________________

recolle un rapport hiajkchtis en le renommant en eden.exe
0
Réponse 3 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 16:07
ok je vais faire ce que vous me conseiller

voici deux adresse pour les image du virus

https://www.flickr.com/photos/25009509@N07/2360677319/

https://www.flickr.com/photos/25009509@N07/2361509514/

Merci de vos réponse rapide
0
Réponse 4 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 16:32
Voila le résultat de combofix


ComboFix 08-03-24.2 - Cristal1 2008-03-25 16:20:04.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.1.1036.18.1685 [GMT 1:00]
Endroit: C:\Users\Cristal1\Desktop\combofix\ComboFix.exe
.
/wow section non terminée

((((((((((((((((((((((((((((( Fichiers créés 2008-02-25 to 2008-03-25 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-25 15:20 9,216 ----a-w C:\Windows\saiemod.dll
2008-03-25 15:20 8,704 ----a-w C:\Windows\180ax.exe
2008-03-25 15:20 30,464 ----a-w C:\Windows\bokja.exe
2008-03-25 15:20 28,416 ----a-w C:\Windows\2020search2.dll
2008-03-25 15:20 21,760 ----a-w C:\Windows\mssvr.exe
2008-03-25 15:20 21,504 ----a-w C:\Windows\voiceip.dll
2008-03-25 15:20 16,640 ----a-w C:\Windows\stcloader.exe
2008-03-25 15:20 14,848 ----a-w C:\Windows\2020search.dll
2008-03-25 15:20 --------- d-----w C:\Program Files\seekmo
2008-03-25 15:20 --------- d-----w C:\Program Files\180solutions
2008-03-25 15:20 --------- d-----w C:\Program Files\180searchassistant
2008-03-25 15:20 --------- d-----w C:\Program Files\180search assistant
2008-03-25 13:10 --------- d-----w C:\Program Files\a-squared Free
2008-03-25 12:03 --------- d-----w C:\Users\Cristal1\AppData\Roaming\Grisoft
2008-03-25 12:02 --------- d-----w C:\PROGRA~2\Grisoft
2008-03-25 10:49 16,128 ----a-w C:\Windows\System32\SIPSPI32.dll
2008-03-25 10:49 --------- d-----w C:\Program Files\zango
2008-03-25 10:49 --------- d-----w C:\Program Files\stc
2008-03-25 09:21 --------- d-----w C:\Program Files\AxBx
2008-03-25 09:11 --------- d-----w C:\Program Files\a-squared Anti-Malware
2008-03-25 08:53 --------- d-----w C:\Program Files\Bat
2008-03-25 07:09 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-25 04:20 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-25 04:19 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-25 04:14 --------- d-----w C:\PROGRA~2\Rabio
2008-03-24 19:43 9,728 ----a-w C:\Windows\updatetc.exe
2008-03-24 19:43 9,472 ----a-w C:\Windows\System32\MSIXU.DLL
2008-03-24 19:27 28,416 ----a-w C:\Windows\System32\WER8274.DLL
2008-03-24 19:27 23,040 ----a-w C:\Windows\swin32.dll
2008-03-24 19:09 28,416 ----a-w C:\Windows\System32\ntnut32.exe
2008-03-24 19:09 18,432 ----a-w C:\Windows\System32\shdocpe.dll
2008-03-24 19:09 16,128 ----a-w C:\Windows\salm.exe
2008-03-24 15:40 --------- d---a-w C:\PROGRA~2\TEMP
2008-03-24 15:26 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 2
2008-03-24 07:42 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-03-24 06:40 --------- d-----w C:\Users\Cristal1\AppData\Roaming\LimeWire
2008-03-23 17:34 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-03-23 17:34 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-03-22 16:55 --------- d-----w C:\Users\Cristal1\AppData\Roaming\InstallShield Installation Information
2008-03-22 16:52 --------- d-----w C:\Program Files\Unreal Tournament 3 Demo
2008-03-22 16:19 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-03-22 16:00 174 --sha-w C:\Program Files\desktop.ini
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Mail
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Defender
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Calendar
2008-03-22 15:44 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-22 15:44 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-22 15:22 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-03-22 15:22 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-03-22 14:19 --------- d-----w C:\Program Files\Java
2008-03-21 22:31 90,537 ----a-w C:\Windows\System32\sbwltbxa.exe
2008-03-21 19:08 --------- d-----w C:\Users\Cristal1\AppData\Roaming\IGN_DLM
2008-03-21 16:45 --------- d-----w C:\Program Files\Download Manager
2008-03-19 17:29 --------- d-----w C:\Users\Cristal1\AppData\Roaming\Audacity
2008-03-19 15:31 --------- d-----w C:\Program Files\Google
2008-03-16 15:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-12 19:45 --------- d-----w C:\Program Files\MSXML 4.0
2008-03-11 13:59 --------- d-----w C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-03-10 11:04 --------- d-----w C:\PROGRA~2\TrackMania United
2008-03-10 10:02 --------- d-----w C:\Program Files\DXTBmp
2008-03-07 11:18 --------- d-----w C:\PROGRA~2\Age of Empires 3
2008-03-07 11:03 --------- d-----w C:\Program Files\Microsoft Games
2008-03-05 15:12 --------- d-----w C:\Program Files\Empire Interactive
2008-03-05 13:37 --------- d-----w C:\Program Files\Electronic Arts
2008-03-04 11:37 --------- d-----w C:\Users\Cristal1\AppData\Roaming\ma-config.com
2008-03-04 11:37 --------- d-----w C:\Program Files\ma-config.com
2008-03-03 16:41 --------- d-----w C:\Program Files\DivX
2008-03-03 16:34 --------- d-----w C:\Users\Cristal1\AppData\Roaming\DivX
2008-02-29 14:56 --------- d-----w C:\Program Files\Screamer Radio
2008-02-25 18:49 --------- d-----w C:\Program Files\directx
2008-02-24 10:27 --------- d-----w C:\Program Files\ModernRcon v0.4
2008-02-21 02:03 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-02-20 17:48 --------- d-----w C:\Users\Cristal1\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
2008-02-18 14:26 --------- d-----w C:\PROGRA~2\Test Drive Unlimited
2008-02-18 09:58 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-16 08:51 --------- d-----w C:\Program Files\Common Files\Steam
2008-02-13 12:24 --------- d-----w C:\PROGRA~2\eMule
2008-02-11 17:13 --------- d-----w C:\Program Files\LimeWire
2008-02-10 11:38 --------- d-----w C:\Program Files\ATI
2008-02-10 11:10 --------- d-----w C:\Users\Cristal1\AppData\Roaming\PeerNetworking
2008-02-10 09:32 --------- d-----w C:\PROGRA~2\ATI
2008-02-10 09:27 --------- d-----w C:\Program Files\ATI Technologies
2008-02-09 19:14 --------- d-sh--w C:\Program Files\Fichiers communs
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Modèles
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Menu Démarrer
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Favoris
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Bureau
2008-02-09 18:53 --------- d--h--r C:\Users\Cristal1\AppData\Roaming\SecuROM
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\vlc
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\teamspeak2
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\InstallShield
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\InfraRecorder
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\Gearbox Software
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\DeepBurner
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\ATI
2008-02-09 18:52 --------- d-----w C:\Program Files\VideoLAN
2006-11-02 12:33 397,312 --sha-w C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6000.16386_none_ef216b8c52ca2227\WinMail.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{63F7460B-C831-4142-A4AA-5EC303EC4343}]
2008-03-07 21:15 413696 --------- C:\Program Files\Bat\Bat.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-17 18:43 68856]
"igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [2007-03-05 22:57 1103480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-18 23:38 1008184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"CmPCIaudio"="CMICNFG3.cpl" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableTaskMgr"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1960408961-343818398-725345543-1004]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"= %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"= 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP"= 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3540:UDP"= 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
"3587:TCP"= 3587:TCP:*:Enabled:Groupement homologue Windows

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0B88010A-8FAB-4D67-B318-330121C4A5C1}"= Protocol=58|ICMP6=128:*:@FirewallAPI.dll,-26142
"{3F685E32-4940-4BAE-8494-636BF9123AD2}"= Protocol=1|ICMP4=8:*:@FirewallAPI.dll,-26140
"3587:TCP-Domain"= UDP:3587:Groupement homologue Windows
"3540:UDP-Domain"= TCP:3540:Protocole PNRP (Peer Name Resolution Protocol)
"{4A1B4E45-D873-4A0A-A41B-26CBB1D90581}"= Protocol=58|ICMP6=128:*:@FirewallAPI.dll,-26142
"{02EDBA8F-F368-4F32-9157-B05C32A764E0}"= Protocol=1|ICMP4=8:*:@FirewallAPI.dll,-26140
"C:\\WINDOWS\\system32\\PnkBstrB.exe-UDP-Standard"= TCP:Profile=Public|C:\WINDOWS\system32\PnkBstrB.exe:PnkBstrB
"C:\\WINDOWS\\system32\\PnkBstrB.exe-TCP-Standard"= UDP:Profile=Public|C:\WINDOWS\system32\PnkBstrB.exe:PnkBstrB
"C:\\WINDOWS\\system32\\PnkBstrA.exe-UDP-Standard"= TCP:Profile=Public|C:\WINDOWS\system32\PnkBstrA.exe:PnkBstrA
"C:\\WINDOWS\\system32\\PnkBstrA.exe-TCP-Standard"= UDP:Profile=Public|C:\WINDOWS\system32\PnkBstrA.exe:PnkBstrA
"C:\\Program Files\\Warcraft III\\Warcraft III.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Warcraft III\Warcraft III.exe:Warcraft III
"C:\\Program Files\\Warcraft III\\Warcraft III.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Warcraft III\Warcraft III.exe:Warcraft III
"C:\\Program Files\\TrackMania United\\TmUnited.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\TrackMania United\TmUnited.exe:TmUnited
"C:\\Program Files\\TrackMania United\\TmUnited.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\TrackMania United\TmUnited.exe:TmUnited
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\\Program Files\\THQ\\Frontlines-Fuel of War Beta\\Binaries\\FFOW-Beta.exe-UDP-Standard"= TCP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"C:\\Program Files\\THQ\\Frontlines-Fuel of War Beta\\Binaries\\FFOW-Beta.exe-TCP-Standard"= UDP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"C:\\Program Files\\LimeWire\\LimeWire.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"C:\\Program Files\\LimeWire\\LimeWire.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat-UDP-Standard"= TCP:Profile=Public|C:\Program Files\EA Games\Command and Conquer Generals\game.dat:game
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat-TCP-Standard"= UDP:Profile=Public|C:\Program Files\EA Games\Command and Conquer Generals\game.dat:game
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:Test Drive Unlimited
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:Test Drive Unlimited
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:CoD2MP_s
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:CoD2MP_s
"3587:TCP-Standard"= UDP:3587:Groupement homologue Windows
"3540:UDP-Standard"= TCP:3540:Protocole PNRP (Peer Name Resolution Protocol)
"TCP Query User{2CA1199F-E855-4567-BA73-488DA18B3D87}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{03731940-0ED4-49AA-BB87-5137056AF396}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{836322F9-BF59-4E86-BAC3-5F1B2502BBB9}"= UDP:C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:La Bataille pour la Terre du Milieu ™ II
"{A662B9DC-3796-4092-A952-21409340A366}"= TCP:C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:La Bataille pour la Terre du Milieu ™ II
"TCP Query User{BE73CF46-7C24-4C3F-8E28-9EB06D3D38F1}C:\\program files\\modernrcon v0.4\\modernrcon_v0.4.exe"= UDP:C:\program files\modernrcon v0.4\modernrcon_v0.4.exe:ModernRcon_v0.4
"UDP Query User{EF91C0D6-E74F-4779-A1A1-5961561CF02B}C:\\program files\\modernrcon v0.4\\modernrcon_v0.4.exe"= TCP:C:\program files\modernrcon v0.4\modernrcon_v0.4.exe:ModernRcon_v0.4
"TCP Query User{082F1122-A96F-4F8E-B8EC-F4C2C45955F0}C:\\program files\\modernrcon v0.4\\pbucon\\pbucon.exe"= UDP:C:\program files\modernrcon v0.4\pbucon\pbucon.exe:pbucon
"UDP Query User{751F480B-C932-434B-866E-C75FBFAB4BDE}C:\\program files\\modernrcon v0.4\\pbucon\\pbucon.exe"= TCP:C:\program files\modernrcon v0.4\pbucon\pbucon.exe:pbucon
"TCP Query User{61B8472F-41CD-4715-81DF-A4BCF4AF86A6}C:\\program files\\radio fr solo\\radio_fr_solo.exe"= UDP:C:\program files\radio fr solo\radio_fr_solo.exe:Radio Fr Solo
"UDP Query User{36F9DCFC-BB3A-4BAB-9D5D-954DD3A3CD2E}C:\\program files\\radio fr solo\\radio_fr_solo.exe"= TCP:C:\program files\radio fr solo\radio_fr_solo.exe:Radio Fr Solo
"TCP Query User{A99534C2-525F-4B58-B7B3-3BC45EEC3846}C:\\program files\\empire interactive\\flatout 2\\flatout2.exe"= UDP:C:\program files\empire interactive\flatout 2\flatout2.exe:FlatOut2
"UDP Query User{C6790ECA-E69E-41C4-91EC-CA998871BB0F}C:\\program files\\empire interactive\\flatout 2\\flatout2.exe"= TCP:C:\program files\empire interactive\flatout 2\flatout2.exe:FlatOut2
"{275F8C15-384F-4BB2-9E1F-931F72092BB3}"= UDP:C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires III
"{29E8C378-E4F3-4DA1-83F3-C85C9D05CC37}"= TCP:C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires III
"{ED3049F9-0F08-4318-B1BE-B059214DC8CD}"= UDP:C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
"{B0C541D3-49AA-4215-A351-BB51954E7DCE}"= TCP:C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
"{D773EE8C-1CED-47B3-A53F-52B7276D30A0}"= UDP:C:\Users\Cristal1\Desktop\f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855.exe:f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855
"{579CAE06-8785-4B04-91A6-751BDB1C9BA2}"= TCP:C:\Users\Cristal1\Desktop\f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855.exe:f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855
"{3DDB85A7-3396-4834-805D-35F8096CCF31}"= Disabled:UDP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"{BB2B76C6-78D5-47BA-8185-461CD2502C12}"= Disabled:TCP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"{BD6E4592-B8DE-4AEF-AA1A-BC87E13C4A4E}"= UDP:C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
"{3CB3691C-EAF2-4EDD-8D1C-10D1EA2A47B4}"= TCP:C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
"{DD743F31-100F-4ECC-A01B-D2F67FD759A0}"= UDP:C:\Users\Cristal1\Downloads\SetupUT3Demo.exe:SetupUT3Demo
"{2F8E0CF1-06D1-4D20-8751-6A29950ED077}"= TCP:C:\Users\Cristal1\Downloads\SetupUT3Demo.exe:SetupUT3Demo
"{7C37D9C6-0FF4-4699-9E6E-3A648D2470AE}"= UDP:C:\Program Files\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"{28613688-AD9D-484D-BD1F-212777D7D72B}"= TCP:C:\Program Files\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"= %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\\Documents and Settings\\Cristal1\\Local Settings\\Temp\\ElectronicArts_Patcher_000.exe"= C:\Users\Cristal1\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"= C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat"= C:\Program Files\EA Games\Command and Conquer Generals\game.dat:*:Enabled:game
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"= C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"= C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:*:Enabled:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat"= C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:*:Enabled:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\LimeWire\\LimeWire.exe"= C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\\Program Files\\THQ\\Frontlines-Fuel of War Beta\\Binaries\\FFOW-Beta.exe"= C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:*:Enabled:Frontlines Game
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\\Program Files\\TrackMania United\\TmUnited.exe"= C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"= C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
"C:\\WINDOWS\\system32\\PnkBstrA.exe"= C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
"C:\\WINDOWS\\system32\\PnkBstrB.exe"= C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"= 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP"= 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3540:UDP"= 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
"3587:TCP"= 3587:TCP:*:Enabled:Groupement homologue Windows

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

S2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 04:55]
S3 c65013264;C-Media CM6501 Like Sound UDAX Interface;C:\Windows\system32\drivers\c6501.sys [2007-07-10 02:42]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-02-16 07:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

*Newly Created Service* - AVGASCLN
*Newly Created Service* - ECACHE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 16:20:50
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-25 16:22:08
.
2008-03-22 16:19:45 --- E O F ---
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 16:36
Pour Msnfix il me dit acces refuser bizard non?
0
Réponse 6 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 16:46
titi,

oui c´est embetant pour msnfix...

post un nouveau hijack this stp

@+
0
Réponse 7 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 16:51
Bon j'ai fait ce que vous m'avait dit de A-Z

Voici le nouveau hijackThis


Logfile of HijackThis v1.99.1
Scan saved at 16:50:19, on 25/03/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\sbwltbxa.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox 3 Beta 2\firefox.exe
C:\Users\Cristal1\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SYSTEM32\Userinit.exe,C:\Windows\system32\sbwltbxa.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - https://www.fileplanet.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
0
Réponse 8 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 17:10
re,

Copie le texte ci-dessous :

File::
C:\Windows\salm.exe
C:\Windows\system32\sbwltbxa.exe
C:\Windows\saiemod.dll
C:\Windows\180ax.exe
C:\Windows\bokja.exe
C:\Windows\2020search2.dll
C:\Windows\mssvr.exe
C:\Windows\voiceip.dll
C:\Windows\stcloader.exe
C:\Windows\2020search.dll

Folder::
C:\Program Files\Bat
C:\PROGRA~2\TEMP
C:\Program Files\180solutions
C:\Program Files\180searchassistant
C:\Program Files\zango
C:\Program Files\stc
C:\Program Files\seekmo

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{63F7460B-C831-4142-A4AA-5EC303EC4343}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}]

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

@+
0
Réponse 9 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 17:24
Merci de m'aider

Le raport de combofix

ComboFix 08-03-24.2 - Cristal1 2008-03-25 17:19:30.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.1.1036.18.1289 [GMT 1:00]
Endroit: C:\Users\Cristal1\Desktop\combofix\ComboFix.exe
Command switches used :: C:\Users\Cristal1\Desktop\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
C:\Windows\180ax.exe
C:\Windows\2020search.dll
C:\Windows\2020search2.dll
C:\Windows\bokja.exe
C:\Windows\mssvr.exe
C:\Windows\saiemod.dll
C:\Windows\salm.exe
C:\Windows\stcloader.exe
C:\Windows\system32\sbwltbxa.exe
C:\Windows\voiceip.dll
.
/wow section non terminée

((((((((((((((((((((((((((((( Fichiers créés 2008-02-25 to 2008-03-25 ))))))))))))))))))))))))))))))))))))
.

2008-03-25 16:42 . 2008-03-25 16:42 <REP> d-------- C:\_OTMoveIt
2008-03-25 16:20 . 2008-03-25 16:20 <REP> d-------- C:\Program Files\seekmo
2008-03-25 16:20 . 2008-03-25 16:20 <REP> d-------- C:\Program Files\180solutions
2008-03-25 16:20 . 2008-03-25 16:20 <REP> d-------- C:\Program Files\180searchassistant
2008-03-25 16:20 . 2008-03-25 16:20 <REP> d-------- C:\Program Files\180search assistant
2008-03-25 16:20 . 2008-03-25 16:20 30,464 --a------ C:\Windows\bokja.exe
2008-03-25 16:20 . 2008-03-25 16:20 28,416 --a------ C:\Windows\2020search2.dll
2008-03-25 16:20 . 2008-03-25 16:20 24,832 --a------ C:\Windows\123messenger.per
2008-03-25 16:20 . 2008-03-25 16:20 21,760 --a------ C:\Windows\mssvr.exe
2008-03-25 16:20 . 2008-03-25 16:20 21,504 --a------ C:\Windows\voiceip.dll
2008-03-25 16:20 . 2008-03-25 16:20 16,640 --a------ C:\Windows\stcloader.exe
2008-03-25 16:20 . 2008-03-25 16:20 14,848 --a------ C:\Windows\2020search.dll
2008-03-25 16:20 . 2008-03-25 16:20 9,216 --a------ C:\Windows\saiemod.dll
2008-03-25 16:20 . 2008-03-25 16:20 8,704 --a------ C:\Windows\180ax.exe
2008-03-25 14:10 . 2008-03-25 14:10 <REP> d-------- C:\Program Files\a-squared Free
2008-03-25 13:03 . 2008-03-25 13:03 <REP> d-------- C:\Users\Cristal1\AppData\Roaming\Grisoft
2008-03-25 13:02 . 2008-03-25 13:02 <REP> d-------- C:\Users\All Users\Grisoft
2008-03-25 13:02 . 2008-03-25 13:02 <REP> d-------- C:\PROGRA~2\Grisoft
2008-03-25 13:02 . 2007-05-30 13:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-03-25 11:49 . 2008-03-25 11:49 <REP> d-------- C:\Windows\FLEOK
2008-03-25 11:49 . 2008-03-25 11:49 <REP> d-------- C:\Program Files\zango
2008-03-25 11:49 . 2008-03-25 11:49 <REP> d-------- C:\Program Files\stc
2008-03-25 11:49 . 2008-03-25 11:49 16,128 --a------ C:\Windows\System32\SIPSPI32.dll
2008-03-25 08:16 . 2008-03-25 10:11 <REP> d-------- C:\Program Files\a-squared Anti-Malware
2008-03-25 05:30 . 2008-03-25 08:09 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-03-24 20:43 . 2008-03-24 20:43 22,272 --a------ C:\Windows\didduid.ini
2008-03-24 20:43 . 2008-03-24 20:43 9,728 --a------ C:\Windows\updatetc.exe
2008-03-24 20:42 . 2008-03-25 16:25 1,906 --a------ C:\Windows\default.htm
2008-03-24 20:27 . 2008-03-24 20:27 28,416 --a------ C:\Windows\System32\WER8274.DLL
2008-03-24 20:27 . 2008-03-24 20:27 23,040 --a------ C:\Windows\swin32.dll
2008-03-24 20:27 . 2008-03-24 20:43 9,472 --a------ C:\Windows\System32\MSIXU.DLL
2008-03-24 20:09 . 2008-03-24 20:09 28,416 --a------ C:\Windows\System32\ntnut32.exe
2008-03-24 20:09 . 2008-03-24 20:09 18,432 --a------ C:\Windows\System32\shdocpe.dll
2008-03-24 20:09 . 2008-03-24 20:09 16,128 --a------ C:\Windows\salm.exe
2008-03-24 17:00 . 2008-03-25 10:21 <REP> d-------- C:\Program Files\AxBx
2008-03-24 16:39 . 2008-03-25 05:14 <REP> d-------- C:\Users\All Users\Rabio
2008-03-24 16:39 . 2008-03-25 05:14 <REP> d-------- C:\PROGRA~2\Rabio
2008-03-24 15:22 . 2008-03-24 15:22 183,262,036 --a------ C:\Windows\MEMORY.DMP
2008-03-24 15:18 . 2008-03-24 16:40 <REP> d-a------ C:\Users\All Users\TEMP
2008-03-24 15:18 . 2008-03-24 16:40 <REP> d-a------ C:\PROGRA~2\TEMP
2008-03-24 14:03 . 2008-03-24 14:03 <REP> d-------- C:\Program Files\Sysmnt
2008-03-24 08:39 . 2008-03-24 08:39 <REP> d-------- C:\Windows\PCHEALTH
2008-03-24 07:45 . 2008-03-25 16:24 <REP> d-------- C:\Program Files\Bat
2008-03-24 07:44 . 2008-03-24 07:44 4 --a------ C:\Windows\System32\winfrun32.bin
2008-03-22 17:55 . 2008-03-22 17:55 <REP> d-------- C:\Users\Cristal1\AppData\Roaming\InstallShield Installation Information
2008-03-22 17:52 . 2008-03-22 17:52 <REP> d-------- C:\Program Files\Unreal Tournament 3 Demo
2008-03-22 17:19 . 2008-03-22 17:19 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-03-22 16:52 . 2008-03-22 16:52 <REP> d-------- C:\PerfLogs
2008-03-22 16:40 . 2008-03-22 16:22 152,576 --a------ C:\Windows\System32\SPWizUI.dll
2008-03-22 16:40 . 2008-03-22 16:22 47,560 --a------ C:\Windows\System32\SPReview.exe
2008-03-22 16:31 . 2008-01-18 23:33 193,024 --a------ C:\Windows\System32\recdisc.exe
2008-03-22 16:31 . 2008-01-18 23:36 6,656 --a------ C:\Windows\System32\sdspres.dll
2008-03-22 16:30 . 2008-01-18 23:33 599,552 --a------ C:\Windows\System32\vsp1cln.exe
2008-03-22 16:30 . 2008-01-18 23:36 142,336 --a------ C:\Windows\System32\spp.dll
2008-03-22 16:30 . 2008-01-18 23:36 28,160 --a------ C:\Windows\System32\sxproxy.dll
2008-03-22 16:27 . 2008-01-18 23:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-03-22 16:22 . 2008-03-22 16:41 196,608 --a------ C:\Windows\SPInstall.etl
2008-03-22 16:22 . 2008-01-18 23:33 44,032 --a------ C:\Windows\System32\cbsra.exe
2008-03-22 13:25 . 2007-07-03 23:16 1,820 --a------ C:\Windows\System32\rasctrnm.h
2008-03-21 23:31 . 2008-03-21 23:31 90,537 --a------ C:\Windows\System32\sbwltbxa.exe
2008-03-21 17:45 . 2008-03-21 20:08 <REP> d-------- C:\Users\Cristal1\AppData\Roaming\IGN_DLM
2008-03-21 17:45 . 2008-03-21 17:45 <REP> d-------- C:\Program Files\Download Manager
2008-03-12 20:45 . 2008-03-12 20:45 <REP> d-------- C:\Program Files\MSXML 4.0
2008-03-11 14:59 . 2008-03-19 18:29 <REP> d-------- C:\Users\Cristal1\AppData\Roaming\Audacity
2008-03-11 14:59 . 2008-03-11 14:59 <REP> d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-03-10 11:01 . 2008-03-10 11:02 <REP> d-------- C:\Program Files\DXTBmp
2008-03-10 11:01 . 2008-03-10 11:01 <REP> d-------- C:\Graphics
2008-03-10 11:01 . 2005-11-13 01:28 238,080 --------- C:\Windows\System32\mwgfx24.dll
2008-03-10 11:01 . 2008-01-06 14:05 190,464 --------- C:\Windows\System32\mwgfx.dll
2008-03-10 11:01 . 2008-01-09 12:43 104,960 --------- C:\Windows\System32\mwdds.dll
2008-03-10 11:01 . 2004-05-14 11:13 56,832 --------- C:\Windows\System32\mwace.dll
2008-03-10 11:01 . 2007-08-19 09:37 28,672 --------- C:\Windows\System32\mwgfxcopy.exe
2008-03-07 12:18 . 2008-03-07 12:18 <REP> d-------- C:\Users\All Users\Age of Empires 3
2008-03-07 12:18 . 2008-03-07 12:18 <REP> d-------- C:\PROGRA~2\Age of Empires 3
2008-03-05 16:12 . 2008-03-05 16:12 <REP> d-------- C:\Program Files\Empire Interactive
2008-03-05 14:37 . 2007-06-20 20:46 266,088 --a------ C:\Windows\System32\xactengine2_8.dll
2008-03-04 12:37 . 2008-03-04 12:37 <REP> d-------- C:\Users\Cristal1\AppData\Roaming\ma-config.com
2008-03-04 12:37 . 2008-03-04 12:37 <REP> d-------- C:\Program Files\ma-config.com
2008-03-03 17:34 . 2008-03-03 17:34 <REP> d-------- C:\Users\Cristal1\AppData\Roaming\DivX
2008-03-03 16:07 . 2008-03-24 08:42 <REP> d-------- C:\Program Files\Common Files\PX Storage Engine
2008-03-03 16:06 . 2008-03-03 17:41 <REP> d-------- C:\Program Files\DivX
2008-02-29 15:56 . 2008-02-29 15:56 <REP> d-------- C:\Program Files\Screamer Radio
2008-02-29 15:47 . 2008-02-29 15:50 1,208 --a------ C:\Windows\Radio_Fr.ini
2008-02-25 19:49 . 2008-02-25 19:49 <REP> d-------- C:\Program Files\directx

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-25 15:54 --------- d-----w C:\Program Files\Google
2008-03-25 04:20 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-25 04:19 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-24 15:26 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 2
2008-03-24 06:40 --------- d-----w C:\Users\Cristal1\AppData\Roaming\LimeWire
2008-03-23 17:34 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-03-23 17:34 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-03-22 16:00 174 --sha-w C:\Program Files\desktop.ini
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Mail
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Defender
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-22 15:53 --------- d-----w C:\Program Files\Windows Calendar
2008-03-22 15:44 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-22 15:44 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-22 14:19 --------- d-----w C:\Program Files\Java
2008-03-16 15:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-10 11:04 --------- d-----w C:\PROGRA~2\TrackMania United
2008-03-07 11:03 --------- d-----w C:\Program Files\Microsoft Games
2008-03-05 13:37 --------- d-----w C:\Program Files\Electronic Arts
2008-02-24 10:27 --------- d-----w C:\Program Files\ModernRcon v0.4
2008-02-21 02:03 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-02-20 17:48 --------- d-----w C:\Users\Cristal1\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
2008-02-18 14:26 --------- d-----w C:\PROGRA~2\Test Drive Unlimited
2008-02-18 09:58 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-16 08:51 --------- d-----w C:\Program Files\Common Files\Steam
2008-02-13 12:24 --------- d-----w C:\PROGRA~2\eMule
2008-02-11 17:13 --------- d-----w C:\Program Files\LimeWire
2008-02-10 11:38 --------- d-----w C:\Program Files\ATI
2008-02-10 11:10 --------- d-----w C:\Users\Cristal1\AppData\Roaming\PeerNetworking
2008-02-10 09:32 --------- d-----w C:\PROGRA~2\ATI
2008-02-10 09:27 --------- d-----w C:\Program Files\ATI Technologies
2008-02-09 19:14 --------- d-sh--w C:\Program Files\Fichiers communs
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Modèles
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Menu Démarrer
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Favoris
2008-02-09 19:14 --------- d-sh--w C:\PROGRA~2\Bureau
2008-02-09 18:53 --------- d--h--r C:\Users\Cristal1\AppData\Roaming\SecuROM
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\vlc
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\teamspeak2
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\InstallShield
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\InfraRecorder
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\Gearbox Software
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\DeepBurner
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium
2008-02-09 18:53 --------- d-----w C:\Users\Cristal1\AppData\Roaming\ATI
2008-02-09 18:52 --------- d-----w C:\Program Files\VideoLAN
2008-02-09 18:52 --------- d-----w C:\Program Files\Ubisoft
2008-02-09 18:52 --------- d-----w C:\Program Files\TrackMania United
2008-02-09 18:50 --------- d-----w C:\Program Files\Atari
2008-02-09 18:50 --------- d-----w C:\Program Files\Alwil Software
2008-02-09 18:50 --------- d-----w C:\Program Files\AGEIA Technologies
2008-02-09 18:50 --------- d-----w C:\Program Files\Activision
2008-02-09 18:50 --------- d-----w C:\PROGRA~2\Trymedia
2008-02-09 18:50 --------- d-----w C:\PROGRA~2\Microsoft Corporation
2008-02-09 18:20 --------- d-sh--w C:\PROGRA~2\DRM
2008-02-07 19:07 --------- d-----w C:\Program Files\TerraTec
2008-02-05 19:31 215,144 ----a-w C:\Windows\patchw32.dll
2008-01-20 17:18 5,853 ----a-w C:\Program Files\install.log
2008-01-18 22:44 986,680 ----a-w C:\Windows\System32\winload.exe
2008-01-18 22:44 926,776 ----a-w C:\Windows\System32\winresume.exe
2008-01-18 22:43 614,968 ----a-w C:\Windows\System32\ci.dll
2008-01-18 22:43 376,376 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-01-18 22:43 3,600,440 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-01-18 22:43 3,548,728 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-01-18 22:43 247,352 ----a-w C:\Windows\System32\clfs.sys
2008-01-18 22:42 94,776 ----a-w C:\Windows\System32\MigAutoPlay.exe
2008-01-18 22:42 51,768 ----a-w C:\Windows\System32\PSHED.DLL
2008-01-18 22:42 177,208 ----a-w C:\Windows\System32\halmacpi.dll
2008-01-18 22:42 141,880 ----a-w C:\Windows\System32\halacpi.dll
2008-01-18 22:41 24,120 ----a-w C:\Windows\System32\BOOTVID.DLL
2008-01-18 22:41 21,560 ----a-w C:\Windows\System32\kdusb.dll
2008-01-18 22:41 19,512 ----a-w C:\Windows\System32\kdcom.dll
2008-01-18 22:38 46,080 ----a-w C:\Windows\System32\NAPCRYPT.DLL
2008-01-18 22:38 4,595,712 ----a-w C:\Windows\System32\AuthFWSnapin.dll
2008-01-18 22:38 242,744 ----a-w C:\Windows\System32\rsaenh.dll
2008-01-18 22:38 155,704 ----a-w C:\Windows\System32\dssenh.dll
2008-01-18 22:38 131,640 ----a-w C:\Windows\System32\basecsp.dll
2008-01-18 22:38 103,936 ----a-w C:\Windows\System32\NAPHLPR.DLL
2008-01-18 22:38 1,203,792 ----a-w C:\Windows\System32\ntdll.dll
2008-01-18 22:36 99,840 ----a-w C:\Windows\System32\ulib.dll
2008-01-18 22:35 98,304 ----a-w C:\Windows\System32\mssitlb.dll
2008-01-18 22:34 98,816 ----a-w C:\Windows\System32\mfps.dll
2008-01-18 22:33 98,304 ----a-w C:\Windows\System32\makecab.exe
2008-01-18 22:32 258,048 ----a-w C:\Windows\System32\winspool.drv
2008-01-18 22:32 21,504 ----a-w C:\Windows\System32\msacm32.drv
2008-01-18 22:32 166,912 ----a-w C:\Windows\System32\wdmaud.drv
2008-01-18 22:32 1,370,624 ----a-w C:\Windows\System32\Aurora.scr
2008-01-18 22:31 7,680 ----a-w C:\Windows\System32\spwizres.dll
2008-01-18 22:31 57,856 ----a-w C:\Windows\System32\nlsbres.dll
2008-01-18 22:31 118,272 ----a-w C:\Windows\System32\RDPENCDD.dll
2008-01-18 22:30 17,920 ----a-w C:\Windows\System32\netevent.dll
2008-01-18 22:29 705,536 ----a-w C:\Windows\System32\imagesp1.dll
2008-01-18 22:29 58,880 ----a-w C:\Windows\System32\msobjs.dll
2008-01-18 22:28 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-01-18 22:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-01-18 21:06 8,147,456 ----a-w C:\Windows\System32\wmploc.DLL
2008-01-18 21:01 14,336 ----a-w C:\Windows\System32\tsddd.dll
2008-01-18 21:01 134,656 ----a-w C:\Windows\System32\rdpdd.dll
2006-11-02 12:33 397,312 --sha-w C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6000.16386_none_ef216b8c52ca2227\WinMail.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-17 18:43 68856]
"igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [2007-03-05 22:57 1103480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-18 23:38 1008184]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"CmPCIaudio"="CMICNFG3.cpl" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableTaskMgr"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1960408961-343818398-725345543-1004]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"= %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"= 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP"= 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3540:UDP"= 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
"3587:TCP"= 3587:TCP:*:Enabled:Groupement homologue Windows

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0B88010A-8FAB-4D67-B318-330121C4A5C1}"= Protocol=58|ICMP6=128:*:@FirewallAPI.dll,-26142
"{3F685E32-4940-4BAE-8494-636BF9123AD2}"= Protocol=1|ICMP4=8:*:@FirewallAPI.dll,-26140
"3587:TCP-Domain"= UDP:3587:Groupement homologue Windows
"3540:UDP-Domain"= TCP:3540:Protocole PNRP (Peer Name Resolution Protocol)
"{4A1B4E45-D873-4A0A-A41B-26CBB1D90581}"= Protocol=58|ICMP6=128:*:@FirewallAPI.dll,-26142
"{02EDBA8F-F368-4F32-9157-B05C32A764E0}"= Protocol=1|ICMP4=8:*:@FirewallAPI.dll,-26140
"C:\\WINDOWS\\system32\\PnkBstrB.exe-UDP-Standard"= TCP:Profile=Public|C:\WINDOWS\system32\PnkBstrB.exe:PnkBstrB
"C:\\WINDOWS\\system32\\PnkBstrB.exe-TCP-Standard"= UDP:Profile=Public|C:\WINDOWS\system32\PnkBstrB.exe:PnkBstrB
"C:\\WINDOWS\\system32\\PnkBstrA.exe-UDP-Standard"= TCP:Profile=Public|C:\WINDOWS\system32\PnkBstrA.exe:PnkBstrA
"C:\\WINDOWS\\system32\\PnkBstrA.exe-TCP-Standard"= UDP:Profile=Public|C:\WINDOWS\system32\PnkBstrA.exe:PnkBstrA
"C:\\Program Files\\Warcraft III\\Warcraft III.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Warcraft III\Warcraft III.exe:Warcraft III
"C:\\Program Files\\Warcraft III\\Warcraft III.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Warcraft III\Warcraft III.exe:Warcraft III
"C:\\Program Files\\TrackMania United\\TmUnited.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\TrackMania United\TmUnited.exe:TmUnited
"C:\\Program Files\\TrackMania United\\TmUnited.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\TrackMania United\TmUnited.exe:TmUnited
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\\Program Files\\THQ\\Frontlines-Fuel of War Beta\\Binaries\\FFOW-Beta.exe-UDP-Standard"= TCP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"C:\\Program Files\\THQ\\Frontlines-Fuel of War Beta\\Binaries\\FFOW-Beta.exe-TCP-Standard"= UDP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"C:\\Program Files\\LimeWire\\LimeWire.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"C:\\Program Files\\LimeWire\\LimeWire.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat-UDP-Standard"= TCP:Profile=Public|C:\Program Files\EA Games\Command and Conquer Generals\game.dat:game
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat-TCP-Standard"= UDP:Profile=Public|C:\Program Files\EA Games\Command and Conquer Generals\game.dat:game
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:Test Drive Unlimited
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:Test Drive Unlimited
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe-UDP-Standard"= TCP:Profile=Public|C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:CoD2MP_s
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe-TCP-Standard"= UDP:Profile=Public|C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:CoD2MP_s
"3587:TCP-Standard"= UDP:3587:Groupement homologue Windows
"3540:UDP-Standard"= TCP:3540:Protocole PNRP (Peer Name Resolution Protocol)
"TCP Query User{2CA1199F-E855-4567-BA73-488DA18B3D87}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{03731940-0ED4-49AA-BB87-5137056AF396}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{836322F9-BF59-4E86-BAC3-5F1B2502BBB9}"= UDP:C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:La Bataille pour la Terre du Milieu ™ II
"{A662B9DC-3796-4092-A952-21409340A366}"= TCP:C:\Program Files\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat:La Bataille pour la Terre du Milieu ™ II
"TCP Query User{BE73CF46-7C24-4C3F-8E28-9EB06D3D38F1}C:\\program files\\modernrcon v0.4\\modernrcon_v0.4.exe"= UDP:C:\program files\modernrcon v0.4\modernrcon_v0.4.exe:ModernRcon_v0.4
"UDP Query User{EF91C0D6-E74F-4779-A1A1-5961561CF02B}C:\\program files\\modernrcon v0.4\\modernrcon_v0.4.exe"= TCP:C:\program files\modernrcon v0.4\modernrcon_v0.4.exe:ModernRcon_v0.4
"TCP Query User{082F1122-A96F-4F8E-B8EC-F4C2C45955F0}C:\\program files\\modernrcon v0.4\\pbucon\\pbucon.exe"= UDP:C:\program files\modernrcon v0.4\pbucon\pbucon.exe:pbucon
"UDP Query User{751F480B-C932-434B-866E-C75FBFAB4BDE}C:\\program files\\modernrcon v0.4\\pbucon\\pbucon.exe"= TCP:C:\program files\modernrcon v0.4\pbucon\pbucon.exe:pbucon
"TCP Query User{61B8472F-41CD-4715-81DF-A4BCF4AF86A6}C:\\program files\\radio fr solo\\radio_fr_solo.exe"= UDP:C:\program files\radio fr solo\radio_fr_solo.exe:Radio Fr Solo
"UDP Query User{36F9DCFC-BB3A-4BAB-9D5D-954DD3A3CD2E}C:\\program files\\radio fr solo\\radio_fr_solo.exe"= TCP:C:\program files\radio fr solo\radio_fr_solo.exe:Radio Fr Solo
"TCP Query User{A99534C2-525F-4B58-B7B3-3BC45EEC3846}C:\\program files\\empire interactive\\flatout 2\\flatout2.exe"= UDP:C:\program files\empire interactive\flatout 2\flatout2.exe:FlatOut2
"UDP Query User{C6790ECA-E69E-41C4-91EC-CA998871BB0F}C:\\program files\\empire interactive\\flatout 2\\flatout2.exe"= TCP:C:\program files\empire interactive\flatout 2\flatout2.exe:FlatOut2
"{275F8C15-384F-4BB2-9E1F-931F72092BB3}"= UDP:C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires III
"{29E8C378-E4F3-4DA1-83F3-C85C9D05CC37}"= TCP:C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires III
"{ED3049F9-0F08-4318-B1BE-B059214DC8CD}"= UDP:C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
"{B0C541D3-49AA-4215-A351-BB51954E7DCE}"= TCP:C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
"{D773EE8C-1CED-47B3-A53F-52B7276D30A0}"= UDP:C:\Users\Cristal1\Desktop\f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855.exe:f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855
"{579CAE06-8785-4B04-91A6-751BDB1C9BA2}"= TCP:C:\Users\Cristal1\Desktop\f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855.exe:f.e.a.r._combat_jeu_complet_-_version_francaise_francais_23855
"{3DDB85A7-3396-4834-805D-35F8096CCF31}"= Disabled:UDP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"{BB2B76C6-78D5-47BA-8185-461CD2502C12}"= Disabled:TCP:C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:Frontlines Game
"{BD6E4592-B8DE-4AEF-AA1A-BC87E13C4A4E}"= UDP:C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
"{3CB3691C-EAF2-4EDD-8D1C-10D1EA2A47B4}"= TCP:C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
"{DD743F31-100F-4ECC-A01B-D2F67FD759A0}"= UDP:C:\Users\Cristal1\Downloads\SetupUT3Demo.exe:SetupUT3Demo
"{2F8E0CF1-06D1-4D20-8751-6A29950ED077}"= TCP:C:\Users\Cristal1\Downloads\SetupUT3Demo.exe:SetupUT3Demo
"{7C37D9C6-0FF4-4699-9E6E-3A648D2470AE}"= UDP:C:\Program Files\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo
"{28613688-AD9D-484D-BD1F-212777D7D72B}"= TCP:C:\Program Files\Unreal Tournament 3 Demo\Binaries\UT3Demo.exe:Unreal Tournament 3 Demo

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"= %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\\Documents and Settings\\Cristal1\\Local Settings\\Temp\\ElectronicArts_Patcher_000.exe"= C:\Users\Cristal1\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"= C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat"= C:\Program Files\EA Games\Command and Conquer Generals\game.dat:*:Enabled:game
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"= C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"= C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:*:Enabled:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat"= C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:*:Enabled:Command & Conquer 3 Les guerres du Tiberium™
"C:\\Program Files\\LimeWire\\LimeWire.exe"= C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\\Program Files\\THQ\\Frontlines-Fuel of War Beta\\Binaries\\FFOW-Beta.exe"= C:\Program Files\THQ\Frontlines-Fuel of War Beta\Binaries\FFOW-Beta.exe:*:Enabled:Frontlines Game
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\\Program Files\\TrackMania United\\TmUnited.exe"= C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"= C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
"C:\\WINDOWS\\system32\\PnkBstrA.exe"= C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
"C:\\WINDOWS\\system32\\PnkBstrB.exe"= C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"= 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP"= 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3540:UDP"= 3540:UDP:*:Enabled:Protocole PNRP (Peer Name Resolution Protocol)
"3587:TCP"= 3587:TCP:*:Enabled:Groupement homologue Windows

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 04:55]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface;C:\Windows\system32\drivers\c6501.sys [2007-07-10 02:42]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-02-16 07:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 17:19:51
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-25 17:20:46
ComboFix-quarantined-files.txt 2008-03-25 16:20:42
ComboFix2.txt 2008-03-25 15:22:08
.
2008-03-22 16:19:45 --- E O F ---



_______________________________________________________________________________________
_______________________________________________________________________________________

le hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 17:24:42, on 25/03/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\sbwltbxa.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Mozilla Firefox 3 Beta 2\firefox.exe
C:\Users\Cristal1\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SYSTEM32\Userinit.exe,C:\Windows\system32\sbwltbxa.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - https://www.fileplanet.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
0
Réponse 10 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 18:25
plus d'idée ? lol
0
Réponse 11 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 18:28
re,

desolé je me suis absenté...

le script n´as pas vraiment fais l´effet désiré;-(

je te propose de passer cet anti spyware, on verra apres :

Telecharge malwarebytes

-> http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/anti-malware-sujet_197382_1.htm

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

@+
0
Réponse 12 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 19:26
Alors voila le rapport du logiciel

Malwarebytes' Anti-Malware 1.09
Version de la base de données: 541

Type de recherche: Examen complet (C:\|)
Eléments examinés: 215948
Temps écoulé: 36 minute(s), 19 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 65

Processus mémoire infecté(s):
C:\Windows\System32\sbwltbxa.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d} (Adware.123Mania) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a} (Adware.123Mania) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f663b917-591f-4172-8d87-3d7d729007ca} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bat.batbho (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bat.batbho.1 (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d279bc2b-a85b-4559-8fd9-ddc55f5d402d} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{b80a3586-caa5-41c8-89bf-e617f0b6cfbf} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c} (Fake.Dropped.Malware.Renos) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\BATCO (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Batco (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bat.DLL (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bat (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bat (Adware.Batco) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\sbwltbxa.exe -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\180searchassistant (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180solutions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\zango (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\seekmo (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180search assistant (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Bat (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\stc (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Sysmnt (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\FLEOK (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\ProgramData\Rabio\Search Enhancer (Adware.SearchEnhancer) -> Quarantined and deleted successfully.
C:\ProgramData\Rabio (Adware.Rabio) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Bat\un_BatSetup_15041.exe (Adware.Rabio) -> Quarantined and deleted successfully.
C:\Users\Cristal1\Desktop\hijackthis\backups\backup-20080325-162454-416.dll (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\180searchassistant\saap.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180searchassistant\sac.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180solutions\sais.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\zango\zango.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\seekmo\seekmohook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180search assistant\180sa.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180search assistant\sau.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Bat.dll.intermediate.manifest (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Bat.info (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Bat.original (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\Info.dll (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\un_BatSetup_15041.txt (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Bat\X_Bat.log (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\stc\csv5p070.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\Sysmnt\Ssmgr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\FLEOK\180ax.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\sbwltbxa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\avifile32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\avisynthex32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\aviwrap32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\bjam.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\bokja.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\browserad.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\cdsm32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\changeurl_30.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\didduid.ini (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\msa64chk.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\msapasrc.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\mspphe.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\123messenger.per (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\mssvr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\ntnut.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\saiemod.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\salm.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\shdocpe.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\shdocpl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\stcloader.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\swin32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\updatetc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\voiceip.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\winsb.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\MSIXU.DLL (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\MSNSA32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\ntnut32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\shdocpe.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\SIPSPI32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\System32\WER8274.DLL (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\Installer\id53.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\180ax.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\2020search.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\2020search2.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\apphelp32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\asferror32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\asycfilt32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\athprxy32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\ati2dvaa32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\ati2dvag32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\audiosrv32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\autodisc32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\licencia.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\telefonos.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\textos.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\System32\winfrun32.bin (Malware.Trace) -> Quarantined and deleted successfully.



PS: 103 infection lol
0
Réponse 13 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 19:31
et bien c´est pas mal du tout ;-)

il a enlever les infections que j´avais essayées de supprimer avec combofix et + encore ;-)

Redemarre malwarebytes; click sur l´onglet "quarantaine", puis sur "tout supprimer"; quitte le programme.

puis post un nouveau hijack this

@+
0
Réponse 14 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 19:36
Trop cool

Voila le hijeckthis


Logfile of HijackThis v1.99.1
Scan saved at 19:35:22, on 25/03/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox 3 Beta 2\firefox.exe
C:\Users\Cristal1\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - https://www.fileplanet.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
0
Réponse 15 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 19:52
Plus de virus !


Vraiment je n'est qu'une chose a dire "heureusement que des gens comme vous sont la pour nous aidé"

milles fois merci de m'avoir accorder tous ce temps

bien cordialement
0
Réponse 16 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 19:59
oui on dirait ;-)

att c´est pas encore fini lol

a l´aide de hijack this coche et fix les lignes ci dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)

comment fixer :

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

qu´est-il arrivé a java ? tu l´as desinstallé ?

il est bien firefox 3 ? > pour mon info perso ;-)

tu n´as pas de par feu a part celui de windows qui est pas terrible

installe celui ci :

si tu est en 64 bit :

Comodo 3 pro :

http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro

tuto : https://www.malekal.com/tutorial-comodo-firewall/

ou sinon :

https://www.generation-nt.com/zonealarm-vista-checkpoint-firewall-telecharger-actualite-42256.html

https://www.zonealarm.com/software/free-firewall

https://www.malekal.com/tutoriel-zonealarm-firewall/

@+
0
Réponse 17 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 20:23
Alors voila je lai fait le fix des ligne
ensuite java je les pas desinstaller juste pas mit a jour
firefox 3 il est plutot bien (sérieux)


Et encore merci pour tous pour le pare feu non j'ai que le 32 bit
0
Réponse 18 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 20:29
ok titi

merci pour l´info firefox 3, je me tatte ;-)

pour java :

regarde ce tutorial pour mettre ta console java a jour :

https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/

32 bit > alors tu ne pourras avoir que zone alarm...

voila bonne continuation`

bye ;-)

g!rly`
0
Réponse 19 / 20
titi0816 Messages postés 126 Date d'inscription mercredi 27 décembre 2006 Statut Membre Dernière intervention 4 octobre 2008 20
25 mars 2008 à 20:32
Merci encore et bonne continuation bonne fin de soirer
0
Réponse 20 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
25 mars 2008 à 20:34
De rien ;-)
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses